Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2021-44832 (GCVE-0-2021-44832)
Vulnerability from cvelistv5 – Published: 2021-12-28 19:35 – Updated: 2024-08-04 04:32
VLAI?
EPSS
Summary
Apache Log4j2 versions 2.0-beta7 through 2.17.0 (excluding security fix releases 2.3.2 and 2.12.4) are vulnerable to a remote code execution (RCE) attack when a configuration uses a JDBC Appender with a JNDI LDAP data source URI when an attacker has control of the target LDAP server. This issue is fixed by limiting JNDI data source names to the java protocol in Log4j2 versions 2.17.1, 2.12.4, and 2.3.2.
Severity ?
No CVSS data available.
CWE
Assigner
References
| URL | Tags | |||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Apache Software Foundation | Apache Log4j2 |
Affected:
log4j-core , < 2.17.1
(custom)
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T04:32:13.076Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20211210 Vulnerabilities in Apache Log4j Library Affecting Cisco Products: December 2021",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://lists.apache.org/thread/s1o5vlo78ypqxnzn6p8zf6t9shtq5143"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://issues.apache.org/jira/browse/LOG4J2-3293"
},
{
"name": "[oss-security] 20211228 CVE-2021-44832: Apache Log4j2 vulnerable to RCE via JDBC Appender when attacker controls configuration",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2021/12/28/1"
},
{
"name": "[debian-lts-announce] 20211229 [SECURITY] [DLA 2870-1] apache-log4j2 security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2021/12/msg00036.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-784507.pdf"
},
{
"name": "FEDORA-2021-c6f471ce0f",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EVV25FXL4FU5X6X5BSL7RLQ7T6F65MRA/"
},
{
"name": "FEDORA-2021-1bd9151bab",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/T57MPJUW3MA6QGWZRTMCHHMMPQNVKGFC/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.oracle.com/security-alerts/cpujan2022.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20220104-0001/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.oracle.com/security-alerts/cpujul2022.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Apache Log4j2",
"vendor": "Apache Software Foundation",
"versions": [
{
"changes": [
{
"at": "2.13.0",
"status": "affected"
},
{
"at": "2.12.4",
"status": "unaffected"
},
{
"at": "2.4",
"status": "affected"
},
{
"at": "2.3.2",
"status": "unaffected"
},
{
"at": "2.0-beta7",
"status": "affected"
}
],
"lessThan": "2.17.1",
"status": "affected",
"version": "log4j-core",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Apache Log4j2 versions 2.0-beta7 through 2.17.0 (excluding security fix releases 2.3.2 and 2.12.4) are vulnerable to a remote code execution (RCE) attack when a configuration uses a JDBC Appender with a JNDI LDAP data source URI when an attacker has control of the target LDAP server. This issue is fixed by limiting JNDI data source names to the java protocol in Log4j2 versions 2.17.1, 2.12.4, and 2.3.2."
}
],
"metrics": [
{
"other": {
"content": {
"other": "moderate"
},
"type": "unknown"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20 Improper Input Validation",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-74",
"description": "CWE-74 Improper Neutralization of Special Elements in Output Used by a Downstream Component (\u0027Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-07-25T16:41:33",
"orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"shortName": "apache"
},
"references": [
{
"name": "20211210 Vulnerabilities in Apache Log4j Library Affecting Cisco Products: December 2021",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://lists.apache.org/thread/s1o5vlo78ypqxnzn6p8zf6t9shtq5143"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://issues.apache.org/jira/browse/LOG4J2-3293"
},
{
"name": "[oss-security] 20211228 CVE-2021-44832: Apache Log4j2 vulnerable to RCE via JDBC Appender when attacker controls configuration",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2021/12/28/1"
},
{
"name": "[debian-lts-announce] 20211229 [SECURITY] [DLA 2870-1] apache-log4j2 security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2021/12/msg00036.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-784507.pdf"
},
{
"name": "FEDORA-2021-c6f471ce0f",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EVV25FXL4FU5X6X5BSL7RLQ7T6F65MRA/"
},
{
"name": "FEDORA-2021-1bd9151bab",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/T57MPJUW3MA6QGWZRTMCHHMMPQNVKGFC/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.oracle.com/security-alerts/cpujan2022.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://security.netapp.com/advisory/ntap-20220104-0001/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.oracle.com/security-alerts/cpujul2022.html"
}
],
"source": {
"defect": [
"LOG4J2-3293",
""
],
"discovery": "UNKNOWN"
},
"timeline": [
{
"lang": "en",
"time": "2021-12-27T00:00:00",
"value": "reported"
},
{
"lang": "en",
"time": "2021-12-27T00:00:00",
"value": "patch proposed, 2.17.1-rc1"
},
{
"lang": "en",
"time": "2021-12-28T00:00:00",
"value": "fixed"
},
{
"lang": "en",
"time": "2021-12-28T00:00:00",
"value": "public"
}
],
"title": "Apache Log4j2 vulnerable to RCE via JDBC Appender when attacker controls configuration",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@apache.org",
"ID": "CVE-2021-44832",
"STATE": "PUBLIC",
"TITLE": "Apache Log4j2 vulnerable to RCE via JDBC Appender when attacker controls configuration"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Apache Log4j2",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "log4j-core",
"version_value": "2.17.1"
},
{
"version_affected": "\u003e=",
"version_name": "log4j-core",
"version_value": "2.13.0"
},
{
"version_affected": "\u003c",
"version_name": "log4j-core",
"version_value": "2.12.4"
},
{
"version_affected": "\u003e=",
"version_name": "log4j-core",
"version_value": "2.4"
},
{
"version_affected": "\u003c",
"version_name": "log4j-core",
"version_value": "2.3.2"
},
{
"version_affected": "\u003e=",
"version_name": "log4j-core",
"version_value": "2.0-beta7"
}
]
}
}
]
},
"vendor_name": "Apache Software Foundation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Apache Log4j2 versions 2.0-beta7 through 2.17.0 (excluding security fix releases 2.3.2 and 2.12.4) are vulnerable to a remote code execution (RCE) attack when a configuration uses a JDBC Appender with a JNDI LDAP data source URI when an attacker has control of the target LDAP server. This issue is fixed by limiting JNDI data source names to the java protocol in Log4j2 versions 2.17.1, 2.12.4, and 2.3.2."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": [
{
"other": "moderate"
}
],
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-20 Improper Input Validation"
}
]
},
{
"description": [
{
"lang": "eng",
"value": "CWE-74 Improper Neutralization of Special Elements in Output Used by a Downstream Component (\u0027Injection\u0027)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20211210 Vulnerabilities in Apache Log4j Library Affecting Cisco Products: December 2021",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd"
},
{
"name": "https://lists.apache.org/thread/s1o5vlo78ypqxnzn6p8zf6t9shtq5143",
"refsource": "MISC",
"url": "https://lists.apache.org/thread/s1o5vlo78ypqxnzn6p8zf6t9shtq5143"
},
{
"name": "https://issues.apache.org/jira/browse/LOG4J2-3293",
"refsource": "MISC",
"url": "https://issues.apache.org/jira/browse/LOG4J2-3293"
},
{
"name": "[oss-security] 20211228 CVE-2021-44832: Apache Log4j2 vulnerable to RCE via JDBC Appender when attacker controls configuration",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2021/12/28/1"
},
{
"name": "[debian-lts-announce] 20211229 [SECURITY] [DLA 2870-1] apache-log4j2 security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2021/12/msg00036.html"
},
{
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-784507.pdf",
"refsource": "CONFIRM",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-784507.pdf"
},
{
"name": "FEDORA-2021-c6f471ce0f",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EVV25FXL4FU5X6X5BSL7RLQ7T6F65MRA/"
},
{
"name": "FEDORA-2021-1bd9151bab",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T57MPJUW3MA6QGWZRTMCHHMMPQNVKGFC/"
},
{
"name": "https://www.oracle.com/security-alerts/cpujan2022.html",
"refsource": "MISC",
"url": "https://www.oracle.com/security-alerts/cpujan2022.html"
},
{
"name": "https://security.netapp.com/advisory/ntap-20220104-0001/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20220104-0001/"
},
{
"name": "https://www.oracle.com/security-alerts/cpuapr2022.html",
"refsource": "MISC",
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
},
{
"name": "https://www.oracle.com/security-alerts/cpujul2022.html",
"refsource": "MISC",
"url": "https://www.oracle.com/security-alerts/cpujul2022.html"
}
]
},
"source": {
"defect": [
"LOG4J2-3293",
""
],
"discovery": "UNKNOWN"
},
"timeline": [
{
"lang": "en",
"time": "2021-12-27T00:00:00",
"value": "reported"
},
{
"lang": "en",
"time": "2021-12-27T00:00:00",
"value": "patch proposed, 2.17.1-rc1"
},
{
"lang": "en",
"time": "2021-12-28T00:00:00",
"value": "fixed"
},
{
"lang": "en",
"time": "2021-12-28T00:00:00",
"value": "public"
}
]
}
}
},
"cveMetadata": {
"assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"assignerShortName": "apache",
"cveId": "CVE-2021-44832",
"datePublished": "2021-12-28T19:35:11",
"dateReserved": "2021-12-11T00:00:00",
"dateUpdated": "2024-08-04T04:32:13.076Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"fkie_nvd": {
"configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:log4j:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"2.0.1\", \"versionEndExcluding\": \"2.3.2\", \"matchCriteriaId\": \"E5737813-009A-4FDD-AC84-42E871EA1676\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:log4j:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"2.4\", \"versionEndExcluding\": \"2.12.4\", \"matchCriteriaId\": \"0D1858C4-53AC-4528-B86F-0AB83777B4F4\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:log4j:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"2.13.0\", \"versionEndExcluding\": \"2.17.1\", \"matchCriteriaId\": \"D127EBB0-E86F-4349-96E5-19BD198E0CCA\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:log4j:2.0:-:*:*:*:*:*:*\", \"matchCriteriaId\": \"17854E42-7063-4A55-BF2A-4C7074CC2D60\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:log4j:2.0:beta7:*:*:*:*:*:*\", \"matchCriteriaId\": \"F9D58C21-34AE-4782-8580-816B2F6A8F9D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:log4j:2.0:beta8:*:*:*:*:*:*\", \"matchCriteriaId\": \"DCFCBA59-E0DF-46FD-8431-C1043E7AB4EE\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:log4j:2.0:beta9:*:*:*:*:*:*\", \"matchCriteriaId\": \"53F32FB2-6970-4975-8BD0-EAE12E9AD03A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:log4j:2.0:rc1:*:*:*:*:*:*\", \"matchCriteriaId\": \"B773ED91-1D39-42E6-9C52-D02210DE1A94\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:log4j:2.0:rc2:*:*:*:*:*:*\", \"matchCriteriaId\": \"EF24312D-1A62-482E-8078-7EC24758B710\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:communications_diameter_signaling_router:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"8.0.0.0\", \"versionEndIncluding\": \"8.5.1.0\", \"matchCriteriaId\": \"83F42D52-1E43-44E0-8B53-A2A918BDDEC3\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:communications_interactive_session_recorder:6.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"46E23F2E-6733-45AF-9BD9-1A600BD278C8\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:communications_interactive_session_recorder:6.4:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E812639B-EE28-4C68-9F6F-70C8BF981C86\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:primavera_gateway:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"17.12.0\", \"versionEndIncluding\": \"17.12.11\", \"matchCriteriaId\": \"8B1C88FD-C2EC-4C96-AC7E-6F95C8763B48\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:primavera_gateway:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"18.8.0\", \"versionEndIncluding\": \"18.8.13\", \"matchCriteriaId\": \"A621A5AE-6974-4BA5-B1AC-7130A46F68F5\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:primavera_gateway:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"19.12.0\", \"versionEndIncluding\": \"19.12.12\", \"matchCriteriaId\": \"4096281D-2EBA-490D-8180-3C9D05EB890A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:primavera_gateway:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"20.12.0\", \"versionEndIncluding\": \"20.12.7\", \"matchCriteriaId\": \"E6B70E72-B9FC-4E49-8EDD-29C7E14F5792\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:primavera_gateway:21.12.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"15F45363-236B-4040-8AE4-C6C0E204EDBA\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:primavera_p6_enterprise_project_portfolio_management:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"19.12.0\", \"versionEndIncluding\": \"19.12.18.0\", \"matchCriteriaId\": \"A66F0C7C-4310-489F-8E91-4171D17DB32F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:primavera_p6_enterprise_project_portfolio_management:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"20.12.0.0\", \"versionEndIncluding\": \"20.12.12.0\", \"matchCriteriaId\": \"651104CE-0569-4E6D-ACAB-AD2AC85084DD\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:primavera_p6_enterprise_project_portfolio_management:21.12.0.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"45D89239-9142-46BD-846D-76A5A74A67B1\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:primavera_unifier:18.8:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"202AD518-2E9B-4062-B063-9858AE1F9CE2\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:primavera_unifier:19.12:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"10864586-270E-4ACF-BDCC-ECFCD299305F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:primavera_unifier:20.12:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"38340E3C-C452-4370-86D4-355B6B4E0A06\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:primavera_unifier:21.12:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E9C55C69-E22E-4B80-9371-5CD821D79FE2\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:retail_assortment_planning:16.0.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"48C9BD8E-7214-4B44-B549-6F11B3EA8A04\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:retail_fiscal_management:14.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A5F6FD19-A314-4A1F-96CB-6DB1CED79430\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:siebel_ui_framework:21.12:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"8D62731F-3290-4383-A4F6-5274B4D63B1D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:weblogic_server:12.2.1.3.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F14A818F-AA16-4438-A3E4-E64C9287AC66\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:weblogic_server:12.2.1.4.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"4A5BB153-68E0-4DDA-87D1-0D9AB7F0A418\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:weblogic_server:14.1.1.0.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"04BCDC24-4A21-473C-8733-0D9CFB38A752\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:cloudcenter:4.10.0.16:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"66AB39B2-0CE1-4C7E-9E7B-B288A080D584\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A930E247-0B43-43CB-98FF-6CE7B8189835\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"80E516C0-98A4-4ADE-B69F-66A772E2BAAA\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"DEECE5FC-CACF-4496-A3E7-164736409252\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:communications_brm_-_elastic_charging_engine:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"12.0.0.4.6\", \"matchCriteriaId\": \"6894D860-000E-439D-8AB7-07E9B2ACC31B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:communications_brm_-_elastic_charging_engine:12.0.0.5.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"FD66C717-85E0-40E7-A51F-549C8196D557\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:communications_diameter_signaling_router:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"8.3.0.0\", \"versionEndIncluding\": \"8.5.1.0\", \"matchCriteriaId\": \"F9550113-7423-48D8-A1C7-95D6AEE9B33C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:communications_interactive_session_recorder:6.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"46E23F2E-6733-45AF-9BD9-1A600BD278C8\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:communications_interactive_session_recorder:6.4:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E812639B-EE28-4C68-9F6F-70C8BF981C86\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:communications_offline_mediation_controller:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"12.0.0.4.4\", \"matchCriteriaId\": \"61A2E42A-4EF2-437D-A0EC-4A6A4F1EBD11\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:communications_offline_mediation_controller:12.0.0.5.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"5933FEA2-B79E-4EE7-B821-54D676B45734\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:flexcube_private_banking:12.1.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"1B74B912-152D-4F38-9FC1-741D6D0B27FC\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:health_sciences_data_management_workbench:2.5.2.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E6C9A32B-B776-4704-818D-977B4B20D677\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:health_sciences_data_management_workbench:3.0.0.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"6989178B-A3D5-4441-A56C-6C639D4759DF\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:health_sciences_data_management_workbench:3.1.0.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F5049591-AA1B-4D64-A925-40D0724074D1\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:policy_automation:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"12.2.0\", \"versionEndIncluding\": \"12.2.24\", \"matchCriteriaId\": \"F47057A9-2DDE-4178-B140-F7D70EAED8F6\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:policy_automation_for_mobile_devices:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"12.2.0\", \"versionEndIncluding\": \"12.2.24\", \"matchCriteriaId\": \"9132D7F2-43B3-4595-B8BF-C9DE897087F6\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:primavera_gateway:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"17.12.0\", \"versionEndIncluding\": \"17.12.11\", \"matchCriteriaId\": \"8B1C88FD-C2EC-4C96-AC7E-6F95C8763B48\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:primavera_gateway:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"18.8.0\", \"versionEndIncluding\": \"18.8.13\", \"matchCriteriaId\": \"A621A5AE-6974-4BA5-B1AC-7130A46F68F5\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:primavera_gateway:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"19.12.0\", \"versionEndIncluding\": \"19.12.12\", \"matchCriteriaId\": \"4096281D-2EBA-490D-8180-3C9D05EB890A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:primavera_gateway:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"20.12.0\", \"versionEndIncluding\": \"20.12.7\", \"matchCriteriaId\": \"E6B70E72-B9FC-4E49-8EDD-29C7E14F5792\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:primavera_gateway:21.12.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"15F45363-236B-4040-8AE4-C6C0E204EDBA\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:primavera_p6_enterprise_project_portfolio_management:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"19.12.0.0\", \"versionEndIncluding\": \"19.12.18.0\", \"matchCriteriaId\": \"AD0DEC50-F4CD-4ACA-A118-D4F0D4F4C981\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:primavera_p6_enterprise_project_portfolio_management:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"20.12.0.0\", \"versionEndIncluding\": \"20.12.12.0\", \"matchCriteriaId\": \"651104CE-0569-4E6D-ACAB-AD2AC85084DD\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:primavera_p6_enterprise_project_portfolio_management:21.12.0.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"45D89239-9142-46BD-846D-76A5A74A67B1\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:primavera_unifier:18.8:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"202AD518-2E9B-4062-B063-9858AE1F9CE2\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:primavera_unifier:19.12:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"10864586-270E-4ACF-BDCC-ECFCD299305F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:primavera_unifier:20.12:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"38340E3C-C452-4370-86D4-355B6B4E0A06\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:primavera_unifier:21.12:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E9C55C69-E22E-4B80-9371-5CD821D79FE2\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:product_lifecycle_analytics:3.6.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"7F978162-CB2C-4166-947A-9048C6E878BC\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:retail_order_broker:18.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"0783F0D1-8FAC-4BCA-A6F5-C5C60E86D56D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:retail_order_broker:19.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C7BD0D41-1BED-4C4F-95C8-8987C98908DA\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:retail_xstore_point_of_service:17.0.4:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"DEC41EB8-73B4-4BDF-9321-F34EC0BAF9E6\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:retail_xstore_point_of_service:18.0.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"48EFC111-B01B-4C34-87E4-D6B2C40C0122\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:retail_xstore_point_of_service:19.0.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"073FEA23-E46A-4C73-9D29-95CFF4F5A59D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:retail_xstore_point_of_service:20.0.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A69FB468-EAF3-4E67-95E7-DF92C281C1F1\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:retail_xstore_point_of_service:21.0.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"0ABA57AC-4BBF-4E4F-9F7E-D42472C36EEB\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:siebel_ui_framework:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"21.12\", \"matchCriteriaId\": \"889916ED-5EB2-49D6-8400-E6DBBD6C287F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:weblogic_server:12.2.1.3.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F14A818F-AA16-4438-A3E4-E64C9287AC66\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:weblogic_server:12.2.1.4.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"4A5BB153-68E0-4DDA-87D1-0D9AB7F0A418\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:weblogic_server:14.1.1.0.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"04BCDC24-4A21-473C-8733-0D9CFB38A752\"}]}]}]",
"descriptions": "[{\"lang\": \"en\", \"value\": \"Apache Log4j2 versions 2.0-beta7 through 2.17.0 (excluding security fix releases 2.3.2 and 2.12.4) are vulnerable to a remote code execution (RCE) attack when a configuration uses a JDBC Appender with a JNDI LDAP data source URI when an attacker has control of the target LDAP server. This issue is fixed by limiting JNDI data source names to the java protocol in Log4j2 versions 2.17.1, 2.12.4, and 2.3.2.\"}, {\"lang\": \"es\", \"value\": \"Las versiones de Apache Log4j2 de la 2.0-beta7 a la 2.17.0 (excluyendo las versiones de correcci\\u00f3n de seguridad 2.3.2 y 2.12.4) son vulnerables a un ataque de ejecuci\\u00f3n remota de c\\u00f3digo (RCE) cuando una configuraci\\u00f3n utiliza un JDBC Appender con un URI de origen de datos JNDI LDAP cuando un atacante tiene el control del servidor LDAP de destino. Este problema se soluciona limitando los nombres de fuentes de datos JNDI al protocolo java en las versiones 2.17.1, 2.12.4 y 2.3.2 de Log4j2\"}]",
"id": "CVE-2021-44832",
"lastModified": "2024-11-21T06:31:34.783",
"metrics": "{\"cvssMetricV31\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H\", \"baseScore\": 6.6, \"baseSeverity\": \"MEDIUM\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"HIGH\", \"privilegesRequired\": \"HIGH\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 0.7, \"impactScore\": 5.9}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:M/Au:S/C:C/I:C/A:C\", \"baseScore\": 8.5, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"MEDIUM\", \"authentication\": \"SINGLE\", \"confidentialityImpact\": \"COMPLETE\", \"integrityImpact\": \"COMPLETE\", \"availabilityImpact\": \"COMPLETE\"}, \"baseSeverity\": \"HIGH\", \"exploitabilityScore\": 6.8, \"impactScore\": 10.0, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
"published": "2021-12-28T20:15:08.400",
"references": "[{\"url\": \"http://www.openwall.com/lists/oss-security/2021/12/28/1\", \"source\": \"security@apache.org\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"https://cert-portal.siemens.com/productcert/pdf/ssa-784507.pdf\", \"source\": \"security@apache.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://issues.apache.org/jira/browse/LOG4J2-3293\", \"source\": \"security@apache.org\", \"tags\": [\"Issue Tracking\", \"Patch\", \"Vendor Advisory\"]}, {\"url\": \"https://lists.apache.org/thread/s1o5vlo78ypqxnzn6p8zf6t9shtq5143\", \"source\": \"security@apache.org\", \"tags\": [\"Mailing List\", \"Vendor Advisory\"]}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2021/12/msg00036.html\", \"source\": \"security@apache.org\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EVV25FXL4FU5X6X5BSL7RLQ7T6F65MRA/\", \"source\": \"security@apache.org\"}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/T57MPJUW3MA6QGWZRTMCHHMMPQNVKGFC/\", \"source\": \"security@apache.org\"}, {\"url\": \"https://security.netapp.com/advisory/ntap-20220104-0001/\", \"source\": \"security@apache.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd\", \"source\": \"security@apache.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://www.oracle.com/security-alerts/cpuapr2022.html\", \"source\": \"security@apache.org\", \"tags\": [\"Patch\", \"Third Party Advisory\"]}, {\"url\": \"https://www.oracle.com/security-alerts/cpujan2022.html\", \"source\": \"security@apache.org\", \"tags\": [\"Patch\", \"Third Party Advisory\"]}, {\"url\": \"https://www.oracle.com/security-alerts/cpujul2022.html\", \"source\": \"security@apache.org\", \"tags\": [\"Patch\", \"Third Party Advisory\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2021/12/28/1\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"https://cert-portal.siemens.com/productcert/pdf/ssa-784507.pdf\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://issues.apache.org/jira/browse/LOG4J2-3293\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Issue Tracking\", \"Patch\", \"Vendor Advisory\"]}, {\"url\": \"https://lists.apache.org/thread/s1o5vlo78ypqxnzn6p8zf6t9shtq5143\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\", \"Vendor Advisory\"]}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2021/12/msg00036.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EVV25FXL4FU5X6X5BSL7RLQ7T6F65MRA/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/T57MPJUW3MA6QGWZRTMCHHMMPQNVKGFC/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://security.netapp.com/advisory/ntap-20220104-0001/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://www.oracle.com/security-alerts/cpuapr2022.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\", \"Third Party Advisory\"]}, {\"url\": \"https://www.oracle.com/security-alerts/cpujan2022.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\", \"Third Party Advisory\"]}, {\"url\": \"https://www.oracle.com/security-alerts/cpujul2022.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\", \"Third Party Advisory\"]}]",
"sourceIdentifier": "security@apache.org",
"vulnStatus": "Modified",
"weaknesses": "[{\"source\": \"security@apache.org\", \"type\": \"Secondary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-20\"}, {\"lang\": \"en\", \"value\": \"CWE-74\"}]}, {\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-20\"}]}]"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2021-44832\",\"sourceIdentifier\":\"security@apache.org\",\"published\":\"2021-12-28T20:15:08.400\",\"lastModified\":\"2024-11-21T06:31:34.783\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Apache Log4j2 versions 2.0-beta7 through 2.17.0 (excluding security fix releases 2.3.2 and 2.12.4) are vulnerable to a remote code execution (RCE) attack when a configuration uses a JDBC Appender with a JNDI LDAP data source URI when an attacker has control of the target LDAP server. This issue is fixed by limiting JNDI data source names to the java protocol in Log4j2 versions 2.17.1, 2.12.4, and 2.3.2.\"},{\"lang\":\"es\",\"value\":\"Las versiones de Apache Log4j2 de la 2.0-beta7 a la 2.17.0 (excluyendo las versiones de correcci\u00f3n de seguridad 2.3.2 y 2.12.4) son vulnerables a un ataque de ejecuci\u00f3n remota de c\u00f3digo (RCE) cuando una configuraci\u00f3n utiliza un JDBC Appender con un URI de origen de datos JNDI LDAP cuando un atacante tiene el control del servidor LDAP de destino. Este problema se soluciona limitando los nombres de fuentes de datos JNDI al protocolo java en las versiones 2.17.1, 2.12.4 y 2.3.2 de Log4j2\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":6.6,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"HIGH\",\"privilegesRequired\":\"HIGH\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":0.7,\"impactScore\":5.9}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:M/Au:S/C:C/I:C/A:C\",\"baseScore\":8.5,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"SINGLE\",\"confidentialityImpact\":\"COMPLETE\",\"integrityImpact\":\"COMPLETE\",\"availabilityImpact\":\"COMPLETE\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":6.8,\"impactScore\":10.0,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"security@apache.org\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-20\"},{\"lang\":\"en\",\"value\":\"CWE-74\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-20\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:log4j:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"2.0.1\",\"versionEndExcluding\":\"2.3.2\",\"matchCriteriaId\":\"E5737813-009A-4FDD-AC84-42E871EA1676\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:log4j:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"2.4\",\"versionEndExcluding\":\"2.12.4\",\"matchCriteriaId\":\"0D1858C4-53AC-4528-B86F-0AB83777B4F4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:log4j:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"2.13.0\",\"versionEndExcluding\":\"2.17.1\",\"matchCriteriaId\":\"D127EBB0-E86F-4349-96E5-19BD198E0CCA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:log4j:2.0:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"17854E42-7063-4A55-BF2A-4C7074CC2D60\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:log4j:2.0:beta7:*:*:*:*:*:*\",\"matchCriteriaId\":\"F9D58C21-34AE-4782-8580-816B2F6A8F9D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:log4j:2.0:beta8:*:*:*:*:*:*\",\"matchCriteriaId\":\"DCFCBA59-E0DF-46FD-8431-C1043E7AB4EE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:log4j:2.0:beta9:*:*:*:*:*:*\",\"matchCriteriaId\":\"53F32FB2-6970-4975-8BD0-EAE12E9AD03A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:log4j:2.0:rc1:*:*:*:*:*:*\",\"matchCriteriaId\":\"B773ED91-1D39-42E6-9C52-D02210DE1A94\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:log4j:2.0:rc2:*:*:*:*:*:*\",\"matchCriteriaId\":\"EF24312D-1A62-482E-8078-7EC24758B710\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:communications_diameter_signaling_router:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"8.0.0.0\",\"versionEndIncluding\":\"8.5.1.0\",\"matchCriteriaId\":\"83F42D52-1E43-44E0-8B53-A2A918BDDEC3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:communications_interactive_session_recorder:6.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"46E23F2E-6733-45AF-9BD9-1A600BD278C8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:communications_interactive_session_recorder:6.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E812639B-EE28-4C68-9F6F-70C8BF981C86\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:primavera_gateway:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"17.12.0\",\"versionEndIncluding\":\"17.12.11\",\"matchCriteriaId\":\"8B1C88FD-C2EC-4C96-AC7E-6F95C8763B48\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:primavera_gateway:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"18.8.0\",\"versionEndIncluding\":\"18.8.13\",\"matchCriteriaId\":\"A621A5AE-6974-4BA5-B1AC-7130A46F68F5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:primavera_gateway:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"19.12.0\",\"versionEndIncluding\":\"19.12.12\",\"matchCriteriaId\":\"4096281D-2EBA-490D-8180-3C9D05EB890A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:primavera_gateway:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"20.12.0\",\"versionEndIncluding\":\"20.12.7\",\"matchCriteriaId\":\"E6B70E72-B9FC-4E49-8EDD-29C7E14F5792\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:primavera_gateway:21.12.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"15F45363-236B-4040-8AE4-C6C0E204EDBA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:primavera_p6_enterprise_project_portfolio_management:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"19.12.0\",\"versionEndIncluding\":\"19.12.18.0\",\"matchCriteriaId\":\"A66F0C7C-4310-489F-8E91-4171D17DB32F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:primavera_p6_enterprise_project_portfolio_management:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"20.12.0.0\",\"versionEndIncluding\":\"20.12.12.0\",\"matchCriteriaId\":\"651104CE-0569-4E6D-ACAB-AD2AC85084DD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:primavera_p6_enterprise_project_portfolio_management:21.12.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"45D89239-9142-46BD-846D-76A5A74A67B1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:primavera_unifier:18.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"202AD518-2E9B-4062-B063-9858AE1F9CE2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:primavera_unifier:19.12:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"10864586-270E-4ACF-BDCC-ECFCD299305F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:primavera_unifier:20.12:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"38340E3C-C452-4370-86D4-355B6B4E0A06\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:primavera_unifier:21.12:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E9C55C69-E22E-4B80-9371-5CD821D79FE2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:retail_assortment_planning:16.0.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"48C9BD8E-7214-4B44-B549-6F11B3EA8A04\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:retail_fiscal_management:14.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A5F6FD19-A314-4A1F-96CB-6DB1CED79430\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:siebel_ui_framework:21.12:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8D62731F-3290-4383-A4F6-5274B4D63B1D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:weblogic_server:12.2.1.3.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F14A818F-AA16-4438-A3E4-E64C9287AC66\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:weblogic_server:12.2.1.4.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4A5BB153-68E0-4DDA-87D1-0D9AB7F0A418\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:weblogic_server:14.1.1.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"04BCDC24-4A21-473C-8733-0D9CFB38A752\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:cloudcenter:4.10.0.16:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"66AB39B2-0CE1-4C7E-9E7B-B288A080D584\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A930E247-0B43-43CB-98FF-6CE7B8189835\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"80E516C0-98A4-4ADE-B69F-66A772E2BAAA\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DEECE5FC-CACF-4496-A3E7-164736409252\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:communications_brm_-_elastic_charging_engine:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"12.0.0.4.6\",\"matchCriteriaId\":\"6894D860-000E-439D-8AB7-07E9B2ACC31B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:communications_brm_-_elastic_charging_engine:12.0.0.5.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FD66C717-85E0-40E7-A51F-549C8196D557\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:communications_diameter_signaling_router:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"8.3.0.0\",\"versionEndIncluding\":\"8.5.1.0\",\"matchCriteriaId\":\"F9550113-7423-48D8-A1C7-95D6AEE9B33C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:communications_interactive_session_recorder:6.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"46E23F2E-6733-45AF-9BD9-1A600BD278C8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:communications_interactive_session_recorder:6.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E812639B-EE28-4C68-9F6F-70C8BF981C86\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:communications_offline_mediation_controller:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"12.0.0.4.4\",\"matchCriteriaId\":\"61A2E42A-4EF2-437D-A0EC-4A6A4F1EBD11\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:communications_offline_mediation_controller:12.0.0.5.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5933FEA2-B79E-4EE7-B821-54D676B45734\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:flexcube_private_banking:12.1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1B74B912-152D-4F38-9FC1-741D6D0B27FC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:health_sciences_data_management_workbench:2.5.2.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E6C9A32B-B776-4704-818D-977B4B20D677\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:health_sciences_data_management_workbench:3.0.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6989178B-A3D5-4441-A56C-6C639D4759DF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:health_sciences_data_management_workbench:3.1.0.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F5049591-AA1B-4D64-A925-40D0724074D1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:policy_automation:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"12.2.0\",\"versionEndIncluding\":\"12.2.24\",\"matchCriteriaId\":\"F47057A9-2DDE-4178-B140-F7D70EAED8F6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:policy_automation_for_mobile_devices:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"12.2.0\",\"versionEndIncluding\":\"12.2.24\",\"matchCriteriaId\":\"9132D7F2-43B3-4595-B8BF-C9DE897087F6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:primavera_gateway:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"17.12.0\",\"versionEndIncluding\":\"17.12.11\",\"matchCriteriaId\":\"8B1C88FD-C2EC-4C96-AC7E-6F95C8763B48\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:primavera_gateway:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"18.8.0\",\"versionEndIncluding\":\"18.8.13\",\"matchCriteriaId\":\"A621A5AE-6974-4BA5-B1AC-7130A46F68F5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:primavera_gateway:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"19.12.0\",\"versionEndIncluding\":\"19.12.12\",\"matchCriteriaId\":\"4096281D-2EBA-490D-8180-3C9D05EB890A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:primavera_gateway:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"20.12.0\",\"versionEndIncluding\":\"20.12.7\",\"matchCriteriaId\":\"E6B70E72-B9FC-4E49-8EDD-29C7E14F5792\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:primavera_gateway:21.12.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"15F45363-236B-4040-8AE4-C6C0E204EDBA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:primavera_p6_enterprise_project_portfolio_management:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"19.12.0.0\",\"versionEndIncluding\":\"19.12.18.0\",\"matchCriteriaId\":\"AD0DEC50-F4CD-4ACA-A118-D4F0D4F4C981\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:primavera_p6_enterprise_project_portfolio_management:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"20.12.0.0\",\"versionEndIncluding\":\"20.12.12.0\",\"matchCriteriaId\":\"651104CE-0569-4E6D-ACAB-AD2AC85084DD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:primavera_p6_enterprise_project_portfolio_management:21.12.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"45D89239-9142-46BD-846D-76A5A74A67B1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:primavera_unifier:18.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"202AD518-2E9B-4062-B063-9858AE1F9CE2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:primavera_unifier:19.12:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"10864586-270E-4ACF-BDCC-ECFCD299305F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:primavera_unifier:20.12:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"38340E3C-C452-4370-86D4-355B6B4E0A06\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:primavera_unifier:21.12:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E9C55C69-E22E-4B80-9371-5CD821D79FE2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:product_lifecycle_analytics:3.6.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7F978162-CB2C-4166-947A-9048C6E878BC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:retail_order_broker:18.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0783F0D1-8FAC-4BCA-A6F5-C5C60E86D56D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:retail_order_broker:19.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C7BD0D41-1BED-4C4F-95C8-8987C98908DA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:retail_xstore_point_of_service:17.0.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DEC41EB8-73B4-4BDF-9321-F34EC0BAF9E6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:retail_xstore_point_of_service:18.0.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"48EFC111-B01B-4C34-87E4-D6B2C40C0122\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:retail_xstore_point_of_service:19.0.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"073FEA23-E46A-4C73-9D29-95CFF4F5A59D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:retail_xstore_point_of_service:20.0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A69FB468-EAF3-4E67-95E7-DF92C281C1F1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:retail_xstore_point_of_service:21.0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0ABA57AC-4BBF-4E4F-9F7E-D42472C36EEB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:siebel_ui_framework:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"21.12\",\"matchCriteriaId\":\"889916ED-5EB2-49D6-8400-E6DBBD6C287F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:weblogic_server:12.2.1.3.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F14A818F-AA16-4438-A3E4-E64C9287AC66\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:weblogic_server:12.2.1.4.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4A5BB153-68E0-4DDA-87D1-0D9AB7F0A418\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:weblogic_server:14.1.1.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"04BCDC24-4A21-473C-8733-0D9CFB38A752\"}]}]}],\"references\":[{\"url\":\"http://www.openwall.com/lists/oss-security/2021/12/28/1\",\"source\":\"security@apache.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://cert-portal.siemens.com/productcert/pdf/ssa-784507.pdf\",\"source\":\"security@apache.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://issues.apache.org/jira/browse/LOG4J2-3293\",\"source\":\"security@apache.org\",\"tags\":[\"Issue Tracking\",\"Patch\",\"Vendor Advisory\"]},{\"url\":\"https://lists.apache.org/thread/s1o5vlo78ypqxnzn6p8zf6t9shtq5143\",\"source\":\"security@apache.org\",\"tags\":[\"Mailing List\",\"Vendor Advisory\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2021/12/msg00036.html\",\"source\":\"security@apache.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EVV25FXL4FU5X6X5BSL7RLQ7T6F65MRA/\",\"source\":\"security@apache.org\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/T57MPJUW3MA6QGWZRTMCHHMMPQNVKGFC/\",\"source\":\"security@apache.org\"},{\"url\":\"https://security.netapp.com/advisory/ntap-20220104-0001/\",\"source\":\"security@apache.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd\",\"source\":\"security@apache.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com/security-alerts/cpuapr2022.html\",\"source\":\"security@apache.org\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com/security-alerts/cpujan2022.html\",\"source\":\"security@apache.org\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com/security-alerts/cpujul2022.html\",\"source\":\"security@apache.org\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2021/12/28/1\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://cert-portal.siemens.com/productcert/pdf/ssa-784507.pdf\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://issues.apache.org/jira/browse/LOG4J2-3293\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\",\"Patch\",\"Vendor Advisory\"]},{\"url\":\"https://lists.apache.org/thread/s1o5vlo78ypqxnzn6p8zf6t9shtq5143\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Vendor Advisory\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2021/12/msg00036.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EVV25FXL4FU5X6X5BSL7RLQ7T6F65MRA/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/T57MPJUW3MA6QGWZRTMCHHMMPQNVKGFC/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://security.netapp.com/advisory/ntap-20220104-0001/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com/security-alerts/cpuapr2022.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com/security-alerts/cpujan2022.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com/security-alerts/cpujul2022.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Third Party Advisory\"]}]}}"
}
}
CERTFR-2022-AVI-205
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été découvertes dans les produits IBM. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et une atteinte à l'intégrité des données.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
References
| Title | Publication Time | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "IBM Spectrum Control versions ant\u00e9rieures \u00e0 5.4.6",
"product": {
"name": "Spectrum",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "IBM Security QRadar SOAR versions ant\u00e9rieures \u00e0 44.0",
"product": {
"name": "QRadar",
"vendor": {
"name": "IBM",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2021-41182",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-41182"
},
{
"name": "CVE-2021-35565",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35565"
},
{
"name": "CVE-2021-39031",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-39031"
},
{
"name": "CVE-2021-41184",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-41184"
},
{
"name": "CVE-2021-41183",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-41183"
},
{
"name": "CVE-2021-35588",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35588"
},
{
"name": "CVE-2021-23450",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-23450"
},
{
"name": "CVE-2021-35578",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35578"
},
{
"name": "CVE-2021-35564",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35564"
},
{
"name": "CVE-2021-44832",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44832"
},
{
"name": "CVE-2021-234550",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-234550"
},
{
"name": "CVE-2021-35560",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35560"
}
],
"links": [],
"reference": "CERTFR-2022-AVI-205",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2022-03-04T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Injection de code indirecte \u00e0 distance (XSS)"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits IBM.\nCertaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une\nex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de service \u00e0 distance\net une atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits IBM",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 6561029 du 03 mars 2022",
"url": "https://www.ibm.com/support/pages/node/6561029"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 6561005 du 03 mars 2022",
"url": "https://www.ibm.com/support/pages/node/6561005"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 6560969 du 03 mars 2022",
"url": "https://www.ibm.com/support/pages/node/6560969"
}
]
}
CERTFR-2022-AVI-1027
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été découvertes dans IBM Db2. Elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et une atteinte à la confidentialité des données.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
References
| Title | Publication Time | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "IBM Db2 versions 11.5.6 et 11.5.7 sans le correctif de s\u00e9curit\u00e9",
"product": {
"name": "Db2",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "IBM Db2 versions 11.5.x ant\u00e9rieures \u00e0 11.5.8",
"product": {
"name": "Db2",
"vendor": {
"name": "IBM",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2021-45105",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-45105"
},
{
"name": "CVE-2021-4104",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-4104"
},
{
"name": "CVE-2021-45046",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-45046"
},
{
"name": "CVE-2021-44228",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44228"
},
{
"name": "CVE-2021-44832",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44832"
}
],
"links": [],
"reference": "CERTFR-2022-AVI-1027",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2022-11-14T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans IBM Db2. Elles\npermettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire\n\u00e0 distance, un d\u00e9ni de service \u00e0 distance et une atteinte \u00e0 la\nconfidentialit\u00e9 des donn\u00e9es.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans IBM Db2",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 6528672 du 11 novembre 2022",
"url": "https://www.ibm.com/support/pages/node/6528672"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 6526462 du 11 novembre 2022",
"url": "https://www.ibm.com/support/pages/node/6526462"
}
]
}
CERTFR-2022-AVI-345
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été découvertes dans les produits SAP. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et un contournement de la politique de sécurité.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| SAP | NetWeaver Application Server pour ABAP | SAP NetWeaver Application Server pour ABAP (Kernel) et ABAP Platform (Kernel) versions KERNEL 7.22, 8.04, 7.49, 7.53, 7.77, 7.81, 7.85, 7.86, 7.87, KRNL64UC 8.04, 7.22, 7.22EXT, 7.49, 7.53, KRNL64NUC 7.22, 7.22EXT et 7.49 | ||
| SAP | NetWeaver Application Server ABAP et ABAP Platform | SAP NetWeaver Application Server ABAP et ABAP Platform versions 700, 710, 711, 730, 731, 740 et 750-756 | ||
| SAP | N/A | SAP Web Dispatcher versions 7.22, 7.49, 7.53, 7.77, 7.81 et 7.83 | ||
| SAP | N/A | SAPS/4HANA(Supplier Factsheet et Enterprise Search pour Business Partner, Supplier et Customer) versions 104, 105 et 106 | ||
| SAP | N/A | SAP Content Server version 7.53 | ||
| SAP | N/A | SAP SQL Anywhere Server version 17.0 | ||
| SAP | N/A | SAP Web Dispatcher versions 7.49, 7.53, 7.77, 7.81, 7.85, 7.22EXT, 7.86 et 7.87 | ||
| SAP | N/A | SAPUI5, versions 750, 753, 754, 755, 756 et 200 | ||
| SAP | N/A | SAP Manufacturing Integration et Intelligence versions 15.1, 15.2, 15.3 et 15.4 | ||
| SAP | N/A | SAP Powerdesigner Web Portal version 16.7 | ||
| SAP | N/A | SAP Customer Checkout_SVR version 2.0 | ||
| SAP | N/A | SAP NetWeaver (Internet Communication Manager versions KRNL64NUC 7.22, 7.22EXT, 7.49, KRNL64UC 7.22, 7.22EXT, 7.49, 7.53, KERNEL 7.22, 7.49, 7.53, 7.77, 7.81, 7.85 et 7.86 | ||
| SAP | N/A | SAP Business Client version 6.5 | ||
| SAP | N/A | SAP NetWeaver Application Server pour Java Version 7.50 | ||
| SAP | N/A | SAP Customer Checkout version 2.0 | ||
| SAP | SAP BusinessObjects Business Intelligence | SAP BusinessObjects Business Intelligence Platform versions 420 et 430 | ||
| SAP | N/A | SAP Focused Run (Simple Diagnostics Agent) version 1.0 | ||
| SAP | N/A | SAP 3D Visual Enterprise Viewer version 9 | ||
| SAP | NetWeaver Enterprise Portal | SAP NetWeaver Enterprise Portal versions 7.10, 7.11, 7.20, 7.30, 7.31, 7.40 et 7.50 | ||
| SAP | N/A | SAP Fiori Launchpad versions 54, 755 et 756 | ||
| SAP | N/A | SAP NetWeaver (EP Web Page Composer) versions 7.20, 7.30, 7.31, 7.40 et 7.50 | ||
| SAP | N/A | SAP Web Dispatcher versions 7.53, 7.77, 7.81, 7.85 et 7.86 | ||
| SAP | N/A | SAP Commerce versions 905, 2005, 2105 et 2011 | ||
| SAP | N/A | SAP Innovation Management version 2 | ||
| SAP | N/A | SAP BusinessObjects Enterprise (Central Management Server) versions 420 et 430 | ||
| SAP | SAP BusinessObjects Business Intelligence | SAP BusinessObjects Business Intelligence Platform (BI Workspace) version 420 | ||
| SAP | NetWeaver et ABAP | SAP NetWeaver et ABAP Platform versions KERNEL 7.22, 8.04, 7.49, 7.53, 7.77, 7.81, 7.85, 7.86, 7.87, KRNL64UC 8.04, 7.22, 7.22EXT, 7.49, 7.53, KRNL64NUC 7.22, 7.22EXT et 7.49 | ||
| SAP | N/A | SAPUI5 (vbm library) versions 750, 753, 754, 755 et 756 | ||
| SAP | N/A | SAP NetWeaver Application Server Java versions KRNL64NUC 7.22, 7.22EXT, 7.49, KRNL64UC, 7.22, 7.22EXT, 7.49, 7.53, KERNEL 7.22, 7.49 et 7.53 | ||
| SAP | N/A | SAP NetWeaver (Internet Communication Manager) versions KRNL64NUC 7.22, 7.22EXT, 7.49, KRNL64UC 7.22, 7.22EXT, 7.49, 7.53, KERNEL 7.22, 7.49, 7.53, 7.77, 7.81, 7.85 et 7.86 | ||
| SAP | N/A | SAP HANA Extended Application Services version 1 | ||
| SAP | N/A | SAP NetWeaver ABAP Server et ABAP Platform versions 740, 750 et 787 |
References
| Title | Publication Time | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "SAP NetWeaver Application Server pour ABAP (Kernel) et ABAP Platform (Kernel) versions KERNEL 7.22, 8.04, 7.49, 7.53, 7.77, 7.81, 7.85, 7.86, 7.87, KRNL64UC 8.04, 7.22, 7.22EXT, 7.49, 7.53, KRNL64NUC 7.22, 7.22EXT et 7.49",
"product": {
"name": "NetWeaver Application Server pour ABAP",
"vendor": {
"name": "SAP",
"scada": false
}
}
},
{
"description": "SAP NetWeaver Application Server ABAP et ABAP Platform versions 700, 710, 711, 730, 731, 740 et 750-756",
"product": {
"name": "NetWeaver Application Server ABAP et ABAP Platform",
"vendor": {
"name": "SAP",
"scada": false
}
}
},
{
"description": "SAP Web Dispatcher versions 7.22, 7.49, 7.53, 7.77, 7.81 et 7.83",
"product": {
"name": "N/A",
"vendor": {
"name": "SAP",
"scada": false
}
}
},
{
"description": "SAPS/4HANA(Supplier Factsheet et Enterprise Search pour Business Partner, Supplier et Customer) versions 104, 105 et 106",
"product": {
"name": "N/A",
"vendor": {
"name": "SAP",
"scada": false
}
}
},
{
"description": "SAP Content Server version 7.53",
"product": {
"name": "N/A",
"vendor": {
"name": "SAP",
"scada": false
}
}
},
{
"description": "SAP SQL Anywhere Server version 17.0",
"product": {
"name": "N/A",
"vendor": {
"name": "SAP",
"scada": false
}
}
},
{
"description": "SAP Web Dispatcher versions 7.49, 7.53, 7.77, 7.81, 7.85, 7.22EXT, 7.86 et 7.87",
"product": {
"name": "N/A",
"vendor": {
"name": "SAP",
"scada": false
}
}
},
{
"description": "SAPUI5, versions 750, 753, 754, 755, 756 et 200",
"product": {
"name": "N/A",
"vendor": {
"name": "SAP",
"scada": false
}
}
},
{
"description": "SAP Manufacturing Integration et Intelligence versions 15.1, 15.2, 15.3 et 15.4",
"product": {
"name": "N/A",
"vendor": {
"name": "SAP",
"scada": false
}
}
},
{
"description": "SAP Powerdesigner Web Portal version 16.7",
"product": {
"name": "N/A",
"vendor": {
"name": "SAP",
"scada": false
}
}
},
{
"description": "SAP Customer Checkout_SVR version 2.0",
"product": {
"name": "N/A",
"vendor": {
"name": "SAP",
"scada": false
}
}
},
{
"description": "SAP NetWeaver (Internet Communication Manager versions KRNL64NUC 7.22, 7.22EXT, 7.49, KRNL64UC 7.22, 7.22EXT, 7.49, 7.53, KERNEL 7.22, 7.49, 7.53, 7.77, 7.81, 7.85 et 7.86",
"product": {
"name": "N/A",
"vendor": {
"name": "SAP",
"scada": false
}
}
},
{
"description": "SAP Business Client version 6.5",
"product": {
"name": "N/A",
"vendor": {
"name": "SAP",
"scada": false
}
}
},
{
"description": "SAP NetWeaver Application Server pour Java Version 7.50",
"product": {
"name": "N/A",
"vendor": {
"name": "SAP",
"scada": false
}
}
},
{
"description": "SAP Customer Checkout version 2.0",
"product": {
"name": "N/A",
"vendor": {
"name": "SAP",
"scada": false
}
}
},
{
"description": "SAP BusinessObjects Business Intelligence Platform versions 420 et 430",
"product": {
"name": "SAP BusinessObjects Business Intelligence",
"vendor": {
"name": "SAP",
"scada": false
}
}
},
{
"description": "SAP Focused Run (Simple Diagnostics Agent) version 1.0",
"product": {
"name": "N/A",
"vendor": {
"name": "SAP",
"scada": false
}
}
},
{
"description": "SAP 3D Visual Enterprise Viewer version 9",
"product": {
"name": "N/A",
"vendor": {
"name": "SAP",
"scada": false
}
}
},
{
"description": "SAP NetWeaver Enterprise Portal versions 7.10, 7.11, 7.20, 7.30, 7.31, 7.40 et 7.50",
"product": {
"name": "NetWeaver Enterprise Portal",
"vendor": {
"name": "SAP",
"scada": false
}
}
},
{
"description": "SAP Fiori Launchpad versions 54, 755 et 756",
"product": {
"name": "N/A",
"vendor": {
"name": "SAP",
"scada": false
}
}
},
{
"description": "SAP NetWeaver (EP Web Page Composer) versions 7.20, 7.30, 7.31, 7.40 et 7.50",
"product": {
"name": "N/A",
"vendor": {
"name": "SAP",
"scada": false
}
}
},
{
"description": "SAP Web Dispatcher versions 7.53, 7.77, 7.81, 7.85 et 7.86",
"product": {
"name": "N/A",
"vendor": {
"name": "SAP",
"scada": false
}
}
},
{
"description": "SAP Commerce versions 905, 2005, 2105 et 2011",
"product": {
"name": "N/A",
"vendor": {
"name": "SAP",
"scada": false
}
}
},
{
"description": "SAP Innovation Management version 2",
"product": {
"name": "N/A",
"vendor": {
"name": "SAP",
"scada": false
}
}
},
{
"description": "SAP BusinessObjects Enterprise (Central Management Server) versions 420 et 430",
"product": {
"name": "N/A",
"vendor": {
"name": "SAP",
"scada": false
}
}
},
{
"description": "SAP BusinessObjects Business Intelligence Platform (BI Workspace) version 420",
"product": {
"name": "SAP BusinessObjects Business Intelligence",
"vendor": {
"name": "SAP",
"scada": false
}
}
},
{
"description": "SAP NetWeaver et ABAP Platform versions KERNEL 7.22, 8.04, 7.49, 7.53, 7.77, 7.81, 7.85, 7.86, 7.87, KRNL64UC 8.04, 7.22, 7.22EXT, 7.49, 7.53, KRNL64NUC 7.22, 7.22EXT et 7.49",
"product": {
"name": "NetWeaver et ABAP",
"vendor": {
"name": "SAP",
"scada": false
}
}
},
{
"description": "SAPUI5 (vbm library) versions 750, 753, 754, 755 et 756",
"product": {
"name": "N/A",
"vendor": {
"name": "SAP",
"scada": false
}
}
},
{
"description": "SAP NetWeaver Application Server Java versions KRNL64NUC 7.22, 7.22EXT, 7.49, KRNL64UC, 7.22, 7.22EXT, 7.49, 7.53, KERNEL 7.22, 7.49 et 7.53",
"product": {
"name": "N/A",
"vendor": {
"name": "SAP",
"scada": false
}
}
},
{
"description": "SAP NetWeaver (Internet Communication Manager) versions KRNL64NUC 7.22, 7.22EXT, 7.49, KRNL64UC 7.22, 7.22EXT, 7.49, 7.53, KERNEL 7.22, 7.49, 7.53, 7.77, 7.81, 7.85 et 7.86",
"product": {
"name": "N/A",
"vendor": {
"name": "SAP",
"scada": false
}
}
},
{
"description": "SAP HANA Extended Application Services version 1",
"product": {
"name": "N/A",
"vendor": {
"name": "SAP",
"scada": false
}
}
},
{
"description": "SAP NetWeaver ABAP Server et ABAP Platform versions 740, 750 et 787",
"product": {
"name": "N/A",
"vendor": {
"name": "SAP",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2022-22965",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22965"
},
{
"name": "CVE-2022-27654",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27654"
},
{
"name": "CVE-2022-22545",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22545"
},
{
"name": "CVE-2022-0613",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0613"
},
{
"name": "CVE-2022-26106",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-26106"
},
{
"name": "CVE-2022-22543",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22543"
},
{
"name": "CVE-2022-28772",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-28772"
},
{
"name": "CVE-2022-22536",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22536"
},
{
"name": "CVE-2022-23181",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23181"
},
{
"name": "CVE-2022-26107",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-26107"
},
{
"name": "CVE-2022-28214",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-28214"
},
{
"name": "CVE-2022-27667",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27667"
},
{
"name": "CVE-2022-28216",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-28216"
},
{
"name": "CVE-2022-28217",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-28217"
},
{
"name": "CVE-2022-22541",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22541"
},
{
"name": "CVE-2022-27657",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27657"
},
{
"name": "CVE-2022-27671",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27671"
},
{
"name": "CVE-2022-26105",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-26105"
},
{
"name": "CVE-2022-28770",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-28770"
},
{
"name": "CVE-2022-27658",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27658"
},
{
"name": "CVE-2022-28773",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-28773"
},
{
"name": "CVE-2022-22532",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22532"
},
{
"name": "CVE-2022-26101",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-26101"
},
{
"name": "CVE-2021-21480",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-21480"
},
{
"name": "CVE-2022-28213",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-28213"
},
{
"name": "CVE-2022-28215",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-28215"
},
{
"name": "CVE-2022-27655",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27655"
},
{
"name": "CVE-2022-26109",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-26109"
},
{
"name": "CVE-2022-27670",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27670"
},
{
"name": "CVE-2021-38162",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-38162"
},
{
"name": "CVE-2020-26291",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-26291"
},
{
"name": "CVE-2022-26108",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-26108"
},
{
"name": "CVE-2021-27516",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-27516"
},
{
"name": "CVE-2021-44832",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44832"
},
{
"name": "CVE-2022-22533",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22533"
},
{
"name": "CVE-2021-3647",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3647"
},
{
"name": "CVE-2022-27669",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27669"
},
{
"name": "CVE-2022-22542",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22542"
}
],
"links": [],
"reference": "CERTFR-2022-AVI-345",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2022-04-14T00:00:00.000000"
}
],
"risks": [
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
},
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Injection de requ\u00eates ill\u00e9gitimes par rebond (CSRF)"
},
{
"description": "Injection de code indirecte \u00e0 distance (XSS)"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits SAP.\nCertaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une\nex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de service \u00e0 distance\net un contournement de la politique de s\u00e9curit\u00e9.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits SAP",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SAP du 12 avril 2022",
"url": "https://dam.sap.com/mac/app/e/pdf/preview/embed/ucQrx6G?ltr=a\u0026rc=10"
}
]
}
CERTFR-2022-AVI-933
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été découvertes dans Oracle Systems. Certaines d'entre elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur, un déni de service à distance et une atteinte à l'intégrité des données.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
References
| Title | Publication Time | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Oracle Solaris Cluster version 4",
"product": {
"name": "N/A",
"vendor": {
"name": "Oracle",
"scada": false
}
}
},
{
"description": "Oracle Solaris version 11",
"product": {
"name": "N/A",
"vendor": {
"name": "Oracle",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2022-21610",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21610"
},
{
"name": "CVE-2021-40690",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-40690"
},
{
"name": "CVE-2022-39417",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-39417"
},
{
"name": "CVE-2022-39401",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-39401"
},
{
"name": "CVE-2022-23437",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23437"
},
{
"name": "CVE-2020-36518",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-36518"
},
{
"name": "CVE-2021-44832",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44832"
},
{
"name": "CVE-2022-29577",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-29577"
}
],
"links": [],
"reference": "CERTFR-2022-AVI-933",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2022-10-19T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans Oracle Systems.\nCertaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer un\nprobl\u00e8me de s\u00e9curit\u00e9 non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur, un d\u00e9ni de service \u00e0\ndistance et une atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans Oracle Systems",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Oracle cpuoct2022 du 18 octobre 2022",
"url": "https://www.oracle.com/security-alerts/cpuoct2022.html#AppendixSUNS"
}
]
}
CERTFR-2022-AVI-1027
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été découvertes dans IBM Db2. Elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et une atteinte à la confidentialité des données.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
References
| Title | Publication Time | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "IBM Db2 versions 11.5.6 et 11.5.7 sans le correctif de s\u00e9curit\u00e9",
"product": {
"name": "Db2",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "IBM Db2 versions 11.5.x ant\u00e9rieures \u00e0 11.5.8",
"product": {
"name": "Db2",
"vendor": {
"name": "IBM",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2021-45105",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-45105"
},
{
"name": "CVE-2021-4104",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-4104"
},
{
"name": "CVE-2021-45046",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-45046"
},
{
"name": "CVE-2021-44228",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44228"
},
{
"name": "CVE-2021-44832",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44832"
}
],
"links": [],
"reference": "CERTFR-2022-AVI-1027",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2022-11-14T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans IBM Db2. Elles\npermettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire\n\u00e0 distance, un d\u00e9ni de service \u00e0 distance et une atteinte \u00e0 la\nconfidentialit\u00e9 des donn\u00e9es.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans IBM Db2",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 6528672 du 11 novembre 2022",
"url": "https://www.ibm.com/support/pages/node/6528672"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 6526462 du 11 novembre 2022",
"url": "https://www.ibm.com/support/pages/node/6526462"
}
]
}
CERTFR-2022-AVI-526
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été découvertes dans les produits IBM. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, une exécution de code arbitraire et un déni de service à distance.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| IBM | Db2 | IBM Db2 versions 11.5.x antérieures à 11.5.7 sans le dernier correctif de sécurité | ||
| IBM | Db2 | IBM Db2 versions 10.5.x antérieures à 10.5 FP11 | ||
| IBM | Db2 | IBM Db2 versions 11.1.x antérieures à 11.1.4 FP6 | ||
| IBM | Db2 | IBM Db2 versions 11.5.x antérieures à 11.5.6 sans le dernier correctif de sécurité |
References
| Title | Publication Time | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "IBM Db2 versions 11.5.x ant\u00e9rieures \u00e0 11.5.7 sans le dernier correctif de s\u00e9curit\u00e9",
"product": {
"name": "Db2",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "IBM Db2 versions 10.5.x ant\u00e9rieures \u00e0 10.5 FP11",
"product": {
"name": "Db2",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "IBM Db2 versions 11.1.x ant\u00e9rieures \u00e0 11.1.4 FP6",
"product": {
"name": "Db2",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "IBM Db2 versions 11.5.x ant\u00e9rieures \u00e0 11.5.6 sans le dernier correctif de s\u00e9curit\u00e9",
"product": {
"name": "Db2",
"vendor": {
"name": "IBM",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2021-45105",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-45105"
},
{
"name": "CVE-2021-4104",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-4104"
},
{
"name": "CVE-2021-45046",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-45046"
},
{
"name": "CVE-2021-44228",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44228"
},
{
"name": "CVE-2021-44832",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44832"
}
],
"links": [],
"reference": "CERTFR-2022-AVI-526",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2022-06-08T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Ex\u00e9cution de code arbitraire"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits IBM.\nCertaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une\nex\u00e9cution de code arbitraire \u00e0 distance, une ex\u00e9cution de code\narbitraire et un d\u00e9ni de service \u00e0 distance.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits IBM",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 6528672 du 06 juin 2022",
"url": "https://www.ibm.com/support/pages/node/6528672"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 6528678 du 07 juin 2022",
"url": "https://www.ibm.com/support/pages/node/6528678"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 6526462 du 06 juin 2022",
"url": "https://www.ibm.com/support/pages/node/6526462"
}
]
}
CERTFR-2025-AVI-0756
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été découvertes dans les produits VMware. Elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| VMware | Tanzu Platform | Tanzu Platform for Cloud Foundry isolation segment versions antérieures à 6.0.19+LTS-T | ||
| VMware | Tanzu Platform | Tanzu Platform for Cloud Foundry isolation segment versions antérieures à 10.0.9 | ||
| VMware | Tanzu Platform | Tanzu Platform for Cloud Foundry isolation segment 10.2.2+LTS-T | ||
| VMware | Tanzu Operations Manager | Tanzu Operations Manager versions antérieures à 3.1.2 | ||
| VMware | Tanzu | Tanzu Scheduler versions antérieures à 2.0.20 | ||
| VMware | Tanzu | Spring Cloud Services for VMware Tanzu versions antérieures à 3.3.9 | ||
| VMware | Tanzu | Single Sign-On for VMware Tanzu Application Service versions antérieures à 1.16.12 | ||
| VMware | Tanzu | Stemcells pour Ubuntu Jammy Azure Light versions antérieures à 1.894 | ||
| VMware | Tanzu | Stemcells pour Ubuntu Jammy versions antérieures à 1.894 | ||
| VMware | Tanzu | Tanzu Hub versions antérieures à 10.2.1 | ||
| VMware | Tanzu | Java Buildpack versions antérieures à 4.84.0 | ||
| VMware | Tanzu | Tanzu for MySQL on Cloud Foundry versions antérieures à 10.0.2 | ||
| VMware | Tanzu | Tanzu GemFire versions antérieures à 10.1.4 |
References
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Tanzu Platform for Cloud Foundry isolation segment versions ant\u00e9rieures \u00e0 6.0.19+LTS-T",
"product": {
"name": "Tanzu Platform",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu Platform for Cloud Foundry isolation segment versions ant\u00e9rieures \u00e0 10.0.9",
"product": {
"name": "Tanzu Platform",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu Platform for Cloud Foundry isolation segment 10.2.2+LTS-T",
"product": {
"name": "Tanzu Platform",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu Operations Manager versions ant\u00e9rieures \u00e0 3.1.2",
"product": {
"name": "Tanzu Operations Manager",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu Scheduler versions ant\u00e9rieures \u00e0 2.0.20",
"product": {
"name": "Tanzu",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Spring Cloud Services for VMware Tanzu versions ant\u00e9rieures \u00e0 3.3.9",
"product": {
"name": "Tanzu",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Single Sign-On for VMware Tanzu Application Service versions ant\u00e9rieures \u00e0 1.16.12",
"product": {
"name": "Tanzu",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Stemcells pour Ubuntu Jammy Azure Light versions ant\u00e9rieures \u00e0 1.894",
"product": {
"name": "Tanzu",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Stemcells pour Ubuntu Jammy versions ant\u00e9rieures \u00e0 1.894",
"product": {
"name": "Tanzu",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu Hub versions ant\u00e9rieures \u00e0 10.2.1",
"product": {
"name": "Tanzu",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Java Buildpack versions ant\u00e9rieures \u00e0 4.84.0",
"product": {
"name": "Tanzu",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu for MySQL on Cloud Foundry versions ant\u00e9rieures \u00e0 10.0.2",
"product": {
"name": "Tanzu",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu GemFire versions ant\u00e9rieures \u00e0 10.1.4",
"product": {
"name": "Tanzu",
"vendor": {
"name": "VMware",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2019-25013",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-25013"
},
{
"name": "CVE-2025-4088",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4088"
},
{
"name": "CVE-2025-6395",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6395"
},
{
"name": "CVE-2021-35636",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35636"
},
{
"name": "CVE-2013-4235",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-4235"
},
{
"name": "CVE-2017-3613",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3613"
},
{
"name": "CVE-2025-30681",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30681"
},
{
"name": "CVE-2025-0448",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0448"
},
{
"name": "CVE-2021-35583",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35583"
},
{
"name": "CVE-2025-3032",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3032"
},
{
"name": "CVE-2019-2585",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2585"
},
{
"name": "CVE-2021-2352",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2352"
},
{
"name": "CVE-2024-38807",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38807"
},
{
"name": "CVE-2025-37850",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37850"
},
{
"name": "CVE-2023-0216",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0216"
},
{
"name": "CVE-2021-3236",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3236"
},
{
"name": "CVE-2023-7104",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-7104"
},
{
"name": "CVE-2020-14861",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14861"
},
{
"name": "CVE-2025-0242",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0242"
},
{
"name": "CVE-2022-1473",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1473"
},
{
"name": "CVE-2015-4789",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4789"
},
{
"name": "CVE-2021-35639",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35639"
},
{
"name": "CVE-2023-40217",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-40217"
},
{
"name": "CVE-2018-3279",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-3279"
},
{
"name": "CVE-2025-21975",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21975"
},
{
"name": "CVE-2023-0401",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0401"
},
{
"name": "CVE-2019-2982",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2982"
},
{
"name": "CVE-2024-46821",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46821"
},
{
"name": "CVE-2022-21253",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21253"
},
{
"name": "CVE-2025-31115",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-31115"
},
{
"name": "CVE-2024-10467",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-10467"
},
{
"name": "CVE-2021-33294",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-33294"
},
{
"name": "CVE-2022-21538",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21538"
},
{
"name": "CVE-2022-22965",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22965"
},
{
"name": "CVE-2024-53203",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53203"
},
{
"name": "CVE-2025-5281",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5281"
},
{
"name": "CVE-2024-9681",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-9681"
},
{
"name": "CVE-2019-2808",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2808"
},
{
"name": "CVE-2011-3374",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3374"
},
{
"name": "CVE-2025-30689",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30689"
},
{
"name": "CVE-2023-3138",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3138"
},
{
"name": "CVE-2024-11168",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-11168"
},
{
"name": "CVE-2021-35575",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35575"
},
{
"name": "CVE-2025-37892",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37892"
},
{
"name": "CVE-2025-39728",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39728"
},
{
"name": "CVE-2025-37859",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37859"
},
{
"name": "CVE-2025-8027",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8027"
},
{
"name": "CVE-2025-1372",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1372"
},
{
"name": "CVE-2022-21436",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21436"
},
{
"name": "CVE-2025-2857",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-2857"
},
{
"name": "CVE-2025-30715",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30715"
},
{
"name": "CVE-2020-14773",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14773"
},
{
"name": "CVE-2025-37792",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37792"
},
{
"name": "CVE-2023-5841",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5841"
},
{
"name": "CVE-2022-46908",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-46908"
},
{
"name": "CVE-2024-28834",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-28834"
},
{
"name": "CVE-2021-38604",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-38604"
},
{
"name": "CVE-2024-37891",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-37891"
},
{
"name": "CVE-2023-46218",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-46218"
},
{
"name": "CVE-2025-30682",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30682"
},
{
"name": "CVE-2023-22015",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22015"
},
{
"name": "CVE-2025-27818",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27818"
},
{
"name": "CVE-2019-2589",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2589"
},
{
"name": "CVE-2023-22103",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22103"
},
{
"name": "CVE-2022-49728",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49728"
},
{
"name": "CVE-2025-22025",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22025"
},
{
"name": "CVE-2022-21418",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21418"
},
{
"name": "CVE-2025-5222",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5222"
},
{
"name": "CVE-2021-2441",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2441"
},
{
"name": "CVE-2025-1939",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1939"
},
{
"name": "CVE-2023-21877",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21877"
},
{
"name": "CVE-2023-6780",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6780"
},
{
"name": "CVE-2020-2921",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2921"
},
{
"name": "CVE-2021-2357",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2357"
},
{
"name": "CVE-2025-0440",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0440"
},
{
"name": "CVE-2024-21207",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21207"
},
{
"name": "CVE-2025-22027",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22027"
},
{
"name": "CVE-2025-27516",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27516"
},
{
"name": "CVE-2024-38286",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38286"
},
{
"name": "CVE-2024-3220",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-3220"
},
{
"name": "CVE-2025-4091",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4091"
},
{
"name": "CVE-2025-5065",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5065"
},
{
"name": "CVE-2025-0996",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0996"
},
{
"name": "CVE-2022-42010",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42010"
},
{
"name": "CVE-2015-4787",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4787"
},
{
"name": "CVE-2019-2596",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2596"
},
{
"name": "CVE-2019-2879",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2879"
},
{
"name": "CVE-2025-0445",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0445"
},
{
"name": "CVE-2019-2630",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2630"
},
{
"name": "CVE-2025-9308",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9308"
},
{
"name": "CVE-2019-2607",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2607"
},
{
"name": "CVE-2025-37766",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37766"
},
{
"name": "CVE-2022-21522",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21522"
},
{
"name": "CVE-2024-10459",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-10459"
},
{
"name": "CVE-2019-2495",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2495"
},
{
"name": "CVE-2025-21853",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21853"
},
{
"name": "CVE-2023-22026",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22026"
},
{
"name": "CVE-2025-37844",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37844"
},
{
"name": "CVE-2016-0682",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-0682"
},
{
"name": "CVE-2020-14829",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14829"
},
{
"name": "CVE-2020-14576",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14576"
},
{
"name": "CVE-2022-21529",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21529"
},
{
"name": "CVE-2025-37871",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37871"
},
{
"name": "CVE-2023-39017",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39017"
},
{
"name": "CVE-2024-46751",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46751"
},
{
"name": "CVE-2025-0434",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0434"
},
{
"name": "CVE-2022-21435",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21435"
},
{
"name": "CVE-2020-14777",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14777"
},
{
"name": "CVE-2021-25220",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-25220"
},
{
"name": "CVE-2025-22872",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22872"
},
{
"name": "CVE-2025-21941",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21941"
},
{
"name": "CVE-2025-8941",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8941"
},
{
"name": "CVE-2019-3003",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-3003"
},
{
"name": "CVE-2020-14839",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14839"
},
{
"name": "CVE-2019-3018",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-3018"
},
{
"name": "CVE-2021-35623",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35623"
},
{
"name": "CVE-2023-38546",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38546"
},
{
"name": "CVE-2022-21460",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21460"
},
{
"name": "CVE-2025-8881",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8881"
},
{
"name": "CVE-2019-2993",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2993"
},
{
"name": "CVE-2020-2686",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2686"
},
{
"name": "CVE-2025-41234",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-41234"
},
{
"name": "CVE-2021-2170",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2170"
},
{
"name": "CVE-2022-21379",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21379"
},
{
"name": "CVE-2021-2215",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2215"
},
{
"name": "CVE-2020-2752",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2752"
},
{
"name": "CVE-2025-4609",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4609"
},
{
"name": "CVE-2024-45339",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45339"
},
{
"name": "CVE-2023-53034",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53034"
},
{
"name": "CVE-2021-2022",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2022"
},
{
"name": "CVE-2024-10461",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-10461"
},
{
"name": "CVE-2022-21526",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21526"
},
{
"name": "CVE-2021-2172",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2172"
},
{
"name": "CVE-2024-33602",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-33602"
},
{
"name": "CVE-2022-21528",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21528"
},
{
"name": "CVE-2025-23138",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23138"
},
{
"name": "CVE-2024-56664",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56664"
},
{
"name": "CVE-2025-38152",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38152"
},
{
"name": "CVE-2014-4715",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-4715"
},
{
"name": "CVE-2024-36945",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36945"
},
{
"name": "CVE-2021-2299",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2299"
},
{
"name": "CVE-2020-2892",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2892"
},
{
"name": "CVE-2025-5959",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5959"
},
{
"name": "CVE-2024-45772",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45772"
},
{
"name": "CVE-2016-2149",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-2149"
},
{
"name": "CVE-2025-37790",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37790"
},
{
"name": "CVE-2020-29562",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-29562"
},
{
"name": "CVE-2025-0913",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0913"
},
{
"name": "CVE-2015-4776",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4776"
},
{
"name": "CVE-2023-21865",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21865"
},
{
"name": "CVE-2017-3616",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3616"
},
{
"name": "CVE-2025-27817",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27817"
},
{
"name": "CVE-2021-35640",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35640"
},
{
"name": "CVE-2024-10464",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-10464"
},
{
"name": "CVE-2025-22021",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22021"
},
{
"name": "CVE-2015-4785",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4785"
},
{
"name": "CVE-2020-2853",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2853"
},
{
"name": "CVE-2025-37758",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37758"
},
{
"name": "CVE-2025-2783",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-2783"
},
{
"name": "CVE-2025-1414",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1414"
},
{
"name": "CVE-2025-47907",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47907"
},
{
"name": "CVE-2018-3170",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-3170"
},
{
"name": "CVE-2020-2774",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2774"
},
{
"name": "CVE-2020-14771",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14771"
},
{
"name": "CVE-2025-49146",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-49146"
},
{
"name": "CVE-2025-3066",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3066"
},
{
"name": "CVE-2022-1292",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1292"
},
{
"name": "CVE-2024-46787",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46787"
},
{
"name": "CVE-2019-2685",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2685"
},
{
"name": "CVE-2021-2196",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2196"
},
{
"name": "CVE-2023-45853",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45853"
},
{
"name": "CVE-2024-21197",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21197"
},
{
"name": "CVE-2024-47611",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47611"
},
{
"name": "CVE-2025-8037",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8037"
},
{
"name": "CVE-2025-4918",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4918"
},
{
"name": "CVE-2023-21881",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21881"
},
{
"name": "CVE-2022-49168",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49168"
},
{
"name": "CVE-2020-14540",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14540"
},
{
"name": "CVE-2025-45582",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-45582"
},
{
"name": "CVE-2024-50125",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50125"
},
{
"name": "CVE-2025-37841",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37841"
},
{
"name": "CVE-2025-30703",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30703"
},
{
"name": "CVE-2025-2136",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-2136"
},
{
"name": "CVE-2022-48522",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48522"
},
{
"name": "CVE-2025-0439",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0439"
},
{
"name": "CVE-2023-45288",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45288"
},
{
"name": "CVE-2021-2305",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2305"
},
{
"name": "CVE-2025-37770",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37770"
},
{
"name": "CVE-2025-37773",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37773"
},
{
"name": "CVE-2023-2602",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2602"
},
{
"name": "CVE-2021-20304",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20304"
},
{
"name": "CVE-2025-6069",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6069"
},
{
"name": "CVE-2025-4090",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4090"
},
{
"name": "CVE-2017-10140",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-10140"
},
{
"name": "CVE-2022-0667",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0667"
},
{
"name": "CVE-2024-6232",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6232"
},
{
"name": "CVE-2025-22050",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22050"
},
{
"name": "CVE-2019-2740",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2740"
},
{
"name": "CVE-2025-9180",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9180"
},
{
"name": "CVE-2025-8581",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8581"
},
{
"name": "CVE-2024-50047",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50047"
},
{
"name": "CVE-2025-1919",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1919"
},
{
"name": "CVE-2025-39735",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39735"
},
{
"name": "CVE-2025-3030",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3030"
},
{
"name": "CVE-2025-24813",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24813"
},
{
"name": "CVE-2018-1273",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1273"
},
{
"name": "CVE-2022-21297",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21297"
},
{
"name": "CVE-2023-47100",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-47100"
},
{
"name": "CVE-2025-37983",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37983"
},
{
"name": "CVE-2015-4764",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4764"
},
{
"name": "CVE-2020-2901",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2901"
},
{
"name": "CVE-2025-0241",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0241"
},
{
"name": "CVE-2020-1752",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-1752"
},
{
"name": "CVE-2015-4779",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4779"
},
{
"name": "CVE-2020-2694",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2694"
},
{
"name": "CVE-2025-8034",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8034"
},
{
"name": "CVE-2025-37798",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37798"
},
{
"name": "CVE-2025-37819",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37819"
},
{
"name": "CVE-2025-4664",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4664"
},
{
"name": "CVE-2021-2160",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2160"
},
{
"name": "CVE-2025-49794",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-49794"
},
{
"name": "CVE-2021-35596",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35596"
},
{
"name": "CVE-2024-9287",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-9287"
},
{
"name": "CVE-2025-49710",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-49710"
},
{
"name": "CVE-2025-22004",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22004"
},
{
"name": "CVE-2021-2427",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2427"
},
{
"name": "CVE-2024-3596",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-3596"
},
{
"name": "CVE-2023-0215",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0215"
},
{
"name": "CVE-2021-35624",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35624"
},
{
"name": "CVE-2019-2819",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2819"
},
{
"name": "CVE-2023-36632",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-36632"
},
{
"name": "CVE-2024-35867",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35867"
},
{
"name": "CVE-2022-21452",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21452"
},
{
"name": "CVE-2007-4559",
"url": "https://www.cve.org/CVERecord?id=CVE-2007-4559"
},
{
"name": "CVE-2021-2164",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2164"
},
{
"name": "CVE-2021-2374",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2374"
},
{
"name": "CVE-2020-14547",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14547"
},
{
"name": "CVE-2025-21839",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21839"
},
{
"name": "CVE-2020-14870",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14870"
},
{
"name": "CVE-2025-9182",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9182"
},
{
"name": "CVE-2021-35612",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35612"
},
{
"name": "CVE-2023-0286",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0286"
},
{
"name": "CVE-2022-3715",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3715"
},
{
"name": "CVE-2023-4016",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4016"
},
{
"name": "CVE-2024-22047",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-22047"
},
{
"name": "CVE-2015-4780",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4780"
},
{
"name": "CVE-2025-38023",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38023"
},
{
"name": "CVE-2019-2811",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2811"
},
{
"name": "CVE-2024-56171",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56171"
},
{
"name": "CVE-2023-21874",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21874"
},
{
"name": "CVE-2024-1975",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-1975"
},
{
"name": "CVE-2023-43785",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-43785"
},
{
"name": "CVE-2025-30696",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30696"
},
{
"name": "CVE-2022-25883",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25883"
},
{
"name": "CVE-2019-2774",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2774"
},
{
"name": "CVE-2019-2803",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2803"
},
{
"name": "CVE-2008-5727",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-5727"
},
{
"name": "CVE-2025-1426",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1426"
},
{
"name": "CVE-2025-6434",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6434"
},
{
"name": "CVE-2020-14785",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14785"
},
{
"name": "CVE-2024-46812",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46812"
},
{
"name": "CVE-2020-2760",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2760"
},
{
"name": "CVE-2025-5066",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5066"
},
{
"name": "CVE-2021-2424",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2424"
},
{
"name": "CVE-2021-35604",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35604"
},
{
"name": "CVE-2025-37789",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37789"
},
{
"name": "CVE-2019-2814",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2814"
},
{
"name": "CVE-2025-24970",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24970"
},
{
"name": "CVE-2019-2606",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2606"
},
{
"name": "CVE-2022-3515",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3515"
},
{
"name": "CVE-2024-0760",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-0760"
},
{
"name": "CVE-2022-21530",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21530"
},
{
"name": "CVE-2024-11698",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-11698"
},
{
"name": "CVE-2024-46816",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46816"
},
{
"name": "CVE-2015-4754",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4754"
},
{
"name": "CVE-2020-14891",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14891"
},
{
"name": "CVE-2019-2966",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2966"
},
{
"name": "CVE-2022-21415",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21415"
},
{
"name": "CVE-2023-45322",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45322"
},
{
"name": "CVE-2021-2180",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2180"
},
{
"name": "CVE-2022-39046",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-39046"
},
{
"name": "CVE-2025-21584",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21584"
},
{
"name": "CVE-2019-2780",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2780"
},
{
"name": "CVE-2025-5064",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5064"
},
{
"name": "CVE-2021-35939",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35939"
},
{
"name": "CVE-2021-35537",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35537"
},
{
"name": "CVE-2024-38819",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38819"
},
{
"name": "CVE-2023-4807",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4807"
},
{
"name": "CVE-2025-37867",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37867"
},
{
"name": "CVE-2021-2385",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2385"
},
{
"name": "CVE-2019-2530",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2530"
},
{
"name": "CVE-2019-2743",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2743"
},
{
"name": "CVE-2025-37857",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37857"
},
{
"name": "CVE-2024-13176",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-13176"
},
{
"name": "CVE-2023-22007",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22007"
},
{
"name": "CVE-2019-2737",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2737"
},
{
"name": "CVE-2018-1000169",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1000169"
},
{
"name": "CVE-2025-7962",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-7962"
},
{
"name": "CVE-2023-21878",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21878"
},
{
"name": "CVE-2024-58251",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58251"
},
{
"name": "CVE-2025-1931",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1931"
},
{
"name": "CVE-2025-0612",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0612"
},
{
"name": "CVE-2023-28322",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28322"
},
{
"name": "CVE-2025-37937",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37937"
},
{
"name": "CVE-2021-2194",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2194"
},
{
"name": "CVE-2021-3421",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3421"
},
{
"name": "CVE-2015-4790",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4790"
},
{
"name": "CVE-2025-4598",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4598"
},
{
"name": "CVE-2025-27144",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27144"
},
{
"name": "CVE-2024-6174",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6174"
},
{
"name": "CVE-2025-7656",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-7656"
},
{
"name": "CVE-2024-7012",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-7012"
},
{
"name": "CVE-2025-0237",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0237"
},
{
"name": "CVE-2019-2991",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2991"
},
{
"name": "CVE-2025-5264",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5264"
},
{
"name": "CVE-2025-37927",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37927"
},
{
"name": "CVE-2020-14804",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14804"
},
{
"name": "CVE-2013-1548",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-1548"
},
{
"name": "CVE-2019-2752",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2752"
},
{
"name": "CVE-2025-37911",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37911"
},
{
"name": "CVE-2024-26686",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26686"
},
{
"name": "CVE-2020-2804",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2804"
},
{
"name": "CVE-2023-44487",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-44487"
},
{
"name": "CVE-2024-29857",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-29857"
},
{
"name": "CVE-2023-6779",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6779"
},
{
"name": "CVE-2023-5363",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5363"
},
{
"name": "CVE-2025-5115",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5115"
},
{
"name": "CVE-2025-4085",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4085"
},
{
"name": "CVE-2022-21302",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21302"
},
{
"name": "CVE-2021-2412",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2412"
},
{
"name": "CVE-2019-2997",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2997"
},
{
"name": "CVE-2025-3028",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3028"
},
{
"name": "CVE-2019-2746",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2746"
},
{
"name": "CVE-2025-9181",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9181"
},
{
"name": "CVE-2025-6192",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6192"
},
{
"name": "CVE-2025-2817",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-2817"
},
{
"name": "CVE-2021-45105",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-45105"
},
{
"name": "CVE-2025-5268",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5268"
},
{
"name": "CVE-2022-21589",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21589"
},
{
"name": "CVE-2024-13009",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-13009"
},
{
"name": "CVE-2022-49043",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49043"
},
{
"name": "CVE-2022-21517",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21517"
},
{
"name": "CVE-2019-3004",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-3004"
},
{
"name": "CVE-2024-53144",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53144"
},
{
"name": "CVE-2015-2624",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-2624"
},
{
"name": "CVE-2022-2068",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2068"
},
{
"name": "CVE-2025-38637",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38637"
},
{
"name": "CVE-2019-2826",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2826"
},
{
"name": "CVE-2024-53128",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53128"
},
{
"name": "CVE-2024-21198",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21198"
},
{
"name": "CVE-2020-2928",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2928"
},
{
"name": "CVE-2025-37930",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37930"
},
{
"name": "CVE-2019-2914",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2914"
},
{
"name": "CVE-2020-14844",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14844"
},
{
"name": "CVE-2025-22055",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22055"
},
{
"name": "CVE-2021-20266",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20266"
},
{
"name": "CVE-2025-37810",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37810"
},
{
"name": "CVE-2024-1737",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-1737"
},
{
"name": "CVE-2024-34447",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34447"
},
{
"name": "CVE-2020-2770",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2770"
},
{
"name": "CVE-2021-35608",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35608"
},
{
"name": "CVE-2025-1371",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1371"
},
{
"name": "CVE-2024-12798",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12798"
},
{
"name": "CVE-2021-2201",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2201"
},
{
"name": "CVE-2025-0938",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0938"
},
{
"name": "CVE-2025-5372",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5372"
},
{
"name": "CVE-2008-5729",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-5729"
},
{
"name": "CVE-2022-27782",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27782"
},
{
"name": "CVE-2023-21883",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21883"
},
{
"name": "CVE-2025-27210",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27210"
},
{
"name": "CVE-2024-33600",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-33600"
},
{
"name": "CVE-2015-2654",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-2654"
},
{
"name": "CVE-2019-2617",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2617"
},
{
"name": "CVE-2024-21201",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21201"
},
{
"name": "CVE-2021-35647",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35647"
},
{
"name": "CVE-2020-14559",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14559"
},
{
"name": "CVE-2025-23159",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23159"
},
{
"name": "CVE-2025-1932",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1932"
},
{
"name": "CVE-2015-4778",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4778"
},
{
"name": "CVE-2022-21539",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21539"
},
{
"name": "CVE-2025-3072",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3072"
},
{
"name": "CVE-2025-49125",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-49125"
},
{
"name": "CVE-2025-50106",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50106"
},
{
"name": "CVE-2025-0451",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0451"
},
{
"name": "CVE-2022-21440",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21440"
},
{
"name": "CVE-2023-21977",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21977"
},
{
"name": "CVE-2025-48060",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48060"
},
{
"name": "CVE-2020-2761",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2761"
},
{
"name": "CVE-2022-21531",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21531"
},
{
"name": "CVE-2024-10458",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-10458"
},
{
"name": "CVE-2024-10463",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-10463"
},
{
"name": "CVE-2021-2300",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2300"
},
{
"name": "CVE-2022-21304",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21304"
},
{
"name": "CVE-2024-10468",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-10468"
},
{
"name": "CVE-2020-1971",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-1971"
},
{
"name": "CVE-2021-2202",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2202"
},
{
"name": "CVE-2020-14873",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14873"
},
{
"name": "CVE-2022-49636",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49636"
},
{
"name": "CVE-2023-4813",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4813"
},
{
"name": "CVE-2017-3617",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3617"
},
{
"name": "CVE-2024-11703",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-11703"
},
{
"name": "CVE-2021-23337",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-23337"
},
{
"name": "CVE-2019-2626",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2626"
},
{
"name": "CVE-2025-1010",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1010"
},
{
"name": "CVE-2022-21479",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21479"
},
{
"name": "CVE-2025-4877",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4877"
},
{
"name": "CVE-2024-49960",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49960"
},
{
"name": "CVE-2017-3615",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3615"
},
{
"name": "CVE-2023-28320",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28320"
},
{
"name": "CVE-2025-37741",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37741"
},
{
"name": "CVE-2025-30683",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30683"
},
{
"name": "CVE-2025-30699",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30699"
},
{
"name": "CVE-2023-46129",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-46129"
},
{
"name": "CVE-2024-10460",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-10460"
},
{
"name": "CVE-2024-4030",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-4030"
},
{
"name": "CVE-2025-27587",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27587"
},
{
"name": "CVE-2019-3009",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-3009"
},
{
"name": "CVE-2021-2307",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2307"
},
{
"name": "CVE-2025-8880",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8880"
},
{
"name": "CVE-2020-2679",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2679"
},
{
"name": "CVE-2019-2938",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2938"
},
{
"name": "CVE-2025-37912",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37912"
},
{
"name": "CVE-2023-22070",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22070"
},
{
"name": "CVE-2023-39810",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39810"
},
{
"name": "CVE-2021-2014",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2014"
},
{
"name": "CVE-2021-2230",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2230"
},
{
"name": "CVE-2023-21875",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21875"
},
{
"name": "CVE-2025-37985",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37985"
},
{
"name": "CVE-2022-21515",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21515"
},
{
"name": "CVE-2025-1390",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1390"
},
{
"name": "CVE-2024-33599",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-33599"
},
{
"name": "CVE-2020-2897",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2897"
},
{
"name": "CVE-2025-37787",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37787"
},
{
"name": "CVE-2025-1920",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1920"
},
{
"name": "CVE-2025-6297",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6297"
},
{
"name": "CVE-2025-22035",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22035"
},
{
"name": "CVE-2025-4089",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4089"
},
{
"name": "CVE-2024-58093",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58093"
},
{
"name": "CVE-2020-2574",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2574"
},
{
"name": "CVE-2017-3608",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3608"
},
{
"name": "CVE-2020-14769",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14769"
},
{
"name": "CVE-2025-47268",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47268"
},
{
"name": "CVE-2022-21527",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21527"
},
{
"name": "CVE-2025-30754",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30754"
},
{
"name": "CVE-2024-31047",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-31047"
},
{
"name": "CVE-2024-28180",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-28180"
},
{
"name": "CVE-2023-28484",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28484"
},
{
"name": "CVE-2019-2708",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2708"
},
{
"name": "CVE-2016-0692",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-0692"
},
{
"name": "CVE-2016-2160",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-2160"
},
{
"name": "CVE-2025-22233",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22233"
},
{
"name": "CVE-2025-9179",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9179"
},
{
"name": "CVE-2021-23169",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-23169"
},
{
"name": "CVE-2023-46219",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-46219"
},
{
"name": "CVE-2023-47038",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-47038"
},
{
"name": "CVE-2021-35635",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35635"
},
{
"name": "CVE-2025-3068",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3068"
},
{
"name": "CVE-2025-3619",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3619"
},
{
"name": "CVE-2023-5981",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5981"
},
{
"name": "CVE-2025-3031",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3031"
},
{
"name": "CVE-2020-10878",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-10878"
},
{
"name": "CVE-2023-27043",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27043"
},
{
"name": "CVE-2025-1016",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1016"
},
{
"name": "CVE-2015-4782",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4782"
},
{
"name": "CVE-2025-4096",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4096"
},
{
"name": "CVE-2025-21959",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21959"
},
{
"name": "CVE-2024-38809",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38809"
},
{
"name": "CVE-2021-35610",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35610"
},
{
"name": "CVE-2017-3610",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3610"
},
{
"name": "CVE-2023-0217",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0217"
},
{
"name": "CVE-2024-30172",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-30172"
},
{
"name": "CVE-2021-2429",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2429"
},
{
"name": "CVE-2025-5915",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5915"
},
{
"name": "CVE-2024-11700",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-11700"
},
{
"name": "CVE-2024-11708",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-11708"
},
{
"name": "CVE-2025-38024",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38024"
},
{
"name": "CVE-2020-2922",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2922"
},
{
"name": "CVE-2020-2660",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2660"
},
{
"name": "CVE-2022-49063",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49063"
},
{
"name": "CVE-2024-21213",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21213"
},
{
"name": "CVE-2025-5917",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5917"
},
{
"name": "CVE-2023-35116",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-35116"
},
{
"name": "CVE-2019-2969",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2969"
},
{
"name": "CVE-2025-0247",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0247"
},
{
"name": "CVE-2025-5263",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5263"
},
{
"name": "CVE-2017-12195",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12195"
},
{
"name": "CVE-2024-51744",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-51744"
},
{
"name": "CVE-2024-38820",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38820"
},
{
"name": "CVE-2022-3786",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3786"
},
{
"name": "CVE-2025-37889",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37889"
},
{
"name": "CVE-2021-35602",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35602"
},
{
"name": "CVE-2015-4788",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4788"
},
{
"name": "CVE-2021-2146",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2146"
},
{
"name": "CVE-2024-11701",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-11701"
},
{
"name": "CVE-2023-21872",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21872"
},
{
"name": "CVE-2025-0443",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0443"
},
{
"name": "CVE-2025-1019",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1019"
},
{
"name": "CVE-2024-45338",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45338"
},
{
"name": "CVE-2025-21981",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21981"
},
{
"name": "CVE-2023-48795",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-48795"
},
{
"name": "CVE-2021-35577",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35577"
},
{
"name": "CVE-2025-6965",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6965"
},
{
"name": "CVE-2020-14869",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14869"
},
{
"name": "CVE-2021-35646",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35646"
},
{
"name": "CVE-2022-21303",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21303"
},
{
"name": "CVE-2024-11584",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-11584"
},
{
"name": "CVE-2025-50182",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50182"
},
{
"name": "CVE-2020-2579",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2579"
},
{
"name": "CVE-2019-2778",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2778"
},
{
"name": "CVE-2020-2981",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2981"
},
{
"name": "CVE-2025-4052",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4052"
},
{
"name": "CVE-2025-1941",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1941"
},
{
"name": "CVE-2019-2625",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2625"
},
{
"name": "CVE-2024-21219",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21219"
},
{
"name": "CVE-2025-8044",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8044"
},
{
"name": "CVE-2021-35607",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35607"
},
{
"name": "CVE-2019-2957",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2957"
},
{
"name": "CVE-2019-7317",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-7317"
},
{
"name": "CVE-2021-35625",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35625"
},
{
"name": "CVE-2025-38005",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38005"
},
{
"name": "CVE-2025-8194",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8194"
},
{
"name": "CVE-2025-22014",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22014"
},
{
"name": "CVE-2024-21194",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21194"
},
{
"name": "CVE-2021-2174",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2174"
},
{
"name": "CVE-2025-7657",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-7657"
},
{
"name": "CVE-2019-2494",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2494"
},
{
"name": "CVE-2025-8041",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8041"
},
{
"name": "CVE-2016-3418",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-3418"
},
{
"name": "CVE-2022-29824",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-29824"
},
{
"name": "CVE-2024-11053",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-11053"
},
{
"name": "CVE-2024-7264",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-7264"
},
{
"name": "CVE-2019-2911",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2911"
},
{
"name": "CVE-2019-2802",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2802"
},
{
"name": "CVE-2022-21414",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21414"
},
{
"name": "CVE-2025-32462",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32462"
},
{
"name": "CVE-2021-2203",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2203"
},
{
"name": "CVE-2019-2536",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2536"
},
{
"name": "CVE-2025-3620",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3620"
},
{
"name": "CVE-2021-2208",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2208"
},
{
"name": "CVE-2019-2923",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2923"
},
{
"name": "CVE-2022-49535",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49535"
},
{
"name": "CVE-2024-21196",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21196"
},
{
"name": "CVE-2025-50181",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50181"
},
{
"name": "CVE-2024-21742",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21742"
},
{
"name": "CVE-2015-2656",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-2656"
},
{
"name": "CVE-2022-21617",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21617"
},
{
"name": "CVE-2021-2422",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2422"
},
{
"name": "CVE-2020-14790",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14790"
},
{
"name": "CVE-2025-1795",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1795"
},
{
"name": "CVE-2025-23158",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23158"
},
{
"name": "CVE-2025-21996",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21996"
},
{
"name": "CVE-2022-21358",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21358"
},
{
"name": "CVE-2017-3612",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3612"
},
{
"name": "CVE-2025-23144",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23144"
},
{
"name": "CVE-2025-37969",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37969"
},
{
"name": "CVE-2024-21199",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21199"
},
{
"name": "CVE-2019-2967",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2967"
},
{
"name": "CVE-2018-3186",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-3186"
},
{
"name": "CVE-2022-48893",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48893"
},
{
"name": "CVE-2025-6435",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6435"
},
{
"name": "CVE-2023-31439",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-31439"
},
{
"name": "CVE-2023-51074",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-51074"
},
{
"name": "CVE-2024-11692",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-11692"
},
{
"name": "CVE-2020-2930",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2930"
},
{
"name": "CVE-2025-37742",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37742"
},
{
"name": "CVE-2025-23136",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23136"
},
{
"name": "CVE-2022-21608",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21608"
},
{
"name": "CVE-2025-37785",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37785"
},
{
"name": "CVE-2021-2354",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2354"
},
{
"name": "CVE-2025-37765",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37765"
},
{
"name": "CVE-2025-48964",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48964"
},
{
"name": "CVE-2025-21574",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21574"
},
{
"name": "CVE-2022-42011",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42011"
},
{
"name": "CVE-2023-5189",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5189"
},
{
"name": "CVE-2025-21957",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21957"
},
{
"name": "CVE-2025-8901",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8901"
},
{
"name": "CVE-2025-1020",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1020"
},
{
"name": "CVE-2025-4674",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4674"
},
{
"name": "CVE-2025-30258",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30258"
},
{
"name": "CVE-2025-21999",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21999"
},
{
"name": "CVE-2021-2367",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2367"
},
{
"name": "CVE-2025-0446",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0446"
},
{
"name": "CVE-2024-56406",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56406"
},
{
"name": "CVE-2021-35626",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35626"
},
{
"name": "CVE-2019-2535",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2535"
},
{
"name": "CVE-2025-23161",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23161"
},
{
"name": "CVE-2025-0435",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0435"
},
{
"name": "CVE-2021-2384",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2384"
},
{
"name": "CVE-2015-4784",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4784"
},
{
"name": "CVE-2020-14799",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14799"
},
{
"name": "CVE-2023-4527",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4527"
},
{
"name": "CVE-2025-5278",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5278"
},
{
"name": "CVE-2025-37803",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37803"
},
{
"name": "CVE-2025-21992",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21992"
},
{
"name": "CVE-2021-35632",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35632"
},
{
"name": "CVE-2025-52999",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-52999"
},
{
"name": "CVE-2023-34055",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-34055"
},
{
"name": "CVE-2024-56433",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56433"
},
{
"name": "CVE-2019-2796",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2796"
},
{
"name": "CVE-2025-37824",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37824"
},
{
"name": "CVE-2023-0464",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0464"
},
{
"name": "CVE-2022-21342",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21342"
},
{
"name": "CVE-2023-4156",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4156"
},
{
"name": "CVE-2025-21580",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21580"
},
{
"name": "CVE-2020-14793",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14793"
},
{
"name": "CVE-2025-5318",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5318"
},
{
"name": "CVE-2025-0999",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0999"
},
{
"name": "CVE-2025-1921",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1921"
},
{
"name": "CVE-2025-7783",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-7783"
},
{
"name": "CVE-2021-2007",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2007"
},
{
"name": "CVE-2025-37923",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37923"
},
{
"name": "CVE-2012-5783",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-5783"
},
{
"name": "CVE-2025-8882",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8882"
},
{
"name": "CVE-2025-22044",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22044"
},
{
"name": "CVE-2019-2798",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2798"
},
{
"name": "CVE-2022-0213",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0213"
},
{
"name": "CVE-2024-53051",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53051"
},
{
"name": "CVE-2020-14789",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14789"
},
{
"name": "CVE-2025-22062",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22062"
},
{
"name": "CVE-2025-21575",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21575"
},
{
"name": "CVE-2025-37739",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37739"
},
{
"name": "CVE-2021-2389",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2389"
},
{
"name": "CVE-2023-21840",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21840"
},
{
"name": "CVE-2025-38575",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38575"
},
{
"name": "CVE-2025-8577",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8577"
},
{
"name": "CVE-2024-11699",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-11699"
},
{
"name": "CVE-2019-2789",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2789"
},
{
"name": "CVE-2025-22018",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22018"
},
{
"name": "CVE-2020-2893",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2893"
},
{
"name": "CVE-2020-14765",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14765"
},
{
"name": "CVE-2025-3277",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3277"
},
{
"name": "CVE-2018-3137",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-3137"
},
{
"name": "CVE-2025-21577",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21577"
},
{
"name": "CVE-2025-37940",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37940"
},
{
"name": "CVE-2022-21270",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21270"
},
{
"name": "CVE-2019-2784",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2784"
},
{
"name": "CVE-2025-21970",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21970"
},
{
"name": "CVE-2025-22056",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22056"
},
{
"name": "CVE-2022-42012",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42012"
},
{
"name": "CVE-2025-4087",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4087"
},
{
"name": "CVE-2025-2135",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-2135"
},
{
"name": "CVE-2018-3286",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-3286"
},
{
"name": "CVE-2021-35648",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35648"
},
{
"name": "CVE-2023-21963",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21963"
},
{
"name": "CVE-2025-37964",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37964"
},
{
"name": "CVE-2025-3033",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3033"
},
{
"name": "CVE-2025-8879",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8879"
},
{
"name": "CVE-2020-14866",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14866"
},
{
"name": "CVE-2024-46742",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46742"
},
{
"name": "CVE-2024-50272",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50272"
},
{
"name": "CVE-2021-2437",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2437"
},
{
"name": "CVE-2025-37915",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37915"
},
{
"name": "CVE-2021-4193",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-4193"
},
{
"name": "CVE-2025-6020",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6020"
},
{
"name": "CVE-2015-2626",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-2626"
},
{
"name": "CVE-2025-23146",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23146"
},
{
"name": "CVE-2021-2193",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2193"
},
{
"name": "CVE-2024-11395",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-11395"
},
{
"name": "CVE-2020-2577",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2577"
},
{
"name": "CVE-2025-23142",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23142"
},
{
"name": "CVE-2020-10029",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-10029"
},
{
"name": "CVE-2025-7425",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-7425"
},
{
"name": "CVE-2019-2758",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2758"
},
{
"name": "CVE-2023-3978",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3978"
},
{
"name": "CVE-2019-2810",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2810"
},
{
"name": "CVE-2024-35790",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35790"
},
{
"name": "CVE-2025-37738",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37738"
},
{
"name": "CVE-2023-29469",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29469"
},
{
"name": "CVE-2025-2137",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-2137"
},
{
"name": "CVE-2024-5535",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-5535"
},
{
"name": "CVE-2025-22868",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22868"
},
{
"name": "CVE-2025-5419",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5419"
},
{
"name": "CVE-2021-2418",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2418"
},
{
"name": "CVE-2023-27535",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27535"
},
{
"name": "CVE-2025-37830",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37830"
},
{
"name": "CVE-2019-2631",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2631"
},
{
"name": "CVE-2019-2805",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2805"
},
{
"name": "CVE-2025-37991",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37991"
},
{
"name": "CVE-2025-23085",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23085"
},
{
"name": "CVE-2024-0450",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-0450"
},
{
"name": "CVE-2023-21866",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21866"
},
{
"name": "CVE-2021-2411",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2411"
},
{
"name": "CVE-2020-2790",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2790"
},
{
"name": "CVE-2023-52572",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52572"
},
{
"name": "CVE-2019-2623",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2623"
},
{
"name": "CVE-2024-12801",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12801"
},
{
"name": "CVE-2025-37781",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37781"
},
{
"name": "CVE-2025-6557",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6557"
},
{
"name": "CVE-2024-3219",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-3219"
},
{
"name": "CVE-2015-4781",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4781"
},
{
"name": "CVE-2021-35597",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35597"
},
{
"name": "CVE-2025-1916",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1916"
},
{
"name": "CVE-2025-37797",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37797"
},
{
"name": "CVE-2025-23145",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23145"
},
{
"name": "CVE-2021-2425",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2425"
},
{
"name": "CVE-2025-1006",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1006"
},
{
"name": "CVE-2021-2390",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2390"
},
{
"name": "CVE-2022-21553",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21553"
},
{
"name": "CVE-2022-21451",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21451"
},
{
"name": "CVE-2021-3999",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3999"
},
{
"name": "CVE-2012-6153",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-6153"
},
{
"name": "CVE-2024-47554",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47554"
},
{
"name": "CVE-2025-37823",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37823"
},
{
"name": "CVE-2022-21301",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21301"
},
{
"name": "CVE-2021-2001",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2001"
},
{
"name": "CVE-2024-27402",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27402"
},
{
"name": "CVE-2021-2144",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2144"
},
{
"name": "CVE-2025-8582",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8582"
},
{
"name": "CVE-2022-21264",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21264"
},
{
"name": "CVE-2020-14836",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14836"
},
{
"name": "CVE-2021-3875",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3875"
},
{
"name": "CVE-2021-2444",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2444"
},
{
"name": "CVE-2025-1933",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1933"
},
{
"name": "CVE-2024-2004",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-2004"
},
{
"name": "CVE-2017-3605",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3605"
},
{
"name": "CVE-2025-23165",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23165"
},
{
"name": "CVE-2022-40303",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40303"
},
{
"name": "CVE-2019-2785",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2785"
},
{
"name": "CVE-2023-45803",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45803"
},
{
"name": "CVE-2024-6763",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6763"
},
{
"name": "CVE-2025-1942",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1942"
},
{
"name": "CVE-2025-0239",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0239"
},
{
"name": "CVE-2021-2301",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2301"
},
{
"name": "CVE-2019-2797",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2797"
},
{
"name": "CVE-2020-2903",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2903"
},
{
"name": "CVE-2020-10543",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-10543"
},
{
"name": "CVE-2022-21362",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21362"
},
{
"name": "CVE-2021-35628",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35628"
},
{
"name": "CVE-2025-1377",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1377"
},
{
"name": "CVE-2025-5265",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5265"
},
{
"name": "CVE-2024-11697",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-11697"
},
{
"name": "CVE-2025-30705",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30705"
},
{
"name": "CVE-2025-22005",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22005"
},
{
"name": "CVE-2021-4122",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-4122"
},
{
"name": "CVE-2025-37740",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37740"
},
{
"name": "CVE-2019-2686",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2686"
},
{
"name": "CVE-2021-2154",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2154"
},
{
"name": "CVE-2019-10744",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-10744"
},
{
"name": "CVE-2021-2399",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2399"
},
{
"name": "CVE-2025-22045",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22045"
},
{
"name": "CVE-2025-3067",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3067"
},
{
"name": "CVE-2020-2627",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2627"
},
{
"name": "CVE-2022-21509",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21509"
},
{
"name": "CVE-2025-50088",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50088"
},
{
"name": "CVE-2005-2541",
"url": "https://www.cve.org/CVERecord?id=CVE-2005-2541"
},
{
"name": "CVE-2025-37829",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37829"
},
{
"name": "CVE-2025-46394",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-46394"
},
{
"name": "CVE-2025-6170",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6170"
},
{
"name": "CVE-2021-35937",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35937"
},
{
"name": "CVE-2023-22028",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22028"
},
{
"name": "CVE-2019-2946",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2946"
},
{
"name": "CVE-2025-8578",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8578"
},
{
"name": "CVE-2020-14888",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14888"
},
{
"name": "CVE-2025-8039",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8039"
},
{
"name": "CVE-2024-45337",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45337"
},
{
"name": "CVE-2025-22010",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22010"
},
{
"name": "CVE-2024-25260",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-25260"
},
{
"name": "CVE-2025-23151",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23151"
},
{
"name": "CVE-2017-3609",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3609"
},
{
"name": "CVE-2025-52520",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-52520"
},
{
"name": "CVE-2025-1011",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1011"
},
{
"name": "CVE-2017-3611",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3611"
},
{
"name": "CVE-2021-2010",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2010"
},
{
"name": "CVE-2024-53427",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53427"
},
{
"name": "CVE-2025-43857",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43857"
},
{
"name": "CVE-2021-35546",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35546"
},
{
"name": "CVE-2021-2298",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2298"
},
{
"name": "CVE-2023-28321",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28321"
},
{
"name": "CVE-2025-0442",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0442"
},
{
"name": "CVE-2025-37796",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37796"
},
{
"name": "CVE-2019-2694",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2694"
},
{
"name": "CVE-2025-8580",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8580"
},
{
"name": "CVE-2024-7254",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-7254"
},
{
"name": "CVE-2025-1930",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1930"
},
{
"name": "CVE-2020-14809",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14809"
},
{
"name": "CVE-2022-2309",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2309"
},
{
"name": "CVE-2020-15358",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-15358"
},
{
"name": "CVE-2021-2339",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2339"
},
{
"name": "CVE-2025-54988",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-54988"
},
{
"name": "CVE-2025-0997",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0997"
},
{
"name": "CVE-2025-23083",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23083"
},
{
"name": "CVE-2015-4777",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4777"
},
{
"name": "CVE-2020-14550",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14550"
},
{
"name": "CVE-2021-2162",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2162"
},
{
"name": "CVE-2025-37883",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37883"
},
{
"name": "CVE-2023-0687",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0687"
},
{
"name": "CVE-2018-3203",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-3203"
},
{
"name": "CVE-2025-0441",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0441"
},
{
"name": "CVE-2025-37811",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37811"
},
{
"name": "CVE-2022-21457",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21457"
},
{
"name": "CVE-2023-5156",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5156"
},
{
"name": "CVE-2019-2822",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2822"
},
{
"name": "CVE-2019-2502",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2502"
},
{
"name": "CVE-2022-2795",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2795"
},
{
"name": "CVE-2024-21212",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21212"
},
{
"name": "CVE-2021-32256",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-32256"
},
{
"name": "CVE-2022-22942",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22942"
},
{
"name": "CVE-2025-55163",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55163"
},
{
"name": "CVE-2021-2032",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2032"
},
{
"name": "CVE-2017-8046",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-8046"
},
{
"name": "CVE-2019-2801",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2801"
},
{
"name": "CVE-2024-21193",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21193"
},
{
"name": "CVE-2024-0553",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-0553"
},
{
"name": "CVE-2019-3011",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-3011"
},
{
"name": "CVE-2022-44638",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-44638"
},
{
"name": "CVE-2025-37767",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37767"
},
{
"name": "CVE-2023-21871",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21871"
},
{
"name": "CVE-2021-2356",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2356"
},
{
"name": "CVE-2020-2926",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2926"
},
{
"name": "CVE-2017-3614",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3614"
},
{
"name": "CVE-2020-14846",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14846"
},
{
"name": "CVE-2022-21249",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21249"
},
{
"name": "CVE-2024-21241",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21241"
},
{
"name": "CVE-2025-37989",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37989"
},
{
"name": "CVE-2021-2171",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2171"
},
{
"name": "CVE-2019-2436",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2436"
},
{
"name": "CVE-2022-21265",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21265"
},
{
"name": "CVE-2022-21254",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21254"
},
{
"name": "CVE-2025-1009",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1009"
},
{
"name": "CVE-2025-9185",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9185"
},
{
"name": "CVE-2025-4878",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4878"
},
{
"name": "CVE-2024-11695",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-11695"
},
{
"name": "CVE-2025-6433",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6433"
},
{
"name": "CVE-2024-35195",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35195"
},
{
"name": "CVE-2019-2513",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2513"
},
{
"name": "CVE-2025-32990",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32990"
},
{
"name": "CVE-2020-14827",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14827"
},
{
"name": "CVE-2025-6427",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6427"
},
{
"name": "CVE-2019-2689",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2689"
},
{
"name": "CVE-2025-6430",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6430"
},
{
"name": "CVE-2019-2747",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2747"
},
{
"name": "CVE-2025-4092",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4092"
},
{
"name": "CVE-2025-9288",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9288"
},
{
"name": "CVE-2020-2904",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2904"
},
{
"name": "CVE-2019-2998",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2998"
},
{
"name": "CVE-2024-50280",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50280"
},
{
"name": "CVE-2021-2178",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2178"
},
{
"name": "CVE-2021-35591",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35591"
},
{
"name": "CVE-2025-22060",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22060"
},
{
"name": "CVE-2023-2603",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2603"
},
{
"name": "CVE-2025-0995",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0995"
},
{
"name": "CVE-2025-6429",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6429"
},
{
"name": "CVE-2025-4802",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4802"
},
{
"name": "CVE-2022-21455",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21455"
},
{
"name": "CVE-2024-11704",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-11704"
},
{
"name": "CVE-2025-21994",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21994"
},
{
"name": "CVE-2025-30684",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30684"
},
{
"name": "CVE-2022-21413",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21413"
},
{
"name": "CVE-2022-0635",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0635"
},
{
"name": "CVE-2025-48989",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48989"
},
{
"name": "CVE-2022-21372",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21372"
},
{
"name": "CVE-2018-3182",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-3182"
},
{
"name": "CVE-2024-9143",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-9143"
},
{
"name": "CVE-2020-12723",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-12723"
},
{
"name": "CVE-2023-22032",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22032"
},
{
"name": "CVE-2021-3521",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3521"
},
{
"name": "CVE-2021-35637",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35637"
},
{
"name": "CVE-2022-21595",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21595"
},
{
"name": "CVE-2025-1943",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1943"
},
{
"name": "CVE-2025-37768",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37768"
},
{
"name": "CVE-2025-5272",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5272"
},
{
"name": "CVE-2024-33601",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-33601"
},
{
"name": "CVE-2025-32989",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32989"
},
{
"name": "CVE-2021-20298",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20298"
},
{
"name": "CVE-2023-21887",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21887"
},
{
"name": "CVE-2025-22874",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22874"
},
{
"name": "CVE-2019-2624",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2624"
},
{
"name": "CVE-2021-22055",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-22055"
},
{
"name": "CVE-2020-2812",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2812"
},
{
"name": "CVE-2022-1271",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1271"
},
{
"name": "CVE-2025-6556",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6556"
},
{
"name": "CVE-2025-8262",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8262"
},
{
"name": "CVE-2024-28085",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-28085"
},
{
"name": "CVE-2025-1917",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1917"
},
{
"name": "CVE-2022-21256",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21256"
},
{
"name": "CVE-2025-50059",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50059"
},
{
"name": "CVE-2025-37970",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37970"
},
{
"name": "CVE-2025-22066",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22066"
},
{
"name": "CVE-2019-2687",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2687"
},
{
"name": "CVE-2025-8292",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8292"
},
{
"name": "CVE-2025-37905",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37905"
},
{
"name": "CVE-2025-0444",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0444"
},
{
"name": "CVE-2025-21579",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21579"
},
{
"name": "CVE-2020-14845",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14845"
},
{
"name": "CVE-2025-22007",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22007"
},
{
"name": "CVE-2024-34459",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34459"
},
{
"name": "CVE-2025-38094",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38094"
},
{
"name": "CVE-2024-8805",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-8805"
},
{
"name": "CVE-2025-49795",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-49795"
},
{
"name": "CVE-2022-21556",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21556"
},
{
"name": "CVE-2025-4372",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4372"
},
{
"name": "CVE-2024-11691",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-11691"
},
{
"name": "CVE-2023-6237",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6237"
},
{
"name": "CVE-2015-4775",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4775"
},
{
"name": "CVE-2025-37967",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37967"
},
{
"name": "CVE-2016-0694",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-0694"
},
{
"name": "CVE-2020-2896",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2896"
},
{
"name": "CVE-2021-2410",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2410"
},
{
"name": "CVE-2025-29088",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-29088"
},
{
"name": "CVE-2021-46848",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-46848"
},
{
"name": "CVE-2025-6426",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6426"
},
{
"name": "CVE-2020-14800",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14800"
},
{
"name": "CVE-2025-6558",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6558"
},
{
"name": "CVE-2025-8035",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8035"
},
{
"name": "CVE-2025-37885",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37885"
},
{
"name": "CVE-2025-38000",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38000"
},
{
"name": "CVE-2025-22071",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22071"
},
{
"name": "CVE-2025-1376",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1376"
},
{
"name": "CVE-2025-37949",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37949"
},
{
"name": "CVE-2024-56751",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56751"
},
{
"name": "CVE-2023-21873",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21873"
},
{
"name": "CVE-2021-2308",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2308"
},
{
"name": "CVE-2024-22365",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-22365"
},
{
"name": "CVE-2022-21368",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21368"
},
{
"name": "CVE-2023-20873",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-20873"
},
{
"name": "CVE-2024-47535",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47535"
},
{
"name": "CVE-2022-4450",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4450"
},
{
"name": "CVE-2024-46774",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46774"
},
{
"name": "CVE-2025-8579",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8579"
},
{
"name": "CVE-2021-2402",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2402"
},
{
"name": "CVE-2024-21236",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21236"
},
{
"name": "CVE-2025-22075",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22075"
},
{
"name": "CVE-2024-7592",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-7592"
},
{
"name": "CVE-2024-11705",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-11705"
},
{
"name": "CVE-2025-48988",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48988"
},
{
"name": "CVE-2025-38083",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38083"
},
{
"name": "CVE-2023-21863",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21863"
},
{
"name": "CVE-2020-2763",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2763"
},
{
"name": "CVE-2008-5728",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-5728"
},
{
"name": "CVE-2025-6436",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6436"
},
{
"name": "CVE-2015-2583",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-2583"
},
{
"name": "CVE-2020-14852",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14852"
},
{
"name": "CVE-2019-2974",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2974"
},
{
"name": "CVE-2023-21876",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21876"
},
{
"name": "CVE-2024-11702",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-11702"
},
{
"name": "CVE-2024-2236",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-2236"
},
{
"name": "CVE-2023-4039",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4039"
},
{
"name": "CVE-2025-45768",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-45768"
},
{
"name": "CVE-2025-8583",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8583"
},
{
"name": "CVE-2025-4083",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4083"
},
{
"name": "CVE-2020-14868",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14868"
},
{
"name": "CVE-2020-14814",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14814"
},
{
"name": "CVE-2025-1365",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1365"
},
{
"name": "CVE-2020-14837",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14837"
},
{
"name": "CVE-2019-2644",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2644"
},
{
"name": "CVE-2025-1918",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1918"
},
{
"name": "CVE-2022-3996",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3996"
},
{
"name": "CVE-2020-2589",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2589"
},
{
"name": "CVE-2024-25062",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-25062"
},
{
"name": "CVE-2021-2036",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2036"
},
{
"name": "CVE-2024-21137",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21137"
},
{
"name": "CVE-2024-2398",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-2398"
},
{
"name": "CVE-2023-27536",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27536"
},
{
"name": "CVE-2024-54458",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-54458"
},
{
"name": "CVE-2022-21417",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21417"
},
{
"name": "CVE-2021-2479",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2479"
},
{
"name": "CVE-2025-22097",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22097"
},
{
"name": "CVE-2024-21239",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21239"
},
{
"name": "CVE-2015-4783",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4783"
},
{
"name": "CVE-2021-35629",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35629"
},
{
"name": "CVE-2020-2814",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2814"
},
{
"name": "CVE-2019-2922",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2922"
},
{
"name": "CVE-2015-4774",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4774"
},
{
"name": "CVE-2025-37840",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37840"
},
{
"name": "CVE-2025-0243",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0243"
},
{
"name": "CVE-2024-26739",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26739"
},
{
"name": "CVE-2017-11164",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-11164"
},
{
"name": "CVE-2025-1935",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1935"
},
{
"name": "CVE-2018-3145",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-3145"
},
{
"name": "CVE-2025-6425",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6425"
},
{
"name": "CVE-2025-26519",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-26519"
},
{
"name": "CVE-2021-2340",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2340"
},
{
"name": "CVE-2024-35866",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35866"
},
{
"name": "CVE-2022-21437",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21437"
},
{
"name": "CVE-2022-21425",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21425"
},
{
"name": "CVE-2017-7500",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7500"
},
{
"name": "CVE-2025-49124",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-49124"
},
{
"name": "CVE-2023-6481",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6481"
},
{
"name": "CVE-2025-3074",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3074"
},
{
"name": "CVE-2022-21537",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21537"
},
{
"name": "CVE-2024-10487",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-10487"
},
{
"name": "CVE-2019-2580",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2580"
},
{
"name": "CVE-2023-21867",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21867"
},
{
"name": "CVE-2024-0727",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-0727"
},
{
"name": "CVE-2023-6378",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6378"
},
{
"name": "CVE-2024-10041",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-10041"
},
{
"name": "CVE-2022-21547",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21547"
},
{
"name": "CVE-2024-49989",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49989"
},
{
"name": "CVE-2019-2587",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2587"
},
{
"name": "CVE-2023-6129",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6129"
},
{
"name": "CVE-2022-34903",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-34903"
},
{
"name": "CVE-2025-8043",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8043"
},
{
"name": "CVE-2022-4899",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4899"
},
{
"name": "CVE-2025-5270",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5270"
},
{
"name": "CVE-2021-35627",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35627"
},
{
"name": "CVE-2025-21956",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21956"
},
{
"name": "CVE-2024-36908",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36908"
},
{
"name": "CVE-2019-2910",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2910"
},
{
"name": "CVE-2020-14539",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14539"
},
{
"name": "CVE-2025-37982",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37982"
},
{
"name": "CVE-2019-2593",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2593"
},
{
"name": "CVE-2025-37992",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37992"
},
{
"name": "CVE-2025-37932",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37932"
},
{
"name": "CVE-2022-3219",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3219"
},
{
"name": "CVE-2023-21869",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21869"
},
{
"name": "CVE-2025-37890",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37890"
},
{
"name": "CVE-2025-4673",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4673"
},
{
"name": "CVE-2025-1940",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1940"
},
{
"name": "CVE-2025-22020",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22020"
},
{
"name": "CVE-2020-15366",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-15366"
},
{
"name": "CVE-2023-34969",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-34969"
},
{
"name": "CVE-2020-22916",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-22916"
},
{
"name": "CVE-2025-31672",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-31672"
},
{
"name": "CVE-2019-2963",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2963"
},
{
"name": "CVE-2021-2387",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2387"
},
{
"name": "CVE-2025-5916",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5916"
},
{
"name": "CVE-2022-21348",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21348"
},
{
"name": "CVE-2025-30721",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30721"
},
{
"name": "CVE-2020-14672",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14672"
},
{
"name": "CVE-2021-2293",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2293"
},
{
"name": "CVE-2025-37914",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37914"
},
{
"name": "CVE-2020-14830",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14830"
},
{
"name": "CVE-2025-22871",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22871"
},
{
"name": "CVE-2025-41232",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-41232"
},
{
"name": "CVE-2025-8010",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8010"
},
{
"name": "CVE-2021-2370",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2370"
},
{
"name": "CVE-2025-32988",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32988"
},
{
"name": "CVE-2024-10963",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-10963"
},
{
"name": "CVE-2024-26461",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26461"
},
{
"name": "CVE-2025-4082",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4082"
},
{
"name": "CVE-2021-35644",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35644"
},
{
"name": "CVE-2017-3604",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3604"
},
{
"name": "CVE-2022-21592",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21592"
},
{
"name": "CVE-2024-38828",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38828"
},
{
"name": "CVE-2023-27538",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27538"
},
{
"name": "CVE-2025-37794",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37794"
},
{
"name": "CVE-2025-8036",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8036"
},
{
"name": "CVE-2021-35631",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35631"
},
{
"name": "CVE-2023-4641",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4641"
},
{
"name": "CVE-2025-1915",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1915"
},
{
"name": "CVE-2025-27113",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27113"
},
{
"name": "CVE-2024-47081",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47081"
},
{
"name": "CVE-2023-36054",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-36054"
},
{
"name": "CVE-2024-26458",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26458"
},
{
"name": "CVE-2025-8032",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8032"
},
{
"name": "CVE-2022-23218",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23218"
},
{
"name": "CVE-2025-23166",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23166"
},
{
"name": "CVE-2019-10782",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-10782"
},
{
"name": "CVE-2024-11693",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-11693"
},
{
"name": "CVE-2024-55549",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-55549"
},
{
"name": "CVE-2020-14893",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14893"
},
{
"name": "CVE-2021-35642",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35642"
},
{
"name": "CVE-2023-43787",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-43787"
},
{
"name": "CVE-2019-2948",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2948"
},
{
"name": "CVE-2023-43786",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-43786"
},
{
"name": "CVE-2021-2278",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2278"
},
{
"name": "CVE-2024-6119",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6119"
},
{
"name": "CVE-2019-2924",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2924"
},
{
"name": "CVE-2025-3608",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3608"
},
{
"name": "CVE-2021-2226",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2226"
},
{
"name": "CVE-2021-25214",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-25214"
},
{
"name": "CVE-2024-0397",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-0397"
},
{
"name": "CVE-2025-24294",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24294"
},
{
"name": "CVE-2020-2779",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2779"
},
{
"name": "CVE-2025-40909",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40909"
},
{
"name": "CVE-2023-21836",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21836"
},
{
"name": "CVE-2025-37836",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37836"
},
{
"name": "CVE-2025-6432",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6432"
},
{
"name": "CVE-2017-3607",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3607"
},
{
"name": "CVE-2024-50258",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50258"
},
{
"name": "CVE-2021-2342",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2342"
},
{
"name": "CVE-2025-3029",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3029"
},
{
"name": "CVE-2025-1934",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1934"
},
{
"name": "CVE-2020-28500",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-28500"
},
{
"name": "CVE-2020-14794",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14794"
},
{
"name": "CVE-2019-2634",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2634"
},
{
"name": "CVE-2025-3034",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3034"
},
{
"name": "CVE-2024-42322",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42322"
},
{
"name": "CVE-2023-22078",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22078"
},
{
"name": "CVE-2020-14786",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14786"
},
{
"name": "CVE-2023-21870",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21870"
},
{
"name": "CVE-2024-46753",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46753"
},
{
"name": "CVE-2025-9187",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9187"
},
{
"name": "CVE-2021-35638",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35638"
},
{
"name": "CVE-2022-21534",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21534"
},
{
"name": "CVE-2025-4516",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4516"
},
{
"name": "CVE-2024-38808",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38808"
},
{
"name": "CVE-2025-9183",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9183"
},
{
"name": "CVE-2025-22869",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22869"
},
{
"name": "CVE-2008-5742",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-5742"
},
{
"name": "CVE-2024-10466",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-10466"
},
{
"name": "CVE-2021-20193",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20193"
},
{
"name": "CVE-2025-37771",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37771"
},
{
"name": "CVE-2022-3358",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3358"
},
{
"name": "CVE-2019-2533",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2533"
},
{
"name": "CVE-2025-4050",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4050"
},
{
"name": "CVE-2025-37998",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37998"
},
{
"name": "CVE-2025-6021",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6021"
},
{
"name": "CVE-2025-23163",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23163"
},
{
"name": "CVE-2022-35737",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-35737"
},
{
"name": "CVE-2020-14828",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14828"
},
{
"name": "CVE-2025-55668",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55668"
},
{
"name": "CVE-2020-8203",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-8203"
},
{
"name": "CVE-2020-2759",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2759"
},
{
"name": "CVE-2024-4603",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-4603"
},
{
"name": "CVE-2025-1937",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1937"
},
{
"name": "CVE-2020-14812",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14812"
},
{
"name": "CVE-2025-25193",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-25193"
},
{
"name": "CVE-2025-9184",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9184"
},
{
"name": "CVE-2024-8096",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-8096"
},
{
"name": "CVE-2022-4415",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4415"
},
{
"name": "CVE-2025-1014",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1014"
},
{
"name": "CVE-2023-4806",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4806"
},
{
"name": "CVE-2025-1013",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1013"
},
{
"name": "CVE-2023-31437",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-31437"
},
{
"name": "CVE-2023-47039",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-47039"
},
{
"name": "CVE-2025-37757",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37757"
},
{
"name": "CVE-2023-21879",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21879"
},
{
"name": "CVE-2025-22063",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22063"
},
{
"name": "CVE-2025-38177",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38177"
},
{
"name": "CVE-2025-0762",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0762"
},
{
"name": "CVE-2016-2781",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-2781"
},
{
"name": "CVE-2023-31484",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-31484"
},
{
"name": "CVE-2024-11694",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-11694"
},
{
"name": "CVE-2023-29383",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29383"
},
{
"name": "CVE-2020-2573",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2573"
},
{
"name": "CVE-2023-37769",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-37769"
},
{
"name": "CVE-2022-21444",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21444"
},
{
"name": "CVE-2025-1018",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1018"
},
{
"name": "CVE-2020-2806",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2806"
},
{
"name": "CVE-2021-44228",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44228"
},
{
"name": "CVE-2025-38009",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38009"
},
{
"name": "CVE-2025-22870",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22870"
},
{
"name": "CVE-2020-14838",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14838"
},
{
"name": "CVE-2019-2791",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2791"
},
{
"name": "CVE-2025-30687",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30687"
},
{
"name": "CVE-2024-2397",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-2397"
},
{
"name": "CVE-2022-21378",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21378"
},
{
"name": "CVE-2025-8040",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8040"
},
{
"name": "CVE-2024-10465",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-10465"
},
{
"name": "CVE-2021-35942",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35942"
},
{
"name": "CVE-2025-46701",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-46701"
},
{
"name": "CVE-2025-5068",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5068"
},
{
"name": "CVE-2025-38001",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38001"
},
{
"name": "CVE-2025-32415",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32415"
},
{
"name": "CVE-2025-24855",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24855"
},
{
"name": "CVE-2025-37817",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37817"
},
{
"name": "CVE-2019-2815",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2815"
},
{
"name": "CVE-2025-37838",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37838"
},
{
"name": "CVE-2021-2440",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2440"
},
{
"name": "CVE-2025-5889",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5889"
},
{
"name": "CVE-2019-2695",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2695"
},
{
"name": "CVE-2021-35634",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35634"
},
{
"name": "CVE-2024-30171",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-30171"
},
{
"name": "CVE-2021-2304",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2304"
},
{
"name": "CVE-2024-23337",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-23337"
},
{
"name": "CVE-2016-0689",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-0689"
},
{
"name": "CVE-2021-2179",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2179"
},
{
"name": "CVE-2025-37749",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37749"
},
{
"name": "CVE-2025-30749",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30749"
},
{
"name": "CVE-2018-3285",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-3285"
},
{
"name": "CVE-2019-2738",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2738"
},
{
"name": "CVE-2025-1017",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1017"
},
{
"name": "CVE-2020-14821",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14821"
},
{
"name": "CVE-2024-38541",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38541"
},
{
"name": "CVE-2021-2169",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2169"
},
{
"name": "CVE-2025-22235",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22235"
},
{
"name": "CVE-2023-22084",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22084"
},
{
"name": "CVE-2020-2572",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2572"
},
{
"name": "CVE-2020-2570",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2570"
},
{
"name": "CVE-2025-37756",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37756"
},
{
"name": "CVE-2021-2060",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2060"
},
{
"name": "CVE-2021-2417",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2417"
},
{
"name": "CVE-2025-3035",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3035"
},
{
"name": "CVE-2025-37994",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37994"
},
{
"name": "CVE-2025-7339",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-7339"
},
{
"name": "CVE-2018-3212",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-3212"
},
{
"name": "CVE-2020-2895",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2895"
},
{
"name": "CVE-2025-1352",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1352"
},
{
"name": "CVE-2024-4741",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-4741"
},
{
"name": "CVE-2022-21569",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21569"
},
{
"name": "CVE-2020-2925",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2925"
},
{
"name": "CVE-2021-33574",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-33574"
},
{
"name": "CVE-2024-38540",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38540"
},
{
"name": "CVE-2025-48924",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48924"
},
{
"name": "CVE-2019-2636",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2636"
},
{
"name": "CVE-2019-18276",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-18276"
},
{
"name": "CVE-2025-6424",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6424"
},
{
"name": "CVE-2021-3326",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3326"
},
{
"name": "CVE-2021-35622",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35622"
},
{
"name": "CVE-2025-8916",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8916"
},
{
"name": "CVE-2025-21523",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21523"
},
{
"name": "CVE-2025-32414",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32414"
},
{
"name": "CVE-2025-8885",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8885"
},
{
"name": "CVE-2025-1914",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1914"
},
{
"name": "CVE-2025-8029",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8029"
},
{
"name": "CVE-2025-5067",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5067"
},
{
"name": "CVE-2025-37858",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37858"
},
{
"name": "CVE-2023-40403",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-40403"
},
{
"name": "CVE-2021-2212",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2212"
},
{
"name": "CVE-2019-2691",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2691"
},
{
"name": "CVE-2021-2232",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2232"
},
{
"name": "CVE-2019-2812",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2812"
},
{
"name": "CVE-2025-9132",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9132"
},
{
"name": "CVE-2021-35643",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35643"
},
{
"name": "CVE-2021-35938",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35938"
},
{
"name": "CVE-2025-30704",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30704"
},
{
"name": "CVE-2021-2478",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2478"
},
{
"name": "CVE-2025-37780",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37780"
},
{
"name": "CVE-2025-37995",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37995"
},
{
"name": "CVE-2020-16156",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-16156"
},
{
"name": "CVE-2025-23156",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23156"
},
{
"name": "CVE-2025-23157",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23157"
},
{
"name": "CVE-2025-8038",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8038"
},
{
"name": "CVE-2022-21344",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21344"
},
{
"name": "CVE-2021-2481",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2481"
},
{
"name": "CVE-2022-28321",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-28321"
},
{
"name": "CVE-2019-2739",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2739"
},
{
"name": "CVE-2015-2214",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-2214"
},
{
"name": "CVE-2025-37808",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37808"
},
{
"name": "CVE-2017-3606",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3606"
},
{
"name": "CVE-2023-20883",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-20883"
},
{
"name": "CVE-2024-3651",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-3651"
},
{
"name": "CVE-2019-2968",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2968"
},
{
"name": "CVE-2023-22053",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22053"
},
{
"name": "CVE-2025-0438",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0438"
},
{
"name": "CVE-2021-25219",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-25219"
},
{
"name": "CVE-2023-24329",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24329"
},
{
"name": "CVE-2025-21963",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21963"
},
{
"name": "CVE-2024-12243",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12243"
},
{
"name": "CVE-2024-26462",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26462"
},
{
"name": "CVE-2020-14776",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14776"
},
{
"name": "CVE-2025-30693",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30693"
},
{
"name": "CVE-2025-21585",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21585"
},
{
"name": "CVE-2024-42230",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42230"
},
{
"name": "CVE-2025-5283",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5283"
},
{
"name": "CVE-2022-21367",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21367"
},
{
"name": "CVE-2025-37997",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37997"
},
{
"name": "CVE-2025-24928",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24928"
},
{
"name": "CVE-2019-2688",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2688"
},
{
"name": "CVE-2020-14860",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14860"
},
{
"name": "CVE-2025-2312",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-2312"
},
{
"name": "CVE-2025-0395",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0395"
},
{
"name": "CVE-2025-53506",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53506"
},
{
"name": "CVE-2023-4320",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4320"
},
{
"name": "CVE-2025-1922",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1922"
},
{
"name": "CVE-2025-23084",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23084"
},
{
"name": "CVE-2015-4786",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4786"
},
{
"name": "CVE-2025-0437",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0437"
},
{
"name": "CVE-2022-3602",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3602"
},
{
"name": "CVE-2022-40304",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40304"
},
{
"name": "CVE-2023-4911",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4911"
},
{
"name": "CVE-2025-8028",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8028"
},
{
"name": "CVE-2025-0725",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0725"
},
{
"name": "CVE-2025-49709",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-49709"
},
{
"name": "CVE-2021-44832",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44832"
},
{
"name": "CVE-2024-11706",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-11706"
},
{
"name": "CVE-2025-4051",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4051"
},
{
"name": "CVE-2025-7424",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-7424"
},
{
"name": "CVE-2017-12629",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12629"
},
{
"name": "CVE-2021-35645",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35645"
},
{
"name": "CVE-2020-2780",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2780"
},
{
"name": "CVE-2025-37805",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37805"
},
{
"name": "CVE-2025-5063",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5063"
},
{
"name": "CVE-2018-3195",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-3195"
},
{
"name": "CVE-2025-3071",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3071"
},
{
"name": "CVE-2024-50073",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50073"
},
{
"name": "CVE-2020-14567",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14567"
},
{
"name": "CVE-2019-2539",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2539"
},
{
"name": "CVE-2022-21525",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21525"
},
{
"name": "CVE-2025-37990",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37990"
},
{
"name": "CVE-2022-21352",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21352"
},
{
"name": "CVE-2025-53864",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53864"
},
{
"name": "CVE-2025-22089",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22089"
},
{
"name": "CVE-2025-8011",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8011"
},
{
"name": "CVE-2025-0436",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0436"
},
{
"name": "CVE-2023-22114",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22114"
},
{
"name": "CVE-2024-4032",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-4032"
},
{
"name": "CVE-2021-27645",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-27645"
},
{
"name": "CVE-2025-37862",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37862"
},
{
"name": "CVE-2024-28835",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-28835"
},
{
"name": "CVE-2025-0447",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0447"
},
{
"name": "CVE-2021-2213",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2213"
},
{
"name": "CVE-2025-49796",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-49796"
},
{
"name": "CVE-2025-8058",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8058"
},
{
"name": "CVE-2024-21209",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21209"
},
{
"name": "CVE-2025-8033",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8033"
},
{
"name": "CVE-2021-22570",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-22570"
},
{
"name": "CVE-2025-37839",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37839"
},
{
"name": "CVE-2025-37913",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37913"
},
{
"name": "CVE-2023-22097",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22097"
},
{
"name": "CVE-2020-2765",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2765"
},
{
"name": "CVE-2020-14791",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14791"
},
{
"name": "CVE-2023-21880",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21880"
},
{
"name": "CVE-2025-8732",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8732"
},
{
"name": "CVE-2025-8030",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8030"
},
{
"name": "CVE-2024-11696",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-11696"
},
{
"name": "CVE-2025-22008",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22008"
},
{
"name": "CVE-2023-21912",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21912"
},
{
"name": "CVE-2008-5730",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-5730"
},
{
"name": "CVE-2021-2217",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2217"
},
{
"name": "CVE-2025-30204",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30204"
},
{
"name": "CVE-2025-3073",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3073"
},
{
"name": "CVE-2023-39325",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39325"
},
{
"name": "CVE-2019-9658",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-9658"
},
{
"name": "CVE-2025-6191",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6191"
},
{
"name": "CVE-2025-21581",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21581"
},
{
"name": "CVE-2022-21454",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21454"
},
{
"name": "CVE-2025-5914",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5914"
},
{
"name": "CVE-2018-1196",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1196"
},
{
"name": "CVE-2022-21427",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21427"
},
{
"name": "CVE-2024-35943",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35943"
},
{
"name": "CVE-2025-5271",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5271"
},
{
"name": "CVE-2022-21374",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21374"
},
{
"name": "CVE-2021-35630",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35630"
},
{
"name": "CVE-2025-6554",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6554"
},
{
"name": "CVE-2025-5266",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5266"
},
{
"name": "CVE-2023-39615",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39615"
},
{
"name": "CVE-2023-52757",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52757"
},
{
"name": "CVE-2017-7501",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7501"
},
{
"name": "CVE-2023-31486",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-31486"
},
{
"name": "CVE-2025-41242",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-41242"
},
{
"name": "CVE-2025-37851",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37851"
},
{
"name": "CVE-2020-14553",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14553"
},
{
"name": "CVE-2025-8031",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8031"
},
{
"name": "CVE-2024-38816",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38816"
},
{
"name": "CVE-2024-2511",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-2511"
},
{
"name": "CVE-2022-21462",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21462"
},
{
"name": "CVE-2019-2584",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2584"
},
{
"name": "CVE-2025-22054",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22054"
},
{
"name": "CVE-2019-2635",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2635"
},
{
"name": "CVE-2025-21968",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21968"
},
{
"name": "CVE-2022-21478",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21478"
},
{
"name": "CVE-2025-29087",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-29087"
},
{
"name": "CVE-2019-2693",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2693"
},
{
"name": "CVE-2025-21991",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21991"
},
{
"name": "CVE-2025-22086",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22086"
},
{
"name": "CVE-2019-2741",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2741"
},
{
"name": "CVE-2025-46392",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-46392"
},
{
"name": "CVE-2020-27618",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-27618"
},
{
"name": "CVE-2022-21370",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21370"
},
{
"name": "CVE-2021-2372",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2372"
},
{
"name": "CVE-2023-6246",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6246"
},
{
"name": "CVE-2021-2426",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2426"
},
{
"name": "CVE-2025-22073",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22073"
},
{
"name": "CVE-2025-37788",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37788"
},
{
"name": "CVE-2025-1936",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1936"
},
{
"name": "CVE-2025-5958",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5958"
},
{
"name": "CVE-2022-23219",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23219"
},
{
"name": "CVE-2019-2950",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2950"
},
{
"name": "CVE-2025-0238",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0238"
},
{
"name": "CVE-2015-2640",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-2640"
},
{
"name": "CVE-2025-30685",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30685"
},
{
"name": "CVE-2021-35641",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35641"
},
{
"name": "CVE-2025-2476",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-2476"
},
{
"name": "CVE-2019-2620",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2620"
},
{
"name": "CVE-2025-30695",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30695"
},
{
"name": "CVE-2025-30688",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30688"
},
{
"name": "CVE-2025-37881",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37881"
},
{
"name": "CVE-2025-21588",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21588"
},
{
"name": "CVE-2019-2960",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2960"
},
{
"name": "CVE-2025-0998",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0998"
},
{
"name": "CVE-2022-21459",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21459"
},
{
"name": "CVE-2023-27537",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27537"
},
{
"name": "CVE-2025-37909",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37909"
},
{
"name": "CVE-2019-2795",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2795"
},
{
"name": "CVE-2021-2011",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2011"
},
{
"name": "CVE-2022-21412",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21412"
},
{
"name": "CVE-2023-5678",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5678"
},
{
"name": "CVE-2024-2961",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-2961"
},
{
"name": "CVE-2022-21245",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21245"
},
{
"name": "CVE-2025-21962",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21962"
},
{
"name": "CVE-2024-12133",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12133"
},
{
"name": "CVE-2025-37812",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37812"
},
{
"name": "CVE-2020-2584",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2584"
},
{
"name": "CVE-2025-37875",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37875"
},
{
"name": "CVE-2023-42366",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-42366"
},
{
"name": "CVE-2019-2834",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2834"
},
{
"name": "CVE-2020-14775",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14775"
},
{
"name": "CVE-2022-21438",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21438"
},
{
"name": "CVE-2024-28182",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-28182"
},
{
"name": "CVE-2020-14760",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14760"
},
{
"name": "CVE-2021-2383",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2383"
},
{
"name": "CVE-2025-0167",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0167"
},
{
"name": "CVE-2025-22079",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22079"
},
{
"name": "CVE-2022-21546",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21546"
},
{
"name": "CVE-2023-6597",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6597"
},
{
"name": "CVE-2025-1923",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1923"
},
{
"name": "CVE-2025-22227",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22227"
},
{
"name": "CVE-2021-2166",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2166"
},
{
"name": "CVE-2025-47273",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47273"
},
{
"name": "CVE-2022-21339",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21339"
},
{
"name": "CVE-2025-23140",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23140"
},
{
"name": "CVE-2025-23150",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23150"
},
{
"name": "CVE-2025-1938",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1938"
},
{
"name": "CVE-2023-22059",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22059"
},
{
"name": "CVE-2020-2923",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2923"
},
{
"name": "CVE-2025-4919",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4919"
},
{
"name": "CVE-2019-2681",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2681"
},
{
"name": "CVE-2022-48303",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48303"
},
{
"name": "CVE-2025-0240",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0240"
},
{
"name": "CVE-2023-22066",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22066"
},
{
"name": "CVE-2021-43618",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-43618"
},
{
"name": "CVE-2019-2757",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2757"
},
{
"name": "CVE-2020-14848",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14848"
},
{
"name": "CVE-2018-3280",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-3280"
},
{
"name": "CVE-2016-1000027",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1000027"
},
{
"name": "CVE-2020-2924",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2924"
},
{
"name": "CVE-2025-8576",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8576"
},
{
"name": "CVE-2024-6345",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6345"
},
{
"name": "CVE-2025-1012",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1012"
},
{
"name": "CVE-2025-21964",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21964"
},
{
"name": "CVE-2024-0567",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-0567"
},
{
"name": "CVE-2025-22081",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22081"
},
{
"name": "CVE-2025-5267",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5267"
},
{
"name": "CVE-2022-27772",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27772"
},
{
"name": "CVE-2025-23148",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23148"
},
{
"name": "CVE-2023-31438",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-31438"
},
{
"name": "CVE-2025-6555",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6555"
},
{
"name": "CVE-2022-0396",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0396"
},
{
"name": "CVE-2025-3576",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3576"
},
{
"name": "CVE-2025-0245",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0245"
},
{
"name": "CVE-2019-2830",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2830"
},
{
"name": "CVE-2021-35633",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35633"
},
{
"name": "CVE-2024-10462",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-10462"
},
{
"name": "CVE-2023-22068",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22068"
},
{
"name": "CVE-2024-6923",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6923"
},
{
"name": "CVE-2020-14867",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14867"
},
{
"name": "CVE-2025-23147",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23147"
},
{
"name": "CVE-2024-8088",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-8088"
},
{
"name": "CVE-2025-48734",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48734"
}
],
"links": [],
"reference": "CERTFR-2025-AVI-0756",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2025-09-05T00:00:00.000000"
}
],
"risks": [
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits VMware. Elles permettent \u00e0 un attaquant de provoquer un probl\u00e8me de s\u00e9curit\u00e9 non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits VMware",
"vendor_advisories": [
{
"published_at": "2025-09-04",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36093",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36093"
},
{
"published_at": "2025-09-04",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36102",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36102"
},
{
"published_at": "2025-09-04",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36101",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36101"
},
{
"published_at": "2025-09-04",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36100",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36100"
},
{
"published_at": "2025-09-04",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36105",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36105"
},
{
"published_at": "2025-09-04",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36091",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36091"
},
{
"published_at": "2025-09-04",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36078",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36078"
},
{
"published_at": "2025-09-04",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36107",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36107"
},
{
"published_at": "2025-09-04",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36094",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36094"
},
{
"published_at": "2025-09-04",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36097",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36097"
},
{
"published_at": "2025-09-04",
"title": "Bulletin de s\u00e9curit\u00e9 VMware DSA-2025-46",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36104"
},
{
"published_at": "2025-09-04",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36108",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36108"
},
{
"published_at": "2025-09-04",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36095",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36095"
},
{
"published_at": "2025-09-04",
"title": "Bulletin de s\u00e9curit\u00e9 VMware DSA-2025-09",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36090"
},
{
"published_at": "2025-09-04",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36096",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36096"
},
{
"published_at": "2025-09-04",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36106",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36106"
},
{
"published_at": "2025-09-04",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36109",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36109"
},
{
"published_at": "2025-09-04",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36098",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36098"
},
{
"published_at": "2025-09-04",
"title": "Bulletin de s\u00e9curit\u00e9 VMware DSA-2025-68",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36111"
},
{
"published_at": "2025-09-04",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36103",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36103"
},
{
"published_at": "2025-09-04",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36099",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36099"
},
{
"published_at": "2025-09-04",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36092",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36092"
},
{
"published_at": "2025-09-04",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36110",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36110"
}
]
}
CERTFR-2025-AVI-0855
Vulnerability from certfr_avis - Published: 2025-10-09 - Updated: 2025-10-09
De multiples vulnérabilités ont été découvertes dans les produits Juniper Networks. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, une élévation de privilèges et un déni de service à distance.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Juniper Networks | Junos OS | Junos OS versions 24.4 antérieures à 24.4R2 | ||
| Juniper Networks | Junos OS Evolved | Junos OS Evolved versions antérieures à 22.4R3-S8-EVO | ||
| Juniper Networks | Junos OS | Junos OS versions 23.4 antérieures à 23.4R2-S5 | ||
| Juniper Networks | Junos OS Evolved | Junos OS Evolved versions 23.2-EVO antérieures à 23.2R2-S4-EVO | ||
| Juniper Networks | Junos OS | Junos OS versions antérieures à 22.4R3-S8 | ||
| Juniper Networks | Junos OS Evolved | Junos OS Evolved versions 24.2-EVO antérieures à 24.2R2-S2-EVO | ||
| Juniper Networks | Junos OS Evolved | Junos OS Evolved versions 24.4-EVO antérieures à 24.4R2-EVO | ||
| Juniper Networks | Junos Space | Junos Space versions antérieures à 24.1R4 | ||
| Juniper Networks | Security Director | Security Director Policy Enforcer versions antérieures à 23.1R1 Hotpatch v3 | ||
| Juniper Networks | Junos Space | Junos Space Security Director versions antérieures à 24.1R4 | ||
| Juniper Networks | Junos OS Evolved | Junos OS Evolved versions 23.4-EVO antérieures à 23.4R2-S5-EVO | ||
| Juniper Networks | Junos OS | Junos OS versions 23.2 antérieures à 23.2R2-S4 | ||
| Juniper Networks | Junos OS | Junos OS versions 24.2 antérieures à 24.2R2-S1 |
References
| Title | Publication Time | Tags | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Junos OS versions 24.4 ant\u00e9rieures \u00e0 24.4R2",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS Evolved versions ant\u00e9rieures \u00e0 22.4R3-S8-EVO",
"product": {
"name": "Junos OS Evolved",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 23.4 ant\u00e9rieures \u00e0 23.4R2-S5",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS Evolved versions 23.2-EVO ant\u00e9rieures \u00e0 23.2R2-S4-EVO",
"product": {
"name": "Junos OS Evolved",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions ant\u00e9rieures \u00e0 22.4R3-S8",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS Evolved versions 24.2-EVO ant\u00e9rieures \u00e0 24.2R2-S2-EVO",
"product": {
"name": "Junos OS Evolved",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS Evolved versions 24.4-EVO ant\u00e9rieures \u00e0 24.4R2-EVO",
"product": {
"name": "Junos OS Evolved",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos Space versions ant\u00e9rieures \u00e0 24.1R4",
"product": {
"name": "Junos Space",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Security Director Policy Enforcer versions ant\u00e9rieures \u00e0 23.1R1 Hotpatch v3",
"product": {
"name": "Security Director",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos Space Security Director versions ant\u00e9rieures \u00e0 24.1R4",
"product": {
"name": "Junos Space",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS Evolved versions 23.4-EVO ant\u00e9rieures \u00e0 23.4R2-S5-EVO",
"product": {
"name": "Junos OS Evolved",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 23.2 ant\u00e9rieures \u00e0 23.2R2-S4",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 24.2 ant\u00e9rieures \u00e0 24.2R2-S1",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2024-24795",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24795"
},
{
"name": "CVE-2024-36903",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36903"
},
{
"name": "CVE-2023-44431",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-44431"
},
{
"name": "CVE-2021-47606",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47606"
},
{
"name": "CVE-2025-59993",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59993"
},
{
"name": "CVE-2025-59997",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59997"
},
{
"name": "CVE-2023-7104",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-7104"
},
{
"name": "CVE-2025-59995",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59995"
},
{
"name": "CVE-2024-21235",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21235"
},
{
"name": "CVE-2023-28466",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28466"
},
{
"name": "CVE-2024-36921",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36921"
},
{
"name": "CVE-2025-59986",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59986"
},
{
"name": "CVE-2025-60009",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-60009"
},
{
"name": "CVE-2025-59989",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59989"
},
{
"name": "CVE-2024-26897",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26897"
},
{
"name": "CVE-2023-46103",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-46103"
},
{
"name": "CVE-2024-27052",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27052"
},
{
"name": "CVE-2023-2235",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2235"
},
{
"name": "CVE-2025-59999",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59999"
},
{
"name": "CVE-2025-59994",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59994"
},
{
"name": "CVE-2024-4076",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-4076"
},
{
"name": "CVE-2025-59967",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59967"
},
{
"name": "CVE-2022-24805",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-24805"
},
{
"name": "CVE-2024-12797",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12797"
},
{
"name": "CVE-2023-3390",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3390"
},
{
"name": "CVE-2024-37356",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-37356"
},
{
"name": "CVE-2024-47538",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47538"
},
{
"name": "CVE-2023-4004",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4004"
},
{
"name": "CVE-2024-21823",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21823"
},
{
"name": "CVE-2025-59991",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59991"
},
{
"name": "CVE-2024-5564",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-5564"
},
{
"name": "CVE-2024-26600",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26600"
},
{
"name": "CVE-2023-28746",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28746"
},
{
"name": "CVE-2023-52864",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52864"
},
{
"name": "CVE-2025-26600",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-26600"
},
{
"name": "CVE-2024-3596",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-3596"
},
{
"name": "CVE-2024-27280",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27280"
},
{
"name": "CVE-2024-36929",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36929"
},
{
"name": "CVE-2023-35788",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-35788"
},
{
"name": "CVE-2025-59982",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59982"
},
{
"name": "CVE-2024-1975",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-1975"
},
{
"name": "CVE-2023-43785",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-43785"
},
{
"name": "CVE-2024-30205",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-30205"
},
{
"name": "CVE-2018-17247",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-17247"
},
{
"name": "CVE-2025-60004",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-60004"
},
{
"name": "CVE-2023-51594",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-51594"
},
{
"name": "CVE-2024-22025",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-22025"
},
{
"name": "CVE-2023-50229",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-50229"
},
{
"name": "CVE-2025-59974",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59974"
},
{
"name": "CVE-2025-26598",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-26598"
},
{
"name": "CVE-2018-3824",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-3824"
},
{
"name": "CVE-2024-40928",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-40928"
},
{
"name": "CVE-2024-43398",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43398"
},
{
"name": "CVE-2024-8508",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-8508"
},
{
"name": "CVE-2024-36020",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36020"
},
{
"name": "CVE-2021-45105",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-45105"
},
{
"name": "CVE-2025-59981",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59981"
},
{
"name": "CVE-2023-31248",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-31248"
},
{
"name": "CVE-2024-1737",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-1737"
},
{
"name": "CVE-2023-25193",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-25193"
},
{
"name": "CVE-2021-4104",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-4104"
},
{
"name": "CVE-2024-30203",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-30203"
},
{
"name": "CVE-2023-3090",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3090"
},
{
"name": "CVE-2024-35937",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35937"
},
{
"name": "CVE-2025-59968",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59968"
},
{
"name": "CVE-2023-51592",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-51592"
},
{
"name": "CVE-2025-59990",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59990"
},
{
"name": "CVE-2021-22146",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-22146"
},
{
"name": "CVE-2025-59978",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59978"
},
{
"name": "CVE-2024-25629",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-25629"
},
{
"name": "CVE-2024-36017",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36017"
},
{
"name": "CVE-2024-24806",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24806"
},
{
"name": "CVE-2024-27434",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27434"
},
{
"name": "CVE-2023-47038",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-47038"
},
{
"name": "CVE-2024-35852",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35852"
},
{
"name": "CVE-2024-38558",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38558"
},
{
"name": "CVE-2025-59992",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59992"
},
{
"name": "CVE-2024-35845",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35845"
},
{
"name": "CVE-2021-41072",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-41072"
},
{
"name": "CVE-2025-60000",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-60000"
},
{
"name": "CVE-2022-24807",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-24807"
},
{
"name": "CVE-2024-47607",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47607"
},
{
"name": "CVE-2024-27065",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27065"
},
{
"name": "CVE-2024-36005",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36005"
},
{
"name": "CVE-2023-45866",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45866"
},
{
"name": "CVE-2023-27349",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27349"
},
{
"name": "CVE-2023-0464",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0464"
},
{
"name": "CVE-2015-5377",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-5377"
},
{
"name": "CVE-2023-48161",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-48161"
},
{
"name": "CVE-2022-24810",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-24810"
},
{
"name": "CVE-2024-33621",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-33621"
},
{
"name": "CVE-2024-27983",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27983"
},
{
"name": "CVE-2025-60001",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-60001"
},
{
"name": "CVE-2024-5742",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-5742"
},
{
"name": "CVE-2023-50230",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-50230"
},
{
"name": "CVE-2025-52960",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-52960"
},
{
"name": "CVE-2024-36922",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36922"
},
{
"name": "CVE-2025-59996",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59996"
},
{
"name": "CVE-2024-39487",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39487"
},
{
"name": "CVE-2024-27982",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27982"
},
{
"name": "CVE-2023-38575",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38575"
},
{
"name": "CVE-2024-35911",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35911"
},
{
"name": "CVE-2025-59957",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59957"
},
{
"name": "CVE-2025-59958",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59958"
},
{
"name": "CVE-2021-41043",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-41043"
},
{
"name": "CVE-2018-17244",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-17244"
},
{
"name": "CVE-2019-12900",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-12900"
},
{
"name": "CVE-2024-39908",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39908"
},
{
"name": "CVE-2025-26597",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-26597"
},
{
"name": "CVE-2024-36971",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36971"
},
{
"name": "CVE-2023-2603",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2603"
},
{
"name": "CVE-2024-41946",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41946"
},
{
"name": "CVE-2023-3776",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3776"
},
{
"name": "CVE-2024-42934",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42934"
},
{
"name": "CVE-2023-51580",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-51580"
},
{
"name": "CVE-2024-35848",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35848"
},
{
"name": "CVE-2024-27417",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27417"
},
{
"name": "CVE-2023-21102",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21102"
},
{
"name": "CVE-2024-27281",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27281"
},
{
"name": "CVE-2025-59983",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59983"
},
{
"name": "CVE-2024-36941",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36941"
},
{
"name": "CVE-2024-2236",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-2236"
},
{
"name": "CVE-2024-38428",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38428"
},
{
"name": "CVE-2024-35969",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35969"
},
{
"name": "CVE-2021-45046",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-45046"
},
{
"name": "CVE-2025-60006",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-60006"
},
{
"name": "CVE-2024-36489",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36489"
},
{
"name": "CVE-2015-1427",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-1427"
},
{
"name": "CVE-2024-38575",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38575"
},
{
"name": "CVE-2024-35899",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35899"
},
{
"name": "CVE-2024-35823",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35823"
},
{
"name": "CVE-2024-40954",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-40954"
},
{
"name": "CVE-2024-9632",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-9632"
},
{
"name": "CVE-2023-38408",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38408"
},
{
"name": "CVE-2025-26595",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-26595"
},
{
"name": "CVE-2024-26868",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26868"
},
{
"name": "CVE-2023-43787",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-43787"
},
{
"name": "CVE-2023-43786",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-43786"
},
{
"name": "CVE-2024-8235",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-8235"
},
{
"name": "CVE-2023-4147",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4147"
},
{
"name": "CVE-2025-59977",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59977"
},
{
"name": "CVE-2023-6004",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6004"
},
{
"name": "CVE-2023-3610",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3610"
},
{
"name": "CVE-2025-26596",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-26596"
},
{
"name": "CVE-2024-4603",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-4603"
},
{
"name": "CVE-2022-48622",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48622"
},
{
"name": "CVE-2021-42550",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-42550"
},
{
"name": "CVE-2021-44228",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44228"
},
{
"name": "CVE-2024-26828",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26828"
},
{
"name": "CVE-2025-59998",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59998"
},
{
"name": "CVE-2024-26808",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26808"
},
{
"name": "CVE-2024-30204",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-30204"
},
{
"name": "CVE-2025-60002",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-60002"
},
{
"name": "CVE-2023-35001",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-35001"
},
{
"name": "CVE-2024-27282",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27282"
},
{
"name": "CVE-2018-3831",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-3831"
},
{
"name": "CVE-2023-43490",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-43490"
},
{
"name": "CVE-2025-59976",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59976"
},
{
"name": "CVE-2025-59980",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59980"
},
{
"name": "CVE-2025-26599",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-26599"
},
{
"name": "CVE-2024-47615",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47615"
},
{
"name": "CVE-2018-3823",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-3823"
},
{
"name": "CVE-2023-22655",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22655"
},
{
"name": "CVE-2024-6126",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6126"
},
{
"name": "CVE-2023-4911",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4911"
},
{
"name": "CVE-2023-39368",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39368"
},
{
"name": "CVE-2021-44832",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44832"
},
{
"name": "CVE-2024-26853",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26853"
},
{
"name": "CVE-2025-59975",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59975"
},
{
"name": "CVE-2025-0624",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0624"
},
{
"name": "CVE-2025-59987",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59987"
},
{
"name": "CVE-2024-40958",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-40958"
},
{
"name": "CVE-2018-3826",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-3826"
},
{
"name": "CVE-2025-26601",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-26601"
},
{
"name": "CVE-2024-52337",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-52337"
},
{
"name": "CVE-2025-59985",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59985"
},
{
"name": "CVE-2025-11198",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-11198"
},
{
"name": "CVE-2022-24806",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-24806"
},
{
"name": "CVE-2023-32233",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-32233"
},
{
"name": "CVE-2024-35789",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35789"
},
{
"name": "CVE-2024-26327",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26327"
},
{
"name": "CVE-2015-3253",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-3253"
},
{
"name": "CVE-2025-59964",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59964"
},
{
"name": "CVE-2025-59988",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59988"
},
{
"name": "CVE-2024-21210",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21210"
},
{
"name": "CVE-2024-2511",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-2511"
},
{
"name": "CVE-2024-34397",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34397"
},
{
"name": "CVE-2023-45733",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45733"
},
{
"name": "CVE-2021-40153",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-40153"
},
{
"name": "CVE-2024-6655",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6655"
},
{
"name": "CVE-2024-41123",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41123"
},
{
"name": "CVE-2024-27049",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27049"
},
{
"name": "CVE-2025-59984",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59984"
},
{
"name": "CVE-2025-52961",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-52961"
},
{
"name": "CVE-2023-51589",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-51589"
},
{
"name": "CVE-2024-21217",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21217"
},
{
"name": "CVE-2024-28182",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-28182"
},
{
"name": "CVE-2021-3903",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3903"
},
{
"name": "CVE-2024-35800",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35800"
},
{
"name": "CVE-2023-2124",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2124"
},
{
"name": "CVE-2023-51596",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-51596"
},
{
"name": "CVE-2025-60010",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-60010"
},
{
"name": "CVE-2023-51764",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-51764"
},
{
"name": "CVE-2025-26594",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-26594"
},
{
"name": "CVE-2024-6409",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6409"
},
{
"name": "CVE-2024-49761",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49761"
},
{
"name": "CVE-2022-24808",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-24808"
},
{
"name": "CVE-2025-59962",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59962"
},
{
"name": "CVE-2024-21208",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21208"
},
{
"name": "CVE-2020-11023",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11023"
},
{
"name": "CVE-2024-40961",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-40961"
}
],
"initial_release_date": "2025-10-09T00:00:00",
"last_revision_date": "2025-10-09T00:00:00",
"links": [],
"reference": "CERTFR-2025-AVI-0855",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2025-10-09T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Injection de code indirecte \u00e0 distance (XSS)"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits Juniper Networks. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance, une \u00e9l\u00e9vation de privil\u00e8ges et un d\u00e9ni de service \u00e0 distance.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Juniper Networks",
"vendor_advisories": [
{
"published_at": "2025-10-08",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA103140",
"url": "https://supportportal.juniper.net/s/article/2025-10-Security-Bulletin-Junos-Space-Multiple-XSS-vulnerabilities-resolved-in-24-1R4-release"
},
{
"published_at": "2025-10-08",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA103141",
"url": "https://supportportal.juniper.net/s/article/2025-10-Security-Bulletin-Junos-Space-Multiple-vulnerabilities-resolved-in-24-1R4-release"
},
{
"published_at": "2025-10-08",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA103163",
"url": "https://supportportal.juniper.net/s/article/2025-10-Security-Bulletin-Junos-OS-Evolved-Multiple-OS-command-injection-vulnerabilities-fixed-CVE-2025-60006"
},
{
"published_at": "2025-10-08",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA103168",
"url": "https://supportportal.juniper.net/s/article/2025-10-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-Device-allows-login-for-user-with-expired-password-CVE-2025-60010"
},
{
"published_at": "2025-10-08",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA103171",
"url": "https://supportportal.juniper.net/s/article/2025-10-Security-Bulletin-Junos-Space-Reflected-client-side-HTTP-parameter-pollution-vulnerability-in-web-interface-CVE-2025-59977"
},
{
"published_at": "2025-10-08",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA103167",
"url": "https://supportportal.juniper.net/s/article/2025-10-Security-Bulletin-Junos-OS-When-a-user-with-the-name-ftp-or-anonymous-is-configured-unauthenticated-filesystem-access-is-allowed-CVE-2025-59980"
},
{
"published_at": "2025-10-08",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA103156",
"url": "https://supportportal.juniper.net/s/article/2025-10-Security-Bulletin-Junos-OS-Evolved-ACX7024-ACX7024X-ACX7100-32C-ACX7100-48L-ACX7348-ACX7509-When-specific-valid-multicast-traffic-is-received-on-the-L3-interface-a-vulnerable-device-evo-pfemand-crashes-and-restarts-CVE-2025-59967"
},
{
"published_at": "2025-10-08",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA103437",
"url": "https://supportportal.juniper.net/s/article/2025-10-Security-Bulletin-Security-Director-Policy-Enforcer-An-unrestricted-API-allows-a-network-based-unauthenticated-attacker-to-deploy-malicious-vSRX-images-to-VMWare-NSX-Server-CVE-2025-11198"
},
{
"published_at": "2025-10-08",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA103172",
"url": "https://supportportal.juniper.net/s/article/2025-10-Security-Bulletin-Junos-Space-Flooding-device-with-inbound-API-calls-leads-to-WebUI-and-CLI-management-access-DoS-CVE-2025-59975"
},
{
"published_at": "2025-10-08",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA103157",
"url": "https://supportportal.juniper.net/s/article/2025-10-Security-Bulletin-Juniper-Security-Director-Insufficient-authorization-for-sensitive-resources-in-web-interface-CVE-2025-59968"
},
{
"published_at": "2025-10-08",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA103170",
"url": "https://supportportal.juniper.net/s/article/2025-10-Security-Bulletin-Junos-Space-Arbitrary-file-download-vulnerability-in-web-interface-CVE-2025-59976"
},
{
"published_at": "2025-10-08",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA103139",
"url": "https://supportportal.juniper.net/s/article/2025-10-Security-Bulletin-Junos-Space-Security-Director-Multiple-vulnerabilities-resolved-in-24-1R4"
},
{
"published_at": "2025-10-08",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA103151",
"url": "https://supportportal.juniper.net/s/article/2025-10-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-With-BGP-sharding-enabled-change-in-indirect-next-hop-can-cause-RPD-crash-CVE-2025-59962"
},
{
"published_at": "2025-10-08",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA103153",
"url": "https://supportportal.juniper.net/s/article/2025-10-Security-Bulletin-Junos-OS-SRX4700-When-forwarding-options-sampling-is-enabled-any-traffic-destined-to-the-RE-will-cause-the-forwarding-line-card-to-crash-and-restart-CVE-2025-59964"
},
{
"published_at": "2025-10-08",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA103147",
"url": "https://supportportal.juniper.net/s/article/2025-10-Security-Bulletin-Junos-OS-Evolved-PTX-Series-When-firewall-filter-rejects-traffic-these-packets-are-erroneously-sent-to-the-RE-CVE-2025-59958"
},
{
"published_at": "2025-10-08",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA103144",
"url": "https://supportportal.juniper.net/s/article/2025-10-Security-Bulletin-Junos-OS-Evolved-PTX-Series-except-PTX10003-An-unauthenticated-adjacent-attacker-sending-specific-valid-traffic-can-cause-a-memory-leak-in-cfmman-leading-to-FPC-crash-and-restart-CVE-2025-52961"
},
{
"published_at": "2025-10-08",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA103143",
"url": "https://supportportal.juniper.net/s/article/2025-10-Security-Bulletin-Junos-OS-SRX-Series-and-MX-Series-Receipt-of-specific-SIP-packets-in-a-high-utilization-situation-causes-a-flowd-crash-CVE-2025-52960"
},
{
"published_at": "2025-10-08",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA103146",
"url": "https://supportportal.juniper.net/s/article/2025-10-Security-Bulletin-Junos-OS-EX4600-Series-and-QFX5000-Series-An-attacker-with-physical-access-can-open-a-persistent-backdoor-CVE-2025-59957"
},
{
"published_at": "2025-10-08",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA103138",
"url": "https://supportportal.juniper.net/s/article/2025-10-Security-Bulletin-Junos-Space-Security-Director-Multiple-vulnerabilities-resolved-in-24-1R4-by-upgrading-Log4j-Java-library-to-2-23-1-and-ElasticSearch-to-6-8-17"
},
{
"published_at": "2025-10-08",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA103165",
"url": "https://supportportal.juniper.net/s/article/2025-10-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-Specific-BGP-EVPN-update-message-causes-rpd-crash-CVE-2025-60004"
}
]
}
CERTFR-2022-AVI-526
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été découvertes dans les produits IBM. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, une exécution de code arbitraire et un déni de service à distance.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| IBM | Db2 | IBM Db2 versions 11.5.x antérieures à 11.5.7 sans le dernier correctif de sécurité | ||
| IBM | Db2 | IBM Db2 versions 10.5.x antérieures à 10.5 FP11 | ||
| IBM | Db2 | IBM Db2 versions 11.1.x antérieures à 11.1.4 FP6 | ||
| IBM | Db2 | IBM Db2 versions 11.5.x antérieures à 11.5.6 sans le dernier correctif de sécurité |
References
| Title | Publication Time | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "IBM Db2 versions 11.5.x ant\u00e9rieures \u00e0 11.5.7 sans le dernier correctif de s\u00e9curit\u00e9",
"product": {
"name": "Db2",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "IBM Db2 versions 10.5.x ant\u00e9rieures \u00e0 10.5 FP11",
"product": {
"name": "Db2",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "IBM Db2 versions 11.1.x ant\u00e9rieures \u00e0 11.1.4 FP6",
"product": {
"name": "Db2",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "IBM Db2 versions 11.5.x ant\u00e9rieures \u00e0 11.5.6 sans le dernier correctif de s\u00e9curit\u00e9",
"product": {
"name": "Db2",
"vendor": {
"name": "IBM",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2021-45105",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-45105"
},
{
"name": "CVE-2021-4104",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-4104"
},
{
"name": "CVE-2021-45046",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-45046"
},
{
"name": "CVE-2021-44228",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44228"
},
{
"name": "CVE-2021-44832",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44832"
}
],
"links": [],
"reference": "CERTFR-2022-AVI-526",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2022-06-08T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Ex\u00e9cution de code arbitraire"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits IBM.\nCertaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une\nex\u00e9cution de code arbitraire \u00e0 distance, une ex\u00e9cution de code\narbitraire et un d\u00e9ni de service \u00e0 distance.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits IBM",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 6528672 du 06 juin 2022",
"url": "https://www.ibm.com/support/pages/node/6528672"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 6528678 du 07 juin 2022",
"url": "https://www.ibm.com/support/pages/node/6528678"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 6526462 du 06 juin 2022",
"url": "https://www.ibm.com/support/pages/node/6526462"
}
]
}
CERTFR-2022-AVI-717
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été découvertes dans les produits Schneider. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et un contournement de la politique de sécurité.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| N/A | N/A | Eurotherm Data Reviewer3.0.2 software versions antérieures 4.0.0 | ||
| N/A | N/A | Modicon Momentum MDI (171CBU*) toutes versions | ||
| Schneider Electric | N/A | EcoStruxure Control Expert versions antérieures à 15.2 | ||
| Symfony | process | EcoStruxure Process Expert versions antérieures à 2021 | ||
| N/A | N/A | Modicon M580 CPU (BMEP* et BMEH*) versions antérieures à 4.01 | ||
| Schneider Electric | N/A | Legacy Modicon Quantum toutes versions | ||
| N/A | N/A | OPC UA Modicon Communication Module (BMENUA0100) versions antérieures à 2.01 | ||
| Schneider Electric | N/A | Modicon MC80 (BMKC80) toutes versions | ||
| Schneider Electric | Modicon M340 | Modicon M340 CPU (BMXP34*) versions antérieures 3.50 |
References
| Title | Publication Time | Tags | |||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Eurotherm Data Reviewer3.0.2 software versions ant\u00e9rieures 4.0.0",
"product": {
"name": "N/A",
"vendor": {
"name": "N/A",
"scada": false
}
}
},
{
"description": "Modicon Momentum MDI (171CBU*) toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "N/A",
"scada": false
}
}
},
{
"description": "EcoStruxure Control Expert versions ant\u00e9rieures \u00e0 15.2",
"product": {
"name": "N/A",
"vendor": {
"name": "Schneider Electric",
"scada": true
}
}
},
{
"description": "EcoStruxure Process Expert versions ant\u00e9rieures \u00e0 2021",
"product": {
"name": "process",
"vendor": {
"name": "Symfony",
"scada": false
}
}
},
{
"description": "Modicon M580 CPU (BMEP* et BMEH*) versions ant\u00e9rieures \u00e0 4.01",
"product": {
"name": "N/A",
"vendor": {
"name": "N/A",
"scada": false
}
}
},
{
"description": "Legacy Modicon Quantum toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Schneider Electric",
"scada": true
}
}
},
{
"description": "OPC UA Modicon Communication Module (BMENUA0100) versions ant\u00e9rieures \u00e0 2.01",
"product": {
"name": "N/A",
"vendor": {
"name": "N/A",
"scada": false
}
}
},
{
"description": "Modicon MC80 (BMKC80) toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Schneider Electric",
"scada": true
}
}
},
{
"description": "Modicon M340 CPU (BMXP34*) versions ant\u00e9rieures 3.50",
"product": {
"name": "Modicon M340",
"vendor": {
"name": "Schneider Electric",
"scada": true
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2019-6846",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-6846"
},
{
"name": "CVE-2022-34760",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-34760"
},
{
"name": "CVE-2020-35198",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-35198"
},
{
"name": "CVE-2021-22791",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-22791"
},
{
"name": "CVE-2022-34762",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-34762"
},
{
"name": "CVE-2019-6841",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-6841"
},
{
"name": "CVE-2021-45105",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-45105"
},
{
"name": "CVE-2021-22779",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-22779"
},
{
"name": "CVE-2021-22781",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-22781"
},
{
"name": "CVE-2021-22780",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-22780"
},
{
"name": "CVE-2021-4104",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-4104"
},
{
"name": "CVE-2021-22790",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-22790"
},
{
"name": "CVE-2022-37302",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-37302"
},
{
"name": "CVE-2022-34761",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-34761"
},
{
"name": "CVE-2022-34759",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-34759"
},
{
"name": "CVE-2022-37301",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-37301"
},
{
"name": "CVE-2018-7241",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-7241"
},
{
"name": "CVE-2021-22786",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-22786"
},
{
"name": "CVE-2018-7242",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-7242"
},
{
"name": "CVE-2019-6844",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-6844"
},
{
"name": "CVE-2019-6842",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-6842"
},
{
"name": "CVE-2021-22782",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-22782"
},
{
"name": "CVE-2021-22778",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-22778"
},
{
"name": "CVE-2022-34764",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-34764"
},
{
"name": "CVE-2022-34763",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-34763"
},
{
"name": "CVE-2021-45046",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-45046"
},
{
"name": "CVE-2022-37300",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-37300"
},
{
"name": "CVE-2021-22789",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-22789"
},
{
"name": "CVE-2019-6847",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-6847"
},
{
"name": "CVE-2022-34765",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-34765"
},
{
"name": "CVE-2021-44228",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44228"
},
{
"name": "CVE-2021-22792",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-22792"
},
{
"name": "CVE-2019-6843",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-6843"
},
{
"name": "CVE-2018-7240",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-7240"
},
{
"name": "CVE-2011-4859",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-4859"
},
{
"name": "CVE-2020-28895",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-28895"
},
{
"name": "CVE-2021-44832",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44832"
},
{
"name": "CVE-2020-12525",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-12525"
}
],
"links": [],
"reference": "CERTFR-2022-AVI-717",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2022-08-09T00:00:00.000000"
},
{
"description": "Mise \u00e0 jour des liens",
"revision_date": "2022-08-22T00:00:00.000000"
},
{
"description": "Mise \u00e0 jour des liens des bulletins de s\u00e9curit\u00e9 Schneider SEVD-2022-221-01, SEVD-2022-221-02 et SEVD-2022-221-04 du 9 ao\u00fbt 2022.",
"revision_date": "2022-09-08T00:00:00.000000"
},
{
"description": "Ajout du libell\u00e9 [SCADA] dans le titre.",
"revision_date": "2022-09-08T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits\nSchneider. Certaines d\u0027entre elles permettent \u00e0 un attaquant de\nprovoquer une ex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de\nservice \u00e0 distance et un contournement de la politique de s\u00e9curit\u00e9.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Schneider",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Schneider SESB-2021-347-01 du 9 ao\u00fbt 2022",
"url": "https://download.schneider-electric.com/files?p_Doc_Ref=SESB-2021-347-01\u0026p_enDocType=Security+and+Safety+Notice\u0026p_File_Name=SESB-2021-347-01_Apache_Log4j_Log4Shell_Vulnerabilities_Security_Notification_V14.0.pdf"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Schneider SEVD-2019-281-02 du 9 ao\u00fbt 2022",
"url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2019-281-02\u0026p_enDocType=Security+and+Safety+Notice\u0026p_File_Name=SEVD-2019-281-02_Modicon_Controllers_Security_Notification_V3.0.pdf"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Schneider SEVD-2022-221-01 du 9 ao\u00fbt 2022",
"url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2022-221-01\u0026p_enDocType=Security+and+Safety+Notice\u0026p_File_Name=SEVD-2022-221-01_EcoStruxure_Control_Expert_Modicon580_Security_Notification_V1.1.pdf"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Schneider SEVD-2022-193-01 du 9 ao\u00fbt 2022",
"url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2022-193-01\u0026p_enDocType=Security+and+Safety+Notice\u0026p_File_Name=SEVD-2022-193-01_OPC_UA_X80_Advanced_RTU_Modicon_Communication_Modules_Security_Notification_V3.0.pdf"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Schneider SEVD-2021-313-05 du 9 ao\u00fbt 2022",
"url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-313-05\u0026p_enDocType=Security+and+Safety+Notice\u0026p_File_Name=SEVD-2021-313-05_Badalloc_Vulnerabilities_Security_Notification_V10.0.pdf"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Schneider SEVD-2022-221-03 du 9 ao\u00fbt 2022",
"url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2022-221-03\u0026p_enDocType=Security+and+Safety+Notice\u0026p_File_Name=SEVD-2022-221-03_EcoStruxure_Control_Expert_Security_Notification.pdf"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Schneider SEVD-2022-221-02 du 9 ao\u00fbt 2022",
"url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2022-221-02\u0026p_enDocType=Security+and+Safety+Notice\u0026p_File_Name=SEVD-2022-221-02_Modicon_Controllers_Security_Notification_V1.1.pdf"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Schneider SEVD-2018-081-01 du 9 ao\u00fbt 2022",
"url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2018-081-01\u0026p_enDocType=Security+and+Safety+Notice\u0026p_File_Name=SEVD-2018-081-01_Embedded_FTP_Servers_for_Modicon_PAC_Controllers_Security_Notification_V3.0.pdf"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Schneider SEVD-2021-222-04 du 9 ao\u00fbt 2022",
"url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-222-04\u0026p_enDocType=Security+and+Safety+Notice\u0026p_File_Name=SEVD-2021-222-04_Modicon_PAC_Controllers_PLC_Simulator_Control_Expert_Process_Expert_Security_Notification_V2.0.pdf"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Schneider SEVD-2021-194-01 du 9 ao\u00fbt 2022",
"url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-194-01\u0026p_enDocType=Security+and+Safety+Notice\u0026p_File_Name=SEVD-2021-194-01_EcoStruxure_Control_Expert_Process_Expert_SCADAPack_RemoteConnect_Modicon_M580_M340_Security_Notifcation_V4.0.pdf"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Schneider SEVD-2022-221-04 du 9 ao\u00fbt 2022",
"url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2022-221-04\u0026p_enDocType=Security+and+Safety+Notice\u0026p_File_Name=SEVD-2022-221-04-Modicon_Controllers_Ethernet_Modules_Security_Notification_V1.1.pdf"
}
]
}
CERTFR-2022-AVI-366
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été découvertes dans Oracle PeopleSoft. Certaines d'entre elles permettent à un attaquant de provoquer un déni de service à distance, un contournement de la politique de sécurité et une atteinte à l'intégrité des données.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Oracle | PeopleSoft | PeopleSoft Enterprise PRTL Interaction Hub version 9.1 | ||
| Oracle | PeopleSoft | PeopleSoft Enterprise PeopleTools version 8.58 | ||
| Oracle | PeopleSoft | PeopleSoft Enterprise PeopleTools version 8.59 | ||
| Oracle | PeopleSoft | PeopleSoft Enterprise CS Academic Advisement version 9.2 | ||
| Oracle | PeopleSoft | PeopleSoft Enterprise FIN Cash Management version 9.2 |
References
| Title | Publication Time | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "PeopleSoft Enterprise PRTL Interaction Hub version 9.1",
"product": {
"name": "PeopleSoft",
"vendor": {
"name": "Oracle",
"scada": false
}
}
},
{
"description": "PeopleSoft Enterprise PeopleTools version 8.58",
"product": {
"name": "PeopleSoft",
"vendor": {
"name": "Oracle",
"scada": false
}
}
},
{
"description": "PeopleSoft Enterprise PeopleTools version 8.59",
"product": {
"name": "PeopleSoft",
"vendor": {
"name": "Oracle",
"scada": false
}
}
},
{
"description": "PeopleSoft Enterprise CS Academic Advisement version 9.2",
"product": {
"name": "PeopleSoft",
"vendor": {
"name": "Oracle",
"scada": false
}
}
},
{
"description": "PeopleSoft Enterprise FIN Cash Management version 9.2",
"product": {
"name": "PeopleSoft",
"vendor": {
"name": "Oracle",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2022-21470",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21470"
},
{
"name": "CVE-2021-40690",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-40690"
},
{
"name": "CVE-2022-21447",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21447"
},
{
"name": "CVE-2021-4160",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-4160"
},
{
"name": "CVE-2022-21458",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21458"
},
{
"name": "CVE-2021-43797",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-43797"
},
{
"name": "CVE-2021-37714",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-37714"
},
{
"name": "CVE-2020-8908",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-8908"
},
{
"name": "CVE-2021-44533",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44533"
},
{
"name": "CVE-2021-44832",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44832"
},
{
"name": "CVE-2021-41165",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-41165"
},
{
"name": "CVE-2022-21450",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21450"
},
{
"name": "CVE-2021-3518",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3518"
},
{
"name": "CVE-2022-21481",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21481"
}
],
"links": [],
"reference": "CERTFR-2022-AVI-366",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2022-04-20T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans Oracle PeopleSoft.\nCertaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer un d\u00e9ni\nde service \u00e0 distance, un contournement de la politique de s\u00e9curit\u00e9 et\nune atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans Oracle PeopleSoft",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Oracle verbose cpuapr2022 du 19 avril 2022",
"url": "https://www.oracle.com/security-alerts/cpuapr2022verbose.html#PS"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Oracle cpuapr2022 du 19 avril 2022",
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html#AppendixPS"
}
]
}
CERTFR-2022-AVI-345
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été découvertes dans les produits SAP. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et un contournement de la politique de sécurité.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| SAP | NetWeaver Application Server pour ABAP | SAP NetWeaver Application Server pour ABAP (Kernel) et ABAP Platform (Kernel) versions KERNEL 7.22, 8.04, 7.49, 7.53, 7.77, 7.81, 7.85, 7.86, 7.87, KRNL64UC 8.04, 7.22, 7.22EXT, 7.49, 7.53, KRNL64NUC 7.22, 7.22EXT et 7.49 | ||
| SAP | NetWeaver Application Server ABAP et ABAP Platform | SAP NetWeaver Application Server ABAP et ABAP Platform versions 700, 710, 711, 730, 731, 740 et 750-756 | ||
| SAP | N/A | SAP Web Dispatcher versions 7.22, 7.49, 7.53, 7.77, 7.81 et 7.83 | ||
| SAP | N/A | SAPS/4HANA(Supplier Factsheet et Enterprise Search pour Business Partner, Supplier et Customer) versions 104, 105 et 106 | ||
| SAP | N/A | SAP Content Server version 7.53 | ||
| SAP | N/A | SAP SQL Anywhere Server version 17.0 | ||
| SAP | N/A | SAP Web Dispatcher versions 7.49, 7.53, 7.77, 7.81, 7.85, 7.22EXT, 7.86 et 7.87 | ||
| SAP | N/A | SAPUI5, versions 750, 753, 754, 755, 756 et 200 | ||
| SAP | N/A | SAP Manufacturing Integration et Intelligence versions 15.1, 15.2, 15.3 et 15.4 | ||
| SAP | N/A | SAP Powerdesigner Web Portal version 16.7 | ||
| SAP | N/A | SAP Customer Checkout_SVR version 2.0 | ||
| SAP | N/A | SAP NetWeaver (Internet Communication Manager versions KRNL64NUC 7.22, 7.22EXT, 7.49, KRNL64UC 7.22, 7.22EXT, 7.49, 7.53, KERNEL 7.22, 7.49, 7.53, 7.77, 7.81, 7.85 et 7.86 | ||
| SAP | N/A | SAP Business Client version 6.5 | ||
| SAP | N/A | SAP NetWeaver Application Server pour Java Version 7.50 | ||
| SAP | N/A | SAP Customer Checkout version 2.0 | ||
| SAP | SAP BusinessObjects Business Intelligence | SAP BusinessObjects Business Intelligence Platform versions 420 et 430 | ||
| SAP | N/A | SAP Focused Run (Simple Diagnostics Agent) version 1.0 | ||
| SAP | N/A | SAP 3D Visual Enterprise Viewer version 9 | ||
| SAP | NetWeaver Enterprise Portal | SAP NetWeaver Enterprise Portal versions 7.10, 7.11, 7.20, 7.30, 7.31, 7.40 et 7.50 | ||
| SAP | N/A | SAP Fiori Launchpad versions 54, 755 et 756 | ||
| SAP | N/A | SAP NetWeaver (EP Web Page Composer) versions 7.20, 7.30, 7.31, 7.40 et 7.50 | ||
| SAP | N/A | SAP Web Dispatcher versions 7.53, 7.77, 7.81, 7.85 et 7.86 | ||
| SAP | N/A | SAP Commerce versions 905, 2005, 2105 et 2011 | ||
| SAP | N/A | SAP Innovation Management version 2 | ||
| SAP | N/A | SAP BusinessObjects Enterprise (Central Management Server) versions 420 et 430 | ||
| SAP | SAP BusinessObjects Business Intelligence | SAP BusinessObjects Business Intelligence Platform (BI Workspace) version 420 | ||
| SAP | NetWeaver et ABAP | SAP NetWeaver et ABAP Platform versions KERNEL 7.22, 8.04, 7.49, 7.53, 7.77, 7.81, 7.85, 7.86, 7.87, KRNL64UC 8.04, 7.22, 7.22EXT, 7.49, 7.53, KRNL64NUC 7.22, 7.22EXT et 7.49 | ||
| SAP | N/A | SAPUI5 (vbm library) versions 750, 753, 754, 755 et 756 | ||
| SAP | N/A | SAP NetWeaver Application Server Java versions KRNL64NUC 7.22, 7.22EXT, 7.49, KRNL64UC, 7.22, 7.22EXT, 7.49, 7.53, KERNEL 7.22, 7.49 et 7.53 | ||
| SAP | N/A | SAP NetWeaver (Internet Communication Manager) versions KRNL64NUC 7.22, 7.22EXT, 7.49, KRNL64UC 7.22, 7.22EXT, 7.49, 7.53, KERNEL 7.22, 7.49, 7.53, 7.77, 7.81, 7.85 et 7.86 | ||
| SAP | N/A | SAP HANA Extended Application Services version 1 | ||
| SAP | N/A | SAP NetWeaver ABAP Server et ABAP Platform versions 740, 750 et 787 |
References
| Title | Publication Time | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "SAP NetWeaver Application Server pour ABAP (Kernel) et ABAP Platform (Kernel) versions KERNEL 7.22, 8.04, 7.49, 7.53, 7.77, 7.81, 7.85, 7.86, 7.87, KRNL64UC 8.04, 7.22, 7.22EXT, 7.49, 7.53, KRNL64NUC 7.22, 7.22EXT et 7.49",
"product": {
"name": "NetWeaver Application Server pour ABAP",
"vendor": {
"name": "SAP",
"scada": false
}
}
},
{
"description": "SAP NetWeaver Application Server ABAP et ABAP Platform versions 700, 710, 711, 730, 731, 740 et 750-756",
"product": {
"name": "NetWeaver Application Server ABAP et ABAP Platform",
"vendor": {
"name": "SAP",
"scada": false
}
}
},
{
"description": "SAP Web Dispatcher versions 7.22, 7.49, 7.53, 7.77, 7.81 et 7.83",
"product": {
"name": "N/A",
"vendor": {
"name": "SAP",
"scada": false
}
}
},
{
"description": "SAPS/4HANA(Supplier Factsheet et Enterprise Search pour Business Partner, Supplier et Customer) versions 104, 105 et 106",
"product": {
"name": "N/A",
"vendor": {
"name": "SAP",
"scada": false
}
}
},
{
"description": "SAP Content Server version 7.53",
"product": {
"name": "N/A",
"vendor": {
"name": "SAP",
"scada": false
}
}
},
{
"description": "SAP SQL Anywhere Server version 17.0",
"product": {
"name": "N/A",
"vendor": {
"name": "SAP",
"scada": false
}
}
},
{
"description": "SAP Web Dispatcher versions 7.49, 7.53, 7.77, 7.81, 7.85, 7.22EXT, 7.86 et 7.87",
"product": {
"name": "N/A",
"vendor": {
"name": "SAP",
"scada": false
}
}
},
{
"description": "SAPUI5, versions 750, 753, 754, 755, 756 et 200",
"product": {
"name": "N/A",
"vendor": {
"name": "SAP",
"scada": false
}
}
},
{
"description": "SAP Manufacturing Integration et Intelligence versions 15.1, 15.2, 15.3 et 15.4",
"product": {
"name": "N/A",
"vendor": {
"name": "SAP",
"scada": false
}
}
},
{
"description": "SAP Powerdesigner Web Portal version 16.7",
"product": {
"name": "N/A",
"vendor": {
"name": "SAP",
"scada": false
}
}
},
{
"description": "SAP Customer Checkout_SVR version 2.0",
"product": {
"name": "N/A",
"vendor": {
"name": "SAP",
"scada": false
}
}
},
{
"description": "SAP NetWeaver (Internet Communication Manager versions KRNL64NUC 7.22, 7.22EXT, 7.49, KRNL64UC 7.22, 7.22EXT, 7.49, 7.53, KERNEL 7.22, 7.49, 7.53, 7.77, 7.81, 7.85 et 7.86",
"product": {
"name": "N/A",
"vendor": {
"name": "SAP",
"scada": false
}
}
},
{
"description": "SAP Business Client version 6.5",
"product": {
"name": "N/A",
"vendor": {
"name": "SAP",
"scada": false
}
}
},
{
"description": "SAP NetWeaver Application Server pour Java Version 7.50",
"product": {
"name": "N/A",
"vendor": {
"name": "SAP",
"scada": false
}
}
},
{
"description": "SAP Customer Checkout version 2.0",
"product": {
"name": "N/A",
"vendor": {
"name": "SAP",
"scada": false
}
}
},
{
"description": "SAP BusinessObjects Business Intelligence Platform versions 420 et 430",
"product": {
"name": "SAP BusinessObjects Business Intelligence",
"vendor": {
"name": "SAP",
"scada": false
}
}
},
{
"description": "SAP Focused Run (Simple Diagnostics Agent) version 1.0",
"product": {
"name": "N/A",
"vendor": {
"name": "SAP",
"scada": false
}
}
},
{
"description": "SAP 3D Visual Enterprise Viewer version 9",
"product": {
"name": "N/A",
"vendor": {
"name": "SAP",
"scada": false
}
}
},
{
"description": "SAP NetWeaver Enterprise Portal versions 7.10, 7.11, 7.20, 7.30, 7.31, 7.40 et 7.50",
"product": {
"name": "NetWeaver Enterprise Portal",
"vendor": {
"name": "SAP",
"scada": false
}
}
},
{
"description": "SAP Fiori Launchpad versions 54, 755 et 756",
"product": {
"name": "N/A",
"vendor": {
"name": "SAP",
"scada": false
}
}
},
{
"description": "SAP NetWeaver (EP Web Page Composer) versions 7.20, 7.30, 7.31, 7.40 et 7.50",
"product": {
"name": "N/A",
"vendor": {
"name": "SAP",
"scada": false
}
}
},
{
"description": "SAP Web Dispatcher versions 7.53, 7.77, 7.81, 7.85 et 7.86",
"product": {
"name": "N/A",
"vendor": {
"name": "SAP",
"scada": false
}
}
},
{
"description": "SAP Commerce versions 905, 2005, 2105 et 2011",
"product": {
"name": "N/A",
"vendor": {
"name": "SAP",
"scada": false
}
}
},
{
"description": "SAP Innovation Management version 2",
"product": {
"name": "N/A",
"vendor": {
"name": "SAP",
"scada": false
}
}
},
{
"description": "SAP BusinessObjects Enterprise (Central Management Server) versions 420 et 430",
"product": {
"name": "N/A",
"vendor": {
"name": "SAP",
"scada": false
}
}
},
{
"description": "SAP BusinessObjects Business Intelligence Platform (BI Workspace) version 420",
"product": {
"name": "SAP BusinessObjects Business Intelligence",
"vendor": {
"name": "SAP",
"scada": false
}
}
},
{
"description": "SAP NetWeaver et ABAP Platform versions KERNEL 7.22, 8.04, 7.49, 7.53, 7.77, 7.81, 7.85, 7.86, 7.87, KRNL64UC 8.04, 7.22, 7.22EXT, 7.49, 7.53, KRNL64NUC 7.22, 7.22EXT et 7.49",
"product": {
"name": "NetWeaver et ABAP",
"vendor": {
"name": "SAP",
"scada": false
}
}
},
{
"description": "SAPUI5 (vbm library) versions 750, 753, 754, 755 et 756",
"product": {
"name": "N/A",
"vendor": {
"name": "SAP",
"scada": false
}
}
},
{
"description": "SAP NetWeaver Application Server Java versions KRNL64NUC 7.22, 7.22EXT, 7.49, KRNL64UC, 7.22, 7.22EXT, 7.49, 7.53, KERNEL 7.22, 7.49 et 7.53",
"product": {
"name": "N/A",
"vendor": {
"name": "SAP",
"scada": false
}
}
},
{
"description": "SAP NetWeaver (Internet Communication Manager) versions KRNL64NUC 7.22, 7.22EXT, 7.49, KRNL64UC 7.22, 7.22EXT, 7.49, 7.53, KERNEL 7.22, 7.49, 7.53, 7.77, 7.81, 7.85 et 7.86",
"product": {
"name": "N/A",
"vendor": {
"name": "SAP",
"scada": false
}
}
},
{
"description": "SAP HANA Extended Application Services version 1",
"product": {
"name": "N/A",
"vendor": {
"name": "SAP",
"scada": false
}
}
},
{
"description": "SAP NetWeaver ABAP Server et ABAP Platform versions 740, 750 et 787",
"product": {
"name": "N/A",
"vendor": {
"name": "SAP",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2022-22965",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22965"
},
{
"name": "CVE-2022-27654",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27654"
},
{
"name": "CVE-2022-22545",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22545"
},
{
"name": "CVE-2022-0613",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0613"
},
{
"name": "CVE-2022-26106",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-26106"
},
{
"name": "CVE-2022-22543",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22543"
},
{
"name": "CVE-2022-28772",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-28772"
},
{
"name": "CVE-2022-22536",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22536"
},
{
"name": "CVE-2022-23181",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23181"
},
{
"name": "CVE-2022-26107",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-26107"
},
{
"name": "CVE-2022-28214",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-28214"
},
{
"name": "CVE-2022-27667",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27667"
},
{
"name": "CVE-2022-28216",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-28216"
},
{
"name": "CVE-2022-28217",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-28217"
},
{
"name": "CVE-2022-22541",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22541"
},
{
"name": "CVE-2022-27657",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27657"
},
{
"name": "CVE-2022-27671",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27671"
},
{
"name": "CVE-2022-26105",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-26105"
},
{
"name": "CVE-2022-28770",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-28770"
},
{
"name": "CVE-2022-27658",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27658"
},
{
"name": "CVE-2022-28773",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-28773"
},
{
"name": "CVE-2022-22532",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22532"
},
{
"name": "CVE-2022-26101",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-26101"
},
{
"name": "CVE-2021-21480",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-21480"
},
{
"name": "CVE-2022-28213",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-28213"
},
{
"name": "CVE-2022-28215",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-28215"
},
{
"name": "CVE-2022-27655",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27655"
},
{
"name": "CVE-2022-26109",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-26109"
},
{
"name": "CVE-2022-27670",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27670"
},
{
"name": "CVE-2021-38162",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-38162"
},
{
"name": "CVE-2020-26291",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-26291"
},
{
"name": "CVE-2022-26108",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-26108"
},
{
"name": "CVE-2021-27516",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-27516"
},
{
"name": "CVE-2021-44832",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44832"
},
{
"name": "CVE-2022-22533",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22533"
},
{
"name": "CVE-2021-3647",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3647"
},
{
"name": "CVE-2022-27669",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27669"
},
{
"name": "CVE-2022-22542",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22542"
}
],
"links": [],
"reference": "CERTFR-2022-AVI-345",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2022-04-14T00:00:00.000000"
}
],
"risks": [
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
},
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Injection de requ\u00eates ill\u00e9gitimes par rebond (CSRF)"
},
{
"description": "Injection de code indirecte \u00e0 distance (XSS)"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits SAP.\nCertaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une\nex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de service \u00e0 distance\net un contournement de la politique de s\u00e9curit\u00e9.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits SAP",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SAP du 12 avril 2022",
"url": "https://dam.sap.com/mac/app/e/pdf/preview/embed/ucQrx6G?ltr=a\u0026rc=10"
}
]
}
CERTFR-2022-AVI-933
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été découvertes dans Oracle Systems. Certaines d'entre elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur, un déni de service à distance et une atteinte à l'intégrité des données.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
References
| Title | Publication Time | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Oracle Solaris Cluster version 4",
"product": {
"name": "N/A",
"vendor": {
"name": "Oracle",
"scada": false
}
}
},
{
"description": "Oracle Solaris version 11",
"product": {
"name": "N/A",
"vendor": {
"name": "Oracle",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2022-21610",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21610"
},
{
"name": "CVE-2021-40690",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-40690"
},
{
"name": "CVE-2022-39417",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-39417"
},
{
"name": "CVE-2022-39401",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-39401"
},
{
"name": "CVE-2022-23437",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23437"
},
{
"name": "CVE-2020-36518",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-36518"
},
{
"name": "CVE-2021-44832",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44832"
},
{
"name": "CVE-2022-29577",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-29577"
}
],
"links": [],
"reference": "CERTFR-2022-AVI-933",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2022-10-19T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans Oracle Systems.\nCertaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer un\nprobl\u00e8me de s\u00e9curit\u00e9 non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur, un d\u00e9ni de service \u00e0\ndistance et une atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans Oracle Systems",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Oracle cpuoct2022 du 18 octobre 2022",
"url": "https://www.oracle.com/security-alerts/cpuoct2022.html#AppendixSUNS"
}
]
}
CERTFR-2022-AVI-205
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été découvertes dans les produits IBM. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et une atteinte à l'intégrité des données.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
References
| Title | Publication Time | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "IBM Spectrum Control versions ant\u00e9rieures \u00e0 5.4.6",
"product": {
"name": "Spectrum",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "IBM Security QRadar SOAR versions ant\u00e9rieures \u00e0 44.0",
"product": {
"name": "QRadar",
"vendor": {
"name": "IBM",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2021-41182",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-41182"
},
{
"name": "CVE-2021-35565",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35565"
},
{
"name": "CVE-2021-39031",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-39031"
},
{
"name": "CVE-2021-41184",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-41184"
},
{
"name": "CVE-2021-41183",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-41183"
},
{
"name": "CVE-2021-35588",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35588"
},
{
"name": "CVE-2021-23450",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-23450"
},
{
"name": "CVE-2021-35578",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35578"
},
{
"name": "CVE-2021-35564",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35564"
},
{
"name": "CVE-2021-44832",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44832"
},
{
"name": "CVE-2021-234550",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-234550"
},
{
"name": "CVE-2021-35560",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35560"
}
],
"links": [],
"reference": "CERTFR-2022-AVI-205",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2022-03-04T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Injection de code indirecte \u00e0 distance (XSS)"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits IBM.\nCertaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une\nex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de service \u00e0 distance\net une atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits IBM",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 6561029 du 03 mars 2022",
"url": "https://www.ibm.com/support/pages/node/6561029"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 6561005 du 03 mars 2022",
"url": "https://www.ibm.com/support/pages/node/6561005"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 6560969 du 03 mars 2022",
"url": "https://www.ibm.com/support/pages/node/6560969"
}
]
}
CERTFR-2022-AVI-717
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été découvertes dans les produits Schneider. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et un contournement de la politique de sécurité.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| N/A | N/A | Eurotherm Data Reviewer3.0.2 software versions antérieures 4.0.0 | ||
| N/A | N/A | Modicon Momentum MDI (171CBU*) toutes versions | ||
| Schneider Electric | N/A | EcoStruxure Control Expert versions antérieures à 15.2 | ||
| Symfony | process | EcoStruxure Process Expert versions antérieures à 2021 | ||
| N/A | N/A | Modicon M580 CPU (BMEP* et BMEH*) versions antérieures à 4.01 | ||
| Schneider Electric | N/A | Legacy Modicon Quantum toutes versions | ||
| N/A | N/A | OPC UA Modicon Communication Module (BMENUA0100) versions antérieures à 2.01 | ||
| Schneider Electric | N/A | Modicon MC80 (BMKC80) toutes versions | ||
| Schneider Electric | Modicon M340 | Modicon M340 CPU (BMXP34*) versions antérieures 3.50 |
References
| Title | Publication Time | Tags | |||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Eurotherm Data Reviewer3.0.2 software versions ant\u00e9rieures 4.0.0",
"product": {
"name": "N/A",
"vendor": {
"name": "N/A",
"scada": false
}
}
},
{
"description": "Modicon Momentum MDI (171CBU*) toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "N/A",
"scada": false
}
}
},
{
"description": "EcoStruxure Control Expert versions ant\u00e9rieures \u00e0 15.2",
"product": {
"name": "N/A",
"vendor": {
"name": "Schneider Electric",
"scada": true
}
}
},
{
"description": "EcoStruxure Process Expert versions ant\u00e9rieures \u00e0 2021",
"product": {
"name": "process",
"vendor": {
"name": "Symfony",
"scada": false
}
}
},
{
"description": "Modicon M580 CPU (BMEP* et BMEH*) versions ant\u00e9rieures \u00e0 4.01",
"product": {
"name": "N/A",
"vendor": {
"name": "N/A",
"scada": false
}
}
},
{
"description": "Legacy Modicon Quantum toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Schneider Electric",
"scada": true
}
}
},
{
"description": "OPC UA Modicon Communication Module (BMENUA0100) versions ant\u00e9rieures \u00e0 2.01",
"product": {
"name": "N/A",
"vendor": {
"name": "N/A",
"scada": false
}
}
},
{
"description": "Modicon MC80 (BMKC80) toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Schneider Electric",
"scada": true
}
}
},
{
"description": "Modicon M340 CPU (BMXP34*) versions ant\u00e9rieures 3.50",
"product": {
"name": "Modicon M340",
"vendor": {
"name": "Schneider Electric",
"scada": true
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2019-6846",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-6846"
},
{
"name": "CVE-2022-34760",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-34760"
},
{
"name": "CVE-2020-35198",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-35198"
},
{
"name": "CVE-2021-22791",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-22791"
},
{
"name": "CVE-2022-34762",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-34762"
},
{
"name": "CVE-2019-6841",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-6841"
},
{
"name": "CVE-2021-45105",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-45105"
},
{
"name": "CVE-2021-22779",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-22779"
},
{
"name": "CVE-2021-22781",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-22781"
},
{
"name": "CVE-2021-22780",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-22780"
},
{
"name": "CVE-2021-4104",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-4104"
},
{
"name": "CVE-2021-22790",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-22790"
},
{
"name": "CVE-2022-37302",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-37302"
},
{
"name": "CVE-2022-34761",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-34761"
},
{
"name": "CVE-2022-34759",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-34759"
},
{
"name": "CVE-2022-37301",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-37301"
},
{
"name": "CVE-2018-7241",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-7241"
},
{
"name": "CVE-2021-22786",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-22786"
},
{
"name": "CVE-2018-7242",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-7242"
},
{
"name": "CVE-2019-6844",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-6844"
},
{
"name": "CVE-2019-6842",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-6842"
},
{
"name": "CVE-2021-22782",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-22782"
},
{
"name": "CVE-2021-22778",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-22778"
},
{
"name": "CVE-2022-34764",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-34764"
},
{
"name": "CVE-2022-34763",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-34763"
},
{
"name": "CVE-2021-45046",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-45046"
},
{
"name": "CVE-2022-37300",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-37300"
},
{
"name": "CVE-2021-22789",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-22789"
},
{
"name": "CVE-2019-6847",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-6847"
},
{
"name": "CVE-2022-34765",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-34765"
},
{
"name": "CVE-2021-44228",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44228"
},
{
"name": "CVE-2021-22792",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-22792"
},
{
"name": "CVE-2019-6843",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-6843"
},
{
"name": "CVE-2018-7240",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-7240"
},
{
"name": "CVE-2011-4859",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-4859"
},
{
"name": "CVE-2020-28895",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-28895"
},
{
"name": "CVE-2021-44832",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44832"
},
{
"name": "CVE-2020-12525",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-12525"
}
],
"links": [],
"reference": "CERTFR-2022-AVI-717",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2022-08-09T00:00:00.000000"
},
{
"description": "Mise \u00e0 jour des liens",
"revision_date": "2022-08-22T00:00:00.000000"
},
{
"description": "Mise \u00e0 jour des liens des bulletins de s\u00e9curit\u00e9 Schneider SEVD-2022-221-01, SEVD-2022-221-02 et SEVD-2022-221-04 du 9 ao\u00fbt 2022.",
"revision_date": "2022-09-08T00:00:00.000000"
},
{
"description": "Ajout du libell\u00e9 [SCADA] dans le titre.",
"revision_date": "2022-09-08T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits\nSchneider. Certaines d\u0027entre elles permettent \u00e0 un attaquant de\nprovoquer une ex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de\nservice \u00e0 distance et un contournement de la politique de s\u00e9curit\u00e9.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Schneider",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Schneider SESB-2021-347-01 du 9 ao\u00fbt 2022",
"url": "https://download.schneider-electric.com/files?p_Doc_Ref=SESB-2021-347-01\u0026p_enDocType=Security+and+Safety+Notice\u0026p_File_Name=SESB-2021-347-01_Apache_Log4j_Log4Shell_Vulnerabilities_Security_Notification_V14.0.pdf"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Schneider SEVD-2019-281-02 du 9 ao\u00fbt 2022",
"url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2019-281-02\u0026p_enDocType=Security+and+Safety+Notice\u0026p_File_Name=SEVD-2019-281-02_Modicon_Controllers_Security_Notification_V3.0.pdf"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Schneider SEVD-2022-221-01 du 9 ao\u00fbt 2022",
"url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2022-221-01\u0026p_enDocType=Security+and+Safety+Notice\u0026p_File_Name=SEVD-2022-221-01_EcoStruxure_Control_Expert_Modicon580_Security_Notification_V1.1.pdf"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Schneider SEVD-2022-193-01 du 9 ao\u00fbt 2022",
"url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2022-193-01\u0026p_enDocType=Security+and+Safety+Notice\u0026p_File_Name=SEVD-2022-193-01_OPC_UA_X80_Advanced_RTU_Modicon_Communication_Modules_Security_Notification_V3.0.pdf"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Schneider SEVD-2021-313-05 du 9 ao\u00fbt 2022",
"url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-313-05\u0026p_enDocType=Security+and+Safety+Notice\u0026p_File_Name=SEVD-2021-313-05_Badalloc_Vulnerabilities_Security_Notification_V10.0.pdf"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Schneider SEVD-2022-221-03 du 9 ao\u00fbt 2022",
"url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2022-221-03\u0026p_enDocType=Security+and+Safety+Notice\u0026p_File_Name=SEVD-2022-221-03_EcoStruxure_Control_Expert_Security_Notification.pdf"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Schneider SEVD-2022-221-02 du 9 ao\u00fbt 2022",
"url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2022-221-02\u0026p_enDocType=Security+and+Safety+Notice\u0026p_File_Name=SEVD-2022-221-02_Modicon_Controllers_Security_Notification_V1.1.pdf"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Schneider SEVD-2018-081-01 du 9 ao\u00fbt 2022",
"url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2018-081-01\u0026p_enDocType=Security+and+Safety+Notice\u0026p_File_Name=SEVD-2018-081-01_Embedded_FTP_Servers_for_Modicon_PAC_Controllers_Security_Notification_V3.0.pdf"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Schneider SEVD-2021-222-04 du 9 ao\u00fbt 2022",
"url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-222-04\u0026p_enDocType=Security+and+Safety+Notice\u0026p_File_Name=SEVD-2021-222-04_Modicon_PAC_Controllers_PLC_Simulator_Control_Expert_Process_Expert_Security_Notification_V2.0.pdf"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Schneider SEVD-2021-194-01 du 9 ao\u00fbt 2022",
"url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-194-01\u0026p_enDocType=Security+and+Safety+Notice\u0026p_File_Name=SEVD-2021-194-01_EcoStruxure_Control_Expert_Process_Expert_SCADAPack_RemoteConnect_Modicon_M580_M340_Security_Notifcation_V4.0.pdf"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Schneider SEVD-2022-221-04 du 9 ao\u00fbt 2022",
"url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2022-221-04\u0026p_enDocType=Security+and+Safety+Notice\u0026p_File_Name=SEVD-2022-221-04-Modicon_Controllers_Ethernet_Modules_Security_Notification_V1.1.pdf"
}
]
}
CERTFR-2024-AVI-0027
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été découvertes dans les produits Juniper Networks. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et un contournement de la politique de sécurité.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Juniper Networks | N/A | CTPView versions versions antérieures à 9.1R5 | ||
| Juniper Networks | Junos OS Evolved | Junos OS Evolved version antérieures à 20.4R2-EVO, 20.4R2-S2-EVO, 20.4R3-EVO, 20.4R3-S7-EVO, 21.1R2-EVO, 21.2R2-EVO, 21.2R3-S7-EVO, 21.3R2-EVO, 21.3R3-S5-EVO, 21.4R3-EVO, 21.4R3-S3-EVO, 21.4R3-S5-EVO, 21.4R3-S6-EVO, 22.1R3-EVO, 22.1R3-S2-EVO, 22.1R3-S4-EVO, 22.1R3-S5-EVO, 22.2R2-S1-EVO, 22.2R2-S2-EVO, 22.2R3-EVO, 22.2R3-S2-EVO, 22.2R3-S3-EVO, 22.3R1-EVO, 22.3R2-EVO, 22.3R3-EVO, 22.3R3-S1-EVO, 22.4R1-EVO, 22.4R2-EVO, 22.4R2-S2-EVO, 22.4R3-EVO, 23.1R2-EVO, 23.2R1-EVO, 23.2R1-S1-EVO, 23.2R1-S2-EVO, 23.2R2-EVO, 23.3R1-EVO et 23.4R1-EVO | ||
| Juniper Networks | N/A | Paragon Active Assurance versions antérieures à 3.1.2, 3.2.3, 3.3.2 et 3.4.1 | ||
| Juniper Networks | Junos OS | Junos OS version antérieures à 20.4R3-S3, 20.4R3-S6, 20.4R3-S7, 20.4R3-S8, 20.4R3-S9, 21.1R3-S4, 21.1R3-S5, 21.2R3, 21.2R3-S3, 21.2R3-S4, 21.2R3-S5, 21.2R3-S6, 21.2R3-S7, 21.3R2-S1, 21.3R3, 21.3R3-S3, 21.3R3-S4, 21.3R3-S5, 21.4R2, 21.4R3, 21.4R3-S3, 21.4R3-S4, 21.4R3-S5, 22.1R2, 22.1R2-S2, 22.1R3, 22.1R3-S1, 22.1R3-S2, 22.1R3-S3, 22.1R3-S4, 22.2R1, 22.2R2, 22.2R2-S1, 22.2R2-S2, 22.2R3, 22.2R3-S1, 22.2R3-S2, 22.2R3-S3, 22.3R1, 22.3R2, 22.3R2-S1, 22.3R2-S2, 22.3R3, 22.3R3-S1, 22.3R3-S2, 22.4R1, 22.4R1-S2, 22.4R2, 22.4R2-S1, 22.4R2-S2, 22.4R3, 23.1R1, 23.1R2, 23.2R1, 23.2R1-S1, 23.2R1-S2, 23.2R2, 23.3R1 et 23.4R1 | ||
| Juniper Networks | Session Smart Router | Session Smart Router versions antérieures à SSR-6.2.3-r2 | ||
| Juniper Networks | N/A | Security Director Insights versions antérieures à 23.1R1 |
References
| Title | Publication Time | Tags | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "CTPView versions versions ant\u00e9rieures \u00e0 9.1R5",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS Evolved version ant\u00e9rieures \u00e0 20.4R2-EVO, 20.4R2-S2-EVO, 20.4R3-EVO, 20.4R3-S7-EVO, 21.1R2-EVO, 21.2R2-EVO, 21.2R3-S7-EVO, 21.3R2-EVO, 21.3R3-S5-EVO, 21.4R3-EVO, 21.4R3-S3-EVO, 21.4R3-S5-EVO, 21.4R3-S6-EVO, 22.1R3-EVO, 22.1R3-S2-EVO, 22.1R3-S4-EVO, 22.1R3-S5-EVO, 22.2R2-S1-EVO, 22.2R2-S2-EVO, 22.2R3-EVO, 22.2R3-S2-EVO, 22.2R3-S3-EVO, 22.3R1-EVO, 22.3R2-EVO, 22.3R3-EVO, 22.3R3-S1-EVO, 22.4R1-EVO, 22.4R2-EVO, 22.4R2-S2-EVO, 22.4R3-EVO, 23.1R2-EVO, 23.2R1-EVO, 23.2R1-S1-EVO, 23.2R1-S2-EVO, 23.2R2-EVO, 23.3R1-EVO et 23.4R1-EVO",
"product": {
"name": "Junos OS Evolved",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Paragon Active Assurance versions ant\u00e9rieures \u00e0 3.1.2, 3.2.3, 3.3.2 et 3.4.1",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS version ant\u00e9rieures \u00e0 20.4R3-S3, 20.4R3-S6, 20.4R3-S7, 20.4R3-S8, 20.4R3-S9, 21.1R3-S4, 21.1R3-S5, 21.2R3, 21.2R3-S3, 21.2R3-S4, 21.2R3-S5, 21.2R3-S6, 21.2R3-S7, 21.3R2-S1, 21.3R3, 21.3R3-S3, 21.3R3-S4, 21.3R3-S5, 21.4R2, 21.4R3, 21.4R3-S3, 21.4R3-S4, 21.4R3-S5, 22.1R2, 22.1R2-S2, 22.1R3, 22.1R3-S1, 22.1R3-S2, 22.1R3-S3, 22.1R3-S4, 22.2R1, 22.2R2, 22.2R2-S1, 22.2R2-S2, 22.2R3, 22.2R3-S1, 22.2R3-S2, 22.2R3-S3, 22.3R1, 22.3R2, 22.3R2-S1, 22.3R2-S2, 22.3R3, 22.3R3-S1, 22.3R3-S2, 22.4R1, 22.4R1-S2, 22.4R2, 22.4R2-S1, 22.4R2-S2, 22.4R3, 23.1R1, 23.1R2, 23.2R1, 23.2R1-S1, 23.2R1-S2, 23.2R2, 23.3R1 et 23.4R1",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Session Smart Router versions ant\u00e9rieures \u00e0 SSR-6.2.3-r2",
"product": {
"name": "Session Smart Router",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Security Director Insights versions ant\u00e9rieures \u00e0 23.1R1",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2022-3707",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3707"
},
{
"name": "CVE-2024-21602",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21602"
},
{
"name": "CVE-2022-41974",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41974"
},
{
"name": "CVE-2023-38802",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38802"
},
{
"name": "CVE-2023-21938",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21938"
},
{
"name": "CVE-2023-21843",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21843"
},
{
"name": "CVE-2022-42720",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42720"
},
{
"name": "CVE-2022-30594",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30594"
},
{
"name": "CVE-2022-41973",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41973"
},
{
"name": "CVE-2023-0461",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0461"
},
{
"name": "CVE-2024-21616",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21616"
},
{
"name": "CVE-2021-25220",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-25220"
},
{
"name": "CVE-2023-2235",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2235"
},
{
"name": "CVE-2023-23454",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-23454"
},
{
"name": "CVE-2023-21954",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21954"
},
{
"name": "CVE-2022-2964",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2964"
},
{
"name": "CVE-2023-21939",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21939"
},
{
"name": "CVE-2023-1281",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1281"
},
{
"name": "CVE-2024-21599",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21599"
},
{
"name": "CVE-2022-47929",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-47929"
},
{
"name": "CVE-2022-3628",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3628"
},
{
"name": "CVE-2024-21614",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21614"
},
{
"name": "CVE-2023-21830",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21830"
},
{
"name": "CVE-2023-3817",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3817"
},
{
"name": "CVE-2023-26464",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-26464"
},
{
"name": "CVE-2020-0466",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-0466"
},
{
"name": "CVE-2021-26691",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-26691"
},
{
"name": "CVE-2022-4269",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4269"
},
{
"name": "CVE-2022-42703",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42703"
},
{
"name": "CVE-2024-21607",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21607"
},
{
"name": "CVE-2023-0286",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0286"
},
{
"name": "CVE-2023-32067",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-32067"
},
{
"name": "CVE-2023-0266",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0266"
},
{
"name": "CVE-2019-17571",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-17571"
},
{
"name": "CVE-2022-39189",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-39189"
},
{
"name": "CVE-2022-3239",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3239"
},
{
"name": "CVE-2022-43750",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43750"
},
{
"name": "CVE-2022-3567",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3567"
},
{
"name": "CVE-2023-2828",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2828"
},
{
"name": "CVE-2021-4104",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-4104"
},
{
"name": "CVE-2023-22081",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22081"
},
{
"name": "CVE-2023-20569",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-20569"
},
{
"name": "CVE-2024-21596",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21596"
},
{
"name": "CVE-2022-3564",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3564"
},
{
"name": "CVE-2021-33656",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-33656"
},
{
"name": "CVE-2023-1582",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1582"
},
{
"name": "CVE-2022-4129",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4129"
},
{
"name": "CVE-2022-41218",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41218"
},
{
"name": "CVE-2023-2194",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2194"
},
{
"name": "CVE-2024-21604",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21604"
},
{
"name": "CVE-2023-32360",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-32360"
},
{
"name": "CVE-2022-0934",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0934"
},
{
"name": "CVE-2020-9493",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-9493"
},
{
"name": "CVE-2021-3573",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3573"
},
{
"name": "CVE-2022-2196",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2196"
},
{
"name": "CVE-2021-39275",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-39275"
},
{
"name": "CVE-2022-42896",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42896"
},
{
"name": "CVE-2022-21699",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21699"
},
{
"name": "CVE-2024-21600",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21600"
},
{
"name": "CVE-2021-33655",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-33655"
},
{
"name": "CVE-2023-0767",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0767"
},
{
"name": "CVE-2022-1462",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1462"
},
{
"name": "CVE-2023-23920",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-23920"
},
{
"name": "CVE-2023-20593",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-20593"
},
{
"name": "CVE-2024-21606",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21606"
},
{
"name": "CVE-2022-0330",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0330"
},
{
"name": "CVE-2022-41222",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41222"
},
{
"name": "CVE-2016-10009",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-10009"
},
{
"name": "CVE-2022-23305",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23305"
},
{
"name": "CVE-2022-2663",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2663"
},
{
"name": "CVE-2023-23918",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-23918"
},
{
"name": "CVE-2024-21591",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21591"
},
{
"name": "CVE-2020-12321",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-12321"
},
{
"name": "CVE-2022-23307",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23307"
},
{
"name": "CVE-2022-3524",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3524"
},
{
"name": "CVE-2022-39188",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-39188"
},
{
"name": "CVE-2023-3341",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3341"
},
{
"name": "CVE-2022-37434",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-37434"
},
{
"name": "CVE-2022-2795",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2795"
},
{
"name": "CVE-2022-22942",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22942"
},
{
"name": "CVE-2022-43945",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43945"
},
{
"name": "CVE-2022-3625",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3625"
},
{
"name": "CVE-2021-34798",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-34798"
},
{
"name": "CVE-2024-21587",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21587"
},
{
"name": "CVE-2022-42721",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42721"
},
{
"name": "CVE-2022-4378",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4378"
},
{
"name": "CVE-2022-4254",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4254"
},
{
"name": "CVE-2024-21617",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21617"
},
{
"name": "CVE-2023-1195",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1195"
},
{
"name": "CVE-2024-21589",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21589"
},
{
"name": "CVE-2023-21937",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21937"
},
{
"name": "CVE-2023-22809",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22809"
},
{
"name": "CVE-2022-20141",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-20141"
},
{
"name": "CVE-2021-4155",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-4155"
},
{
"name": "CVE-2023-2650",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2650"
},
{
"name": "CVE-2024-21595",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21595"
},
{
"name": "CVE-2021-3564",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3564"
},
{
"name": "CVE-2021-3621",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3621"
},
{
"name": "CVE-2023-0394",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0394"
},
{
"name": "CVE-2022-22164",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22164"
},
{
"name": "CVE-2024-21597",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21597"
},
{
"name": "CVE-2021-3752",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3752"
},
{
"name": "CVE-2023-0386",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0386"
},
{
"name": "CVE-2016-2183",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-2183"
},
{
"name": "CVE-2021-26341",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-26341"
},
{
"name": "CVE-2022-38023",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-38023"
},
{
"name": "CVE-2023-22045",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22045"
},
{
"name": "CVE-2022-1679",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1679"
},
{
"name": "CVE-2023-22049",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22049"
},
{
"name": "CVE-2023-38408",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38408"
},
{
"name": "CVE-2022-3619",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3619"
},
{
"name": "CVE-2021-0920",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-0920"
},
{
"name": "CVE-2023-1829",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1829"
},
{
"name": "CVE-2022-25265",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25265"
},
{
"name": "CVE-2022-1789",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1789"
},
{
"name": "CVE-2022-2873",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2873"
},
{
"name": "CVE-2022-3623",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3623"
},
{
"name": "CVE-2024-21611",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21611"
},
{
"name": "CVE-2024-21613",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21613"
},
{
"name": "CVE-2021-44228",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44228"
},
{
"name": "CVE-2023-21968",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21968"
},
{
"name": "CVE-2024-21612",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21612"
},
{
"name": "CVE-2022-42722",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42722"
},
{
"name": "CVE-2024-21603",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21603"
},
{
"name": "CVE-2023-21930",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21930"
},
{
"name": "CVE-2024-21585",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21585"
},
{
"name": "CVE-2022-23302",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23302"
},
{
"name": "CVE-2023-24329",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24329"
},
{
"name": "CVE-2021-44832",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44832"
},
{
"name": "CVE-2021-44790",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44790"
},
{
"name": "CVE-2023-36842",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-36842"
},
{
"name": "CVE-2022-4139",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4139"
},
{
"name": "CVE-2024-21594",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21594"
},
{
"name": "CVE-2022-3028",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3028"
},
{
"name": "CVE-2022-3566",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3566"
},
{
"name": "CVE-2023-3446",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3446"
},
{
"name": "CVE-2023-21967",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21967"
},
{
"name": "CVE-2022-41674",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41674"
},
{
"name": "CVE-2024-21601",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21601"
},
{
"name": "CVE-2023-2124",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2124"
},
{
"name": "CVE-2020-0465",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-0465"
}
],
"links": [],
"reference": "CERTFR-2024-AVI-0027",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2024-01-11T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits\nJuniper Networks. Certaines d\u0027entre elles permettent \u00e0 un attaquant de\nprovoquer une ex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de\nservice \u00e0 distance et un contournement de la politique de s\u00e9curit\u00e9.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Juniper Networks",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA75723 du 10 janvier 2024",
"url": "https://supportportal.juniper.net/s/article/2024-01-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-rpd-process-crash-due-to-BGP-flap-on-NSR-enabled-devices-CVE-2024-21585"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA75741 du 10 janvier 2024",
"url": "https://supportportal.juniper.net/s/article/2024-01-Security-Bulletin-Junos-OS-PTX-Series-In-an-FTI-scenario-MPLS-packets-hitting-reject-next-hop-will-cause-a-host-path-wedge-condition-CVE-2024-21600"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA75752 du 10 janvier 2024",
"url": "https://supportportal.juniper.net/s/article/2024-01-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-In-a-jflow-scenario-continuous-route-churn-will-cause-a-memory-leak-and-eventually-an-rpd-crash-CVE-2024-21611"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA75757 du 10 janvier 2024",
"url": "https://supportportal.juniper.net/s/article/2024-01-Security-Bulletin-Junos-OS-Processing-of-a-specific-SIP-packet-causes-NAT-IP-allocation-to-fail-CVE-2024-21616"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA75730 du 10 janvier 2024",
"url": "https://supportportal.juniper.net/s/article/2024-01-Security-Bulletin-Junos-OS-jdhcpd-will-hang-on-receiving-a-specific-DHCP-packet-CVE-2023-36842"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA75734 du 10 janvier 2024",
"url": "https://supportportal.juniper.net/s/article/2024-01-Security-Bulletin-Junos-OS-EX4100-EX4400-EX4600-and-QFX5000-Series-A-high-rate-of-specific-ICMP-traffic-will-cause-the-PFE-to-hang-CVE-2024-21595"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA75737 du 10 janvier 2024",
"url": "https://supportportal.juniper.net/s/article/2024-01-Security-Bulletin-Security-Director-Insights-Multiple-vulnerabilities-in-SDI"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA75721 du 10 janvier 2024",
"url": "https://supportportal.juniper.net/s/article/2024-01-Security-Bulletin-Junos-OS-Evolved-IPython-privilege-escalation-vulnerability-CVE-2022-21699"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA75736 du 10 janvier 2024",
"url": "https://supportportal.juniper.net/s/article/2024-01-Security-Bulletin-CTPView-Multiple-vulnerabilities-in-CTPView-CVE-yyyy-nnnn"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA75747 du 10 janvier 2024",
"url": "https://supportportal.juniper.net/s/article/2024-01-Security-Bulletin-Junos-OS-SRX-Series-flowd-will-crash-when-tcp-encap-is-enabled-and-specific-packets-are-received-CVE-2024-21606"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA75758 du 10 janvier 2024",
"url": "https://supportportal.juniper.net/s/article/2024-01-Security-Bulletin-Junos-OS-BGP-flap-on-NSR-enabled-devices-causes-memory-leak-CVE-2024-21617"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA11272 du 10 janvier 2024",
"url": "https://supportportal.juniper.net/s/article/2022-01-Security-Bulletin-Junos-OS-Evolved-Telnet-service-may-be-enabled-when-it-is-expected-to-be-disabled-CVE-2022-22164"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA75727 du 10 janvier 2024",
"url": "https://supportportal.juniper.net/s/article/2024-01-Security-Bulletin-Paragon-Active-Assurance-Control-Center-Information-disclosure-vulnerability-CVE-2024-21589"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA75233 du 10 janvier 2024",
"url": "https://supportportal.juniper.net/s/article/2024-01-Security-Bulletin-Session-Smart-Router-Multiple-vulnerabilities-resolved"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA75754 du 10 janvier 2024",
"url": "https://supportportal.juniper.net/s/article/2024-01-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-A-link-flap-causes-patroot-memory-leak-which-leads-to-rpd-crash-CVE-2024-21613"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA75753 du 10 janvier 2024",
"url": "https://supportportal.juniper.net/s/article/2024-01-Security-Bulletin-Junos-OS-Evolved-Specific-TCP-traffic-causes-OFP-core-and-restart-of-RE-CVE-2024-21612"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA75742 du 10 janvier 2024",
"url": "https://supportportal.juniper.net/s/article/2024-01-Security-Bulletin-Junos-OS-SRX-Series-Due-to-an-error-in-processing-TCP-events-flowd-will-crash-CVE-2024-21601"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA75740 du 10 janvier 2024",
"url": "https://supportportal.juniper.net/s/article/2024-01-Security-Bulletin-Junos-OS-MX-Series-MPC3E-memory-leak-with-PTP-configuration-CVE-2024-21599"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA75748 du 10 janvier 2024",
"url": "https://supportportal.juniper.net/s/article/2024-01-Security-Bulletin-Junos-OS-MX-Series-and-EX9200-Series-If-the-tcp-reset-option-used-in-an-IPv6-filter-matched-packets-are-accepted-instead-of-rejected-CVE-2024-21607"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA75744 du 10 janvier 2024",
"url": "https://supportportal.juniper.net/s/article/2024-01-Security-Bulletin-Junos-OS-MX-Series-Gathering-statistics-in-a-scaled-SCU-DCU-configuration-will-lead-to-a-device-crash-CVE-2024-21603"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA75743 du 10 janvier 2024",
"url": "https://supportportal.juniper.net/s/article/2024-01-Security-Bulletin-Junos-OS-Evolved-ACX7024-ACX7100-32C-and-ACX7100-48L-Traffic-stops-when-a-specific-IPv4-UDP-packet-is-received-by-the-RE-CVE-2024-21602"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA75738 du 10 janvier 2024",
"url": "https://supportportal.juniper.net/s/article/2024-01-Security-Bulletin-Junos-OS-MX-Series-In-an-AF-scenario-traffic-can-bypass-configured-lo0-firewall-filters-CVE-2024-21597"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA75733 du 10 janvier 2024",
"url": "https://supportportal.juniper.net/s/article/2024-01-Security-Bulletin-Junos-OS-SRX-5000-Series-Repeated-execution-of-a-specific-CLI-command-causes-a-flowd-crash-CVE-2024-21594"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA75725 du 10 janvier 2024",
"url": "https://supportportal.juniper.net/s/article/2024-01-Security-Bulletin-Junos-OS-Memory-leak-in-bbe-smgd-process-if-BFD-liveness-detection-for-DHCP-subscribers-is-enabled-CVE-2024-21587"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA75755 du 10 janvier 2024",
"url": "https://supportportal.juniper.net/s/article/2024-01-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-A-specific-query-via-DREND-causes-rpd-crash-CVE-2024-21614"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA75735 du 10 janvier 2024",
"url": "https://supportportal.juniper.net/s/article/2024-01-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-A-specific-BGP-UPDATE-message-will-cause-a-crash-in-the-backup-Routing-Engine-CVE-2024-21596"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA75745 du 10 janvier 2024",
"url": "https://supportportal.juniper.net/s/article/2024-01-Security-Bulletin-Junos-OS-Evolved-A-high-rate-of-specific-traffic-will-cause-a-complete-system-outage-CVE-2024-21604"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA75729 du 10 janvier 2024",
"url": "https://supportportal.juniper.net/s/article/2024-01-Security-Bulletin-Junos-OS-SRX-Series-and-EX-Series-Security-Vulnerability-in-J-web-allows-a-preAuth-Remote-Code-Execution-CVE-2024-21591"
}
]
}
CERTFR-2022-AVI-960
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été découvertes dans les produits IBM. Elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance et un déni de service à distance.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| IBM | QRadar SIEM | IBM QRadar SIEM versions antérieures à 7.5.0 Update Package Interim Fix 02 | ||
| IBM | QRadar SIEM | IBM QRadar SIEM versions antérieures à 7.4.3 Fix Pack 7 | ||
| IBM | WebSphere | IBM WebSphere Application Server Liberty 17.0.0.3 à 22.0.0.11 sans le correctif de sécurité temporaire PH49719 (la version 22.0.0.12 est prévue au quatrième trimestre 2022) |
References
| Title | Publication Time | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "IBM QRadar SIEM versions ant\u00e9rieures \u00e0 7.5.0 Update Package Interim Fix 02",
"product": {
"name": "QRadar SIEM",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "IBM QRadar SIEM versions ant\u00e9rieures \u00e0 7.4.3 Fix Pack 7",
"product": {
"name": "QRadar SIEM",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "IBM WebSphere Application Server Liberty 17.0.0.3 \u00e0 22.0.0.11 sans le correctif de s\u00e9curit\u00e9 temporaire PH49719 (la version 22.0.0.12 est pr\u00e9vue au quatri\u00e8me trimestre 2022)",
"product": {
"name": "WebSphere",
"vendor": {
"name": "IBM",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2019-17571",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-17571"
},
{
"name": "CVE-2021-4104",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-4104"
},
{
"name": "CVE-2022-37734",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-37734"
},
{
"name": "CVE-2021-44832",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44832"
}
],
"links": [],
"reference": "CERTFR-2022-AVI-960",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2022-10-27T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits IBM.\nElles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code\narbitraire \u00e0 distance et un d\u00e9ni de service \u00e0 distance.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits IBM",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 6832094 du 26 octobre 2022",
"url": "https://www.ibm.com/support/pages/node/6832094"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 6832160 du 26 octobre 2022",
"url": "https://www.ibm.com/support/pages/node/6832160"
}
]
}
CERTFR-2025-AVI-0855
Vulnerability from certfr_avis - Published: 2025-10-09 - Updated: 2025-10-09
De multiples vulnérabilités ont été découvertes dans les produits Juniper Networks. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, une élévation de privilèges et un déni de service à distance.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Juniper Networks | Junos OS | Junos OS versions 24.4 antérieures à 24.4R2 | ||
| Juniper Networks | Junos OS Evolved | Junos OS Evolved versions antérieures à 22.4R3-S8-EVO | ||
| Juniper Networks | Junos OS | Junos OS versions 23.4 antérieures à 23.4R2-S5 | ||
| Juniper Networks | Junos OS Evolved | Junos OS Evolved versions 23.2-EVO antérieures à 23.2R2-S4-EVO | ||
| Juniper Networks | Junos OS | Junos OS versions antérieures à 22.4R3-S8 | ||
| Juniper Networks | Junos OS Evolved | Junos OS Evolved versions 24.2-EVO antérieures à 24.2R2-S2-EVO | ||
| Juniper Networks | Junos OS Evolved | Junos OS Evolved versions 24.4-EVO antérieures à 24.4R2-EVO | ||
| Juniper Networks | Junos Space | Junos Space versions antérieures à 24.1R4 | ||
| Juniper Networks | Security Director | Security Director Policy Enforcer versions antérieures à 23.1R1 Hotpatch v3 | ||
| Juniper Networks | Junos Space | Junos Space Security Director versions antérieures à 24.1R4 | ||
| Juniper Networks | Junos OS Evolved | Junos OS Evolved versions 23.4-EVO antérieures à 23.4R2-S5-EVO | ||
| Juniper Networks | Junos OS | Junos OS versions 23.2 antérieures à 23.2R2-S4 | ||
| Juniper Networks | Junos OS | Junos OS versions 24.2 antérieures à 24.2R2-S1 |
References
| Title | Publication Time | Tags | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Junos OS versions 24.4 ant\u00e9rieures \u00e0 24.4R2",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS Evolved versions ant\u00e9rieures \u00e0 22.4R3-S8-EVO",
"product": {
"name": "Junos OS Evolved",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 23.4 ant\u00e9rieures \u00e0 23.4R2-S5",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS Evolved versions 23.2-EVO ant\u00e9rieures \u00e0 23.2R2-S4-EVO",
"product": {
"name": "Junos OS Evolved",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions ant\u00e9rieures \u00e0 22.4R3-S8",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS Evolved versions 24.2-EVO ant\u00e9rieures \u00e0 24.2R2-S2-EVO",
"product": {
"name": "Junos OS Evolved",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS Evolved versions 24.4-EVO ant\u00e9rieures \u00e0 24.4R2-EVO",
"product": {
"name": "Junos OS Evolved",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos Space versions ant\u00e9rieures \u00e0 24.1R4",
"product": {
"name": "Junos Space",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Security Director Policy Enforcer versions ant\u00e9rieures \u00e0 23.1R1 Hotpatch v3",
"product": {
"name": "Security Director",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos Space Security Director versions ant\u00e9rieures \u00e0 24.1R4",
"product": {
"name": "Junos Space",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS Evolved versions 23.4-EVO ant\u00e9rieures \u00e0 23.4R2-S5-EVO",
"product": {
"name": "Junos OS Evolved",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 23.2 ant\u00e9rieures \u00e0 23.2R2-S4",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 24.2 ant\u00e9rieures \u00e0 24.2R2-S1",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2024-24795",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24795"
},
{
"name": "CVE-2024-36903",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36903"
},
{
"name": "CVE-2023-44431",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-44431"
},
{
"name": "CVE-2021-47606",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47606"
},
{
"name": "CVE-2025-59993",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59993"
},
{
"name": "CVE-2025-59997",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59997"
},
{
"name": "CVE-2023-7104",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-7104"
},
{
"name": "CVE-2025-59995",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59995"
},
{
"name": "CVE-2024-21235",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21235"
},
{
"name": "CVE-2023-28466",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28466"
},
{
"name": "CVE-2024-36921",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36921"
},
{
"name": "CVE-2025-59986",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59986"
},
{
"name": "CVE-2025-60009",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-60009"
},
{
"name": "CVE-2025-59989",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59989"
},
{
"name": "CVE-2024-26897",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26897"
},
{
"name": "CVE-2023-46103",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-46103"
},
{
"name": "CVE-2024-27052",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27052"
},
{
"name": "CVE-2023-2235",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2235"
},
{
"name": "CVE-2025-59999",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59999"
},
{
"name": "CVE-2025-59994",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59994"
},
{
"name": "CVE-2024-4076",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-4076"
},
{
"name": "CVE-2025-59967",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59967"
},
{
"name": "CVE-2022-24805",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-24805"
},
{
"name": "CVE-2024-12797",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12797"
},
{
"name": "CVE-2023-3390",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3390"
},
{
"name": "CVE-2024-37356",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-37356"
},
{
"name": "CVE-2024-47538",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47538"
},
{
"name": "CVE-2023-4004",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4004"
},
{
"name": "CVE-2024-21823",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21823"
},
{
"name": "CVE-2025-59991",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59991"
},
{
"name": "CVE-2024-5564",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-5564"
},
{
"name": "CVE-2024-26600",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26600"
},
{
"name": "CVE-2023-28746",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28746"
},
{
"name": "CVE-2023-52864",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52864"
},
{
"name": "CVE-2025-26600",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-26600"
},
{
"name": "CVE-2024-3596",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-3596"
},
{
"name": "CVE-2024-27280",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27280"
},
{
"name": "CVE-2024-36929",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36929"
},
{
"name": "CVE-2023-35788",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-35788"
},
{
"name": "CVE-2025-59982",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59982"
},
{
"name": "CVE-2024-1975",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-1975"
},
{
"name": "CVE-2023-43785",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-43785"
},
{
"name": "CVE-2024-30205",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-30205"
},
{
"name": "CVE-2018-17247",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-17247"
},
{
"name": "CVE-2025-60004",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-60004"
},
{
"name": "CVE-2023-51594",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-51594"
},
{
"name": "CVE-2024-22025",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-22025"
},
{
"name": "CVE-2023-50229",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-50229"
},
{
"name": "CVE-2025-59974",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59974"
},
{
"name": "CVE-2025-26598",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-26598"
},
{
"name": "CVE-2018-3824",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-3824"
},
{
"name": "CVE-2024-40928",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-40928"
},
{
"name": "CVE-2024-43398",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43398"
},
{
"name": "CVE-2024-8508",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-8508"
},
{
"name": "CVE-2024-36020",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36020"
},
{
"name": "CVE-2021-45105",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-45105"
},
{
"name": "CVE-2025-59981",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59981"
},
{
"name": "CVE-2023-31248",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-31248"
},
{
"name": "CVE-2024-1737",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-1737"
},
{
"name": "CVE-2023-25193",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-25193"
},
{
"name": "CVE-2021-4104",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-4104"
},
{
"name": "CVE-2024-30203",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-30203"
},
{
"name": "CVE-2023-3090",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3090"
},
{
"name": "CVE-2024-35937",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35937"
},
{
"name": "CVE-2025-59968",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59968"
},
{
"name": "CVE-2023-51592",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-51592"
},
{
"name": "CVE-2025-59990",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59990"
},
{
"name": "CVE-2021-22146",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-22146"
},
{
"name": "CVE-2025-59978",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59978"
},
{
"name": "CVE-2024-25629",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-25629"
},
{
"name": "CVE-2024-36017",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36017"
},
{
"name": "CVE-2024-24806",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24806"
},
{
"name": "CVE-2024-27434",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27434"
},
{
"name": "CVE-2023-47038",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-47038"
},
{
"name": "CVE-2024-35852",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35852"
},
{
"name": "CVE-2024-38558",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38558"
},
{
"name": "CVE-2025-59992",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59992"
},
{
"name": "CVE-2024-35845",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35845"
},
{
"name": "CVE-2021-41072",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-41072"
},
{
"name": "CVE-2025-60000",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-60000"
},
{
"name": "CVE-2022-24807",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-24807"
},
{
"name": "CVE-2024-47607",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47607"
},
{
"name": "CVE-2024-27065",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27065"
},
{
"name": "CVE-2024-36005",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36005"
},
{
"name": "CVE-2023-45866",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45866"
},
{
"name": "CVE-2023-27349",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27349"
},
{
"name": "CVE-2023-0464",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0464"
},
{
"name": "CVE-2015-5377",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-5377"
},
{
"name": "CVE-2023-48161",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-48161"
},
{
"name": "CVE-2022-24810",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-24810"
},
{
"name": "CVE-2024-33621",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-33621"
},
{
"name": "CVE-2024-27983",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27983"
},
{
"name": "CVE-2025-60001",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-60001"
},
{
"name": "CVE-2024-5742",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-5742"
},
{
"name": "CVE-2023-50230",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-50230"
},
{
"name": "CVE-2025-52960",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-52960"
},
{
"name": "CVE-2024-36922",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36922"
},
{
"name": "CVE-2025-59996",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59996"
},
{
"name": "CVE-2024-39487",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39487"
},
{
"name": "CVE-2024-27982",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27982"
},
{
"name": "CVE-2023-38575",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38575"
},
{
"name": "CVE-2024-35911",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35911"
},
{
"name": "CVE-2025-59957",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59957"
},
{
"name": "CVE-2025-59958",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59958"
},
{
"name": "CVE-2021-41043",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-41043"
},
{
"name": "CVE-2018-17244",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-17244"
},
{
"name": "CVE-2019-12900",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-12900"
},
{
"name": "CVE-2024-39908",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39908"
},
{
"name": "CVE-2025-26597",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-26597"
},
{
"name": "CVE-2024-36971",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36971"
},
{
"name": "CVE-2023-2603",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2603"
},
{
"name": "CVE-2024-41946",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41946"
},
{
"name": "CVE-2023-3776",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3776"
},
{
"name": "CVE-2024-42934",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42934"
},
{
"name": "CVE-2023-51580",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-51580"
},
{
"name": "CVE-2024-35848",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35848"
},
{
"name": "CVE-2024-27417",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27417"
},
{
"name": "CVE-2023-21102",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21102"
},
{
"name": "CVE-2024-27281",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27281"
},
{
"name": "CVE-2025-59983",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59983"
},
{
"name": "CVE-2024-36941",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36941"
},
{
"name": "CVE-2024-2236",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-2236"
},
{
"name": "CVE-2024-38428",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38428"
},
{
"name": "CVE-2024-35969",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35969"
},
{
"name": "CVE-2021-45046",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-45046"
},
{
"name": "CVE-2025-60006",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-60006"
},
{
"name": "CVE-2024-36489",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36489"
},
{
"name": "CVE-2015-1427",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-1427"
},
{
"name": "CVE-2024-38575",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38575"
},
{
"name": "CVE-2024-35899",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35899"
},
{
"name": "CVE-2024-35823",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35823"
},
{
"name": "CVE-2024-40954",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-40954"
},
{
"name": "CVE-2024-9632",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-9632"
},
{
"name": "CVE-2023-38408",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38408"
},
{
"name": "CVE-2025-26595",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-26595"
},
{
"name": "CVE-2024-26868",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26868"
},
{
"name": "CVE-2023-43787",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-43787"
},
{
"name": "CVE-2023-43786",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-43786"
},
{
"name": "CVE-2024-8235",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-8235"
},
{
"name": "CVE-2023-4147",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4147"
},
{
"name": "CVE-2025-59977",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59977"
},
{
"name": "CVE-2023-6004",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6004"
},
{
"name": "CVE-2023-3610",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3610"
},
{
"name": "CVE-2025-26596",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-26596"
},
{
"name": "CVE-2024-4603",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-4603"
},
{
"name": "CVE-2022-48622",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48622"
},
{
"name": "CVE-2021-42550",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-42550"
},
{
"name": "CVE-2021-44228",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44228"
},
{
"name": "CVE-2024-26828",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26828"
},
{
"name": "CVE-2025-59998",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59998"
},
{
"name": "CVE-2024-26808",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26808"
},
{
"name": "CVE-2024-30204",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-30204"
},
{
"name": "CVE-2025-60002",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-60002"
},
{
"name": "CVE-2023-35001",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-35001"
},
{
"name": "CVE-2024-27282",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27282"
},
{
"name": "CVE-2018-3831",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-3831"
},
{
"name": "CVE-2023-43490",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-43490"
},
{
"name": "CVE-2025-59976",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59976"
},
{
"name": "CVE-2025-59980",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59980"
},
{
"name": "CVE-2025-26599",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-26599"
},
{
"name": "CVE-2024-47615",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47615"
},
{
"name": "CVE-2018-3823",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-3823"
},
{
"name": "CVE-2023-22655",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22655"
},
{
"name": "CVE-2024-6126",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6126"
},
{
"name": "CVE-2023-4911",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4911"
},
{
"name": "CVE-2023-39368",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39368"
},
{
"name": "CVE-2021-44832",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44832"
},
{
"name": "CVE-2024-26853",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26853"
},
{
"name": "CVE-2025-59975",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59975"
},
{
"name": "CVE-2025-0624",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0624"
},
{
"name": "CVE-2025-59987",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59987"
},
{
"name": "CVE-2024-40958",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-40958"
},
{
"name": "CVE-2018-3826",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-3826"
},
{
"name": "CVE-2025-26601",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-26601"
},
{
"name": "CVE-2024-52337",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-52337"
},
{
"name": "CVE-2025-59985",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59985"
},
{
"name": "CVE-2025-11198",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-11198"
},
{
"name": "CVE-2022-24806",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-24806"
},
{
"name": "CVE-2023-32233",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-32233"
},
{
"name": "CVE-2024-35789",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35789"
},
{
"name": "CVE-2024-26327",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26327"
},
{
"name": "CVE-2015-3253",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-3253"
},
{
"name": "CVE-2025-59964",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59964"
},
{
"name": "CVE-2025-59988",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59988"
},
{
"name": "CVE-2024-21210",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21210"
},
{
"name": "CVE-2024-2511",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-2511"
},
{
"name": "CVE-2024-34397",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34397"
},
{
"name": "CVE-2023-45733",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45733"
},
{
"name": "CVE-2021-40153",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-40153"
},
{
"name": "CVE-2024-6655",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6655"
},
{
"name": "CVE-2024-41123",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41123"
},
{
"name": "CVE-2024-27049",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27049"
},
{
"name": "CVE-2025-59984",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59984"
},
{
"name": "CVE-2025-52961",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-52961"
},
{
"name": "CVE-2023-51589",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-51589"
},
{
"name": "CVE-2024-21217",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21217"
},
{
"name": "CVE-2024-28182",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-28182"
},
{
"name": "CVE-2021-3903",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3903"
},
{
"name": "CVE-2024-35800",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35800"
},
{
"name": "CVE-2023-2124",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2124"
},
{
"name": "CVE-2023-51596",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-51596"
},
{
"name": "CVE-2025-60010",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-60010"
},
{
"name": "CVE-2023-51764",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-51764"
},
{
"name": "CVE-2025-26594",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-26594"
},
{
"name": "CVE-2024-6409",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6409"
},
{
"name": "CVE-2024-49761",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49761"
},
{
"name": "CVE-2022-24808",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-24808"
},
{
"name": "CVE-2025-59962",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59962"
},
{
"name": "CVE-2024-21208",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21208"
},
{
"name": "CVE-2020-11023",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11023"
},
{
"name": "CVE-2024-40961",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-40961"
}
],
"initial_release_date": "2025-10-09T00:00:00",
"last_revision_date": "2025-10-09T00:00:00",
"links": [],
"reference": "CERTFR-2025-AVI-0855",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2025-10-09T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Injection de code indirecte \u00e0 distance (XSS)"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits Juniper Networks. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance, une \u00e9l\u00e9vation de privil\u00e8ges et un d\u00e9ni de service \u00e0 distance.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Juniper Networks",
"vendor_advisories": [
{
"published_at": "2025-10-08",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA103140",
"url": "https://supportportal.juniper.net/s/article/2025-10-Security-Bulletin-Junos-Space-Multiple-XSS-vulnerabilities-resolved-in-24-1R4-release"
},
{
"published_at": "2025-10-08",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA103141",
"url": "https://supportportal.juniper.net/s/article/2025-10-Security-Bulletin-Junos-Space-Multiple-vulnerabilities-resolved-in-24-1R4-release"
},
{
"published_at": "2025-10-08",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA103163",
"url": "https://supportportal.juniper.net/s/article/2025-10-Security-Bulletin-Junos-OS-Evolved-Multiple-OS-command-injection-vulnerabilities-fixed-CVE-2025-60006"
},
{
"published_at": "2025-10-08",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA103168",
"url": "https://supportportal.juniper.net/s/article/2025-10-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-Device-allows-login-for-user-with-expired-password-CVE-2025-60010"
},
{
"published_at": "2025-10-08",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA103171",
"url": "https://supportportal.juniper.net/s/article/2025-10-Security-Bulletin-Junos-Space-Reflected-client-side-HTTP-parameter-pollution-vulnerability-in-web-interface-CVE-2025-59977"
},
{
"published_at": "2025-10-08",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA103167",
"url": "https://supportportal.juniper.net/s/article/2025-10-Security-Bulletin-Junos-OS-When-a-user-with-the-name-ftp-or-anonymous-is-configured-unauthenticated-filesystem-access-is-allowed-CVE-2025-59980"
},
{
"published_at": "2025-10-08",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA103156",
"url": "https://supportportal.juniper.net/s/article/2025-10-Security-Bulletin-Junos-OS-Evolved-ACX7024-ACX7024X-ACX7100-32C-ACX7100-48L-ACX7348-ACX7509-When-specific-valid-multicast-traffic-is-received-on-the-L3-interface-a-vulnerable-device-evo-pfemand-crashes-and-restarts-CVE-2025-59967"
},
{
"published_at": "2025-10-08",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA103437",
"url": "https://supportportal.juniper.net/s/article/2025-10-Security-Bulletin-Security-Director-Policy-Enforcer-An-unrestricted-API-allows-a-network-based-unauthenticated-attacker-to-deploy-malicious-vSRX-images-to-VMWare-NSX-Server-CVE-2025-11198"
},
{
"published_at": "2025-10-08",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA103172",
"url": "https://supportportal.juniper.net/s/article/2025-10-Security-Bulletin-Junos-Space-Flooding-device-with-inbound-API-calls-leads-to-WebUI-and-CLI-management-access-DoS-CVE-2025-59975"
},
{
"published_at": "2025-10-08",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA103157",
"url": "https://supportportal.juniper.net/s/article/2025-10-Security-Bulletin-Juniper-Security-Director-Insufficient-authorization-for-sensitive-resources-in-web-interface-CVE-2025-59968"
},
{
"published_at": "2025-10-08",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA103170",
"url": "https://supportportal.juniper.net/s/article/2025-10-Security-Bulletin-Junos-Space-Arbitrary-file-download-vulnerability-in-web-interface-CVE-2025-59976"
},
{
"published_at": "2025-10-08",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA103139",
"url": "https://supportportal.juniper.net/s/article/2025-10-Security-Bulletin-Junos-Space-Security-Director-Multiple-vulnerabilities-resolved-in-24-1R4"
},
{
"published_at": "2025-10-08",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA103151",
"url": "https://supportportal.juniper.net/s/article/2025-10-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-With-BGP-sharding-enabled-change-in-indirect-next-hop-can-cause-RPD-crash-CVE-2025-59962"
},
{
"published_at": "2025-10-08",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA103153",
"url": "https://supportportal.juniper.net/s/article/2025-10-Security-Bulletin-Junos-OS-SRX4700-When-forwarding-options-sampling-is-enabled-any-traffic-destined-to-the-RE-will-cause-the-forwarding-line-card-to-crash-and-restart-CVE-2025-59964"
},
{
"published_at": "2025-10-08",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA103147",
"url": "https://supportportal.juniper.net/s/article/2025-10-Security-Bulletin-Junos-OS-Evolved-PTX-Series-When-firewall-filter-rejects-traffic-these-packets-are-erroneously-sent-to-the-RE-CVE-2025-59958"
},
{
"published_at": "2025-10-08",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA103144",
"url": "https://supportportal.juniper.net/s/article/2025-10-Security-Bulletin-Junos-OS-Evolved-PTX-Series-except-PTX10003-An-unauthenticated-adjacent-attacker-sending-specific-valid-traffic-can-cause-a-memory-leak-in-cfmman-leading-to-FPC-crash-and-restart-CVE-2025-52961"
},
{
"published_at": "2025-10-08",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA103143",
"url": "https://supportportal.juniper.net/s/article/2025-10-Security-Bulletin-Junos-OS-SRX-Series-and-MX-Series-Receipt-of-specific-SIP-packets-in-a-high-utilization-situation-causes-a-flowd-crash-CVE-2025-52960"
},
{
"published_at": "2025-10-08",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA103146",
"url": "https://supportportal.juniper.net/s/article/2025-10-Security-Bulletin-Junos-OS-EX4600-Series-and-QFX5000-Series-An-attacker-with-physical-access-can-open-a-persistent-backdoor-CVE-2025-59957"
},
{
"published_at": "2025-10-08",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA103138",
"url": "https://supportportal.juniper.net/s/article/2025-10-Security-Bulletin-Junos-Space-Security-Director-Multiple-vulnerabilities-resolved-in-24-1R4-by-upgrading-Log4j-Java-library-to-2-23-1-and-ElasticSearch-to-6-8-17"
},
{
"published_at": "2025-10-08",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA103165",
"url": "https://supportportal.juniper.net/s/article/2025-10-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-Specific-BGP-EVPN-update-message-causes-rpd-crash-CVE-2025-60004"
}
]
}
CERTFR-2022-AVI-125
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été découvertes dans les produits SAP. Elles permettent à un attaquant de provoquer un déni de service à distance, une atteinte à l'intégrité des données et une atteinte à la confidentialité des données.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| SAP | N/A | SAP NetWeaver Application Server for ABAP (Kernel) and ABAP Platform (Kernel) versions KERNEL 7.22, 8.04, 7.49, 7.53, 7.77, 7.81, 7.85, 7.86, 7.87, KRNL64UC 8.04, 7.22, 7.22EXT, 7.49, 7.53, KRNL64NUC 7.22, 7.22EXT et 7.49 | ||
| SAP | N/A | SAP Business Objects Web Intelligence (BI Launchpad) version 420 | ||
| SAP | N/A | SAP S/4HANA versions 100, 101, 102, 103, 104, 105 et 106 | ||
| SAP | N/A | SAP Content Server version 7.53 | ||
| SAP | N/A | SAP 3D Visual Enterprise Viewer version 9.0 | ||
| SAP | N/A | SAP Web Dispatcher versions 7.49, 7.53, 7.77, 7.81, 7.85, 7.22EXT, 7.86 et 7.87 | ||
| SAP | N/A | SAP NetWeaver and ABAP Platform versions KERNEL 7.22, 8.04, 7.49, 7.53, 7.77, 7.81, 7.85, 7.86, 7.87, KRNL64UC 8.04, 7.22, 7.22EXT, 7.49, 7.53, KRNL64NUC 7.22, 7.22EXT et 7.49 | ||
| SAP | N/A | SAP Solution Manager (Diagnostics Root Cause Analysis Tools) version 720 | ||
| SAP | N/A | SAP S/4HANA (Supplier Factsheet and Enterprise Search for Business Partner, Supplier and Customer) versions 104, 105 et 106 | ||
| SAP | N/A | SAP Business Client version 6.5 | ||
| SAP | N/A | SAP Commerce versions 1905, 2005, 2105 et 2011 | ||
| SAP | N/A | SAP Adaptive Server Enterprise version 16.0 | ||
| SAP | N/A | SAP Data Intelligence version 3 | ||
| SAP | N/A | SAP NetWeaver AS ABAP (Workplace Server) versions 700, 701, 702, 731, 740, 750, 751, 752, 753, 754, 755, 756 et 787 | ||
| SAP | N/A | Internet of Things Edge Platform version 4.0 | ||
| SAP | N/A | SAP NetWeaver Application Server Java versions KRNL64NUC 7.22, 7.22EXT, 7.49, KRNL64UC, 7.22, 7.22EXT, 7.49, 7.53, KERNEL 7.22, 7.49 et 7.53 | ||
| SAP | N/A | SAP NetWeaver (ABAP and Java application Servers) versions 700, 701, 702, 731, 740, 750, 751, 752, 753, 754, 755 et 756 | ||
| SAP | N/A | SAP Dynamic Authorization Management version 9.1.0.0 et 2021.03 | ||
| SAP | N/A | SAP ERP HCM (Portugal) versions 600, 604 et 608 | ||
| SAP | N/A | SAP Customer Checkout version 2 |
References
| Title | Publication Time | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "SAP NetWeaver Application Server for ABAP (Kernel) and ABAP Platform (Kernel) versions KERNEL 7.22, 8.04, 7.49, 7.53, 7.77, 7.81, 7.85, 7.86, 7.87, KRNL64UC 8.04, 7.22, 7.22EXT, 7.49, 7.53, KRNL64NUC 7.22, 7.22EXT et 7.49",
"product": {
"name": "N/A",
"vendor": {
"name": "SAP",
"scada": false
}
}
},
{
"description": "SAP Business Objects Web Intelligence (BI Launchpad) version 420",
"product": {
"name": "N/A",
"vendor": {
"name": "SAP",
"scada": false
}
}
},
{
"description": "SAP S/4HANA versions 100, 101, 102, 103, 104, 105 et 106",
"product": {
"name": "N/A",
"vendor": {
"name": "SAP",
"scada": false
}
}
},
{
"description": "SAP Content Server version 7.53",
"product": {
"name": "N/A",
"vendor": {
"name": "SAP",
"scada": false
}
}
},
{
"description": "SAP 3D Visual Enterprise Viewer version 9.0",
"product": {
"name": "N/A",
"vendor": {
"name": "SAP",
"scada": false
}
}
},
{
"description": "SAP Web Dispatcher versions 7.49, 7.53, 7.77, 7.81, 7.85, 7.22EXT, 7.86 et 7.87",
"product": {
"name": "N/A",
"vendor": {
"name": "SAP",
"scada": false
}
}
},
{
"description": "SAP NetWeaver and ABAP Platform versions KERNEL 7.22, 8.04, 7.49, 7.53, 7.77, 7.81, 7.85, 7.86, 7.87, KRNL64UC 8.04, 7.22, 7.22EXT, 7.49, 7.53, KRNL64NUC 7.22, 7.22EXT et 7.49",
"product": {
"name": "N/A",
"vendor": {
"name": "SAP",
"scada": false
}
}
},
{
"description": "SAP Solution Manager (Diagnostics Root Cause Analysis Tools) version 720",
"product": {
"name": "N/A",
"vendor": {
"name": "SAP",
"scada": false
}
}
},
{
"description": "SAP S/4HANA (Supplier Factsheet and Enterprise Search for Business Partner, Supplier and Customer) versions 104, 105 et 106",
"product": {
"name": "N/A",
"vendor": {
"name": "SAP",
"scada": false
}
}
},
{
"description": "SAP Business Client version 6.5",
"product": {
"name": "N/A",
"vendor": {
"name": "SAP",
"scada": false
}
}
},
{
"description": "SAP Commerce versions 1905, 2005, 2105 et 2011",
"product": {
"name": "N/A",
"vendor": {
"name": "SAP",
"scada": false
}
}
},
{
"description": "SAP Adaptive Server Enterprise version 16.0",
"product": {
"name": "N/A",
"vendor": {
"name": "SAP",
"scada": false
}
}
},
{
"description": "SAP Data Intelligence version 3",
"product": {
"name": "N/A",
"vendor": {
"name": "SAP",
"scada": false
}
}
},
{
"description": "SAP NetWeaver AS ABAP (Workplace Server) versions 700, 701, 702, 731, 740, 750, 751, 752, 753, 754, 755, 756 et 787",
"product": {
"name": "N/A",
"vendor": {
"name": "SAP",
"scada": false
}
}
},
{
"description": "Internet of Things Edge Platform version 4.0",
"product": {
"name": "N/A",
"vendor": {
"name": "SAP",
"scada": false
}
}
},
{
"description": "SAP NetWeaver Application Server Java versions KRNL64NUC 7.22, 7.22EXT, 7.49, KRNL64UC, 7.22, 7.22EXT, 7.49, 7.53, KERNEL 7.22, 7.49 et 7.53",
"product": {
"name": "N/A",
"vendor": {
"name": "SAP",
"scada": false
}
}
},
{
"description": "SAP NetWeaver (ABAP and Java application Servers) versions 700, 701, 702, 731, 740, 750, 751, 752, 753, 754, 755 et 756",
"product": {
"name": "N/A",
"vendor": {
"name": "SAP",
"scada": false
}
}
},
{
"description": "SAP Dynamic Authorization Management version 9.1.0.0 et 2021.03",
"product": {
"name": "N/A",
"vendor": {
"name": "SAP",
"scada": false
}
}
},
{
"description": "SAP ERP HCM (Portugal) versions 600, 604 et 608",
"product": {
"name": "N/A",
"vendor": {
"name": "SAP",
"scada": false
}
}
},
{
"description": "SAP Customer Checkout version 2",
"product": {
"name": "N/A",
"vendor": {
"name": "SAP",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2022-22544",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22544"
},
{
"name": "CVE-2022-22531",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22531"
},
{
"name": "CVE-2022-22543",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22543"
},
{
"name": "CVE-2022-22535",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22535"
},
{
"name": "CVE-2022-22536",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22536"
},
{
"name": "CVE-2021-45105",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-45105"
},
{
"name": "CVE-2022-22528",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22528"
},
{
"name": "CVE-2022-22539",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22539"
},
{
"name": "CVE-2022-22532",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22532"
},
{
"name": "CVE-2021-45046",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-45046"
},
{
"name": "CVE-2022-22530",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22530"
},
{
"name": "CVE-2022-22546",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22546"
},
{
"name": "CVE-2022-22538",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22538"
},
{
"name": "CVE-2022-22540",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22540"
},
{
"name": "CVE-2021-44228",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44228"
},
{
"name": "CVE-2021-44832",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44832"
},
{
"name": "CVE-2022-22537",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22537"
},
{
"name": "CVE-2022-22542",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22542"
},
{
"name": "CVE-2022-22534",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22534"
}
],
"links": [],
"reference": "CERTFR-2022-AVI-125",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2022-02-09T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Injection de code indirecte \u00e0 distance (XSS)"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits SAP.\nElles permettent \u00e0 un attaquant de provoquer un d\u00e9ni de service \u00e0\ndistance, une atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es et une atteinte \u00e0 la\nconfidentialit\u00e9 des donn\u00e9es.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits SAP",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SAP du 09 f\u00e9vrier 2022",
"url": "https://wiki.scn.sap.com/wiki/display/PSR/SAP+Security+Patch+Day+-+February+2022"
}
]
}
CERTFR-2025-AVI-0756
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été découvertes dans les produits VMware. Elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| VMware | Tanzu Platform | Tanzu Platform for Cloud Foundry isolation segment versions antérieures à 6.0.19+LTS-T | ||
| VMware | Tanzu Platform | Tanzu Platform for Cloud Foundry isolation segment versions antérieures à 10.0.9 | ||
| VMware | Tanzu Platform | Tanzu Platform for Cloud Foundry isolation segment 10.2.2+LTS-T | ||
| VMware | Tanzu Operations Manager | Tanzu Operations Manager versions antérieures à 3.1.2 | ||
| VMware | Tanzu | Tanzu Scheduler versions antérieures à 2.0.20 | ||
| VMware | Tanzu | Spring Cloud Services for VMware Tanzu versions antérieures à 3.3.9 | ||
| VMware | Tanzu | Single Sign-On for VMware Tanzu Application Service versions antérieures à 1.16.12 | ||
| VMware | Tanzu | Stemcells pour Ubuntu Jammy Azure Light versions antérieures à 1.894 | ||
| VMware | Tanzu | Stemcells pour Ubuntu Jammy versions antérieures à 1.894 | ||
| VMware | Tanzu | Tanzu Hub versions antérieures à 10.2.1 | ||
| VMware | Tanzu | Java Buildpack versions antérieures à 4.84.0 | ||
| VMware | Tanzu | Tanzu for MySQL on Cloud Foundry versions antérieures à 10.0.2 | ||
| VMware | Tanzu | Tanzu GemFire versions antérieures à 10.1.4 |
References
| Title | Publication Time | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Tanzu Platform for Cloud Foundry isolation segment versions ant\u00e9rieures \u00e0 6.0.19+LTS-T",
"product": {
"name": "Tanzu Platform",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu Platform for Cloud Foundry isolation segment versions ant\u00e9rieures \u00e0 10.0.9",
"product": {
"name": "Tanzu Platform",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu Platform for Cloud Foundry isolation segment 10.2.2+LTS-T",
"product": {
"name": "Tanzu Platform",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu Operations Manager versions ant\u00e9rieures \u00e0 3.1.2",
"product": {
"name": "Tanzu Operations Manager",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu Scheduler versions ant\u00e9rieures \u00e0 2.0.20",
"product": {
"name": "Tanzu",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Spring Cloud Services for VMware Tanzu versions ant\u00e9rieures \u00e0 3.3.9",
"product": {
"name": "Tanzu",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Single Sign-On for VMware Tanzu Application Service versions ant\u00e9rieures \u00e0 1.16.12",
"product": {
"name": "Tanzu",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Stemcells pour Ubuntu Jammy Azure Light versions ant\u00e9rieures \u00e0 1.894",
"product": {
"name": "Tanzu",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Stemcells pour Ubuntu Jammy versions ant\u00e9rieures \u00e0 1.894",
"product": {
"name": "Tanzu",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu Hub versions ant\u00e9rieures \u00e0 10.2.1",
"product": {
"name": "Tanzu",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Java Buildpack versions ant\u00e9rieures \u00e0 4.84.0",
"product": {
"name": "Tanzu",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu for MySQL on Cloud Foundry versions ant\u00e9rieures \u00e0 10.0.2",
"product": {
"name": "Tanzu",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu GemFire versions ant\u00e9rieures \u00e0 10.1.4",
"product": {
"name": "Tanzu",
"vendor": {
"name": "VMware",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2019-25013",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-25013"
},
{
"name": "CVE-2025-4088",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4088"
},
{
"name": "CVE-2025-6395",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6395"
},
{
"name": "CVE-2021-35636",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35636"
},
{
"name": "CVE-2013-4235",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-4235"
},
{
"name": "CVE-2017-3613",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3613"
},
{
"name": "CVE-2025-30681",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30681"
},
{
"name": "CVE-2025-0448",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0448"
},
{
"name": "CVE-2021-35583",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35583"
},
{
"name": "CVE-2025-3032",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3032"
},
{
"name": "CVE-2019-2585",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2585"
},
{
"name": "CVE-2021-2352",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2352"
},
{
"name": "CVE-2024-38807",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38807"
},
{
"name": "CVE-2025-37850",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37850"
},
{
"name": "CVE-2023-0216",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0216"
},
{
"name": "CVE-2021-3236",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3236"
},
{
"name": "CVE-2023-7104",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-7104"
},
{
"name": "CVE-2020-14861",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14861"
},
{
"name": "CVE-2025-0242",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0242"
},
{
"name": "CVE-2022-1473",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1473"
},
{
"name": "CVE-2015-4789",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4789"
},
{
"name": "CVE-2021-35639",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35639"
},
{
"name": "CVE-2023-40217",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-40217"
},
{
"name": "CVE-2018-3279",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-3279"
},
{
"name": "CVE-2025-21975",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21975"
},
{
"name": "CVE-2023-0401",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0401"
},
{
"name": "CVE-2019-2982",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2982"
},
{
"name": "CVE-2024-46821",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46821"
},
{
"name": "CVE-2022-21253",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21253"
},
{
"name": "CVE-2025-31115",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-31115"
},
{
"name": "CVE-2024-10467",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-10467"
},
{
"name": "CVE-2021-33294",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-33294"
},
{
"name": "CVE-2022-21538",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21538"
},
{
"name": "CVE-2022-22965",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22965"
},
{
"name": "CVE-2024-53203",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53203"
},
{
"name": "CVE-2025-5281",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5281"
},
{
"name": "CVE-2024-9681",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-9681"
},
{
"name": "CVE-2019-2808",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2808"
},
{
"name": "CVE-2011-3374",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3374"
},
{
"name": "CVE-2025-30689",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30689"
},
{
"name": "CVE-2023-3138",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3138"
},
{
"name": "CVE-2024-11168",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-11168"
},
{
"name": "CVE-2021-35575",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35575"
},
{
"name": "CVE-2025-37892",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37892"
},
{
"name": "CVE-2025-39728",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39728"
},
{
"name": "CVE-2025-37859",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37859"
},
{
"name": "CVE-2025-8027",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8027"
},
{
"name": "CVE-2025-1372",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1372"
},
{
"name": "CVE-2022-21436",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21436"
},
{
"name": "CVE-2025-2857",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-2857"
},
{
"name": "CVE-2025-30715",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30715"
},
{
"name": "CVE-2020-14773",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14773"
},
{
"name": "CVE-2025-37792",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37792"
},
{
"name": "CVE-2023-5841",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5841"
},
{
"name": "CVE-2022-46908",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-46908"
},
{
"name": "CVE-2024-28834",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-28834"
},
{
"name": "CVE-2021-38604",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-38604"
},
{
"name": "CVE-2024-37891",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-37891"
},
{
"name": "CVE-2023-46218",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-46218"
},
{
"name": "CVE-2025-30682",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30682"
},
{
"name": "CVE-2023-22015",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22015"
},
{
"name": "CVE-2025-27818",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27818"
},
{
"name": "CVE-2019-2589",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2589"
},
{
"name": "CVE-2023-22103",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22103"
},
{
"name": "CVE-2022-49728",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49728"
},
{
"name": "CVE-2025-22025",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22025"
},
{
"name": "CVE-2022-21418",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21418"
},
{
"name": "CVE-2025-5222",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5222"
},
{
"name": "CVE-2021-2441",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2441"
},
{
"name": "CVE-2025-1939",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1939"
},
{
"name": "CVE-2023-21877",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21877"
},
{
"name": "CVE-2023-6780",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6780"
},
{
"name": "CVE-2020-2921",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2921"
},
{
"name": "CVE-2021-2357",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2357"
},
{
"name": "CVE-2025-0440",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0440"
},
{
"name": "CVE-2024-21207",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21207"
},
{
"name": "CVE-2025-22027",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22027"
},
{
"name": "CVE-2025-27516",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27516"
},
{
"name": "CVE-2024-38286",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38286"
},
{
"name": "CVE-2024-3220",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-3220"
},
{
"name": "CVE-2025-4091",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4091"
},
{
"name": "CVE-2025-5065",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5065"
},
{
"name": "CVE-2025-0996",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0996"
},
{
"name": "CVE-2022-42010",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42010"
},
{
"name": "CVE-2015-4787",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4787"
},
{
"name": "CVE-2019-2596",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2596"
},
{
"name": "CVE-2019-2879",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2879"
},
{
"name": "CVE-2025-0445",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0445"
},
{
"name": "CVE-2019-2630",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2630"
},
{
"name": "CVE-2025-9308",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9308"
},
{
"name": "CVE-2019-2607",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2607"
},
{
"name": "CVE-2025-37766",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37766"
},
{
"name": "CVE-2022-21522",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21522"
},
{
"name": "CVE-2024-10459",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-10459"
},
{
"name": "CVE-2019-2495",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2495"
},
{
"name": "CVE-2025-21853",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21853"
},
{
"name": "CVE-2023-22026",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22026"
},
{
"name": "CVE-2025-37844",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37844"
},
{
"name": "CVE-2016-0682",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-0682"
},
{
"name": "CVE-2020-14829",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14829"
},
{
"name": "CVE-2020-14576",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14576"
},
{
"name": "CVE-2022-21529",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21529"
},
{
"name": "CVE-2025-37871",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37871"
},
{
"name": "CVE-2023-39017",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39017"
},
{
"name": "CVE-2024-46751",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46751"
},
{
"name": "CVE-2025-0434",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0434"
},
{
"name": "CVE-2022-21435",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21435"
},
{
"name": "CVE-2020-14777",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14777"
},
{
"name": "CVE-2021-25220",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-25220"
},
{
"name": "CVE-2025-22872",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22872"
},
{
"name": "CVE-2025-21941",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21941"
},
{
"name": "CVE-2025-8941",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8941"
},
{
"name": "CVE-2019-3003",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-3003"
},
{
"name": "CVE-2020-14839",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14839"
},
{
"name": "CVE-2019-3018",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-3018"
},
{
"name": "CVE-2021-35623",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35623"
},
{
"name": "CVE-2023-38546",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38546"
},
{
"name": "CVE-2022-21460",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21460"
},
{
"name": "CVE-2025-8881",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8881"
},
{
"name": "CVE-2019-2993",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2993"
},
{
"name": "CVE-2020-2686",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2686"
},
{
"name": "CVE-2025-41234",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-41234"
},
{
"name": "CVE-2021-2170",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2170"
},
{
"name": "CVE-2022-21379",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21379"
},
{
"name": "CVE-2021-2215",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2215"
},
{
"name": "CVE-2020-2752",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2752"
},
{
"name": "CVE-2025-4609",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4609"
},
{
"name": "CVE-2024-45339",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45339"
},
{
"name": "CVE-2023-53034",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53034"
},
{
"name": "CVE-2021-2022",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2022"
},
{
"name": "CVE-2024-10461",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-10461"
},
{
"name": "CVE-2022-21526",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21526"
},
{
"name": "CVE-2021-2172",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2172"
},
{
"name": "CVE-2024-33602",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-33602"
},
{
"name": "CVE-2022-21528",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21528"
},
{
"name": "CVE-2025-23138",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23138"
},
{
"name": "CVE-2024-56664",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56664"
},
{
"name": "CVE-2025-38152",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38152"
},
{
"name": "CVE-2014-4715",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-4715"
},
{
"name": "CVE-2024-36945",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36945"
},
{
"name": "CVE-2021-2299",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2299"
},
{
"name": "CVE-2020-2892",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2892"
},
{
"name": "CVE-2025-5959",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5959"
},
{
"name": "CVE-2024-45772",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45772"
},
{
"name": "CVE-2016-2149",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-2149"
},
{
"name": "CVE-2025-37790",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37790"
},
{
"name": "CVE-2020-29562",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-29562"
},
{
"name": "CVE-2025-0913",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0913"
},
{
"name": "CVE-2015-4776",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4776"
},
{
"name": "CVE-2023-21865",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21865"
},
{
"name": "CVE-2017-3616",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3616"
},
{
"name": "CVE-2025-27817",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27817"
},
{
"name": "CVE-2021-35640",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35640"
},
{
"name": "CVE-2024-10464",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-10464"
},
{
"name": "CVE-2025-22021",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22021"
},
{
"name": "CVE-2015-4785",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4785"
},
{
"name": "CVE-2020-2853",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2853"
},
{
"name": "CVE-2025-37758",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37758"
},
{
"name": "CVE-2025-2783",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-2783"
},
{
"name": "CVE-2025-1414",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1414"
},
{
"name": "CVE-2025-47907",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47907"
},
{
"name": "CVE-2018-3170",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-3170"
},
{
"name": "CVE-2020-2774",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2774"
},
{
"name": "CVE-2020-14771",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14771"
},
{
"name": "CVE-2025-49146",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-49146"
},
{
"name": "CVE-2025-3066",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3066"
},
{
"name": "CVE-2022-1292",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1292"
},
{
"name": "CVE-2024-46787",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46787"
},
{
"name": "CVE-2019-2685",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2685"
},
{
"name": "CVE-2021-2196",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2196"
},
{
"name": "CVE-2023-45853",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45853"
},
{
"name": "CVE-2024-21197",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21197"
},
{
"name": "CVE-2024-47611",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47611"
},
{
"name": "CVE-2025-8037",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8037"
},
{
"name": "CVE-2025-4918",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4918"
},
{
"name": "CVE-2023-21881",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21881"
},
{
"name": "CVE-2022-49168",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49168"
},
{
"name": "CVE-2020-14540",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14540"
},
{
"name": "CVE-2025-45582",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-45582"
},
{
"name": "CVE-2024-50125",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50125"
},
{
"name": "CVE-2025-37841",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37841"
},
{
"name": "CVE-2025-30703",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30703"
},
{
"name": "CVE-2025-2136",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-2136"
},
{
"name": "CVE-2022-48522",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48522"
},
{
"name": "CVE-2025-0439",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0439"
},
{
"name": "CVE-2023-45288",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45288"
},
{
"name": "CVE-2021-2305",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2305"
},
{
"name": "CVE-2025-37770",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37770"
},
{
"name": "CVE-2025-37773",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37773"
},
{
"name": "CVE-2023-2602",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2602"
},
{
"name": "CVE-2021-20304",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20304"
},
{
"name": "CVE-2025-6069",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6069"
},
{
"name": "CVE-2025-4090",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4090"
},
{
"name": "CVE-2017-10140",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-10140"
},
{
"name": "CVE-2022-0667",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0667"
},
{
"name": "CVE-2024-6232",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6232"
},
{
"name": "CVE-2025-22050",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22050"
},
{
"name": "CVE-2019-2740",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2740"
},
{
"name": "CVE-2025-9180",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9180"
},
{
"name": "CVE-2025-8581",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8581"
},
{
"name": "CVE-2024-50047",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50047"
},
{
"name": "CVE-2025-1919",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1919"
},
{
"name": "CVE-2025-39735",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39735"
},
{
"name": "CVE-2025-3030",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3030"
},
{
"name": "CVE-2025-24813",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24813"
},
{
"name": "CVE-2018-1273",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1273"
},
{
"name": "CVE-2022-21297",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21297"
},
{
"name": "CVE-2023-47100",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-47100"
},
{
"name": "CVE-2025-37983",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37983"
},
{
"name": "CVE-2015-4764",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4764"
},
{
"name": "CVE-2020-2901",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2901"
},
{
"name": "CVE-2025-0241",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0241"
},
{
"name": "CVE-2020-1752",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-1752"
},
{
"name": "CVE-2015-4779",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4779"
},
{
"name": "CVE-2020-2694",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2694"
},
{
"name": "CVE-2025-8034",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8034"
},
{
"name": "CVE-2025-37798",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37798"
},
{
"name": "CVE-2025-37819",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37819"
},
{
"name": "CVE-2025-4664",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4664"
},
{
"name": "CVE-2021-2160",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2160"
},
{
"name": "CVE-2025-49794",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-49794"
},
{
"name": "CVE-2021-35596",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35596"
},
{
"name": "CVE-2024-9287",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-9287"
},
{
"name": "CVE-2025-49710",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-49710"
},
{
"name": "CVE-2025-22004",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22004"
},
{
"name": "CVE-2021-2427",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2427"
},
{
"name": "CVE-2024-3596",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-3596"
},
{
"name": "CVE-2023-0215",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0215"
},
{
"name": "CVE-2021-35624",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35624"
},
{
"name": "CVE-2019-2819",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2819"
},
{
"name": "CVE-2023-36632",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-36632"
},
{
"name": "CVE-2024-35867",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35867"
},
{
"name": "CVE-2022-21452",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21452"
},
{
"name": "CVE-2007-4559",
"url": "https://www.cve.org/CVERecord?id=CVE-2007-4559"
},
{
"name": "CVE-2021-2164",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2164"
},
{
"name": "CVE-2021-2374",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2374"
},
{
"name": "CVE-2020-14547",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14547"
},
{
"name": "CVE-2025-21839",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21839"
},
{
"name": "CVE-2020-14870",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14870"
},
{
"name": "CVE-2025-9182",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9182"
},
{
"name": "CVE-2021-35612",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35612"
},
{
"name": "CVE-2023-0286",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0286"
},
{
"name": "CVE-2022-3715",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3715"
},
{
"name": "CVE-2023-4016",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4016"
},
{
"name": "CVE-2024-22047",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-22047"
},
{
"name": "CVE-2015-4780",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4780"
},
{
"name": "CVE-2025-38023",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38023"
},
{
"name": "CVE-2019-2811",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2811"
},
{
"name": "CVE-2024-56171",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56171"
},
{
"name": "CVE-2023-21874",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21874"
},
{
"name": "CVE-2024-1975",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-1975"
},
{
"name": "CVE-2023-43785",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-43785"
},
{
"name": "CVE-2025-30696",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30696"
},
{
"name": "CVE-2022-25883",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25883"
},
{
"name": "CVE-2019-2774",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2774"
},
{
"name": "CVE-2019-2803",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2803"
},
{
"name": "CVE-2008-5727",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-5727"
},
{
"name": "CVE-2025-1426",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1426"
},
{
"name": "CVE-2025-6434",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6434"
},
{
"name": "CVE-2020-14785",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14785"
},
{
"name": "CVE-2024-46812",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46812"
},
{
"name": "CVE-2020-2760",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2760"
},
{
"name": "CVE-2025-5066",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5066"
},
{
"name": "CVE-2021-2424",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2424"
},
{
"name": "CVE-2021-35604",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35604"
},
{
"name": "CVE-2025-37789",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37789"
},
{
"name": "CVE-2019-2814",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2814"
},
{
"name": "CVE-2025-24970",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24970"
},
{
"name": "CVE-2019-2606",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2606"
},
{
"name": "CVE-2022-3515",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3515"
},
{
"name": "CVE-2024-0760",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-0760"
},
{
"name": "CVE-2022-21530",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21530"
},
{
"name": "CVE-2024-11698",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-11698"
},
{
"name": "CVE-2024-46816",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46816"
},
{
"name": "CVE-2015-4754",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4754"
},
{
"name": "CVE-2020-14891",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14891"
},
{
"name": "CVE-2019-2966",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2966"
},
{
"name": "CVE-2022-21415",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21415"
},
{
"name": "CVE-2023-45322",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45322"
},
{
"name": "CVE-2021-2180",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2180"
},
{
"name": "CVE-2022-39046",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-39046"
},
{
"name": "CVE-2025-21584",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21584"
},
{
"name": "CVE-2019-2780",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2780"
},
{
"name": "CVE-2025-5064",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5064"
},
{
"name": "CVE-2021-35939",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35939"
},
{
"name": "CVE-2021-35537",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35537"
},
{
"name": "CVE-2024-38819",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38819"
},
{
"name": "CVE-2023-4807",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4807"
},
{
"name": "CVE-2025-37867",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37867"
},
{
"name": "CVE-2021-2385",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2385"
},
{
"name": "CVE-2019-2530",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2530"
},
{
"name": "CVE-2019-2743",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2743"
},
{
"name": "CVE-2025-37857",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37857"
},
{
"name": "CVE-2024-13176",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-13176"
},
{
"name": "CVE-2023-22007",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22007"
},
{
"name": "CVE-2019-2737",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2737"
},
{
"name": "CVE-2018-1000169",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1000169"
},
{
"name": "CVE-2025-7962",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-7962"
},
{
"name": "CVE-2023-21878",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21878"
},
{
"name": "CVE-2024-58251",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58251"
},
{
"name": "CVE-2025-1931",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1931"
},
{
"name": "CVE-2025-0612",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0612"
},
{
"name": "CVE-2023-28322",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28322"
},
{
"name": "CVE-2025-37937",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37937"
},
{
"name": "CVE-2021-2194",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2194"
},
{
"name": "CVE-2021-3421",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3421"
},
{
"name": "CVE-2015-4790",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4790"
},
{
"name": "CVE-2025-4598",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4598"
},
{
"name": "CVE-2025-27144",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27144"
},
{
"name": "CVE-2024-6174",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6174"
},
{
"name": "CVE-2025-7656",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-7656"
},
{
"name": "CVE-2024-7012",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-7012"
},
{
"name": "CVE-2025-0237",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0237"
},
{
"name": "CVE-2019-2991",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2991"
},
{
"name": "CVE-2025-5264",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5264"
},
{
"name": "CVE-2025-37927",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37927"
},
{
"name": "CVE-2020-14804",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14804"
},
{
"name": "CVE-2013-1548",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-1548"
},
{
"name": "CVE-2019-2752",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2752"
},
{
"name": "CVE-2025-37911",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37911"
},
{
"name": "CVE-2024-26686",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26686"
},
{
"name": "CVE-2020-2804",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2804"
},
{
"name": "CVE-2023-44487",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-44487"
},
{
"name": "CVE-2024-29857",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-29857"
},
{
"name": "CVE-2023-6779",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6779"
},
{
"name": "CVE-2023-5363",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5363"
},
{
"name": "CVE-2025-5115",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5115"
},
{
"name": "CVE-2025-4085",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4085"
},
{
"name": "CVE-2022-21302",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21302"
},
{
"name": "CVE-2021-2412",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2412"
},
{
"name": "CVE-2019-2997",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2997"
},
{
"name": "CVE-2025-3028",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3028"
},
{
"name": "CVE-2019-2746",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2746"
},
{
"name": "CVE-2025-9181",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9181"
},
{
"name": "CVE-2025-6192",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6192"
},
{
"name": "CVE-2025-2817",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-2817"
},
{
"name": "CVE-2021-45105",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-45105"
},
{
"name": "CVE-2025-5268",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5268"
},
{
"name": "CVE-2022-21589",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21589"
},
{
"name": "CVE-2024-13009",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-13009"
},
{
"name": "CVE-2022-49043",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49043"
},
{
"name": "CVE-2022-21517",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21517"
},
{
"name": "CVE-2019-3004",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-3004"
},
{
"name": "CVE-2024-53144",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53144"
},
{
"name": "CVE-2015-2624",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-2624"
},
{
"name": "CVE-2022-2068",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2068"
},
{
"name": "CVE-2025-38637",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38637"
},
{
"name": "CVE-2019-2826",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2826"
},
{
"name": "CVE-2024-53128",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53128"
},
{
"name": "CVE-2024-21198",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21198"
},
{
"name": "CVE-2020-2928",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2928"
},
{
"name": "CVE-2025-37930",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37930"
},
{
"name": "CVE-2019-2914",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2914"
},
{
"name": "CVE-2020-14844",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14844"
},
{
"name": "CVE-2025-22055",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22055"
},
{
"name": "CVE-2021-20266",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20266"
},
{
"name": "CVE-2025-37810",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37810"
},
{
"name": "CVE-2024-1737",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-1737"
},
{
"name": "CVE-2024-34447",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34447"
},
{
"name": "CVE-2020-2770",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2770"
},
{
"name": "CVE-2021-35608",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35608"
},
{
"name": "CVE-2025-1371",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1371"
},
{
"name": "CVE-2024-12798",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12798"
},
{
"name": "CVE-2021-2201",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2201"
},
{
"name": "CVE-2025-0938",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0938"
},
{
"name": "CVE-2025-5372",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5372"
},
{
"name": "CVE-2008-5729",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-5729"
},
{
"name": "CVE-2022-27782",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27782"
},
{
"name": "CVE-2023-21883",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21883"
},
{
"name": "CVE-2025-27210",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27210"
},
{
"name": "CVE-2024-33600",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-33600"
},
{
"name": "CVE-2015-2654",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-2654"
},
{
"name": "CVE-2019-2617",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2617"
},
{
"name": "CVE-2024-21201",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21201"
},
{
"name": "CVE-2021-35647",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35647"
},
{
"name": "CVE-2020-14559",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14559"
},
{
"name": "CVE-2025-23159",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23159"
},
{
"name": "CVE-2025-1932",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1932"
},
{
"name": "CVE-2015-4778",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4778"
},
{
"name": "CVE-2022-21539",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21539"
},
{
"name": "CVE-2025-3072",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3072"
},
{
"name": "CVE-2025-49125",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-49125"
},
{
"name": "CVE-2025-50106",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50106"
},
{
"name": "CVE-2025-0451",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0451"
},
{
"name": "CVE-2022-21440",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21440"
},
{
"name": "CVE-2023-21977",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21977"
},
{
"name": "CVE-2025-48060",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48060"
},
{
"name": "CVE-2020-2761",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2761"
},
{
"name": "CVE-2022-21531",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21531"
},
{
"name": "CVE-2024-10458",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-10458"
},
{
"name": "CVE-2024-10463",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-10463"
},
{
"name": "CVE-2021-2300",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2300"
},
{
"name": "CVE-2022-21304",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21304"
},
{
"name": "CVE-2024-10468",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-10468"
},
{
"name": "CVE-2020-1971",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-1971"
},
{
"name": "CVE-2021-2202",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2202"
},
{
"name": "CVE-2020-14873",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14873"
},
{
"name": "CVE-2022-49636",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49636"
},
{
"name": "CVE-2023-4813",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4813"
},
{
"name": "CVE-2017-3617",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3617"
},
{
"name": "CVE-2024-11703",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-11703"
},
{
"name": "CVE-2021-23337",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-23337"
},
{
"name": "CVE-2019-2626",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2626"
},
{
"name": "CVE-2025-1010",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1010"
},
{
"name": "CVE-2022-21479",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21479"
},
{
"name": "CVE-2025-4877",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4877"
},
{
"name": "CVE-2024-49960",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49960"
},
{
"name": "CVE-2017-3615",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3615"
},
{
"name": "CVE-2023-28320",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28320"
},
{
"name": "CVE-2025-37741",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37741"
},
{
"name": "CVE-2025-30683",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30683"
},
{
"name": "CVE-2025-30699",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30699"
},
{
"name": "CVE-2023-46129",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-46129"
},
{
"name": "CVE-2024-10460",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-10460"
},
{
"name": "CVE-2024-4030",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-4030"
},
{
"name": "CVE-2025-27587",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27587"
},
{
"name": "CVE-2019-3009",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-3009"
},
{
"name": "CVE-2021-2307",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2307"
},
{
"name": "CVE-2025-8880",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8880"
},
{
"name": "CVE-2020-2679",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2679"
},
{
"name": "CVE-2019-2938",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2938"
},
{
"name": "CVE-2025-37912",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37912"
},
{
"name": "CVE-2023-22070",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22070"
},
{
"name": "CVE-2023-39810",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39810"
},
{
"name": "CVE-2021-2014",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2014"
},
{
"name": "CVE-2021-2230",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2230"
},
{
"name": "CVE-2023-21875",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21875"
},
{
"name": "CVE-2025-37985",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37985"
},
{
"name": "CVE-2022-21515",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21515"
},
{
"name": "CVE-2025-1390",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1390"
},
{
"name": "CVE-2024-33599",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-33599"
},
{
"name": "CVE-2020-2897",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2897"
},
{
"name": "CVE-2025-37787",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37787"
},
{
"name": "CVE-2025-1920",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1920"
},
{
"name": "CVE-2025-6297",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6297"
},
{
"name": "CVE-2025-22035",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22035"
},
{
"name": "CVE-2025-4089",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4089"
},
{
"name": "CVE-2024-58093",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58093"
},
{
"name": "CVE-2020-2574",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2574"
},
{
"name": "CVE-2017-3608",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3608"
},
{
"name": "CVE-2020-14769",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14769"
},
{
"name": "CVE-2025-47268",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47268"
},
{
"name": "CVE-2022-21527",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21527"
},
{
"name": "CVE-2025-30754",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30754"
},
{
"name": "CVE-2024-31047",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-31047"
},
{
"name": "CVE-2024-28180",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-28180"
},
{
"name": "CVE-2023-28484",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28484"
},
{
"name": "CVE-2019-2708",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2708"
},
{
"name": "CVE-2016-0692",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-0692"
},
{
"name": "CVE-2016-2160",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-2160"
},
{
"name": "CVE-2025-22233",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22233"
},
{
"name": "CVE-2025-9179",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9179"
},
{
"name": "CVE-2021-23169",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-23169"
},
{
"name": "CVE-2023-46219",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-46219"
},
{
"name": "CVE-2023-47038",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-47038"
},
{
"name": "CVE-2021-35635",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35635"
},
{
"name": "CVE-2025-3068",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3068"
},
{
"name": "CVE-2025-3619",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3619"
},
{
"name": "CVE-2023-5981",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5981"
},
{
"name": "CVE-2025-3031",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3031"
},
{
"name": "CVE-2020-10878",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-10878"
},
{
"name": "CVE-2023-27043",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27043"
},
{
"name": "CVE-2025-1016",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1016"
},
{
"name": "CVE-2015-4782",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4782"
},
{
"name": "CVE-2025-4096",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4096"
},
{
"name": "CVE-2025-21959",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21959"
},
{
"name": "CVE-2024-38809",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38809"
},
{
"name": "CVE-2021-35610",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35610"
},
{
"name": "CVE-2017-3610",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3610"
},
{
"name": "CVE-2023-0217",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0217"
},
{
"name": "CVE-2024-30172",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-30172"
},
{
"name": "CVE-2021-2429",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2429"
},
{
"name": "CVE-2025-5915",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5915"
},
{
"name": "CVE-2024-11700",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-11700"
},
{
"name": "CVE-2024-11708",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-11708"
},
{
"name": "CVE-2025-38024",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38024"
},
{
"name": "CVE-2020-2922",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2922"
},
{
"name": "CVE-2020-2660",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2660"
},
{
"name": "CVE-2022-49063",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49063"
},
{
"name": "CVE-2024-21213",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21213"
},
{
"name": "CVE-2025-5917",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5917"
},
{
"name": "CVE-2023-35116",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-35116"
},
{
"name": "CVE-2019-2969",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2969"
},
{
"name": "CVE-2025-0247",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0247"
},
{
"name": "CVE-2025-5263",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5263"
},
{
"name": "CVE-2017-12195",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12195"
},
{
"name": "CVE-2024-51744",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-51744"
},
{
"name": "CVE-2024-38820",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38820"
},
{
"name": "CVE-2022-3786",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3786"
},
{
"name": "CVE-2025-37889",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37889"
},
{
"name": "CVE-2021-35602",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35602"
},
{
"name": "CVE-2015-4788",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4788"
},
{
"name": "CVE-2021-2146",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2146"
},
{
"name": "CVE-2024-11701",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-11701"
},
{
"name": "CVE-2023-21872",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21872"
},
{
"name": "CVE-2025-0443",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0443"
},
{
"name": "CVE-2025-1019",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1019"
},
{
"name": "CVE-2024-45338",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45338"
},
{
"name": "CVE-2025-21981",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21981"
},
{
"name": "CVE-2023-48795",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-48795"
},
{
"name": "CVE-2021-35577",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35577"
},
{
"name": "CVE-2025-6965",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6965"
},
{
"name": "CVE-2020-14869",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14869"
},
{
"name": "CVE-2021-35646",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35646"
},
{
"name": "CVE-2022-21303",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21303"
},
{
"name": "CVE-2024-11584",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-11584"
},
{
"name": "CVE-2025-50182",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50182"
},
{
"name": "CVE-2020-2579",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2579"
},
{
"name": "CVE-2019-2778",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2778"
},
{
"name": "CVE-2020-2981",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2981"
},
{
"name": "CVE-2025-4052",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4052"
},
{
"name": "CVE-2025-1941",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1941"
},
{
"name": "CVE-2019-2625",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2625"
},
{
"name": "CVE-2024-21219",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21219"
},
{
"name": "CVE-2025-8044",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8044"
},
{
"name": "CVE-2021-35607",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35607"
},
{
"name": "CVE-2019-2957",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2957"
},
{
"name": "CVE-2019-7317",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-7317"
},
{
"name": "CVE-2021-35625",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35625"
},
{
"name": "CVE-2025-38005",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38005"
},
{
"name": "CVE-2025-8194",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8194"
},
{
"name": "CVE-2025-22014",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22014"
},
{
"name": "CVE-2024-21194",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21194"
},
{
"name": "CVE-2021-2174",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2174"
},
{
"name": "CVE-2025-7657",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-7657"
},
{
"name": "CVE-2019-2494",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2494"
},
{
"name": "CVE-2025-8041",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8041"
},
{
"name": "CVE-2016-3418",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-3418"
},
{
"name": "CVE-2022-29824",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-29824"
},
{
"name": "CVE-2024-11053",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-11053"
},
{
"name": "CVE-2024-7264",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-7264"
},
{
"name": "CVE-2019-2911",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2911"
},
{
"name": "CVE-2019-2802",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2802"
},
{
"name": "CVE-2022-21414",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21414"
},
{
"name": "CVE-2025-32462",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32462"
},
{
"name": "CVE-2021-2203",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2203"
},
{
"name": "CVE-2019-2536",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2536"
},
{
"name": "CVE-2025-3620",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3620"
},
{
"name": "CVE-2021-2208",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2208"
},
{
"name": "CVE-2019-2923",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2923"
},
{
"name": "CVE-2022-49535",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49535"
},
{
"name": "CVE-2024-21196",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21196"
},
{
"name": "CVE-2025-50181",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50181"
},
{
"name": "CVE-2024-21742",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21742"
},
{
"name": "CVE-2015-2656",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-2656"
},
{
"name": "CVE-2022-21617",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21617"
},
{
"name": "CVE-2021-2422",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2422"
},
{
"name": "CVE-2020-14790",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14790"
},
{
"name": "CVE-2025-1795",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1795"
},
{
"name": "CVE-2025-23158",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23158"
},
{
"name": "CVE-2025-21996",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21996"
},
{
"name": "CVE-2022-21358",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21358"
},
{
"name": "CVE-2017-3612",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3612"
},
{
"name": "CVE-2025-23144",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23144"
},
{
"name": "CVE-2025-37969",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37969"
},
{
"name": "CVE-2024-21199",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21199"
},
{
"name": "CVE-2019-2967",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2967"
},
{
"name": "CVE-2018-3186",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-3186"
},
{
"name": "CVE-2022-48893",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48893"
},
{
"name": "CVE-2025-6435",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6435"
},
{
"name": "CVE-2023-31439",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-31439"
},
{
"name": "CVE-2023-51074",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-51074"
},
{
"name": "CVE-2024-11692",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-11692"
},
{
"name": "CVE-2020-2930",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2930"
},
{
"name": "CVE-2025-37742",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37742"
},
{
"name": "CVE-2025-23136",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23136"
},
{
"name": "CVE-2022-21608",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21608"
},
{
"name": "CVE-2025-37785",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37785"
},
{
"name": "CVE-2021-2354",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2354"
},
{
"name": "CVE-2025-37765",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37765"
},
{
"name": "CVE-2025-48964",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48964"
},
{
"name": "CVE-2025-21574",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21574"
},
{
"name": "CVE-2022-42011",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42011"
},
{
"name": "CVE-2023-5189",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5189"
},
{
"name": "CVE-2025-21957",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21957"
},
{
"name": "CVE-2025-8901",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8901"
},
{
"name": "CVE-2025-1020",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1020"
},
{
"name": "CVE-2025-4674",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4674"
},
{
"name": "CVE-2025-30258",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30258"
},
{
"name": "CVE-2025-21999",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21999"
},
{
"name": "CVE-2021-2367",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2367"
},
{
"name": "CVE-2025-0446",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0446"
},
{
"name": "CVE-2024-56406",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56406"
},
{
"name": "CVE-2021-35626",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35626"
},
{
"name": "CVE-2019-2535",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2535"
},
{
"name": "CVE-2025-23161",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23161"
},
{
"name": "CVE-2025-0435",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0435"
},
{
"name": "CVE-2021-2384",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2384"
},
{
"name": "CVE-2015-4784",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4784"
},
{
"name": "CVE-2020-14799",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14799"
},
{
"name": "CVE-2023-4527",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4527"
},
{
"name": "CVE-2025-5278",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5278"
},
{
"name": "CVE-2025-37803",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37803"
},
{
"name": "CVE-2025-21992",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21992"
},
{
"name": "CVE-2021-35632",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35632"
},
{
"name": "CVE-2025-52999",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-52999"
},
{
"name": "CVE-2023-34055",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-34055"
},
{
"name": "CVE-2024-56433",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56433"
},
{
"name": "CVE-2019-2796",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2796"
},
{
"name": "CVE-2025-37824",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37824"
},
{
"name": "CVE-2023-0464",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0464"
},
{
"name": "CVE-2022-21342",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21342"
},
{
"name": "CVE-2023-4156",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4156"
},
{
"name": "CVE-2025-21580",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21580"
},
{
"name": "CVE-2020-14793",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14793"
},
{
"name": "CVE-2025-5318",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5318"
},
{
"name": "CVE-2025-0999",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0999"
},
{
"name": "CVE-2025-1921",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1921"
},
{
"name": "CVE-2025-7783",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-7783"
},
{
"name": "CVE-2021-2007",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2007"
},
{
"name": "CVE-2025-37923",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37923"
},
{
"name": "CVE-2012-5783",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-5783"
},
{
"name": "CVE-2025-8882",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8882"
},
{
"name": "CVE-2025-22044",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22044"
},
{
"name": "CVE-2019-2798",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2798"
},
{
"name": "CVE-2022-0213",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0213"
},
{
"name": "CVE-2024-53051",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53051"
},
{
"name": "CVE-2020-14789",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14789"
},
{
"name": "CVE-2025-22062",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22062"
},
{
"name": "CVE-2025-21575",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21575"
},
{
"name": "CVE-2025-37739",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37739"
},
{
"name": "CVE-2021-2389",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2389"
},
{
"name": "CVE-2023-21840",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21840"
},
{
"name": "CVE-2025-38575",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38575"
},
{
"name": "CVE-2025-8577",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8577"
},
{
"name": "CVE-2024-11699",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-11699"
},
{
"name": "CVE-2019-2789",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2789"
},
{
"name": "CVE-2025-22018",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22018"
},
{
"name": "CVE-2020-2893",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2893"
},
{
"name": "CVE-2020-14765",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14765"
},
{
"name": "CVE-2025-3277",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3277"
},
{
"name": "CVE-2018-3137",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-3137"
},
{
"name": "CVE-2025-21577",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21577"
},
{
"name": "CVE-2025-37940",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37940"
},
{
"name": "CVE-2022-21270",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21270"
},
{
"name": "CVE-2019-2784",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2784"
},
{
"name": "CVE-2025-21970",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21970"
},
{
"name": "CVE-2025-22056",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22056"
},
{
"name": "CVE-2022-42012",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42012"
},
{
"name": "CVE-2025-4087",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4087"
},
{
"name": "CVE-2025-2135",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-2135"
},
{
"name": "CVE-2018-3286",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-3286"
},
{
"name": "CVE-2021-35648",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35648"
},
{
"name": "CVE-2023-21963",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21963"
},
{
"name": "CVE-2025-37964",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37964"
},
{
"name": "CVE-2025-3033",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3033"
},
{
"name": "CVE-2025-8879",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8879"
},
{
"name": "CVE-2020-14866",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14866"
},
{
"name": "CVE-2024-46742",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46742"
},
{
"name": "CVE-2024-50272",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50272"
},
{
"name": "CVE-2021-2437",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2437"
},
{
"name": "CVE-2025-37915",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37915"
},
{
"name": "CVE-2021-4193",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-4193"
},
{
"name": "CVE-2025-6020",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6020"
},
{
"name": "CVE-2015-2626",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-2626"
},
{
"name": "CVE-2025-23146",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23146"
},
{
"name": "CVE-2021-2193",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2193"
},
{
"name": "CVE-2024-11395",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-11395"
},
{
"name": "CVE-2020-2577",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2577"
},
{
"name": "CVE-2025-23142",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23142"
},
{
"name": "CVE-2020-10029",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-10029"
},
{
"name": "CVE-2025-7425",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-7425"
},
{
"name": "CVE-2019-2758",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2758"
},
{
"name": "CVE-2023-3978",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3978"
},
{
"name": "CVE-2019-2810",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2810"
},
{
"name": "CVE-2024-35790",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35790"
},
{
"name": "CVE-2025-37738",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37738"
},
{
"name": "CVE-2023-29469",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29469"
},
{
"name": "CVE-2025-2137",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-2137"
},
{
"name": "CVE-2024-5535",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-5535"
},
{
"name": "CVE-2025-22868",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22868"
},
{
"name": "CVE-2025-5419",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5419"
},
{
"name": "CVE-2021-2418",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2418"
},
{
"name": "CVE-2023-27535",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27535"
},
{
"name": "CVE-2025-37830",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37830"
},
{
"name": "CVE-2019-2631",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2631"
},
{
"name": "CVE-2019-2805",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2805"
},
{
"name": "CVE-2025-37991",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37991"
},
{
"name": "CVE-2025-23085",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23085"
},
{
"name": "CVE-2024-0450",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-0450"
},
{
"name": "CVE-2023-21866",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21866"
},
{
"name": "CVE-2021-2411",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2411"
},
{
"name": "CVE-2020-2790",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2790"
},
{
"name": "CVE-2023-52572",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52572"
},
{
"name": "CVE-2019-2623",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2623"
},
{
"name": "CVE-2024-12801",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12801"
},
{
"name": "CVE-2025-37781",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37781"
},
{
"name": "CVE-2025-6557",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6557"
},
{
"name": "CVE-2024-3219",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-3219"
},
{
"name": "CVE-2015-4781",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4781"
},
{
"name": "CVE-2021-35597",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35597"
},
{
"name": "CVE-2025-1916",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1916"
},
{
"name": "CVE-2025-37797",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37797"
},
{
"name": "CVE-2025-23145",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23145"
},
{
"name": "CVE-2021-2425",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2425"
},
{
"name": "CVE-2025-1006",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1006"
},
{
"name": "CVE-2021-2390",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2390"
},
{
"name": "CVE-2022-21553",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21553"
},
{
"name": "CVE-2022-21451",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21451"
},
{
"name": "CVE-2021-3999",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3999"
},
{
"name": "CVE-2012-6153",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-6153"
},
{
"name": "CVE-2024-47554",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47554"
},
{
"name": "CVE-2025-37823",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37823"
},
{
"name": "CVE-2022-21301",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21301"
},
{
"name": "CVE-2021-2001",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2001"
},
{
"name": "CVE-2024-27402",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27402"
},
{
"name": "CVE-2021-2144",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2144"
},
{
"name": "CVE-2025-8582",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8582"
},
{
"name": "CVE-2022-21264",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21264"
},
{
"name": "CVE-2020-14836",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14836"
},
{
"name": "CVE-2021-3875",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3875"
},
{
"name": "CVE-2021-2444",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2444"
},
{
"name": "CVE-2025-1933",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1933"
},
{
"name": "CVE-2024-2004",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-2004"
},
{
"name": "CVE-2017-3605",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3605"
},
{
"name": "CVE-2025-23165",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23165"
},
{
"name": "CVE-2022-40303",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40303"
},
{
"name": "CVE-2019-2785",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2785"
},
{
"name": "CVE-2023-45803",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45803"
},
{
"name": "CVE-2024-6763",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6763"
},
{
"name": "CVE-2025-1942",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1942"
},
{
"name": "CVE-2025-0239",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0239"
},
{
"name": "CVE-2021-2301",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2301"
},
{
"name": "CVE-2019-2797",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2797"
},
{
"name": "CVE-2020-2903",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2903"
},
{
"name": "CVE-2020-10543",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-10543"
},
{
"name": "CVE-2022-21362",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21362"
},
{
"name": "CVE-2021-35628",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35628"
},
{
"name": "CVE-2025-1377",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1377"
},
{
"name": "CVE-2025-5265",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5265"
},
{
"name": "CVE-2024-11697",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-11697"
},
{
"name": "CVE-2025-30705",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30705"
},
{
"name": "CVE-2025-22005",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22005"
},
{
"name": "CVE-2021-4122",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-4122"
},
{
"name": "CVE-2025-37740",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37740"
},
{
"name": "CVE-2019-2686",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2686"
},
{
"name": "CVE-2021-2154",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2154"
},
{
"name": "CVE-2019-10744",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-10744"
},
{
"name": "CVE-2021-2399",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2399"
},
{
"name": "CVE-2025-22045",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22045"
},
{
"name": "CVE-2025-3067",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3067"
},
{
"name": "CVE-2020-2627",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2627"
},
{
"name": "CVE-2022-21509",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21509"
},
{
"name": "CVE-2025-50088",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50088"
},
{
"name": "CVE-2005-2541",
"url": "https://www.cve.org/CVERecord?id=CVE-2005-2541"
},
{
"name": "CVE-2025-37829",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37829"
},
{
"name": "CVE-2025-46394",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-46394"
},
{
"name": "CVE-2025-6170",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6170"
},
{
"name": "CVE-2021-35937",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35937"
},
{
"name": "CVE-2023-22028",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22028"
},
{
"name": "CVE-2019-2946",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2946"
},
{
"name": "CVE-2025-8578",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8578"
},
{
"name": "CVE-2020-14888",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14888"
},
{
"name": "CVE-2025-8039",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8039"
},
{
"name": "CVE-2024-45337",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45337"
},
{
"name": "CVE-2025-22010",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22010"
},
{
"name": "CVE-2024-25260",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-25260"
},
{
"name": "CVE-2025-23151",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23151"
},
{
"name": "CVE-2017-3609",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3609"
},
{
"name": "CVE-2025-52520",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-52520"
},
{
"name": "CVE-2025-1011",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1011"
},
{
"name": "CVE-2017-3611",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3611"
},
{
"name": "CVE-2021-2010",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2010"
},
{
"name": "CVE-2024-53427",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53427"
},
{
"name": "CVE-2025-43857",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43857"
},
{
"name": "CVE-2021-35546",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35546"
},
{
"name": "CVE-2021-2298",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2298"
},
{
"name": "CVE-2023-28321",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28321"
},
{
"name": "CVE-2025-0442",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0442"
},
{
"name": "CVE-2025-37796",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37796"
},
{
"name": "CVE-2019-2694",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2694"
},
{
"name": "CVE-2025-8580",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8580"
},
{
"name": "CVE-2024-7254",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-7254"
},
{
"name": "CVE-2025-1930",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1930"
},
{
"name": "CVE-2020-14809",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14809"
},
{
"name": "CVE-2022-2309",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2309"
},
{
"name": "CVE-2020-15358",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-15358"
},
{
"name": "CVE-2021-2339",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2339"
},
{
"name": "CVE-2025-54988",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-54988"
},
{
"name": "CVE-2025-0997",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0997"
},
{
"name": "CVE-2025-23083",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23083"
},
{
"name": "CVE-2015-4777",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4777"
},
{
"name": "CVE-2020-14550",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14550"
},
{
"name": "CVE-2021-2162",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2162"
},
{
"name": "CVE-2025-37883",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37883"
},
{
"name": "CVE-2023-0687",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0687"
},
{
"name": "CVE-2018-3203",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-3203"
},
{
"name": "CVE-2025-0441",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0441"
},
{
"name": "CVE-2025-37811",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37811"
},
{
"name": "CVE-2022-21457",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21457"
},
{
"name": "CVE-2023-5156",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5156"
},
{
"name": "CVE-2019-2822",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2822"
},
{
"name": "CVE-2019-2502",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2502"
},
{
"name": "CVE-2022-2795",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2795"
},
{
"name": "CVE-2024-21212",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21212"
},
{
"name": "CVE-2021-32256",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-32256"
},
{
"name": "CVE-2022-22942",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22942"
},
{
"name": "CVE-2025-55163",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55163"
},
{
"name": "CVE-2021-2032",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2032"
},
{
"name": "CVE-2017-8046",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-8046"
},
{
"name": "CVE-2019-2801",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2801"
},
{
"name": "CVE-2024-21193",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21193"
},
{
"name": "CVE-2024-0553",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-0553"
},
{
"name": "CVE-2019-3011",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-3011"
},
{
"name": "CVE-2022-44638",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-44638"
},
{
"name": "CVE-2025-37767",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37767"
},
{
"name": "CVE-2023-21871",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21871"
},
{
"name": "CVE-2021-2356",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2356"
},
{
"name": "CVE-2020-2926",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2926"
},
{
"name": "CVE-2017-3614",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3614"
},
{
"name": "CVE-2020-14846",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14846"
},
{
"name": "CVE-2022-21249",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21249"
},
{
"name": "CVE-2024-21241",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21241"
},
{
"name": "CVE-2025-37989",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37989"
},
{
"name": "CVE-2021-2171",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2171"
},
{
"name": "CVE-2019-2436",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2436"
},
{
"name": "CVE-2022-21265",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21265"
},
{
"name": "CVE-2022-21254",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21254"
},
{
"name": "CVE-2025-1009",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1009"
},
{
"name": "CVE-2025-9185",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9185"
},
{
"name": "CVE-2025-4878",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4878"
},
{
"name": "CVE-2024-11695",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-11695"
},
{
"name": "CVE-2025-6433",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6433"
},
{
"name": "CVE-2024-35195",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35195"
},
{
"name": "CVE-2019-2513",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2513"
},
{
"name": "CVE-2025-32990",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32990"
},
{
"name": "CVE-2020-14827",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14827"
},
{
"name": "CVE-2025-6427",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6427"
},
{
"name": "CVE-2019-2689",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2689"
},
{
"name": "CVE-2025-6430",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6430"
},
{
"name": "CVE-2019-2747",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2747"
},
{
"name": "CVE-2025-4092",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4092"
},
{
"name": "CVE-2025-9288",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9288"
},
{
"name": "CVE-2020-2904",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2904"
},
{
"name": "CVE-2019-2998",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2998"
},
{
"name": "CVE-2024-50280",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50280"
},
{
"name": "CVE-2021-2178",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2178"
},
{
"name": "CVE-2021-35591",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35591"
},
{
"name": "CVE-2025-22060",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22060"
},
{
"name": "CVE-2023-2603",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2603"
},
{
"name": "CVE-2025-0995",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0995"
},
{
"name": "CVE-2025-6429",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6429"
},
{
"name": "CVE-2025-4802",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4802"
},
{
"name": "CVE-2022-21455",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21455"
},
{
"name": "CVE-2024-11704",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-11704"
},
{
"name": "CVE-2025-21994",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21994"
},
{
"name": "CVE-2025-30684",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30684"
},
{
"name": "CVE-2022-21413",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21413"
},
{
"name": "CVE-2022-0635",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0635"
},
{
"name": "CVE-2025-48989",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48989"
},
{
"name": "CVE-2022-21372",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21372"
},
{
"name": "CVE-2018-3182",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-3182"
},
{
"name": "CVE-2024-9143",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-9143"
},
{
"name": "CVE-2020-12723",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-12723"
},
{
"name": "CVE-2023-22032",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22032"
},
{
"name": "CVE-2021-3521",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3521"
},
{
"name": "CVE-2021-35637",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35637"
},
{
"name": "CVE-2022-21595",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21595"
},
{
"name": "CVE-2025-1943",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1943"
},
{
"name": "CVE-2025-37768",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37768"
},
{
"name": "CVE-2025-5272",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5272"
},
{
"name": "CVE-2024-33601",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-33601"
},
{
"name": "CVE-2025-32989",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32989"
},
{
"name": "CVE-2021-20298",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20298"
},
{
"name": "CVE-2023-21887",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21887"
},
{
"name": "CVE-2025-22874",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22874"
},
{
"name": "CVE-2019-2624",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2624"
},
{
"name": "CVE-2021-22055",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-22055"
},
{
"name": "CVE-2020-2812",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2812"
},
{
"name": "CVE-2022-1271",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1271"
},
{
"name": "CVE-2025-6556",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6556"
},
{
"name": "CVE-2025-8262",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8262"
},
{
"name": "CVE-2024-28085",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-28085"
},
{
"name": "CVE-2025-1917",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1917"
},
{
"name": "CVE-2022-21256",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21256"
},
{
"name": "CVE-2025-50059",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50059"
},
{
"name": "CVE-2025-37970",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37970"
},
{
"name": "CVE-2025-22066",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22066"
},
{
"name": "CVE-2019-2687",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2687"
},
{
"name": "CVE-2025-8292",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8292"
},
{
"name": "CVE-2025-37905",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37905"
},
{
"name": "CVE-2025-0444",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0444"
},
{
"name": "CVE-2025-21579",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21579"
},
{
"name": "CVE-2020-14845",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14845"
},
{
"name": "CVE-2025-22007",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22007"
},
{
"name": "CVE-2024-34459",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34459"
},
{
"name": "CVE-2025-38094",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38094"
},
{
"name": "CVE-2024-8805",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-8805"
},
{
"name": "CVE-2025-49795",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-49795"
},
{
"name": "CVE-2022-21556",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21556"
},
{
"name": "CVE-2025-4372",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4372"
},
{
"name": "CVE-2024-11691",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-11691"
},
{
"name": "CVE-2023-6237",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6237"
},
{
"name": "CVE-2015-4775",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4775"
},
{
"name": "CVE-2025-37967",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37967"
},
{
"name": "CVE-2016-0694",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-0694"
},
{
"name": "CVE-2020-2896",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2896"
},
{
"name": "CVE-2021-2410",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2410"
},
{
"name": "CVE-2025-29088",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-29088"
},
{
"name": "CVE-2021-46848",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-46848"
},
{
"name": "CVE-2025-6426",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6426"
},
{
"name": "CVE-2020-14800",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14800"
},
{
"name": "CVE-2025-6558",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6558"
},
{
"name": "CVE-2025-8035",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8035"
},
{
"name": "CVE-2025-37885",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37885"
},
{
"name": "CVE-2025-38000",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38000"
},
{
"name": "CVE-2025-22071",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22071"
},
{
"name": "CVE-2025-1376",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1376"
},
{
"name": "CVE-2025-37949",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37949"
},
{
"name": "CVE-2024-56751",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56751"
},
{
"name": "CVE-2023-21873",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21873"
},
{
"name": "CVE-2021-2308",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2308"
},
{
"name": "CVE-2024-22365",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-22365"
},
{
"name": "CVE-2022-21368",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21368"
},
{
"name": "CVE-2023-20873",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-20873"
},
{
"name": "CVE-2024-47535",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47535"
},
{
"name": "CVE-2022-4450",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4450"
},
{
"name": "CVE-2024-46774",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46774"
},
{
"name": "CVE-2025-8579",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8579"
},
{
"name": "CVE-2021-2402",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2402"
},
{
"name": "CVE-2024-21236",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21236"
},
{
"name": "CVE-2025-22075",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22075"
},
{
"name": "CVE-2024-7592",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-7592"
},
{
"name": "CVE-2024-11705",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-11705"
},
{
"name": "CVE-2025-48988",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48988"
},
{
"name": "CVE-2025-38083",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38083"
},
{
"name": "CVE-2023-21863",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21863"
},
{
"name": "CVE-2020-2763",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2763"
},
{
"name": "CVE-2008-5728",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-5728"
},
{
"name": "CVE-2025-6436",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6436"
},
{
"name": "CVE-2015-2583",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-2583"
},
{
"name": "CVE-2020-14852",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14852"
},
{
"name": "CVE-2019-2974",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2974"
},
{
"name": "CVE-2023-21876",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21876"
},
{
"name": "CVE-2024-11702",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-11702"
},
{
"name": "CVE-2024-2236",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-2236"
},
{
"name": "CVE-2023-4039",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4039"
},
{
"name": "CVE-2025-45768",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-45768"
},
{
"name": "CVE-2025-8583",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8583"
},
{
"name": "CVE-2025-4083",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4083"
},
{
"name": "CVE-2020-14868",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14868"
},
{
"name": "CVE-2020-14814",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14814"
},
{
"name": "CVE-2025-1365",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1365"
},
{
"name": "CVE-2020-14837",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14837"
},
{
"name": "CVE-2019-2644",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2644"
},
{
"name": "CVE-2025-1918",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1918"
},
{
"name": "CVE-2022-3996",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3996"
},
{
"name": "CVE-2020-2589",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2589"
},
{
"name": "CVE-2024-25062",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-25062"
},
{
"name": "CVE-2021-2036",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2036"
},
{
"name": "CVE-2024-21137",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21137"
},
{
"name": "CVE-2024-2398",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-2398"
},
{
"name": "CVE-2023-27536",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27536"
},
{
"name": "CVE-2024-54458",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-54458"
},
{
"name": "CVE-2022-21417",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21417"
},
{
"name": "CVE-2021-2479",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2479"
},
{
"name": "CVE-2025-22097",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22097"
},
{
"name": "CVE-2024-21239",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21239"
},
{
"name": "CVE-2015-4783",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4783"
},
{
"name": "CVE-2021-35629",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35629"
},
{
"name": "CVE-2020-2814",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2814"
},
{
"name": "CVE-2019-2922",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2922"
},
{
"name": "CVE-2015-4774",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4774"
},
{
"name": "CVE-2025-37840",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37840"
},
{
"name": "CVE-2025-0243",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0243"
},
{
"name": "CVE-2024-26739",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26739"
},
{
"name": "CVE-2017-11164",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-11164"
},
{
"name": "CVE-2025-1935",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1935"
},
{
"name": "CVE-2018-3145",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-3145"
},
{
"name": "CVE-2025-6425",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6425"
},
{
"name": "CVE-2025-26519",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-26519"
},
{
"name": "CVE-2021-2340",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2340"
},
{
"name": "CVE-2024-35866",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35866"
},
{
"name": "CVE-2022-21437",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21437"
},
{
"name": "CVE-2022-21425",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21425"
},
{
"name": "CVE-2017-7500",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7500"
},
{
"name": "CVE-2025-49124",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-49124"
},
{
"name": "CVE-2023-6481",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6481"
},
{
"name": "CVE-2025-3074",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3074"
},
{
"name": "CVE-2022-21537",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21537"
},
{
"name": "CVE-2024-10487",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-10487"
},
{
"name": "CVE-2019-2580",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2580"
},
{
"name": "CVE-2023-21867",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21867"
},
{
"name": "CVE-2024-0727",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-0727"
},
{
"name": "CVE-2023-6378",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6378"
},
{
"name": "CVE-2024-10041",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-10041"
},
{
"name": "CVE-2022-21547",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21547"
},
{
"name": "CVE-2024-49989",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49989"
},
{
"name": "CVE-2019-2587",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2587"
},
{
"name": "CVE-2023-6129",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6129"
},
{
"name": "CVE-2022-34903",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-34903"
},
{
"name": "CVE-2025-8043",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8043"
},
{
"name": "CVE-2022-4899",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4899"
},
{
"name": "CVE-2025-5270",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5270"
},
{
"name": "CVE-2021-35627",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35627"
},
{
"name": "CVE-2025-21956",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21956"
},
{
"name": "CVE-2024-36908",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36908"
},
{
"name": "CVE-2019-2910",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2910"
},
{
"name": "CVE-2020-14539",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14539"
},
{
"name": "CVE-2025-37982",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37982"
},
{
"name": "CVE-2019-2593",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2593"
},
{
"name": "CVE-2025-37992",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37992"
},
{
"name": "CVE-2025-37932",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37932"
},
{
"name": "CVE-2022-3219",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3219"
},
{
"name": "CVE-2023-21869",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21869"
},
{
"name": "CVE-2025-37890",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37890"
},
{
"name": "CVE-2025-4673",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4673"
},
{
"name": "CVE-2025-1940",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1940"
},
{
"name": "CVE-2025-22020",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22020"
},
{
"name": "CVE-2020-15366",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-15366"
},
{
"name": "CVE-2023-34969",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-34969"
},
{
"name": "CVE-2020-22916",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-22916"
},
{
"name": "CVE-2025-31672",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-31672"
},
{
"name": "CVE-2019-2963",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2963"
},
{
"name": "CVE-2021-2387",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2387"
},
{
"name": "CVE-2025-5916",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5916"
},
{
"name": "CVE-2022-21348",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21348"
},
{
"name": "CVE-2025-30721",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30721"
},
{
"name": "CVE-2020-14672",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14672"
},
{
"name": "CVE-2021-2293",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2293"
},
{
"name": "CVE-2025-37914",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37914"
},
{
"name": "CVE-2020-14830",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14830"
},
{
"name": "CVE-2025-22871",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22871"
},
{
"name": "CVE-2025-41232",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-41232"
},
{
"name": "CVE-2025-8010",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8010"
},
{
"name": "CVE-2021-2370",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2370"
},
{
"name": "CVE-2025-32988",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32988"
},
{
"name": "CVE-2024-10963",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-10963"
},
{
"name": "CVE-2024-26461",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26461"
},
{
"name": "CVE-2025-4082",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4082"
},
{
"name": "CVE-2021-35644",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35644"
},
{
"name": "CVE-2017-3604",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3604"
},
{
"name": "CVE-2022-21592",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21592"
},
{
"name": "CVE-2024-38828",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38828"
},
{
"name": "CVE-2023-27538",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27538"
},
{
"name": "CVE-2025-37794",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37794"
},
{
"name": "CVE-2025-8036",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8036"
},
{
"name": "CVE-2021-35631",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35631"
},
{
"name": "CVE-2023-4641",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4641"
},
{
"name": "CVE-2025-1915",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1915"
},
{
"name": "CVE-2025-27113",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27113"
},
{
"name": "CVE-2024-47081",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47081"
},
{
"name": "CVE-2023-36054",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-36054"
},
{
"name": "CVE-2024-26458",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26458"
},
{
"name": "CVE-2025-8032",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8032"
},
{
"name": "CVE-2022-23218",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23218"
},
{
"name": "CVE-2025-23166",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23166"
},
{
"name": "CVE-2019-10782",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-10782"
},
{
"name": "CVE-2024-11693",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-11693"
},
{
"name": "CVE-2024-55549",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-55549"
},
{
"name": "CVE-2020-14893",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14893"
},
{
"name": "CVE-2021-35642",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35642"
},
{
"name": "CVE-2023-43787",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-43787"
},
{
"name": "CVE-2019-2948",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2948"
},
{
"name": "CVE-2023-43786",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-43786"
},
{
"name": "CVE-2021-2278",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2278"
},
{
"name": "CVE-2024-6119",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6119"
},
{
"name": "CVE-2019-2924",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2924"
},
{
"name": "CVE-2025-3608",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3608"
},
{
"name": "CVE-2021-2226",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2226"
},
{
"name": "CVE-2021-25214",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-25214"
},
{
"name": "CVE-2024-0397",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-0397"
},
{
"name": "CVE-2025-24294",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24294"
},
{
"name": "CVE-2020-2779",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2779"
},
{
"name": "CVE-2025-40909",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40909"
},
{
"name": "CVE-2023-21836",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21836"
},
{
"name": "CVE-2025-37836",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37836"
},
{
"name": "CVE-2025-6432",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6432"
},
{
"name": "CVE-2017-3607",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3607"
},
{
"name": "CVE-2024-50258",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50258"
},
{
"name": "CVE-2021-2342",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2342"
},
{
"name": "CVE-2025-3029",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3029"
},
{
"name": "CVE-2025-1934",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1934"
},
{
"name": "CVE-2020-28500",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-28500"
},
{
"name": "CVE-2020-14794",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14794"
},
{
"name": "CVE-2019-2634",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2634"
},
{
"name": "CVE-2025-3034",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3034"
},
{
"name": "CVE-2024-42322",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42322"
},
{
"name": "CVE-2023-22078",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22078"
},
{
"name": "CVE-2020-14786",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14786"
},
{
"name": "CVE-2023-21870",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21870"
},
{
"name": "CVE-2024-46753",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46753"
},
{
"name": "CVE-2025-9187",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9187"
},
{
"name": "CVE-2021-35638",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35638"
},
{
"name": "CVE-2022-21534",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21534"
},
{
"name": "CVE-2025-4516",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4516"
},
{
"name": "CVE-2024-38808",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38808"
},
{
"name": "CVE-2025-9183",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9183"
},
{
"name": "CVE-2025-22869",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22869"
},
{
"name": "CVE-2008-5742",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-5742"
},
{
"name": "CVE-2024-10466",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-10466"
},
{
"name": "CVE-2021-20193",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20193"
},
{
"name": "CVE-2025-37771",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37771"
},
{
"name": "CVE-2022-3358",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3358"
},
{
"name": "CVE-2019-2533",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2533"
},
{
"name": "CVE-2025-4050",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4050"
},
{
"name": "CVE-2025-37998",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37998"
},
{
"name": "CVE-2025-6021",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6021"
},
{
"name": "CVE-2025-23163",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23163"
},
{
"name": "CVE-2022-35737",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-35737"
},
{
"name": "CVE-2020-14828",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14828"
},
{
"name": "CVE-2025-55668",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55668"
},
{
"name": "CVE-2020-8203",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-8203"
},
{
"name": "CVE-2020-2759",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2759"
},
{
"name": "CVE-2024-4603",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-4603"
},
{
"name": "CVE-2025-1937",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1937"
},
{
"name": "CVE-2020-14812",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14812"
},
{
"name": "CVE-2025-25193",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-25193"
},
{
"name": "CVE-2025-9184",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9184"
},
{
"name": "CVE-2024-8096",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-8096"
},
{
"name": "CVE-2022-4415",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4415"
},
{
"name": "CVE-2025-1014",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1014"
},
{
"name": "CVE-2023-4806",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4806"
},
{
"name": "CVE-2025-1013",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1013"
},
{
"name": "CVE-2023-31437",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-31437"
},
{
"name": "CVE-2023-47039",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-47039"
},
{
"name": "CVE-2025-37757",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37757"
},
{
"name": "CVE-2023-21879",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21879"
},
{
"name": "CVE-2025-22063",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22063"
},
{
"name": "CVE-2025-38177",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38177"
},
{
"name": "CVE-2025-0762",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0762"
},
{
"name": "CVE-2016-2781",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-2781"
},
{
"name": "CVE-2023-31484",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-31484"
},
{
"name": "CVE-2024-11694",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-11694"
},
{
"name": "CVE-2023-29383",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29383"
},
{
"name": "CVE-2020-2573",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2573"
},
{
"name": "CVE-2023-37769",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-37769"
},
{
"name": "CVE-2022-21444",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21444"
},
{
"name": "CVE-2025-1018",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1018"
},
{
"name": "CVE-2020-2806",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2806"
},
{
"name": "CVE-2021-44228",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44228"
},
{
"name": "CVE-2025-38009",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38009"
},
{
"name": "CVE-2025-22870",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22870"
},
{
"name": "CVE-2020-14838",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14838"
},
{
"name": "CVE-2019-2791",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2791"
},
{
"name": "CVE-2025-30687",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30687"
},
{
"name": "CVE-2024-2397",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-2397"
},
{
"name": "CVE-2022-21378",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21378"
},
{
"name": "CVE-2025-8040",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8040"
},
{
"name": "CVE-2024-10465",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-10465"
},
{
"name": "CVE-2021-35942",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35942"
},
{
"name": "CVE-2025-46701",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-46701"
},
{
"name": "CVE-2025-5068",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5068"
},
{
"name": "CVE-2025-38001",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38001"
},
{
"name": "CVE-2025-32415",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32415"
},
{
"name": "CVE-2025-24855",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24855"
},
{
"name": "CVE-2025-37817",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37817"
},
{
"name": "CVE-2019-2815",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2815"
},
{
"name": "CVE-2025-37838",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37838"
},
{
"name": "CVE-2021-2440",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2440"
},
{
"name": "CVE-2025-5889",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5889"
},
{
"name": "CVE-2019-2695",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2695"
},
{
"name": "CVE-2021-35634",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35634"
},
{
"name": "CVE-2024-30171",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-30171"
},
{
"name": "CVE-2021-2304",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2304"
},
{
"name": "CVE-2024-23337",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-23337"
},
{
"name": "CVE-2016-0689",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-0689"
},
{
"name": "CVE-2021-2179",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2179"
},
{
"name": "CVE-2025-37749",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37749"
},
{
"name": "CVE-2025-30749",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30749"
},
{
"name": "CVE-2018-3285",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-3285"
},
{
"name": "CVE-2019-2738",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2738"
},
{
"name": "CVE-2025-1017",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1017"
},
{
"name": "CVE-2020-14821",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14821"
},
{
"name": "CVE-2024-38541",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38541"
},
{
"name": "CVE-2021-2169",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2169"
},
{
"name": "CVE-2025-22235",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22235"
},
{
"name": "CVE-2023-22084",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22084"
},
{
"name": "CVE-2020-2572",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2572"
},
{
"name": "CVE-2020-2570",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2570"
},
{
"name": "CVE-2025-37756",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37756"
},
{
"name": "CVE-2021-2060",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2060"
},
{
"name": "CVE-2021-2417",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2417"
},
{
"name": "CVE-2025-3035",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3035"
},
{
"name": "CVE-2025-37994",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37994"
},
{
"name": "CVE-2025-7339",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-7339"
},
{
"name": "CVE-2018-3212",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-3212"
},
{
"name": "CVE-2020-2895",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2895"
},
{
"name": "CVE-2025-1352",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1352"
},
{
"name": "CVE-2024-4741",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-4741"
},
{
"name": "CVE-2022-21569",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21569"
},
{
"name": "CVE-2020-2925",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2925"
},
{
"name": "CVE-2021-33574",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-33574"
},
{
"name": "CVE-2024-38540",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38540"
},
{
"name": "CVE-2025-48924",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48924"
},
{
"name": "CVE-2019-2636",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2636"
},
{
"name": "CVE-2019-18276",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-18276"
},
{
"name": "CVE-2025-6424",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6424"
},
{
"name": "CVE-2021-3326",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3326"
},
{
"name": "CVE-2021-35622",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35622"
},
{
"name": "CVE-2025-8916",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8916"
},
{
"name": "CVE-2025-21523",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21523"
},
{
"name": "CVE-2025-32414",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32414"
},
{
"name": "CVE-2025-8885",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8885"
},
{
"name": "CVE-2025-1914",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1914"
},
{
"name": "CVE-2025-8029",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8029"
},
{
"name": "CVE-2025-5067",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5067"
},
{
"name": "CVE-2025-37858",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37858"
},
{
"name": "CVE-2023-40403",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-40403"
},
{
"name": "CVE-2021-2212",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2212"
},
{
"name": "CVE-2019-2691",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2691"
},
{
"name": "CVE-2021-2232",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2232"
},
{
"name": "CVE-2019-2812",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2812"
},
{
"name": "CVE-2025-9132",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9132"
},
{
"name": "CVE-2021-35643",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35643"
},
{
"name": "CVE-2021-35938",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35938"
},
{
"name": "CVE-2025-30704",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30704"
},
{
"name": "CVE-2021-2478",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2478"
},
{
"name": "CVE-2025-37780",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37780"
},
{
"name": "CVE-2025-37995",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37995"
},
{
"name": "CVE-2020-16156",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-16156"
},
{
"name": "CVE-2025-23156",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23156"
},
{
"name": "CVE-2025-23157",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23157"
},
{
"name": "CVE-2025-8038",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8038"
},
{
"name": "CVE-2022-21344",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21344"
},
{
"name": "CVE-2021-2481",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2481"
},
{
"name": "CVE-2022-28321",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-28321"
},
{
"name": "CVE-2019-2739",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2739"
},
{
"name": "CVE-2015-2214",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-2214"
},
{
"name": "CVE-2025-37808",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37808"
},
{
"name": "CVE-2017-3606",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3606"
},
{
"name": "CVE-2023-20883",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-20883"
},
{
"name": "CVE-2024-3651",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-3651"
},
{
"name": "CVE-2019-2968",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2968"
},
{
"name": "CVE-2023-22053",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22053"
},
{
"name": "CVE-2025-0438",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0438"
},
{
"name": "CVE-2021-25219",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-25219"
},
{
"name": "CVE-2023-24329",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24329"
},
{
"name": "CVE-2025-21963",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21963"
},
{
"name": "CVE-2024-12243",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12243"
},
{
"name": "CVE-2024-26462",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26462"
},
{
"name": "CVE-2020-14776",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14776"
},
{
"name": "CVE-2025-30693",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30693"
},
{
"name": "CVE-2025-21585",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21585"
},
{
"name": "CVE-2024-42230",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42230"
},
{
"name": "CVE-2025-5283",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5283"
},
{
"name": "CVE-2022-21367",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21367"
},
{
"name": "CVE-2025-37997",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37997"
},
{
"name": "CVE-2025-24928",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24928"
},
{
"name": "CVE-2019-2688",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2688"
},
{
"name": "CVE-2020-14860",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14860"
},
{
"name": "CVE-2025-2312",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-2312"
},
{
"name": "CVE-2025-0395",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0395"
},
{
"name": "CVE-2025-53506",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53506"
},
{
"name": "CVE-2023-4320",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4320"
},
{
"name": "CVE-2025-1922",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1922"
},
{
"name": "CVE-2025-23084",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23084"
},
{
"name": "CVE-2015-4786",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4786"
},
{
"name": "CVE-2025-0437",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0437"
},
{
"name": "CVE-2022-3602",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3602"
},
{
"name": "CVE-2022-40304",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40304"
},
{
"name": "CVE-2023-4911",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4911"
},
{
"name": "CVE-2025-8028",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8028"
},
{
"name": "CVE-2025-0725",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0725"
},
{
"name": "CVE-2025-49709",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-49709"
},
{
"name": "CVE-2021-44832",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44832"
},
{
"name": "CVE-2024-11706",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-11706"
},
{
"name": "CVE-2025-4051",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4051"
},
{
"name": "CVE-2025-7424",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-7424"
},
{
"name": "CVE-2017-12629",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12629"
},
{
"name": "CVE-2021-35645",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35645"
},
{
"name": "CVE-2020-2780",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2780"
},
{
"name": "CVE-2025-37805",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37805"
},
{
"name": "CVE-2025-5063",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5063"
},
{
"name": "CVE-2018-3195",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-3195"
},
{
"name": "CVE-2025-3071",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3071"
},
{
"name": "CVE-2024-50073",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50073"
},
{
"name": "CVE-2020-14567",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14567"
},
{
"name": "CVE-2019-2539",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2539"
},
{
"name": "CVE-2022-21525",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21525"
},
{
"name": "CVE-2025-37990",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37990"
},
{
"name": "CVE-2022-21352",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21352"
},
{
"name": "CVE-2025-53864",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53864"
},
{
"name": "CVE-2025-22089",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22089"
},
{
"name": "CVE-2025-8011",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8011"
},
{
"name": "CVE-2025-0436",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0436"
},
{
"name": "CVE-2023-22114",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22114"
},
{
"name": "CVE-2024-4032",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-4032"
},
{
"name": "CVE-2021-27645",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-27645"
},
{
"name": "CVE-2025-37862",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37862"
},
{
"name": "CVE-2024-28835",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-28835"
},
{
"name": "CVE-2025-0447",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0447"
},
{
"name": "CVE-2021-2213",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2213"
},
{
"name": "CVE-2025-49796",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-49796"
},
{
"name": "CVE-2025-8058",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8058"
},
{
"name": "CVE-2024-21209",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21209"
},
{
"name": "CVE-2025-8033",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8033"
},
{
"name": "CVE-2021-22570",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-22570"
},
{
"name": "CVE-2025-37839",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37839"
},
{
"name": "CVE-2025-37913",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37913"
},
{
"name": "CVE-2023-22097",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22097"
},
{
"name": "CVE-2020-2765",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2765"
},
{
"name": "CVE-2020-14791",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14791"
},
{
"name": "CVE-2023-21880",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21880"
},
{
"name": "CVE-2025-8732",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8732"
},
{
"name": "CVE-2025-8030",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8030"
},
{
"name": "CVE-2024-11696",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-11696"
},
{
"name": "CVE-2025-22008",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22008"
},
{
"name": "CVE-2023-21912",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21912"
},
{
"name": "CVE-2008-5730",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-5730"
},
{
"name": "CVE-2021-2217",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2217"
},
{
"name": "CVE-2025-30204",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30204"
},
{
"name": "CVE-2025-3073",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3073"
},
{
"name": "CVE-2023-39325",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39325"
},
{
"name": "CVE-2019-9658",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-9658"
},
{
"name": "CVE-2025-6191",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6191"
},
{
"name": "CVE-2025-21581",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21581"
},
{
"name": "CVE-2022-21454",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21454"
},
{
"name": "CVE-2025-5914",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5914"
},
{
"name": "CVE-2018-1196",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1196"
},
{
"name": "CVE-2022-21427",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21427"
},
{
"name": "CVE-2024-35943",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35943"
},
{
"name": "CVE-2025-5271",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5271"
},
{
"name": "CVE-2022-21374",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21374"
},
{
"name": "CVE-2021-35630",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35630"
},
{
"name": "CVE-2025-6554",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6554"
},
{
"name": "CVE-2025-5266",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5266"
},
{
"name": "CVE-2023-39615",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39615"
},
{
"name": "CVE-2023-52757",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52757"
},
{
"name": "CVE-2017-7501",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7501"
},
{
"name": "CVE-2023-31486",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-31486"
},
{
"name": "CVE-2025-41242",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-41242"
},
{
"name": "CVE-2025-37851",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37851"
},
{
"name": "CVE-2020-14553",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14553"
},
{
"name": "CVE-2025-8031",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8031"
},
{
"name": "CVE-2024-38816",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38816"
},
{
"name": "CVE-2024-2511",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-2511"
},
{
"name": "CVE-2022-21462",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21462"
},
{
"name": "CVE-2019-2584",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2584"
},
{
"name": "CVE-2025-22054",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22054"
},
{
"name": "CVE-2019-2635",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2635"
},
{
"name": "CVE-2025-21968",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21968"
},
{
"name": "CVE-2022-21478",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21478"
},
{
"name": "CVE-2025-29087",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-29087"
},
{
"name": "CVE-2019-2693",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2693"
},
{
"name": "CVE-2025-21991",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21991"
},
{
"name": "CVE-2025-22086",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22086"
},
{
"name": "CVE-2019-2741",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2741"
},
{
"name": "CVE-2025-46392",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-46392"
},
{
"name": "CVE-2020-27618",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-27618"
},
{
"name": "CVE-2022-21370",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21370"
},
{
"name": "CVE-2021-2372",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2372"
},
{
"name": "CVE-2023-6246",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6246"
},
{
"name": "CVE-2021-2426",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2426"
},
{
"name": "CVE-2025-22073",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22073"
},
{
"name": "CVE-2025-37788",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37788"
},
{
"name": "CVE-2025-1936",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1936"
},
{
"name": "CVE-2025-5958",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5958"
},
{
"name": "CVE-2022-23219",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23219"
},
{
"name": "CVE-2019-2950",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2950"
},
{
"name": "CVE-2025-0238",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0238"
},
{
"name": "CVE-2015-2640",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-2640"
},
{
"name": "CVE-2025-30685",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30685"
},
{
"name": "CVE-2021-35641",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35641"
},
{
"name": "CVE-2025-2476",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-2476"
},
{
"name": "CVE-2019-2620",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2620"
},
{
"name": "CVE-2025-30695",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30695"
},
{
"name": "CVE-2025-30688",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30688"
},
{
"name": "CVE-2025-37881",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37881"
},
{
"name": "CVE-2025-21588",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21588"
},
{
"name": "CVE-2019-2960",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2960"
},
{
"name": "CVE-2025-0998",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0998"
},
{
"name": "CVE-2022-21459",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21459"
},
{
"name": "CVE-2023-27537",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27537"
},
{
"name": "CVE-2025-37909",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37909"
},
{
"name": "CVE-2019-2795",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2795"
},
{
"name": "CVE-2021-2011",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2011"
},
{
"name": "CVE-2022-21412",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21412"
},
{
"name": "CVE-2023-5678",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5678"
},
{
"name": "CVE-2024-2961",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-2961"
},
{
"name": "CVE-2022-21245",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21245"
},
{
"name": "CVE-2025-21962",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21962"
},
{
"name": "CVE-2024-12133",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12133"
},
{
"name": "CVE-2025-37812",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37812"
},
{
"name": "CVE-2020-2584",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2584"
},
{
"name": "CVE-2025-37875",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37875"
},
{
"name": "CVE-2023-42366",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-42366"
},
{
"name": "CVE-2019-2834",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2834"
},
{
"name": "CVE-2020-14775",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14775"
},
{
"name": "CVE-2022-21438",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21438"
},
{
"name": "CVE-2024-28182",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-28182"
},
{
"name": "CVE-2020-14760",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14760"
},
{
"name": "CVE-2021-2383",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2383"
},
{
"name": "CVE-2025-0167",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0167"
},
{
"name": "CVE-2025-22079",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22079"
},
{
"name": "CVE-2022-21546",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21546"
},
{
"name": "CVE-2023-6597",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6597"
},
{
"name": "CVE-2025-1923",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1923"
},
{
"name": "CVE-2025-22227",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22227"
},
{
"name": "CVE-2021-2166",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2166"
},
{
"name": "CVE-2025-47273",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47273"
},
{
"name": "CVE-2022-21339",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21339"
},
{
"name": "CVE-2025-23140",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23140"
},
{
"name": "CVE-2025-23150",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23150"
},
{
"name": "CVE-2025-1938",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1938"
},
{
"name": "CVE-2023-22059",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22059"
},
{
"name": "CVE-2020-2923",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2923"
},
{
"name": "CVE-2025-4919",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4919"
},
{
"name": "CVE-2019-2681",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2681"
},
{
"name": "CVE-2022-48303",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48303"
},
{
"name": "CVE-2025-0240",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0240"
},
{
"name": "CVE-2023-22066",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22066"
},
{
"name": "CVE-2021-43618",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-43618"
},
{
"name": "CVE-2019-2757",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2757"
},
{
"name": "CVE-2020-14848",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14848"
},
{
"name": "CVE-2018-3280",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-3280"
},
{
"name": "CVE-2016-1000027",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1000027"
},
{
"name": "CVE-2020-2924",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2924"
},
{
"name": "CVE-2025-8576",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8576"
},
{
"name": "CVE-2024-6345",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6345"
},
{
"name": "CVE-2025-1012",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1012"
},
{
"name": "CVE-2025-21964",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21964"
},
{
"name": "CVE-2024-0567",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-0567"
},
{
"name": "CVE-2025-22081",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22081"
},
{
"name": "CVE-2025-5267",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5267"
},
{
"name": "CVE-2022-27772",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27772"
},
{
"name": "CVE-2025-23148",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23148"
},
{
"name": "CVE-2023-31438",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-31438"
},
{
"name": "CVE-2025-6555",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6555"
},
{
"name": "CVE-2022-0396",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0396"
},
{
"name": "CVE-2025-3576",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3576"
},
{
"name": "CVE-2025-0245",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0245"
},
{
"name": "CVE-2019-2830",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2830"
},
{
"name": "CVE-2021-35633",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35633"
},
{
"name": "CVE-2024-10462",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-10462"
},
{
"name": "CVE-2023-22068",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22068"
},
{
"name": "CVE-2024-6923",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6923"
},
{
"name": "CVE-2020-14867",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14867"
},
{
"name": "CVE-2025-23147",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23147"
},
{
"name": "CVE-2024-8088",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-8088"
},
{
"name": "CVE-2025-48734",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48734"
}
],
"links": [],
"reference": "CERTFR-2025-AVI-0756",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2025-09-05T00:00:00.000000"
}
],
"risks": [
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits VMware. Elles permettent \u00e0 un attaquant de provoquer un probl\u00e8me de s\u00e9curit\u00e9 non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits VMware",
"vendor_advisories": [
{
"published_at": "2025-09-04",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36093",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36093"
},
{
"published_at": "2025-09-04",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36102",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36102"
},
{
"published_at": "2025-09-04",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36101",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36101"
},
{
"published_at": "2025-09-04",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36100",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36100"
},
{
"published_at": "2025-09-04",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36105",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36105"
},
{
"published_at": "2025-09-04",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36091",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36091"
},
{
"published_at": "2025-09-04",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36078",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36078"
},
{
"published_at": "2025-09-04",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36107",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36107"
},
{
"published_at": "2025-09-04",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36094",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36094"
},
{
"published_at": "2025-09-04",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36097",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36097"
},
{
"published_at": "2025-09-04",
"title": "Bulletin de s\u00e9curit\u00e9 VMware DSA-2025-46",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36104"
},
{
"published_at": "2025-09-04",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36108",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36108"
},
{
"published_at": "2025-09-04",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36095",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36095"
},
{
"published_at": "2025-09-04",
"title": "Bulletin de s\u00e9curit\u00e9 VMware DSA-2025-09",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36090"
},
{
"published_at": "2025-09-04",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36096",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36096"
},
{
"published_at": "2025-09-04",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36106",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36106"
},
{
"published_at": "2025-09-04",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36109",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36109"
},
{
"published_at": "2025-09-04",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36098",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36098"
},
{
"published_at": "2025-09-04",
"title": "Bulletin de s\u00e9curit\u00e9 VMware DSA-2025-68",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36111"
},
{
"published_at": "2025-09-04",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36103",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36103"
},
{
"published_at": "2025-09-04",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36099",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36099"
},
{
"published_at": "2025-09-04",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36092",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36092"
},
{
"published_at": "2025-09-04",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36110",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36110"
}
]
}
CERTFR-2024-AVI-0027
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été découvertes dans les produits Juniper Networks. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et un contournement de la politique de sécurité.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Juniper Networks | N/A | CTPView versions versions antérieures à 9.1R5 | ||
| Juniper Networks | Junos OS Evolved | Junos OS Evolved version antérieures à 20.4R2-EVO, 20.4R2-S2-EVO, 20.4R3-EVO, 20.4R3-S7-EVO, 21.1R2-EVO, 21.2R2-EVO, 21.2R3-S7-EVO, 21.3R2-EVO, 21.3R3-S5-EVO, 21.4R3-EVO, 21.4R3-S3-EVO, 21.4R3-S5-EVO, 21.4R3-S6-EVO, 22.1R3-EVO, 22.1R3-S2-EVO, 22.1R3-S4-EVO, 22.1R3-S5-EVO, 22.2R2-S1-EVO, 22.2R2-S2-EVO, 22.2R3-EVO, 22.2R3-S2-EVO, 22.2R3-S3-EVO, 22.3R1-EVO, 22.3R2-EVO, 22.3R3-EVO, 22.3R3-S1-EVO, 22.4R1-EVO, 22.4R2-EVO, 22.4R2-S2-EVO, 22.4R3-EVO, 23.1R2-EVO, 23.2R1-EVO, 23.2R1-S1-EVO, 23.2R1-S2-EVO, 23.2R2-EVO, 23.3R1-EVO et 23.4R1-EVO | ||
| Juniper Networks | N/A | Paragon Active Assurance versions antérieures à 3.1.2, 3.2.3, 3.3.2 et 3.4.1 | ||
| Juniper Networks | Junos OS | Junos OS version antérieures à 20.4R3-S3, 20.4R3-S6, 20.4R3-S7, 20.4R3-S8, 20.4R3-S9, 21.1R3-S4, 21.1R3-S5, 21.2R3, 21.2R3-S3, 21.2R3-S4, 21.2R3-S5, 21.2R3-S6, 21.2R3-S7, 21.3R2-S1, 21.3R3, 21.3R3-S3, 21.3R3-S4, 21.3R3-S5, 21.4R2, 21.4R3, 21.4R3-S3, 21.4R3-S4, 21.4R3-S5, 22.1R2, 22.1R2-S2, 22.1R3, 22.1R3-S1, 22.1R3-S2, 22.1R3-S3, 22.1R3-S4, 22.2R1, 22.2R2, 22.2R2-S1, 22.2R2-S2, 22.2R3, 22.2R3-S1, 22.2R3-S2, 22.2R3-S3, 22.3R1, 22.3R2, 22.3R2-S1, 22.3R2-S2, 22.3R3, 22.3R3-S1, 22.3R3-S2, 22.4R1, 22.4R1-S2, 22.4R2, 22.4R2-S1, 22.4R2-S2, 22.4R3, 23.1R1, 23.1R2, 23.2R1, 23.2R1-S1, 23.2R1-S2, 23.2R2, 23.3R1 et 23.4R1 | ||
| Juniper Networks | Session Smart Router | Session Smart Router versions antérieures à SSR-6.2.3-r2 | ||
| Juniper Networks | N/A | Security Director Insights versions antérieures à 23.1R1 |
References
| Title | Publication Time | Tags | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "CTPView versions versions ant\u00e9rieures \u00e0 9.1R5",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS Evolved version ant\u00e9rieures \u00e0 20.4R2-EVO, 20.4R2-S2-EVO, 20.4R3-EVO, 20.4R3-S7-EVO, 21.1R2-EVO, 21.2R2-EVO, 21.2R3-S7-EVO, 21.3R2-EVO, 21.3R3-S5-EVO, 21.4R3-EVO, 21.4R3-S3-EVO, 21.4R3-S5-EVO, 21.4R3-S6-EVO, 22.1R3-EVO, 22.1R3-S2-EVO, 22.1R3-S4-EVO, 22.1R3-S5-EVO, 22.2R2-S1-EVO, 22.2R2-S2-EVO, 22.2R3-EVO, 22.2R3-S2-EVO, 22.2R3-S3-EVO, 22.3R1-EVO, 22.3R2-EVO, 22.3R3-EVO, 22.3R3-S1-EVO, 22.4R1-EVO, 22.4R2-EVO, 22.4R2-S2-EVO, 22.4R3-EVO, 23.1R2-EVO, 23.2R1-EVO, 23.2R1-S1-EVO, 23.2R1-S2-EVO, 23.2R2-EVO, 23.3R1-EVO et 23.4R1-EVO",
"product": {
"name": "Junos OS Evolved",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Paragon Active Assurance versions ant\u00e9rieures \u00e0 3.1.2, 3.2.3, 3.3.2 et 3.4.1",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS version ant\u00e9rieures \u00e0 20.4R3-S3, 20.4R3-S6, 20.4R3-S7, 20.4R3-S8, 20.4R3-S9, 21.1R3-S4, 21.1R3-S5, 21.2R3, 21.2R3-S3, 21.2R3-S4, 21.2R3-S5, 21.2R3-S6, 21.2R3-S7, 21.3R2-S1, 21.3R3, 21.3R3-S3, 21.3R3-S4, 21.3R3-S5, 21.4R2, 21.4R3, 21.4R3-S3, 21.4R3-S4, 21.4R3-S5, 22.1R2, 22.1R2-S2, 22.1R3, 22.1R3-S1, 22.1R3-S2, 22.1R3-S3, 22.1R3-S4, 22.2R1, 22.2R2, 22.2R2-S1, 22.2R2-S2, 22.2R3, 22.2R3-S1, 22.2R3-S2, 22.2R3-S3, 22.3R1, 22.3R2, 22.3R2-S1, 22.3R2-S2, 22.3R3, 22.3R3-S1, 22.3R3-S2, 22.4R1, 22.4R1-S2, 22.4R2, 22.4R2-S1, 22.4R2-S2, 22.4R3, 23.1R1, 23.1R2, 23.2R1, 23.2R1-S1, 23.2R1-S2, 23.2R2, 23.3R1 et 23.4R1",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Session Smart Router versions ant\u00e9rieures \u00e0 SSR-6.2.3-r2",
"product": {
"name": "Session Smart Router",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Security Director Insights versions ant\u00e9rieures \u00e0 23.1R1",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2022-3707",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3707"
},
{
"name": "CVE-2024-21602",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21602"
},
{
"name": "CVE-2022-41974",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41974"
},
{
"name": "CVE-2023-38802",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38802"
},
{
"name": "CVE-2023-21938",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21938"
},
{
"name": "CVE-2023-21843",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21843"
},
{
"name": "CVE-2022-42720",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42720"
},
{
"name": "CVE-2022-30594",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30594"
},
{
"name": "CVE-2022-41973",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41973"
},
{
"name": "CVE-2023-0461",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0461"
},
{
"name": "CVE-2024-21616",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21616"
},
{
"name": "CVE-2021-25220",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-25220"
},
{
"name": "CVE-2023-2235",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2235"
},
{
"name": "CVE-2023-23454",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-23454"
},
{
"name": "CVE-2023-21954",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21954"
},
{
"name": "CVE-2022-2964",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2964"
},
{
"name": "CVE-2023-21939",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21939"
},
{
"name": "CVE-2023-1281",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1281"
},
{
"name": "CVE-2024-21599",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21599"
},
{
"name": "CVE-2022-47929",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-47929"
},
{
"name": "CVE-2022-3628",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3628"
},
{
"name": "CVE-2024-21614",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21614"
},
{
"name": "CVE-2023-21830",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21830"
},
{
"name": "CVE-2023-3817",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3817"
},
{
"name": "CVE-2023-26464",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-26464"
},
{
"name": "CVE-2020-0466",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-0466"
},
{
"name": "CVE-2021-26691",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-26691"
},
{
"name": "CVE-2022-4269",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4269"
},
{
"name": "CVE-2022-42703",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42703"
},
{
"name": "CVE-2024-21607",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21607"
},
{
"name": "CVE-2023-0286",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0286"
},
{
"name": "CVE-2023-32067",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-32067"
},
{
"name": "CVE-2023-0266",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0266"
},
{
"name": "CVE-2019-17571",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-17571"
},
{
"name": "CVE-2022-39189",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-39189"
},
{
"name": "CVE-2022-3239",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3239"
},
{
"name": "CVE-2022-43750",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43750"
},
{
"name": "CVE-2022-3567",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3567"
},
{
"name": "CVE-2023-2828",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2828"
},
{
"name": "CVE-2021-4104",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-4104"
},
{
"name": "CVE-2023-22081",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22081"
},
{
"name": "CVE-2023-20569",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-20569"
},
{
"name": "CVE-2024-21596",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21596"
},
{
"name": "CVE-2022-3564",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3564"
},
{
"name": "CVE-2021-33656",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-33656"
},
{
"name": "CVE-2023-1582",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1582"
},
{
"name": "CVE-2022-4129",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4129"
},
{
"name": "CVE-2022-41218",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41218"
},
{
"name": "CVE-2023-2194",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2194"
},
{
"name": "CVE-2024-21604",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21604"
},
{
"name": "CVE-2023-32360",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-32360"
},
{
"name": "CVE-2022-0934",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0934"
},
{
"name": "CVE-2020-9493",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-9493"
},
{
"name": "CVE-2021-3573",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3573"
},
{
"name": "CVE-2022-2196",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2196"
},
{
"name": "CVE-2021-39275",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-39275"
},
{
"name": "CVE-2022-42896",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42896"
},
{
"name": "CVE-2022-21699",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21699"
},
{
"name": "CVE-2024-21600",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21600"
},
{
"name": "CVE-2021-33655",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-33655"
},
{
"name": "CVE-2023-0767",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0767"
},
{
"name": "CVE-2022-1462",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1462"
},
{
"name": "CVE-2023-23920",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-23920"
},
{
"name": "CVE-2023-20593",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-20593"
},
{
"name": "CVE-2024-21606",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21606"
},
{
"name": "CVE-2022-0330",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0330"
},
{
"name": "CVE-2022-41222",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41222"
},
{
"name": "CVE-2016-10009",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-10009"
},
{
"name": "CVE-2022-23305",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23305"
},
{
"name": "CVE-2022-2663",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2663"
},
{
"name": "CVE-2023-23918",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-23918"
},
{
"name": "CVE-2024-21591",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21591"
},
{
"name": "CVE-2020-12321",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-12321"
},
{
"name": "CVE-2022-23307",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23307"
},
{
"name": "CVE-2022-3524",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3524"
},
{
"name": "CVE-2022-39188",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-39188"
},
{
"name": "CVE-2023-3341",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3341"
},
{
"name": "CVE-2022-37434",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-37434"
},
{
"name": "CVE-2022-2795",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2795"
},
{
"name": "CVE-2022-22942",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22942"
},
{
"name": "CVE-2022-43945",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43945"
},
{
"name": "CVE-2022-3625",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3625"
},
{
"name": "CVE-2021-34798",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-34798"
},
{
"name": "CVE-2024-21587",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21587"
},
{
"name": "CVE-2022-42721",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42721"
},
{
"name": "CVE-2022-4378",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4378"
},
{
"name": "CVE-2022-4254",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4254"
},
{
"name": "CVE-2024-21617",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21617"
},
{
"name": "CVE-2023-1195",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1195"
},
{
"name": "CVE-2024-21589",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21589"
},
{
"name": "CVE-2023-21937",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21937"
},
{
"name": "CVE-2023-22809",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22809"
},
{
"name": "CVE-2022-20141",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-20141"
},
{
"name": "CVE-2021-4155",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-4155"
},
{
"name": "CVE-2023-2650",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2650"
},
{
"name": "CVE-2024-21595",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21595"
},
{
"name": "CVE-2021-3564",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3564"
},
{
"name": "CVE-2021-3621",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3621"
},
{
"name": "CVE-2023-0394",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0394"
},
{
"name": "CVE-2022-22164",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22164"
},
{
"name": "CVE-2024-21597",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21597"
},
{
"name": "CVE-2021-3752",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3752"
},
{
"name": "CVE-2023-0386",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0386"
},
{
"name": "CVE-2016-2183",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-2183"
},
{
"name": "CVE-2021-26341",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-26341"
},
{
"name": "CVE-2022-38023",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-38023"
},
{
"name": "CVE-2023-22045",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22045"
},
{
"name": "CVE-2022-1679",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1679"
},
{
"name": "CVE-2023-22049",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22049"
},
{
"name": "CVE-2023-38408",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38408"
},
{
"name": "CVE-2022-3619",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3619"
},
{
"name": "CVE-2021-0920",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-0920"
},
{
"name": "CVE-2023-1829",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1829"
},
{
"name": "CVE-2022-25265",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25265"
},
{
"name": "CVE-2022-1789",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1789"
},
{
"name": "CVE-2022-2873",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2873"
},
{
"name": "CVE-2022-3623",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3623"
},
{
"name": "CVE-2024-21611",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21611"
},
{
"name": "CVE-2024-21613",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21613"
},
{
"name": "CVE-2021-44228",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44228"
},
{
"name": "CVE-2023-21968",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21968"
},
{
"name": "CVE-2024-21612",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21612"
},
{
"name": "CVE-2022-42722",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42722"
},
{
"name": "CVE-2024-21603",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21603"
},
{
"name": "CVE-2023-21930",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21930"
},
{
"name": "CVE-2024-21585",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21585"
},
{
"name": "CVE-2022-23302",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23302"
},
{
"name": "CVE-2023-24329",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24329"
},
{
"name": "CVE-2021-44832",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44832"
},
{
"name": "CVE-2021-44790",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44790"
},
{
"name": "CVE-2023-36842",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-36842"
},
{
"name": "CVE-2022-4139",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4139"
},
{
"name": "CVE-2024-21594",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21594"
},
{
"name": "CVE-2022-3028",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3028"
},
{
"name": "CVE-2022-3566",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3566"
},
{
"name": "CVE-2023-3446",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3446"
},
{
"name": "CVE-2023-21967",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21967"
},
{
"name": "CVE-2022-41674",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41674"
},
{
"name": "CVE-2024-21601",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21601"
},
{
"name": "CVE-2023-2124",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2124"
},
{
"name": "CVE-2020-0465",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-0465"
}
],
"links": [],
"reference": "CERTFR-2024-AVI-0027",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2024-01-11T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits\nJuniper Networks. Certaines d\u0027entre elles permettent \u00e0 un attaquant de\nprovoquer une ex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de\nservice \u00e0 distance et un contournement de la politique de s\u00e9curit\u00e9.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Juniper Networks",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA75723 du 10 janvier 2024",
"url": "https://supportportal.juniper.net/s/article/2024-01-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-rpd-process-crash-due-to-BGP-flap-on-NSR-enabled-devices-CVE-2024-21585"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA75741 du 10 janvier 2024",
"url": "https://supportportal.juniper.net/s/article/2024-01-Security-Bulletin-Junos-OS-PTX-Series-In-an-FTI-scenario-MPLS-packets-hitting-reject-next-hop-will-cause-a-host-path-wedge-condition-CVE-2024-21600"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA75752 du 10 janvier 2024",
"url": "https://supportportal.juniper.net/s/article/2024-01-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-In-a-jflow-scenario-continuous-route-churn-will-cause-a-memory-leak-and-eventually-an-rpd-crash-CVE-2024-21611"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA75757 du 10 janvier 2024",
"url": "https://supportportal.juniper.net/s/article/2024-01-Security-Bulletin-Junos-OS-Processing-of-a-specific-SIP-packet-causes-NAT-IP-allocation-to-fail-CVE-2024-21616"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA75730 du 10 janvier 2024",
"url": "https://supportportal.juniper.net/s/article/2024-01-Security-Bulletin-Junos-OS-jdhcpd-will-hang-on-receiving-a-specific-DHCP-packet-CVE-2023-36842"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA75734 du 10 janvier 2024",
"url": "https://supportportal.juniper.net/s/article/2024-01-Security-Bulletin-Junos-OS-EX4100-EX4400-EX4600-and-QFX5000-Series-A-high-rate-of-specific-ICMP-traffic-will-cause-the-PFE-to-hang-CVE-2024-21595"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA75737 du 10 janvier 2024",
"url": "https://supportportal.juniper.net/s/article/2024-01-Security-Bulletin-Security-Director-Insights-Multiple-vulnerabilities-in-SDI"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA75721 du 10 janvier 2024",
"url": "https://supportportal.juniper.net/s/article/2024-01-Security-Bulletin-Junos-OS-Evolved-IPython-privilege-escalation-vulnerability-CVE-2022-21699"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA75736 du 10 janvier 2024",
"url": "https://supportportal.juniper.net/s/article/2024-01-Security-Bulletin-CTPView-Multiple-vulnerabilities-in-CTPView-CVE-yyyy-nnnn"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA75747 du 10 janvier 2024",
"url": "https://supportportal.juniper.net/s/article/2024-01-Security-Bulletin-Junos-OS-SRX-Series-flowd-will-crash-when-tcp-encap-is-enabled-and-specific-packets-are-received-CVE-2024-21606"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA75758 du 10 janvier 2024",
"url": "https://supportportal.juniper.net/s/article/2024-01-Security-Bulletin-Junos-OS-BGP-flap-on-NSR-enabled-devices-causes-memory-leak-CVE-2024-21617"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA11272 du 10 janvier 2024",
"url": "https://supportportal.juniper.net/s/article/2022-01-Security-Bulletin-Junos-OS-Evolved-Telnet-service-may-be-enabled-when-it-is-expected-to-be-disabled-CVE-2022-22164"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA75727 du 10 janvier 2024",
"url": "https://supportportal.juniper.net/s/article/2024-01-Security-Bulletin-Paragon-Active-Assurance-Control-Center-Information-disclosure-vulnerability-CVE-2024-21589"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA75233 du 10 janvier 2024",
"url": "https://supportportal.juniper.net/s/article/2024-01-Security-Bulletin-Session-Smart-Router-Multiple-vulnerabilities-resolved"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA75754 du 10 janvier 2024",
"url": "https://supportportal.juniper.net/s/article/2024-01-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-A-link-flap-causes-patroot-memory-leak-which-leads-to-rpd-crash-CVE-2024-21613"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA75753 du 10 janvier 2024",
"url": "https://supportportal.juniper.net/s/article/2024-01-Security-Bulletin-Junos-OS-Evolved-Specific-TCP-traffic-causes-OFP-core-and-restart-of-RE-CVE-2024-21612"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA75742 du 10 janvier 2024",
"url": "https://supportportal.juniper.net/s/article/2024-01-Security-Bulletin-Junos-OS-SRX-Series-Due-to-an-error-in-processing-TCP-events-flowd-will-crash-CVE-2024-21601"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA75740 du 10 janvier 2024",
"url": "https://supportportal.juniper.net/s/article/2024-01-Security-Bulletin-Junos-OS-MX-Series-MPC3E-memory-leak-with-PTP-configuration-CVE-2024-21599"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA75748 du 10 janvier 2024",
"url": "https://supportportal.juniper.net/s/article/2024-01-Security-Bulletin-Junos-OS-MX-Series-and-EX9200-Series-If-the-tcp-reset-option-used-in-an-IPv6-filter-matched-packets-are-accepted-instead-of-rejected-CVE-2024-21607"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA75744 du 10 janvier 2024",
"url": "https://supportportal.juniper.net/s/article/2024-01-Security-Bulletin-Junos-OS-MX-Series-Gathering-statistics-in-a-scaled-SCU-DCU-configuration-will-lead-to-a-device-crash-CVE-2024-21603"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA75743 du 10 janvier 2024",
"url": "https://supportportal.juniper.net/s/article/2024-01-Security-Bulletin-Junos-OS-Evolved-ACX7024-ACX7100-32C-and-ACX7100-48L-Traffic-stops-when-a-specific-IPv4-UDP-packet-is-received-by-the-RE-CVE-2024-21602"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA75738 du 10 janvier 2024",
"url": "https://supportportal.juniper.net/s/article/2024-01-Security-Bulletin-Junos-OS-MX-Series-In-an-AF-scenario-traffic-can-bypass-configured-lo0-firewall-filters-CVE-2024-21597"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA75733 du 10 janvier 2024",
"url": "https://supportportal.juniper.net/s/article/2024-01-Security-Bulletin-Junos-OS-SRX-5000-Series-Repeated-execution-of-a-specific-CLI-command-causes-a-flowd-crash-CVE-2024-21594"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA75725 du 10 janvier 2024",
"url": "https://supportportal.juniper.net/s/article/2024-01-Security-Bulletin-Junos-OS-Memory-leak-in-bbe-smgd-process-if-BFD-liveness-detection-for-DHCP-subscribers-is-enabled-CVE-2024-21587"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA75755 du 10 janvier 2024",
"url": "https://supportportal.juniper.net/s/article/2024-01-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-A-specific-query-via-DREND-causes-rpd-crash-CVE-2024-21614"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA75735 du 10 janvier 2024",
"url": "https://supportportal.juniper.net/s/article/2024-01-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-A-specific-BGP-UPDATE-message-will-cause-a-crash-in-the-backup-Routing-Engine-CVE-2024-21596"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA75745 du 10 janvier 2024",
"url": "https://supportportal.juniper.net/s/article/2024-01-Security-Bulletin-Junos-OS-Evolved-A-high-rate-of-specific-traffic-will-cause-a-complete-system-outage-CVE-2024-21604"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA75729 du 10 janvier 2024",
"url": "https://supportportal.juniper.net/s/article/2024-01-Security-Bulletin-Junos-OS-SRX-Series-and-EX-Series-Security-Vulnerability-in-J-web-allows-a-preAuth-Remote-Code-Execution-CVE-2024-21591"
}
]
}
CERTFR-2022-AVI-056
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été découvertes dans Oracle WebLogic Server. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et une atteinte à l'intégrité des données.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
References
| Title | Publication Time | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Oracle WebLogic Server versions 12.1.3.0.0, 12.2.1.3.0, 12.2.1.4.0 et 14.1.1.0.0",
"product": {
"name": "Weblogic",
"vendor": {
"name": "Oracle",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2021-29425",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-29425"
},
{
"name": "CVE-2022-21371",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21371"
},
{
"name": "CVE-2022-21252",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21252"
},
{
"name": "CVE-2020-13956",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-13956"
},
{
"name": "CVE-2022-21292",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21292"
},
{
"name": "CVE-2020-2934",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2934"
},
{
"name": "CVE-2022-21257",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21257"
},
{
"name": "CVE-2021-4104",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-4104"
},
{
"name": "CVE-2022-21347",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21347"
},
{
"name": "CVE-2022-21361",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21361"
},
{
"name": "CVE-2022-21260",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21260"
},
{
"name": "CVE-2022-21258",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21258"
},
{
"name": "CVE-2021-27568",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-27568"
},
{
"name": "CVE-2018-1324",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1324"
},
{
"name": "CVE-2022-21259",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21259"
},
{
"name": "CVE-2019-10219",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-10219"
},
{
"name": "CVE-2022-21353",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21353"
},
{
"name": "CVE-2022-21306",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21306"
},
{
"name": "CVE-2022-21350",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21350"
},
{
"name": "CVE-2022-21262",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21262"
},
{
"name": "CVE-2021-44832",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44832"
},
{
"name": "CVE-2022-21386",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21386"
},
{
"name": "CVE-2022-21261",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21261"
},
{
"name": "CVE-2020-5258",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-5258"
},
{
"name": "CVE-2020-11023",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11023"
}
],
"links": [],
"reference": "CERTFR-2022-AVI-056",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2022-01-19T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans Oracle WebLogic\nServer. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer\nune ex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de service \u00e0\ndistance et une atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans Oracle WebLogic Server",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Oracle cpujan2022.html du 18 janvier 2022",
"url": "https://www.oracle.com/security-alerts/cpujan2022.html#AppendixFMW"
}
]
}
CERTFR-2022-AVI-960
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été découvertes dans les produits IBM. Elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance et un déni de service à distance.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| IBM | QRadar SIEM | IBM QRadar SIEM versions antérieures à 7.5.0 Update Package Interim Fix 02 | ||
| IBM | QRadar SIEM | IBM QRadar SIEM versions antérieures à 7.4.3 Fix Pack 7 | ||
| IBM | WebSphere | IBM WebSphere Application Server Liberty 17.0.0.3 à 22.0.0.11 sans le correctif de sécurité temporaire PH49719 (la version 22.0.0.12 est prévue au quatrième trimestre 2022) |
References
| Title | Publication Time | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "IBM QRadar SIEM versions ant\u00e9rieures \u00e0 7.5.0 Update Package Interim Fix 02",
"product": {
"name": "QRadar SIEM",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "IBM QRadar SIEM versions ant\u00e9rieures \u00e0 7.4.3 Fix Pack 7",
"product": {
"name": "QRadar SIEM",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "IBM WebSphere Application Server Liberty 17.0.0.3 \u00e0 22.0.0.11 sans le correctif de s\u00e9curit\u00e9 temporaire PH49719 (la version 22.0.0.12 est pr\u00e9vue au quatri\u00e8me trimestre 2022)",
"product": {
"name": "WebSphere",
"vendor": {
"name": "IBM",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2019-17571",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-17571"
},
{
"name": "CVE-2021-4104",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-4104"
},
{
"name": "CVE-2022-37734",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-37734"
},
{
"name": "CVE-2021-44832",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44832"
}
],
"links": [],
"reference": "CERTFR-2022-AVI-960",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2022-10-27T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits IBM.\nElles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code\narbitraire \u00e0 distance et un d\u00e9ni de service \u00e0 distance.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits IBM",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 6832094 du 26 octobre 2022",
"url": "https://www.ibm.com/support/pages/node/6832094"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 6832160 du 26 octobre 2022",
"url": "https://www.ibm.com/support/pages/node/6832160"
}
]
}
CERTFR-2022-AVI-125
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été découvertes dans les produits SAP. Elles permettent à un attaquant de provoquer un déni de service à distance, une atteinte à l'intégrité des données et une atteinte à la confidentialité des données.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| SAP | N/A | SAP NetWeaver Application Server for ABAP (Kernel) and ABAP Platform (Kernel) versions KERNEL 7.22, 8.04, 7.49, 7.53, 7.77, 7.81, 7.85, 7.86, 7.87, KRNL64UC 8.04, 7.22, 7.22EXT, 7.49, 7.53, KRNL64NUC 7.22, 7.22EXT et 7.49 | ||
| SAP | N/A | SAP Business Objects Web Intelligence (BI Launchpad) version 420 | ||
| SAP | N/A | SAP S/4HANA versions 100, 101, 102, 103, 104, 105 et 106 | ||
| SAP | N/A | SAP Content Server version 7.53 | ||
| SAP | N/A | SAP 3D Visual Enterprise Viewer version 9.0 | ||
| SAP | N/A | SAP Web Dispatcher versions 7.49, 7.53, 7.77, 7.81, 7.85, 7.22EXT, 7.86 et 7.87 | ||
| SAP | N/A | SAP NetWeaver and ABAP Platform versions KERNEL 7.22, 8.04, 7.49, 7.53, 7.77, 7.81, 7.85, 7.86, 7.87, KRNL64UC 8.04, 7.22, 7.22EXT, 7.49, 7.53, KRNL64NUC 7.22, 7.22EXT et 7.49 | ||
| SAP | N/A | SAP Solution Manager (Diagnostics Root Cause Analysis Tools) version 720 | ||
| SAP | N/A | SAP S/4HANA (Supplier Factsheet and Enterprise Search for Business Partner, Supplier and Customer) versions 104, 105 et 106 | ||
| SAP | N/A | SAP Business Client version 6.5 | ||
| SAP | N/A | SAP Commerce versions 1905, 2005, 2105 et 2011 | ||
| SAP | N/A | SAP Adaptive Server Enterprise version 16.0 | ||
| SAP | N/A | SAP Data Intelligence version 3 | ||
| SAP | N/A | SAP NetWeaver AS ABAP (Workplace Server) versions 700, 701, 702, 731, 740, 750, 751, 752, 753, 754, 755, 756 et 787 | ||
| SAP | N/A | Internet of Things Edge Platform version 4.0 | ||
| SAP | N/A | SAP NetWeaver Application Server Java versions KRNL64NUC 7.22, 7.22EXT, 7.49, KRNL64UC, 7.22, 7.22EXT, 7.49, 7.53, KERNEL 7.22, 7.49 et 7.53 | ||
| SAP | N/A | SAP NetWeaver (ABAP and Java application Servers) versions 700, 701, 702, 731, 740, 750, 751, 752, 753, 754, 755 et 756 | ||
| SAP | N/A | SAP Dynamic Authorization Management version 9.1.0.0 et 2021.03 | ||
| SAP | N/A | SAP ERP HCM (Portugal) versions 600, 604 et 608 | ||
| SAP | N/A | SAP Customer Checkout version 2 |
References
| Title | Publication Time | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "SAP NetWeaver Application Server for ABAP (Kernel) and ABAP Platform (Kernel) versions KERNEL 7.22, 8.04, 7.49, 7.53, 7.77, 7.81, 7.85, 7.86, 7.87, KRNL64UC 8.04, 7.22, 7.22EXT, 7.49, 7.53, KRNL64NUC 7.22, 7.22EXT et 7.49",
"product": {
"name": "N/A",
"vendor": {
"name": "SAP",
"scada": false
}
}
},
{
"description": "SAP Business Objects Web Intelligence (BI Launchpad) version 420",
"product": {
"name": "N/A",
"vendor": {
"name": "SAP",
"scada": false
}
}
},
{
"description": "SAP S/4HANA versions 100, 101, 102, 103, 104, 105 et 106",
"product": {
"name": "N/A",
"vendor": {
"name": "SAP",
"scada": false
}
}
},
{
"description": "SAP Content Server version 7.53",
"product": {
"name": "N/A",
"vendor": {
"name": "SAP",
"scada": false
}
}
},
{
"description": "SAP 3D Visual Enterprise Viewer version 9.0",
"product": {
"name": "N/A",
"vendor": {
"name": "SAP",
"scada": false
}
}
},
{
"description": "SAP Web Dispatcher versions 7.49, 7.53, 7.77, 7.81, 7.85, 7.22EXT, 7.86 et 7.87",
"product": {
"name": "N/A",
"vendor": {
"name": "SAP",
"scada": false
}
}
},
{
"description": "SAP NetWeaver and ABAP Platform versions KERNEL 7.22, 8.04, 7.49, 7.53, 7.77, 7.81, 7.85, 7.86, 7.87, KRNL64UC 8.04, 7.22, 7.22EXT, 7.49, 7.53, KRNL64NUC 7.22, 7.22EXT et 7.49",
"product": {
"name": "N/A",
"vendor": {
"name": "SAP",
"scada": false
}
}
},
{
"description": "SAP Solution Manager (Diagnostics Root Cause Analysis Tools) version 720",
"product": {
"name": "N/A",
"vendor": {
"name": "SAP",
"scada": false
}
}
},
{
"description": "SAP S/4HANA (Supplier Factsheet and Enterprise Search for Business Partner, Supplier and Customer) versions 104, 105 et 106",
"product": {
"name": "N/A",
"vendor": {
"name": "SAP",
"scada": false
}
}
},
{
"description": "SAP Business Client version 6.5",
"product": {
"name": "N/A",
"vendor": {
"name": "SAP",
"scada": false
}
}
},
{
"description": "SAP Commerce versions 1905, 2005, 2105 et 2011",
"product": {
"name": "N/A",
"vendor": {
"name": "SAP",
"scada": false
}
}
},
{
"description": "SAP Adaptive Server Enterprise version 16.0",
"product": {
"name": "N/A",
"vendor": {
"name": "SAP",
"scada": false
}
}
},
{
"description": "SAP Data Intelligence version 3",
"product": {
"name": "N/A",
"vendor": {
"name": "SAP",
"scada": false
}
}
},
{
"description": "SAP NetWeaver AS ABAP (Workplace Server) versions 700, 701, 702, 731, 740, 750, 751, 752, 753, 754, 755, 756 et 787",
"product": {
"name": "N/A",
"vendor": {
"name": "SAP",
"scada": false
}
}
},
{
"description": "Internet of Things Edge Platform version 4.0",
"product": {
"name": "N/A",
"vendor": {
"name": "SAP",
"scada": false
}
}
},
{
"description": "SAP NetWeaver Application Server Java versions KRNL64NUC 7.22, 7.22EXT, 7.49, KRNL64UC, 7.22, 7.22EXT, 7.49, 7.53, KERNEL 7.22, 7.49 et 7.53",
"product": {
"name": "N/A",
"vendor": {
"name": "SAP",
"scada": false
}
}
},
{
"description": "SAP NetWeaver (ABAP and Java application Servers) versions 700, 701, 702, 731, 740, 750, 751, 752, 753, 754, 755 et 756",
"product": {
"name": "N/A",
"vendor": {
"name": "SAP",
"scada": false
}
}
},
{
"description": "SAP Dynamic Authorization Management version 9.1.0.0 et 2021.03",
"product": {
"name": "N/A",
"vendor": {
"name": "SAP",
"scada": false
}
}
},
{
"description": "SAP ERP HCM (Portugal) versions 600, 604 et 608",
"product": {
"name": "N/A",
"vendor": {
"name": "SAP",
"scada": false
}
}
},
{
"description": "SAP Customer Checkout version 2",
"product": {
"name": "N/A",
"vendor": {
"name": "SAP",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2022-22544",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22544"
},
{
"name": "CVE-2022-22531",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22531"
},
{
"name": "CVE-2022-22543",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22543"
},
{
"name": "CVE-2022-22535",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22535"
},
{
"name": "CVE-2022-22536",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22536"
},
{
"name": "CVE-2021-45105",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-45105"
},
{
"name": "CVE-2022-22528",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22528"
},
{
"name": "CVE-2022-22539",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22539"
},
{
"name": "CVE-2022-22532",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22532"
},
{
"name": "CVE-2021-45046",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-45046"
},
{
"name": "CVE-2022-22530",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22530"
},
{
"name": "CVE-2022-22546",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22546"
},
{
"name": "CVE-2022-22538",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22538"
},
{
"name": "CVE-2022-22540",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22540"
},
{
"name": "CVE-2021-44228",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44228"
},
{
"name": "CVE-2021-44832",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44832"
},
{
"name": "CVE-2022-22537",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22537"
},
{
"name": "CVE-2022-22542",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22542"
},
{
"name": "CVE-2022-22534",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22534"
}
],
"links": [],
"reference": "CERTFR-2022-AVI-125",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2022-02-09T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Injection de code indirecte \u00e0 distance (XSS)"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits SAP.\nElles permettent \u00e0 un attaquant de provoquer un d\u00e9ni de service \u00e0\ndistance, une atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es et une atteinte \u00e0 la\nconfidentialit\u00e9 des donn\u00e9es.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits SAP",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SAP du 09 f\u00e9vrier 2022",
"url": "https://wiki.scn.sap.com/wiki/display/PSR/SAP+Security+Patch+Day+-+February+2022"
}
]
}
CERTFR-2022-AVI-366
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été découvertes dans Oracle PeopleSoft. Certaines d'entre elles permettent à un attaquant de provoquer un déni de service à distance, un contournement de la politique de sécurité et une atteinte à l'intégrité des données.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Oracle | PeopleSoft | PeopleSoft Enterprise PRTL Interaction Hub version 9.1 | ||
| Oracle | PeopleSoft | PeopleSoft Enterprise PeopleTools version 8.58 | ||
| Oracle | PeopleSoft | PeopleSoft Enterprise PeopleTools version 8.59 | ||
| Oracle | PeopleSoft | PeopleSoft Enterprise CS Academic Advisement version 9.2 | ||
| Oracle | PeopleSoft | PeopleSoft Enterprise FIN Cash Management version 9.2 |
References
| Title | Publication Time | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "PeopleSoft Enterprise PRTL Interaction Hub version 9.1",
"product": {
"name": "PeopleSoft",
"vendor": {
"name": "Oracle",
"scada": false
}
}
},
{
"description": "PeopleSoft Enterprise PeopleTools version 8.58",
"product": {
"name": "PeopleSoft",
"vendor": {
"name": "Oracle",
"scada": false
}
}
},
{
"description": "PeopleSoft Enterprise PeopleTools version 8.59",
"product": {
"name": "PeopleSoft",
"vendor": {
"name": "Oracle",
"scada": false
}
}
},
{
"description": "PeopleSoft Enterprise CS Academic Advisement version 9.2",
"product": {
"name": "PeopleSoft",
"vendor": {
"name": "Oracle",
"scada": false
}
}
},
{
"description": "PeopleSoft Enterprise FIN Cash Management version 9.2",
"product": {
"name": "PeopleSoft",
"vendor": {
"name": "Oracle",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2022-21470",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21470"
},
{
"name": "CVE-2021-40690",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-40690"
},
{
"name": "CVE-2022-21447",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21447"
},
{
"name": "CVE-2021-4160",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-4160"
},
{
"name": "CVE-2022-21458",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21458"
},
{
"name": "CVE-2021-43797",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-43797"
},
{
"name": "CVE-2021-37714",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-37714"
},
{
"name": "CVE-2020-8908",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-8908"
},
{
"name": "CVE-2021-44533",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44533"
},
{
"name": "CVE-2021-44832",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44832"
},
{
"name": "CVE-2021-41165",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-41165"
},
{
"name": "CVE-2022-21450",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21450"
},
{
"name": "CVE-2021-3518",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3518"
},
{
"name": "CVE-2022-21481",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21481"
}
],
"links": [],
"reference": "CERTFR-2022-AVI-366",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2022-04-20T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans Oracle PeopleSoft.\nCertaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer un d\u00e9ni\nde service \u00e0 distance, un contournement de la politique de s\u00e9curit\u00e9 et\nune atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans Oracle PeopleSoft",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Oracle verbose cpuapr2022 du 19 avril 2022",
"url": "https://www.oracle.com/security-alerts/cpuapr2022verbose.html#PS"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Oracle cpuapr2022 du 19 avril 2022",
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html#AppendixPS"
}
]
}
CERTFR-2022-AVI-056
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été découvertes dans Oracle WebLogic Server. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et une atteinte à l'intégrité des données.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
References
| Title | Publication Time | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Oracle WebLogic Server versions 12.1.3.0.0, 12.2.1.3.0, 12.2.1.4.0 et 14.1.1.0.0",
"product": {
"name": "Weblogic",
"vendor": {
"name": "Oracle",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2021-29425",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-29425"
},
{
"name": "CVE-2022-21371",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21371"
},
{
"name": "CVE-2022-21252",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21252"
},
{
"name": "CVE-2020-13956",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-13956"
},
{
"name": "CVE-2022-21292",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21292"
},
{
"name": "CVE-2020-2934",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2934"
},
{
"name": "CVE-2022-21257",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21257"
},
{
"name": "CVE-2021-4104",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-4104"
},
{
"name": "CVE-2022-21347",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21347"
},
{
"name": "CVE-2022-21361",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21361"
},
{
"name": "CVE-2022-21260",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21260"
},
{
"name": "CVE-2022-21258",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21258"
},
{
"name": "CVE-2021-27568",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-27568"
},
{
"name": "CVE-2018-1324",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1324"
},
{
"name": "CVE-2022-21259",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21259"
},
{
"name": "CVE-2019-10219",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-10219"
},
{
"name": "CVE-2022-21353",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21353"
},
{
"name": "CVE-2022-21306",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21306"
},
{
"name": "CVE-2022-21350",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21350"
},
{
"name": "CVE-2022-21262",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21262"
},
{
"name": "CVE-2021-44832",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44832"
},
{
"name": "CVE-2022-21386",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21386"
},
{
"name": "CVE-2022-21261",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21261"
},
{
"name": "CVE-2020-5258",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-5258"
},
{
"name": "CVE-2020-11023",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11023"
}
],
"links": [],
"reference": "CERTFR-2022-AVI-056",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2022-01-19T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans Oracle WebLogic\nServer. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer\nune ex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de service \u00e0\ndistance et une atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans Oracle WebLogic Server",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Oracle cpujan2022.html du 18 janvier 2022",
"url": "https://www.oracle.com/security-alerts/cpujan2022.html#AppendixFMW"
}
]
}
RHSA-2022:0230
Vulnerability from csaf_redhat - Published: 2022-01-21 19:04 - Updated: 2025-11-21 18:28Summary
Red Hat Security Advisory: Red Hat OpenShift Enterprise Logging bug fix and security update (5.2.6)
Notes
Topic
An update is now available for OpenShift Logging (5.2.6)
Red Hat Product Security has rated this update as having a security impact of
Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives
a detailed severity rating, is available for each vulnerability from the CVE
link(s) in the References section.
Details
OpenShift Logging Bug Fix Release (5.2.6)
Security Fix(es):
* nodejs-ua-parser-js: ReDoS via malicious User-Agent header (CVE-2021-27292)
* log4j-core: remote code execution via JDBC Appender (CVE-2021-44832)
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update is now available for OpenShift Logging (5.2.6)\n\nRed Hat Product Security has rated this update as having a security impact of\nModerate. A Common Vulnerability Scoring System (CVSS) base score, which gives\na detailed severity rating, is available for each vulnerability from the CVE\nlink(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "OpenShift Logging Bug Fix Release (5.2.6)\n\nSecurity Fix(es):\n\n* nodejs-ua-parser-js: ReDoS via malicious User-Agent header (CVE-2021-27292)\n\n* log4j-core: remote code execution via JDBC Appender (CVE-2021-44832)",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2022:0230",
"url": "https://access.redhat.com/errata/RHSA-2022:0230"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "1940613",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1940613"
},
{
"category": "external",
"summary": "2035951",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2035951"
},
{
"category": "external",
"summary": "LOG-2104",
"url": "https://issues.redhat.com/browse/LOG-2104"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2022/rhsa-2022_0230.json"
}
],
"title": "Red Hat Security Advisory: Red Hat OpenShift Enterprise Logging bug fix and security update (5.2.6)",
"tracking": {
"current_release_date": "2025-11-21T18:28:03+00:00",
"generator": {
"date": "2025-11-21T18:28:03+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.12"
}
},
"id": "RHSA-2022:0230",
"initial_release_date": "2022-01-21T19:04:46+00:00",
"revision_history": [
{
"date": "2022-01-21T19:04:46+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2022-01-21T19:04:46+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-11-21T18:28:03+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "OpenShift Logging 5.2",
"product": {
"name": "OpenShift Logging 5.2",
"product_id": "8Base-OSE-LOGGING-5.2",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:logging:5.2::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenShift Enterprise"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-logging/cluster-logging-rhel8-operator@sha256:3fa8f9590e009139c5d3c7f104d3bfee279e6a4a648b9f76defad60fa0a32954_s390x",
"product": {
"name": "openshift-logging/cluster-logging-rhel8-operator@sha256:3fa8f9590e009139c5d3c7f104d3bfee279e6a4a648b9f76defad60fa0a32954_s390x",
"product_id": "openshift-logging/cluster-logging-rhel8-operator@sha256:3fa8f9590e009139c5d3c7f104d3bfee279e6a4a648b9f76defad60fa0a32954_s390x",
"product_identification_helper": {
"purl": "pkg:oci/cluster-logging-rhel8-operator@sha256:3fa8f9590e009139c5d3c7f104d3bfee279e6a4a648b9f76defad60fa0a32954?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/cluster-logging-rhel8-operator\u0026tag=v5.2.6-2"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch-rhel8-operator@sha256:c4029eab5cf3ef8e00f774a04b786003e31073c85a585f50689009110d2a5f76_s390x",
"product": {
"name": "openshift-logging/elasticsearch-rhel8-operator@sha256:c4029eab5cf3ef8e00f774a04b786003e31073c85a585f50689009110d2a5f76_s390x",
"product_id": "openshift-logging/elasticsearch-rhel8-operator@sha256:c4029eab5cf3ef8e00f774a04b786003e31073c85a585f50689009110d2a5f76_s390x",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch-rhel8-operator@sha256:c4029eab5cf3ef8e00f774a04b786003e31073c85a585f50689009110d2a5f76?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch-rhel8-operator\u0026tag=v5.2.6-2"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:1738c1f613bc80f825795bba194000dd354e15aa05e881ef103e63ce4c905ac8_s390x",
"product": {
"name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:1738c1f613bc80f825795bba194000dd354e15aa05e881ef103e63ce4c905ac8_s390x",
"product_id": "openshift-logging/elasticsearch-proxy-rhel8@sha256:1738c1f613bc80f825795bba194000dd354e15aa05e881ef103e63ce4c905ac8_s390x",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch-proxy-rhel8@sha256:1738c1f613bc80f825795bba194000dd354e15aa05e881ef103e63ce4c905ac8?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch-proxy-rhel8\u0026tag=v1.0.0-104"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/log-file-metric-exporter-rhel8@sha256:c442371d189720167dd3de9deaab587dad8ab810977040da26f3457cfd6eb10e_s390x",
"product": {
"name": "openshift-logging/log-file-metric-exporter-rhel8@sha256:c442371d189720167dd3de9deaab587dad8ab810977040da26f3457cfd6eb10e_s390x",
"product_id": "openshift-logging/log-file-metric-exporter-rhel8@sha256:c442371d189720167dd3de9deaab587dad8ab810977040da26f3457cfd6eb10e_s390x",
"product_identification_helper": {
"purl": "pkg:oci/log-file-metric-exporter-rhel8@sha256:c442371d189720167dd3de9deaab587dad8ab810977040da26f3457cfd6eb10e?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel8\u0026tag=v1.0.0-71"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/logging-curator5-rhel8@sha256:640ff6c8d8c3c16ba43f87f4d323e93d7d8cdae1df44d7220c79083e8284ebd6_s390x",
"product": {
"name": "openshift-logging/logging-curator5-rhel8@sha256:640ff6c8d8c3c16ba43f87f4d323e93d7d8cdae1df44d7220c79083e8284ebd6_s390x",
"product_id": "openshift-logging/logging-curator5-rhel8@sha256:640ff6c8d8c3c16ba43f87f4d323e93d7d8cdae1df44d7220c79083e8284ebd6_s390x",
"product_identification_helper": {
"purl": "pkg:oci/logging-curator5-rhel8@sha256:640ff6c8d8c3c16ba43f87f4d323e93d7d8cdae1df44d7220c79083e8284ebd6?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/logging-curator5-rhel8\u0026tag=v5.8.1-73"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch6-rhel8@sha256:be1dd8dfaf204fa739a202ac7ddfcf3ed4441c97d05fa914cbbff34d5467bd76_s390x",
"product": {
"name": "openshift-logging/elasticsearch6-rhel8@sha256:be1dd8dfaf204fa739a202ac7ddfcf3ed4441c97d05fa914cbbff34d5467bd76_s390x",
"product_id": "openshift-logging/elasticsearch6-rhel8@sha256:be1dd8dfaf204fa739a202ac7ddfcf3ed4441c97d05fa914cbbff34d5467bd76_s390x",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch6-rhel8@sha256:be1dd8dfaf204fa739a202ac7ddfcf3ed4441c97d05fa914cbbff34d5467bd76?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch6-rhel8\u0026tag=v6.8.1-100"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/eventrouter-rhel8@sha256:d5ae1f16eec322d9c9fb5604641cb038a831a0c7de331feb2999775e7958ed55_s390x",
"product": {
"name": "openshift-logging/eventrouter-rhel8@sha256:d5ae1f16eec322d9c9fb5604641cb038a831a0c7de331feb2999775e7958ed55_s390x",
"product_id": "openshift-logging/eventrouter-rhel8@sha256:d5ae1f16eec322d9c9fb5604641cb038a831a0c7de331feb2999775e7958ed55_s390x",
"product_identification_helper": {
"purl": "pkg:oci/eventrouter-rhel8@sha256:d5ae1f16eec322d9c9fb5604641cb038a831a0c7de331feb2999775e7958ed55?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/eventrouter-rhel8\u0026tag=v0.3.0-99"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/fluentd-rhel8@sha256:a1f3ef5cafecc311f1c206ea40fda0f53badc8a520d30ad4461a25a2177cc393_s390x",
"product": {
"name": "openshift-logging/fluentd-rhel8@sha256:a1f3ef5cafecc311f1c206ea40fda0f53badc8a520d30ad4461a25a2177cc393_s390x",
"product_id": "openshift-logging/fluentd-rhel8@sha256:a1f3ef5cafecc311f1c206ea40fda0f53badc8a520d30ad4461a25a2177cc393_s390x",
"product_identification_helper": {
"purl": "pkg:oci/fluentd-rhel8@sha256:a1f3ef5cafecc311f1c206ea40fda0f53badc8a520d30ad4461a25a2177cc393?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/fluentd-rhel8\u0026tag=v1.7.4-104"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/kibana6-rhel8@sha256:5ec68bc1aa764552cb1471a1844708747fced656c031b8c8428deecd3137eb3a_s390x",
"product": {
"name": "openshift-logging/kibana6-rhel8@sha256:5ec68bc1aa764552cb1471a1844708747fced656c031b8c8428deecd3137eb3a_s390x",
"product_id": "openshift-logging/kibana6-rhel8@sha256:5ec68bc1aa764552cb1471a1844708747fced656c031b8c8428deecd3137eb3a_s390x",
"product_identification_helper": {
"purl": "pkg:oci/kibana6-rhel8@sha256:5ec68bc1aa764552cb1471a1844708747fced656c031b8c8428deecd3137eb3a?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/kibana6-rhel8\u0026tag=v6.8.1-110"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-logging/cluster-logging-rhel8-operator@sha256:ec5a23b5aabdf0103bfe6a19abbf5ff8911b8d0b48b72167517506b53cd32e71_amd64",
"product": {
"name": "openshift-logging/cluster-logging-rhel8-operator@sha256:ec5a23b5aabdf0103bfe6a19abbf5ff8911b8d0b48b72167517506b53cd32e71_amd64",
"product_id": "openshift-logging/cluster-logging-rhel8-operator@sha256:ec5a23b5aabdf0103bfe6a19abbf5ff8911b8d0b48b72167517506b53cd32e71_amd64",
"product_identification_helper": {
"purl": "pkg:oci/cluster-logging-rhel8-operator@sha256:ec5a23b5aabdf0103bfe6a19abbf5ff8911b8d0b48b72167517506b53cd32e71?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/cluster-logging-rhel8-operator\u0026tag=v5.2.6-2"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/cluster-logging-operator-bundle@sha256:f4834508c179ac8ec28747587ea9a5c581e66b8a43dbc484e0b471ec44c5e7a8_amd64",
"product": {
"name": "openshift-logging/cluster-logging-operator-bundle@sha256:f4834508c179ac8ec28747587ea9a5c581e66b8a43dbc484e0b471ec44c5e7a8_amd64",
"product_id": "openshift-logging/cluster-logging-operator-bundle@sha256:f4834508c179ac8ec28747587ea9a5c581e66b8a43dbc484e0b471ec44c5e7a8_amd64",
"product_identification_helper": {
"purl": "pkg:oci/cluster-logging-operator-bundle@sha256:f4834508c179ac8ec28747587ea9a5c581e66b8a43dbc484e0b471ec44c5e7a8?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/cluster-logging-operator-bundle\u0026tag=v5.2.6-6"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch-rhel8-operator@sha256:2f7f3178fff00f6096e340392dfe2e005f7fa6553eae194cb765dd026432d010_amd64",
"product": {
"name": "openshift-logging/elasticsearch-rhel8-operator@sha256:2f7f3178fff00f6096e340392dfe2e005f7fa6553eae194cb765dd026432d010_amd64",
"product_id": "openshift-logging/elasticsearch-rhel8-operator@sha256:2f7f3178fff00f6096e340392dfe2e005f7fa6553eae194cb765dd026432d010_amd64",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch-rhel8-operator@sha256:2f7f3178fff00f6096e340392dfe2e005f7fa6553eae194cb765dd026432d010?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch-rhel8-operator\u0026tag=v5.2.6-2"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch-operator-bundle@sha256:e33d3f89fa14cef83be2bf1d15cf5bb1df57ffd9258902613a2a1309cbc11981_amd64",
"product": {
"name": "openshift-logging/elasticsearch-operator-bundle@sha256:e33d3f89fa14cef83be2bf1d15cf5bb1df57ffd9258902613a2a1309cbc11981_amd64",
"product_id": "openshift-logging/elasticsearch-operator-bundle@sha256:e33d3f89fa14cef83be2bf1d15cf5bb1df57ffd9258902613a2a1309cbc11981_amd64",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch-operator-bundle@sha256:e33d3f89fa14cef83be2bf1d15cf5bb1df57ffd9258902613a2a1309cbc11981?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch-operator-bundle\u0026tag=v5.2.6-6"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:bda4a51803d41c805074962d4207f0c56a4248d50d09bcd01017d55ea974166f_amd64",
"product": {
"name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:bda4a51803d41c805074962d4207f0c56a4248d50d09bcd01017d55ea974166f_amd64",
"product_id": "openshift-logging/elasticsearch-proxy-rhel8@sha256:bda4a51803d41c805074962d4207f0c56a4248d50d09bcd01017d55ea974166f_amd64",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch-proxy-rhel8@sha256:bda4a51803d41c805074962d4207f0c56a4248d50d09bcd01017d55ea974166f?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch-proxy-rhel8\u0026tag=v1.0.0-104"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/log-file-metric-exporter-rhel8@sha256:59abfdea0e2fbafa7355967f3dc43700b82907aeaea520a10a87d4a77adc5963_amd64",
"product": {
"name": "openshift-logging/log-file-metric-exporter-rhel8@sha256:59abfdea0e2fbafa7355967f3dc43700b82907aeaea520a10a87d4a77adc5963_amd64",
"product_id": "openshift-logging/log-file-metric-exporter-rhel8@sha256:59abfdea0e2fbafa7355967f3dc43700b82907aeaea520a10a87d4a77adc5963_amd64",
"product_identification_helper": {
"purl": "pkg:oci/log-file-metric-exporter-rhel8@sha256:59abfdea0e2fbafa7355967f3dc43700b82907aeaea520a10a87d4a77adc5963?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel8\u0026tag=v1.0.0-71"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/logging-curator5-rhel8@sha256:3dbc18048c93b6281f14b3472ed538a20b12b7e6c0524d61afda291b5bf11541_amd64",
"product": {
"name": "openshift-logging/logging-curator5-rhel8@sha256:3dbc18048c93b6281f14b3472ed538a20b12b7e6c0524d61afda291b5bf11541_amd64",
"product_id": "openshift-logging/logging-curator5-rhel8@sha256:3dbc18048c93b6281f14b3472ed538a20b12b7e6c0524d61afda291b5bf11541_amd64",
"product_identification_helper": {
"purl": "pkg:oci/logging-curator5-rhel8@sha256:3dbc18048c93b6281f14b3472ed538a20b12b7e6c0524d61afda291b5bf11541?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/logging-curator5-rhel8\u0026tag=v5.8.1-73"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch6-rhel8@sha256:d78003468c5d530a8dddd9841ecd23921b6987187ef09a0b97eeda0e7e914c94_amd64",
"product": {
"name": "openshift-logging/elasticsearch6-rhel8@sha256:d78003468c5d530a8dddd9841ecd23921b6987187ef09a0b97eeda0e7e914c94_amd64",
"product_id": "openshift-logging/elasticsearch6-rhel8@sha256:d78003468c5d530a8dddd9841ecd23921b6987187ef09a0b97eeda0e7e914c94_amd64",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch6-rhel8@sha256:d78003468c5d530a8dddd9841ecd23921b6987187ef09a0b97eeda0e7e914c94?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch6-rhel8\u0026tag=v6.8.1-100"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/eventrouter-rhel8@sha256:a0a4983317c397185b3c3dfda4f3399cad0b53daebe68a553991558fed8657cd_amd64",
"product": {
"name": "openshift-logging/eventrouter-rhel8@sha256:a0a4983317c397185b3c3dfda4f3399cad0b53daebe68a553991558fed8657cd_amd64",
"product_id": "openshift-logging/eventrouter-rhel8@sha256:a0a4983317c397185b3c3dfda4f3399cad0b53daebe68a553991558fed8657cd_amd64",
"product_identification_helper": {
"purl": "pkg:oci/eventrouter-rhel8@sha256:a0a4983317c397185b3c3dfda4f3399cad0b53daebe68a553991558fed8657cd?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/eventrouter-rhel8\u0026tag=v0.3.0-99"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/fluentd-rhel8@sha256:2ce16348308819fb21fa98c69ca56eb70b62cf36fb1c233d1928764b393dd3f0_amd64",
"product": {
"name": "openshift-logging/fluentd-rhel8@sha256:2ce16348308819fb21fa98c69ca56eb70b62cf36fb1c233d1928764b393dd3f0_amd64",
"product_id": "openshift-logging/fluentd-rhel8@sha256:2ce16348308819fb21fa98c69ca56eb70b62cf36fb1c233d1928764b393dd3f0_amd64",
"product_identification_helper": {
"purl": "pkg:oci/fluentd-rhel8@sha256:2ce16348308819fb21fa98c69ca56eb70b62cf36fb1c233d1928764b393dd3f0?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/fluentd-rhel8\u0026tag=v1.7.4-104"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/kibana6-rhel8@sha256:8da444779bc4d8fefb85fe2a373d4f4280db9c41198e321e74b6cab05aed6922_amd64",
"product": {
"name": "openshift-logging/kibana6-rhel8@sha256:8da444779bc4d8fefb85fe2a373d4f4280db9c41198e321e74b6cab05aed6922_amd64",
"product_id": "openshift-logging/kibana6-rhel8@sha256:8da444779bc4d8fefb85fe2a373d4f4280db9c41198e321e74b6cab05aed6922_amd64",
"product_identification_helper": {
"purl": "pkg:oci/kibana6-rhel8@sha256:8da444779bc4d8fefb85fe2a373d4f4280db9c41198e321e74b6cab05aed6922?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/kibana6-rhel8\u0026tag=v6.8.1-110"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-logging/cluster-logging-rhel8-operator@sha256:34c1103c3d1fa2f4edc3629c5708ec29828627101eb57dd7256a91d247f30fde_ppc64le",
"product": {
"name": "openshift-logging/cluster-logging-rhel8-operator@sha256:34c1103c3d1fa2f4edc3629c5708ec29828627101eb57dd7256a91d247f30fde_ppc64le",
"product_id": "openshift-logging/cluster-logging-rhel8-operator@sha256:34c1103c3d1fa2f4edc3629c5708ec29828627101eb57dd7256a91d247f30fde_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/cluster-logging-rhel8-operator@sha256:34c1103c3d1fa2f4edc3629c5708ec29828627101eb57dd7256a91d247f30fde?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/cluster-logging-rhel8-operator\u0026tag=v5.2.6-2"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch-rhel8-operator@sha256:48b2b1685ae38774ec04f860f11a246838f8925be0b5adc0ec60bbde57419fb1_ppc64le",
"product": {
"name": "openshift-logging/elasticsearch-rhel8-operator@sha256:48b2b1685ae38774ec04f860f11a246838f8925be0b5adc0ec60bbde57419fb1_ppc64le",
"product_id": "openshift-logging/elasticsearch-rhel8-operator@sha256:48b2b1685ae38774ec04f860f11a246838f8925be0b5adc0ec60bbde57419fb1_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch-rhel8-operator@sha256:48b2b1685ae38774ec04f860f11a246838f8925be0b5adc0ec60bbde57419fb1?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch-rhel8-operator\u0026tag=v5.2.6-2"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:26e82e33639172e754d954c2de492f7ec0bff4760c7284fe85231d74e83da3cc_ppc64le",
"product": {
"name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:26e82e33639172e754d954c2de492f7ec0bff4760c7284fe85231d74e83da3cc_ppc64le",
"product_id": "openshift-logging/elasticsearch-proxy-rhel8@sha256:26e82e33639172e754d954c2de492f7ec0bff4760c7284fe85231d74e83da3cc_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch-proxy-rhel8@sha256:26e82e33639172e754d954c2de492f7ec0bff4760c7284fe85231d74e83da3cc?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch-proxy-rhel8\u0026tag=v1.0.0-104"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/log-file-metric-exporter-rhel8@sha256:c347e82a481d60f52e5fc9cfd0634dd69e82db309de5e1eedf12832461f2e399_ppc64le",
"product": {
"name": "openshift-logging/log-file-metric-exporter-rhel8@sha256:c347e82a481d60f52e5fc9cfd0634dd69e82db309de5e1eedf12832461f2e399_ppc64le",
"product_id": "openshift-logging/log-file-metric-exporter-rhel8@sha256:c347e82a481d60f52e5fc9cfd0634dd69e82db309de5e1eedf12832461f2e399_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/log-file-metric-exporter-rhel8@sha256:c347e82a481d60f52e5fc9cfd0634dd69e82db309de5e1eedf12832461f2e399?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel8\u0026tag=v1.0.0-71"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/logging-curator5-rhel8@sha256:c93eef1216995a01b8a76d547798b4a327d8fd2be746c40cf4e3b6cc84cea56c_ppc64le",
"product": {
"name": "openshift-logging/logging-curator5-rhel8@sha256:c93eef1216995a01b8a76d547798b4a327d8fd2be746c40cf4e3b6cc84cea56c_ppc64le",
"product_id": "openshift-logging/logging-curator5-rhel8@sha256:c93eef1216995a01b8a76d547798b4a327d8fd2be746c40cf4e3b6cc84cea56c_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/logging-curator5-rhel8@sha256:c93eef1216995a01b8a76d547798b4a327d8fd2be746c40cf4e3b6cc84cea56c?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/logging-curator5-rhel8\u0026tag=v5.8.1-73"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch6-rhel8@sha256:42925c7c419dd52bf611e6860b3c989ba396f9e5f1d9a459f5db6b958f932552_ppc64le",
"product": {
"name": "openshift-logging/elasticsearch6-rhel8@sha256:42925c7c419dd52bf611e6860b3c989ba396f9e5f1d9a459f5db6b958f932552_ppc64le",
"product_id": "openshift-logging/elasticsearch6-rhel8@sha256:42925c7c419dd52bf611e6860b3c989ba396f9e5f1d9a459f5db6b958f932552_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch6-rhel8@sha256:42925c7c419dd52bf611e6860b3c989ba396f9e5f1d9a459f5db6b958f932552?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch6-rhel8\u0026tag=v6.8.1-100"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/eventrouter-rhel8@sha256:5bfaebca00db5b6ae5acb4a929be36f40704ac5a64806a13561c05b2409ed264_ppc64le",
"product": {
"name": "openshift-logging/eventrouter-rhel8@sha256:5bfaebca00db5b6ae5acb4a929be36f40704ac5a64806a13561c05b2409ed264_ppc64le",
"product_id": "openshift-logging/eventrouter-rhel8@sha256:5bfaebca00db5b6ae5acb4a929be36f40704ac5a64806a13561c05b2409ed264_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/eventrouter-rhel8@sha256:5bfaebca00db5b6ae5acb4a929be36f40704ac5a64806a13561c05b2409ed264?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/eventrouter-rhel8\u0026tag=v0.3.0-99"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/fluentd-rhel8@sha256:ac04d56e69fa742413b95177b2298502b8f9108be6bceb96b8ea4f9afbed5f74_ppc64le",
"product": {
"name": "openshift-logging/fluentd-rhel8@sha256:ac04d56e69fa742413b95177b2298502b8f9108be6bceb96b8ea4f9afbed5f74_ppc64le",
"product_id": "openshift-logging/fluentd-rhel8@sha256:ac04d56e69fa742413b95177b2298502b8f9108be6bceb96b8ea4f9afbed5f74_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/fluentd-rhel8@sha256:ac04d56e69fa742413b95177b2298502b8f9108be6bceb96b8ea4f9afbed5f74?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/fluentd-rhel8\u0026tag=v1.7.4-104"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/kibana6-rhel8@sha256:e29a5cc022aa302459cff0ba435c24164ea5578d4f1468ab6bdfea0011220406_ppc64le",
"product": {
"name": "openshift-logging/kibana6-rhel8@sha256:e29a5cc022aa302459cff0ba435c24164ea5578d4f1468ab6bdfea0011220406_ppc64le",
"product_id": "openshift-logging/kibana6-rhel8@sha256:e29a5cc022aa302459cff0ba435c24164ea5578d4f1468ab6bdfea0011220406_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/kibana6-rhel8@sha256:e29a5cc022aa302459cff0ba435c24164ea5578d4f1468ab6bdfea0011220406?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/kibana6-rhel8\u0026tag=v6.8.1-110"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/cluster-logging-operator-bundle@sha256:f4834508c179ac8ec28747587ea9a5c581e66b8a43dbc484e0b471ec44c5e7a8_amd64 as a component of OpenShift Logging 5.2",
"product_id": "8Base-OSE-LOGGING-5.2:openshift-logging/cluster-logging-operator-bundle@sha256:f4834508c179ac8ec28747587ea9a5c581e66b8a43dbc484e0b471ec44c5e7a8_amd64"
},
"product_reference": "openshift-logging/cluster-logging-operator-bundle@sha256:f4834508c179ac8ec28747587ea9a5c581e66b8a43dbc484e0b471ec44c5e7a8_amd64",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/cluster-logging-rhel8-operator@sha256:34c1103c3d1fa2f4edc3629c5708ec29828627101eb57dd7256a91d247f30fde_ppc64le as a component of OpenShift Logging 5.2",
"product_id": "8Base-OSE-LOGGING-5.2:openshift-logging/cluster-logging-rhel8-operator@sha256:34c1103c3d1fa2f4edc3629c5708ec29828627101eb57dd7256a91d247f30fde_ppc64le"
},
"product_reference": "openshift-logging/cluster-logging-rhel8-operator@sha256:34c1103c3d1fa2f4edc3629c5708ec29828627101eb57dd7256a91d247f30fde_ppc64le",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/cluster-logging-rhel8-operator@sha256:3fa8f9590e009139c5d3c7f104d3bfee279e6a4a648b9f76defad60fa0a32954_s390x as a component of OpenShift Logging 5.2",
"product_id": "8Base-OSE-LOGGING-5.2:openshift-logging/cluster-logging-rhel8-operator@sha256:3fa8f9590e009139c5d3c7f104d3bfee279e6a4a648b9f76defad60fa0a32954_s390x"
},
"product_reference": "openshift-logging/cluster-logging-rhel8-operator@sha256:3fa8f9590e009139c5d3c7f104d3bfee279e6a4a648b9f76defad60fa0a32954_s390x",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/cluster-logging-rhel8-operator@sha256:ec5a23b5aabdf0103bfe6a19abbf5ff8911b8d0b48b72167517506b53cd32e71_amd64 as a component of OpenShift Logging 5.2",
"product_id": "8Base-OSE-LOGGING-5.2:openshift-logging/cluster-logging-rhel8-operator@sha256:ec5a23b5aabdf0103bfe6a19abbf5ff8911b8d0b48b72167517506b53cd32e71_amd64"
},
"product_reference": "openshift-logging/cluster-logging-rhel8-operator@sha256:ec5a23b5aabdf0103bfe6a19abbf5ff8911b8d0b48b72167517506b53cd32e71_amd64",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch-operator-bundle@sha256:e33d3f89fa14cef83be2bf1d15cf5bb1df57ffd9258902613a2a1309cbc11981_amd64 as a component of OpenShift Logging 5.2",
"product_id": "8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch-operator-bundle@sha256:e33d3f89fa14cef83be2bf1d15cf5bb1df57ffd9258902613a2a1309cbc11981_amd64"
},
"product_reference": "openshift-logging/elasticsearch-operator-bundle@sha256:e33d3f89fa14cef83be2bf1d15cf5bb1df57ffd9258902613a2a1309cbc11981_amd64",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:1738c1f613bc80f825795bba194000dd354e15aa05e881ef103e63ce4c905ac8_s390x as a component of OpenShift Logging 5.2",
"product_id": "8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch-proxy-rhel8@sha256:1738c1f613bc80f825795bba194000dd354e15aa05e881ef103e63ce4c905ac8_s390x"
},
"product_reference": "openshift-logging/elasticsearch-proxy-rhel8@sha256:1738c1f613bc80f825795bba194000dd354e15aa05e881ef103e63ce4c905ac8_s390x",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:26e82e33639172e754d954c2de492f7ec0bff4760c7284fe85231d74e83da3cc_ppc64le as a component of OpenShift Logging 5.2",
"product_id": "8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch-proxy-rhel8@sha256:26e82e33639172e754d954c2de492f7ec0bff4760c7284fe85231d74e83da3cc_ppc64le"
},
"product_reference": "openshift-logging/elasticsearch-proxy-rhel8@sha256:26e82e33639172e754d954c2de492f7ec0bff4760c7284fe85231d74e83da3cc_ppc64le",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:bda4a51803d41c805074962d4207f0c56a4248d50d09bcd01017d55ea974166f_amd64 as a component of OpenShift Logging 5.2",
"product_id": "8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch-proxy-rhel8@sha256:bda4a51803d41c805074962d4207f0c56a4248d50d09bcd01017d55ea974166f_amd64"
},
"product_reference": "openshift-logging/elasticsearch-proxy-rhel8@sha256:bda4a51803d41c805074962d4207f0c56a4248d50d09bcd01017d55ea974166f_amd64",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch-rhel8-operator@sha256:2f7f3178fff00f6096e340392dfe2e005f7fa6553eae194cb765dd026432d010_amd64 as a component of OpenShift Logging 5.2",
"product_id": "8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch-rhel8-operator@sha256:2f7f3178fff00f6096e340392dfe2e005f7fa6553eae194cb765dd026432d010_amd64"
},
"product_reference": "openshift-logging/elasticsearch-rhel8-operator@sha256:2f7f3178fff00f6096e340392dfe2e005f7fa6553eae194cb765dd026432d010_amd64",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch-rhel8-operator@sha256:48b2b1685ae38774ec04f860f11a246838f8925be0b5adc0ec60bbde57419fb1_ppc64le as a component of OpenShift Logging 5.2",
"product_id": "8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch-rhel8-operator@sha256:48b2b1685ae38774ec04f860f11a246838f8925be0b5adc0ec60bbde57419fb1_ppc64le"
},
"product_reference": "openshift-logging/elasticsearch-rhel8-operator@sha256:48b2b1685ae38774ec04f860f11a246838f8925be0b5adc0ec60bbde57419fb1_ppc64le",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch-rhel8-operator@sha256:c4029eab5cf3ef8e00f774a04b786003e31073c85a585f50689009110d2a5f76_s390x as a component of OpenShift Logging 5.2",
"product_id": "8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch-rhel8-operator@sha256:c4029eab5cf3ef8e00f774a04b786003e31073c85a585f50689009110d2a5f76_s390x"
},
"product_reference": "openshift-logging/elasticsearch-rhel8-operator@sha256:c4029eab5cf3ef8e00f774a04b786003e31073c85a585f50689009110d2a5f76_s390x",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch6-rhel8@sha256:42925c7c419dd52bf611e6860b3c989ba396f9e5f1d9a459f5db6b958f932552_ppc64le as a component of OpenShift Logging 5.2",
"product_id": "8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch6-rhel8@sha256:42925c7c419dd52bf611e6860b3c989ba396f9e5f1d9a459f5db6b958f932552_ppc64le"
},
"product_reference": "openshift-logging/elasticsearch6-rhel8@sha256:42925c7c419dd52bf611e6860b3c989ba396f9e5f1d9a459f5db6b958f932552_ppc64le",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch6-rhel8@sha256:be1dd8dfaf204fa739a202ac7ddfcf3ed4441c97d05fa914cbbff34d5467bd76_s390x as a component of OpenShift Logging 5.2",
"product_id": "8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch6-rhel8@sha256:be1dd8dfaf204fa739a202ac7ddfcf3ed4441c97d05fa914cbbff34d5467bd76_s390x"
},
"product_reference": "openshift-logging/elasticsearch6-rhel8@sha256:be1dd8dfaf204fa739a202ac7ddfcf3ed4441c97d05fa914cbbff34d5467bd76_s390x",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch6-rhel8@sha256:d78003468c5d530a8dddd9841ecd23921b6987187ef09a0b97eeda0e7e914c94_amd64 as a component of OpenShift Logging 5.2",
"product_id": "8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch6-rhel8@sha256:d78003468c5d530a8dddd9841ecd23921b6987187ef09a0b97eeda0e7e914c94_amd64"
},
"product_reference": "openshift-logging/elasticsearch6-rhel8@sha256:d78003468c5d530a8dddd9841ecd23921b6987187ef09a0b97eeda0e7e914c94_amd64",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/eventrouter-rhel8@sha256:5bfaebca00db5b6ae5acb4a929be36f40704ac5a64806a13561c05b2409ed264_ppc64le as a component of OpenShift Logging 5.2",
"product_id": "8Base-OSE-LOGGING-5.2:openshift-logging/eventrouter-rhel8@sha256:5bfaebca00db5b6ae5acb4a929be36f40704ac5a64806a13561c05b2409ed264_ppc64le"
},
"product_reference": "openshift-logging/eventrouter-rhel8@sha256:5bfaebca00db5b6ae5acb4a929be36f40704ac5a64806a13561c05b2409ed264_ppc64le",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/eventrouter-rhel8@sha256:a0a4983317c397185b3c3dfda4f3399cad0b53daebe68a553991558fed8657cd_amd64 as a component of OpenShift Logging 5.2",
"product_id": "8Base-OSE-LOGGING-5.2:openshift-logging/eventrouter-rhel8@sha256:a0a4983317c397185b3c3dfda4f3399cad0b53daebe68a553991558fed8657cd_amd64"
},
"product_reference": "openshift-logging/eventrouter-rhel8@sha256:a0a4983317c397185b3c3dfda4f3399cad0b53daebe68a553991558fed8657cd_amd64",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/eventrouter-rhel8@sha256:d5ae1f16eec322d9c9fb5604641cb038a831a0c7de331feb2999775e7958ed55_s390x as a component of OpenShift Logging 5.2",
"product_id": "8Base-OSE-LOGGING-5.2:openshift-logging/eventrouter-rhel8@sha256:d5ae1f16eec322d9c9fb5604641cb038a831a0c7de331feb2999775e7958ed55_s390x"
},
"product_reference": "openshift-logging/eventrouter-rhel8@sha256:d5ae1f16eec322d9c9fb5604641cb038a831a0c7de331feb2999775e7958ed55_s390x",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/fluentd-rhel8@sha256:2ce16348308819fb21fa98c69ca56eb70b62cf36fb1c233d1928764b393dd3f0_amd64 as a component of OpenShift Logging 5.2",
"product_id": "8Base-OSE-LOGGING-5.2:openshift-logging/fluentd-rhel8@sha256:2ce16348308819fb21fa98c69ca56eb70b62cf36fb1c233d1928764b393dd3f0_amd64"
},
"product_reference": "openshift-logging/fluentd-rhel8@sha256:2ce16348308819fb21fa98c69ca56eb70b62cf36fb1c233d1928764b393dd3f0_amd64",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/fluentd-rhel8@sha256:a1f3ef5cafecc311f1c206ea40fda0f53badc8a520d30ad4461a25a2177cc393_s390x as a component of OpenShift Logging 5.2",
"product_id": "8Base-OSE-LOGGING-5.2:openshift-logging/fluentd-rhel8@sha256:a1f3ef5cafecc311f1c206ea40fda0f53badc8a520d30ad4461a25a2177cc393_s390x"
},
"product_reference": "openshift-logging/fluentd-rhel8@sha256:a1f3ef5cafecc311f1c206ea40fda0f53badc8a520d30ad4461a25a2177cc393_s390x",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/fluentd-rhel8@sha256:ac04d56e69fa742413b95177b2298502b8f9108be6bceb96b8ea4f9afbed5f74_ppc64le as a component of OpenShift Logging 5.2",
"product_id": "8Base-OSE-LOGGING-5.2:openshift-logging/fluentd-rhel8@sha256:ac04d56e69fa742413b95177b2298502b8f9108be6bceb96b8ea4f9afbed5f74_ppc64le"
},
"product_reference": "openshift-logging/fluentd-rhel8@sha256:ac04d56e69fa742413b95177b2298502b8f9108be6bceb96b8ea4f9afbed5f74_ppc64le",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/kibana6-rhel8@sha256:5ec68bc1aa764552cb1471a1844708747fced656c031b8c8428deecd3137eb3a_s390x as a component of OpenShift Logging 5.2",
"product_id": "8Base-OSE-LOGGING-5.2:openshift-logging/kibana6-rhel8@sha256:5ec68bc1aa764552cb1471a1844708747fced656c031b8c8428deecd3137eb3a_s390x"
},
"product_reference": "openshift-logging/kibana6-rhel8@sha256:5ec68bc1aa764552cb1471a1844708747fced656c031b8c8428deecd3137eb3a_s390x",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/kibana6-rhel8@sha256:8da444779bc4d8fefb85fe2a373d4f4280db9c41198e321e74b6cab05aed6922_amd64 as a component of OpenShift Logging 5.2",
"product_id": "8Base-OSE-LOGGING-5.2:openshift-logging/kibana6-rhel8@sha256:8da444779bc4d8fefb85fe2a373d4f4280db9c41198e321e74b6cab05aed6922_amd64"
},
"product_reference": "openshift-logging/kibana6-rhel8@sha256:8da444779bc4d8fefb85fe2a373d4f4280db9c41198e321e74b6cab05aed6922_amd64",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/kibana6-rhel8@sha256:e29a5cc022aa302459cff0ba435c24164ea5578d4f1468ab6bdfea0011220406_ppc64le as a component of OpenShift Logging 5.2",
"product_id": "8Base-OSE-LOGGING-5.2:openshift-logging/kibana6-rhel8@sha256:e29a5cc022aa302459cff0ba435c24164ea5578d4f1468ab6bdfea0011220406_ppc64le"
},
"product_reference": "openshift-logging/kibana6-rhel8@sha256:e29a5cc022aa302459cff0ba435c24164ea5578d4f1468ab6bdfea0011220406_ppc64le",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/log-file-metric-exporter-rhel8@sha256:59abfdea0e2fbafa7355967f3dc43700b82907aeaea520a10a87d4a77adc5963_amd64 as a component of OpenShift Logging 5.2",
"product_id": "8Base-OSE-LOGGING-5.2:openshift-logging/log-file-metric-exporter-rhel8@sha256:59abfdea0e2fbafa7355967f3dc43700b82907aeaea520a10a87d4a77adc5963_amd64"
},
"product_reference": "openshift-logging/log-file-metric-exporter-rhel8@sha256:59abfdea0e2fbafa7355967f3dc43700b82907aeaea520a10a87d4a77adc5963_amd64",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/log-file-metric-exporter-rhel8@sha256:c347e82a481d60f52e5fc9cfd0634dd69e82db309de5e1eedf12832461f2e399_ppc64le as a component of OpenShift Logging 5.2",
"product_id": "8Base-OSE-LOGGING-5.2:openshift-logging/log-file-metric-exporter-rhel8@sha256:c347e82a481d60f52e5fc9cfd0634dd69e82db309de5e1eedf12832461f2e399_ppc64le"
},
"product_reference": "openshift-logging/log-file-metric-exporter-rhel8@sha256:c347e82a481d60f52e5fc9cfd0634dd69e82db309de5e1eedf12832461f2e399_ppc64le",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/log-file-metric-exporter-rhel8@sha256:c442371d189720167dd3de9deaab587dad8ab810977040da26f3457cfd6eb10e_s390x as a component of OpenShift Logging 5.2",
"product_id": "8Base-OSE-LOGGING-5.2:openshift-logging/log-file-metric-exporter-rhel8@sha256:c442371d189720167dd3de9deaab587dad8ab810977040da26f3457cfd6eb10e_s390x"
},
"product_reference": "openshift-logging/log-file-metric-exporter-rhel8@sha256:c442371d189720167dd3de9deaab587dad8ab810977040da26f3457cfd6eb10e_s390x",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/logging-curator5-rhel8@sha256:3dbc18048c93b6281f14b3472ed538a20b12b7e6c0524d61afda291b5bf11541_amd64 as a component of OpenShift Logging 5.2",
"product_id": "8Base-OSE-LOGGING-5.2:openshift-logging/logging-curator5-rhel8@sha256:3dbc18048c93b6281f14b3472ed538a20b12b7e6c0524d61afda291b5bf11541_amd64"
},
"product_reference": "openshift-logging/logging-curator5-rhel8@sha256:3dbc18048c93b6281f14b3472ed538a20b12b7e6c0524d61afda291b5bf11541_amd64",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/logging-curator5-rhel8@sha256:640ff6c8d8c3c16ba43f87f4d323e93d7d8cdae1df44d7220c79083e8284ebd6_s390x as a component of OpenShift Logging 5.2",
"product_id": "8Base-OSE-LOGGING-5.2:openshift-logging/logging-curator5-rhel8@sha256:640ff6c8d8c3c16ba43f87f4d323e93d7d8cdae1df44d7220c79083e8284ebd6_s390x"
},
"product_reference": "openshift-logging/logging-curator5-rhel8@sha256:640ff6c8d8c3c16ba43f87f4d323e93d7d8cdae1df44d7220c79083e8284ebd6_s390x",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/logging-curator5-rhel8@sha256:c93eef1216995a01b8a76d547798b4a327d8fd2be746c40cf4e3b6cc84cea56c_ppc64le as a component of OpenShift Logging 5.2",
"product_id": "8Base-OSE-LOGGING-5.2:openshift-logging/logging-curator5-rhel8@sha256:c93eef1216995a01b8a76d547798b4a327d8fd2be746c40cf4e3b6cc84cea56c_ppc64le"
},
"product_reference": "openshift-logging/logging-curator5-rhel8@sha256:c93eef1216995a01b8a76d547798b4a327d8fd2be746c40cf4e3b6cc84cea56c_ppc64le",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.2"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-27292",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2021-03-17T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OSE-LOGGING-5.2:openshift-logging/cluster-logging-operator-bundle@sha256:f4834508c179ac8ec28747587ea9a5c581e66b8a43dbc484e0b471ec44c5e7a8_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/cluster-logging-rhel8-operator@sha256:34c1103c3d1fa2f4edc3629c5708ec29828627101eb57dd7256a91d247f30fde_ppc64le",
"8Base-OSE-LOGGING-5.2:openshift-logging/cluster-logging-rhel8-operator@sha256:3fa8f9590e009139c5d3c7f104d3bfee279e6a4a648b9f76defad60fa0a32954_s390x",
"8Base-OSE-LOGGING-5.2:openshift-logging/cluster-logging-rhel8-operator@sha256:ec5a23b5aabdf0103bfe6a19abbf5ff8911b8d0b48b72167517506b53cd32e71_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch-operator-bundle@sha256:e33d3f89fa14cef83be2bf1d15cf5bb1df57ffd9258902613a2a1309cbc11981_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch-proxy-rhel8@sha256:1738c1f613bc80f825795bba194000dd354e15aa05e881ef103e63ce4c905ac8_s390x",
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch-proxy-rhel8@sha256:26e82e33639172e754d954c2de492f7ec0bff4760c7284fe85231d74e83da3cc_ppc64le",
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch-proxy-rhel8@sha256:bda4a51803d41c805074962d4207f0c56a4248d50d09bcd01017d55ea974166f_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch-rhel8-operator@sha256:2f7f3178fff00f6096e340392dfe2e005f7fa6553eae194cb765dd026432d010_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch-rhel8-operator@sha256:48b2b1685ae38774ec04f860f11a246838f8925be0b5adc0ec60bbde57419fb1_ppc64le",
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch-rhel8-operator@sha256:c4029eab5cf3ef8e00f774a04b786003e31073c85a585f50689009110d2a5f76_s390x",
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch6-rhel8@sha256:42925c7c419dd52bf611e6860b3c989ba396f9e5f1d9a459f5db6b958f932552_ppc64le",
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch6-rhel8@sha256:be1dd8dfaf204fa739a202ac7ddfcf3ed4441c97d05fa914cbbff34d5467bd76_s390x",
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch6-rhel8@sha256:d78003468c5d530a8dddd9841ecd23921b6987187ef09a0b97eeda0e7e914c94_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/eventrouter-rhel8@sha256:5bfaebca00db5b6ae5acb4a929be36f40704ac5a64806a13561c05b2409ed264_ppc64le",
"8Base-OSE-LOGGING-5.2:openshift-logging/eventrouter-rhel8@sha256:a0a4983317c397185b3c3dfda4f3399cad0b53daebe68a553991558fed8657cd_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/eventrouter-rhel8@sha256:d5ae1f16eec322d9c9fb5604641cb038a831a0c7de331feb2999775e7958ed55_s390x",
"8Base-OSE-LOGGING-5.2:openshift-logging/fluentd-rhel8@sha256:2ce16348308819fb21fa98c69ca56eb70b62cf36fb1c233d1928764b393dd3f0_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/fluentd-rhel8@sha256:a1f3ef5cafecc311f1c206ea40fda0f53badc8a520d30ad4461a25a2177cc393_s390x",
"8Base-OSE-LOGGING-5.2:openshift-logging/fluentd-rhel8@sha256:ac04d56e69fa742413b95177b2298502b8f9108be6bceb96b8ea4f9afbed5f74_ppc64le",
"8Base-OSE-LOGGING-5.2:openshift-logging/log-file-metric-exporter-rhel8@sha256:59abfdea0e2fbafa7355967f3dc43700b82907aeaea520a10a87d4a77adc5963_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/log-file-metric-exporter-rhel8@sha256:c347e82a481d60f52e5fc9cfd0634dd69e82db309de5e1eedf12832461f2e399_ppc64le",
"8Base-OSE-LOGGING-5.2:openshift-logging/log-file-metric-exporter-rhel8@sha256:c442371d189720167dd3de9deaab587dad8ab810977040da26f3457cfd6eb10e_s390x",
"8Base-OSE-LOGGING-5.2:openshift-logging/logging-curator5-rhel8@sha256:3dbc18048c93b6281f14b3472ed538a20b12b7e6c0524d61afda291b5bf11541_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/logging-curator5-rhel8@sha256:640ff6c8d8c3c16ba43f87f4d323e93d7d8cdae1df44d7220c79083e8284ebd6_s390x",
"8Base-OSE-LOGGING-5.2:openshift-logging/logging-curator5-rhel8@sha256:c93eef1216995a01b8a76d547798b4a327d8fd2be746c40cf4e3b6cc84cea56c_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1940613"
}
],
"notes": [
{
"category": "description",
"text": "A regular expression denial of service (ReDoS) vulnerability was found in the npm library `ua-parser-js`. If a supplied user agent matches the `Noble` string and contains many spaces then the regex will conduct backtracking, taking an ever increasing amount of time depending on the number of spaces supplied. An attacker can use this vulnerability to potentially craft a malicious user agent resulting in a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "nodejs-ua-parser-js: ReDoS via malicious User-Agent header",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "While some components do package a vulnerable version of ua-parser-js, access to them requires OpenShift OAuth credentials and hence have been marked with a Low impact. This applies to the following products:\n - OpenShift Container Platform (OCP)\n - OpenShift ServiceMesh (OSSM) \n - Red Hat OpenShift Jaeger (RHOSJ)\n - Red Hat OpenShift Logging\n\nThe OCP presto-container does ship the vulnerable component, however since OCP 4.6 the Metering product has been deprecated [1], set as wont-fix and may be fixed in a future release.\n\nRed Hat Advanced Cluster Management for Kubernetes (RHACM) ships graphql-tools that pulls 0.7.23 version of ua-parser-js that uses the affected code.\n\n[1] - https://access.redhat.com/solutions/5707561",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OSE-LOGGING-5.2:openshift-logging/kibana6-rhel8@sha256:5ec68bc1aa764552cb1471a1844708747fced656c031b8c8428deecd3137eb3a_s390x",
"8Base-OSE-LOGGING-5.2:openshift-logging/kibana6-rhel8@sha256:8da444779bc4d8fefb85fe2a373d4f4280db9c41198e321e74b6cab05aed6922_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/kibana6-rhel8@sha256:e29a5cc022aa302459cff0ba435c24164ea5578d4f1468ab6bdfea0011220406_ppc64le"
],
"known_not_affected": [
"8Base-OSE-LOGGING-5.2:openshift-logging/cluster-logging-operator-bundle@sha256:f4834508c179ac8ec28747587ea9a5c581e66b8a43dbc484e0b471ec44c5e7a8_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/cluster-logging-rhel8-operator@sha256:34c1103c3d1fa2f4edc3629c5708ec29828627101eb57dd7256a91d247f30fde_ppc64le",
"8Base-OSE-LOGGING-5.2:openshift-logging/cluster-logging-rhel8-operator@sha256:3fa8f9590e009139c5d3c7f104d3bfee279e6a4a648b9f76defad60fa0a32954_s390x",
"8Base-OSE-LOGGING-5.2:openshift-logging/cluster-logging-rhel8-operator@sha256:ec5a23b5aabdf0103bfe6a19abbf5ff8911b8d0b48b72167517506b53cd32e71_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch-operator-bundle@sha256:e33d3f89fa14cef83be2bf1d15cf5bb1df57ffd9258902613a2a1309cbc11981_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch-proxy-rhel8@sha256:1738c1f613bc80f825795bba194000dd354e15aa05e881ef103e63ce4c905ac8_s390x",
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch-proxy-rhel8@sha256:26e82e33639172e754d954c2de492f7ec0bff4760c7284fe85231d74e83da3cc_ppc64le",
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch-proxy-rhel8@sha256:bda4a51803d41c805074962d4207f0c56a4248d50d09bcd01017d55ea974166f_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch-rhel8-operator@sha256:2f7f3178fff00f6096e340392dfe2e005f7fa6553eae194cb765dd026432d010_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch-rhel8-operator@sha256:48b2b1685ae38774ec04f860f11a246838f8925be0b5adc0ec60bbde57419fb1_ppc64le",
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch-rhel8-operator@sha256:c4029eab5cf3ef8e00f774a04b786003e31073c85a585f50689009110d2a5f76_s390x",
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch6-rhel8@sha256:42925c7c419dd52bf611e6860b3c989ba396f9e5f1d9a459f5db6b958f932552_ppc64le",
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch6-rhel8@sha256:be1dd8dfaf204fa739a202ac7ddfcf3ed4441c97d05fa914cbbff34d5467bd76_s390x",
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch6-rhel8@sha256:d78003468c5d530a8dddd9841ecd23921b6987187ef09a0b97eeda0e7e914c94_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/eventrouter-rhel8@sha256:5bfaebca00db5b6ae5acb4a929be36f40704ac5a64806a13561c05b2409ed264_ppc64le",
"8Base-OSE-LOGGING-5.2:openshift-logging/eventrouter-rhel8@sha256:a0a4983317c397185b3c3dfda4f3399cad0b53daebe68a553991558fed8657cd_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/eventrouter-rhel8@sha256:d5ae1f16eec322d9c9fb5604641cb038a831a0c7de331feb2999775e7958ed55_s390x",
"8Base-OSE-LOGGING-5.2:openshift-logging/fluentd-rhel8@sha256:2ce16348308819fb21fa98c69ca56eb70b62cf36fb1c233d1928764b393dd3f0_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/fluentd-rhel8@sha256:a1f3ef5cafecc311f1c206ea40fda0f53badc8a520d30ad4461a25a2177cc393_s390x",
"8Base-OSE-LOGGING-5.2:openshift-logging/fluentd-rhel8@sha256:ac04d56e69fa742413b95177b2298502b8f9108be6bceb96b8ea4f9afbed5f74_ppc64le",
"8Base-OSE-LOGGING-5.2:openshift-logging/log-file-metric-exporter-rhel8@sha256:59abfdea0e2fbafa7355967f3dc43700b82907aeaea520a10a87d4a77adc5963_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/log-file-metric-exporter-rhel8@sha256:c347e82a481d60f52e5fc9cfd0634dd69e82db309de5e1eedf12832461f2e399_ppc64le",
"8Base-OSE-LOGGING-5.2:openshift-logging/log-file-metric-exporter-rhel8@sha256:c442371d189720167dd3de9deaab587dad8ab810977040da26f3457cfd6eb10e_s390x",
"8Base-OSE-LOGGING-5.2:openshift-logging/logging-curator5-rhel8@sha256:3dbc18048c93b6281f14b3472ed538a20b12b7e6c0524d61afda291b5bf11541_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/logging-curator5-rhel8@sha256:640ff6c8d8c3c16ba43f87f4d323e93d7d8cdae1df44d7220c79083e8284ebd6_s390x",
"8Base-OSE-LOGGING-5.2:openshift-logging/logging-curator5-rhel8@sha256:c93eef1216995a01b8a76d547798b4a327d8fd2be746c40cf4e3b6cc84cea56c_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-27292"
},
{
"category": "external",
"summary": "RHBZ#1940613",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1940613"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-27292",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-27292"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-27292",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-27292"
},
{
"category": "external",
"summary": "https://gist.github.com/b-c-ds/6941d80d6b4e694df4bc269493b7be76",
"url": "https://gist.github.com/b-c-ds/6941d80d6b4e694df4bc269493b7be76"
}
],
"release_date": "2021-02-11T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-01-21T19:04:46+00:00",
"details": "For OpenShift Container Platform 4.8 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:\n\nhttps://docs.openshift.com/container-platform/4.8/release_notes/ocp-4-8-release-notes.html\n\nFor Red Hat OpenShift Logging 5.2, see the following instructions to apply this update:\n\nhttps://docs.openshift.com/container-platform/4.7/logging/cluster-logging-upgrading.html",
"product_ids": [
"8Base-OSE-LOGGING-5.2:openshift-logging/kibana6-rhel8@sha256:5ec68bc1aa764552cb1471a1844708747fced656c031b8c8428deecd3137eb3a_s390x",
"8Base-OSE-LOGGING-5.2:openshift-logging/kibana6-rhel8@sha256:8da444779bc4d8fefb85fe2a373d4f4280db9c41198e321e74b6cab05aed6922_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/kibana6-rhel8@sha256:e29a5cc022aa302459cff0ba435c24164ea5578d4f1468ab6bdfea0011220406_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:0230"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-OSE-LOGGING-5.2:openshift-logging/cluster-logging-operator-bundle@sha256:f4834508c179ac8ec28747587ea9a5c581e66b8a43dbc484e0b471ec44c5e7a8_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/cluster-logging-rhel8-operator@sha256:34c1103c3d1fa2f4edc3629c5708ec29828627101eb57dd7256a91d247f30fde_ppc64le",
"8Base-OSE-LOGGING-5.2:openshift-logging/cluster-logging-rhel8-operator@sha256:3fa8f9590e009139c5d3c7f104d3bfee279e6a4a648b9f76defad60fa0a32954_s390x",
"8Base-OSE-LOGGING-5.2:openshift-logging/cluster-logging-rhel8-operator@sha256:ec5a23b5aabdf0103bfe6a19abbf5ff8911b8d0b48b72167517506b53cd32e71_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch-operator-bundle@sha256:e33d3f89fa14cef83be2bf1d15cf5bb1df57ffd9258902613a2a1309cbc11981_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch-proxy-rhel8@sha256:1738c1f613bc80f825795bba194000dd354e15aa05e881ef103e63ce4c905ac8_s390x",
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch-proxy-rhel8@sha256:26e82e33639172e754d954c2de492f7ec0bff4760c7284fe85231d74e83da3cc_ppc64le",
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch-proxy-rhel8@sha256:bda4a51803d41c805074962d4207f0c56a4248d50d09bcd01017d55ea974166f_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch-rhel8-operator@sha256:2f7f3178fff00f6096e340392dfe2e005f7fa6553eae194cb765dd026432d010_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch-rhel8-operator@sha256:48b2b1685ae38774ec04f860f11a246838f8925be0b5adc0ec60bbde57419fb1_ppc64le",
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch-rhel8-operator@sha256:c4029eab5cf3ef8e00f774a04b786003e31073c85a585f50689009110d2a5f76_s390x",
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch6-rhel8@sha256:42925c7c419dd52bf611e6860b3c989ba396f9e5f1d9a459f5db6b958f932552_ppc64le",
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch6-rhel8@sha256:be1dd8dfaf204fa739a202ac7ddfcf3ed4441c97d05fa914cbbff34d5467bd76_s390x",
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch6-rhel8@sha256:d78003468c5d530a8dddd9841ecd23921b6987187ef09a0b97eeda0e7e914c94_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/eventrouter-rhel8@sha256:5bfaebca00db5b6ae5acb4a929be36f40704ac5a64806a13561c05b2409ed264_ppc64le",
"8Base-OSE-LOGGING-5.2:openshift-logging/eventrouter-rhel8@sha256:a0a4983317c397185b3c3dfda4f3399cad0b53daebe68a553991558fed8657cd_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/eventrouter-rhel8@sha256:d5ae1f16eec322d9c9fb5604641cb038a831a0c7de331feb2999775e7958ed55_s390x",
"8Base-OSE-LOGGING-5.2:openshift-logging/fluentd-rhel8@sha256:2ce16348308819fb21fa98c69ca56eb70b62cf36fb1c233d1928764b393dd3f0_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/fluentd-rhel8@sha256:a1f3ef5cafecc311f1c206ea40fda0f53badc8a520d30ad4461a25a2177cc393_s390x",
"8Base-OSE-LOGGING-5.2:openshift-logging/fluentd-rhel8@sha256:ac04d56e69fa742413b95177b2298502b8f9108be6bceb96b8ea4f9afbed5f74_ppc64le",
"8Base-OSE-LOGGING-5.2:openshift-logging/kibana6-rhel8@sha256:5ec68bc1aa764552cb1471a1844708747fced656c031b8c8428deecd3137eb3a_s390x",
"8Base-OSE-LOGGING-5.2:openshift-logging/kibana6-rhel8@sha256:8da444779bc4d8fefb85fe2a373d4f4280db9c41198e321e74b6cab05aed6922_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/kibana6-rhel8@sha256:e29a5cc022aa302459cff0ba435c24164ea5578d4f1468ab6bdfea0011220406_ppc64le",
"8Base-OSE-LOGGING-5.2:openshift-logging/log-file-metric-exporter-rhel8@sha256:59abfdea0e2fbafa7355967f3dc43700b82907aeaea520a10a87d4a77adc5963_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/log-file-metric-exporter-rhel8@sha256:c347e82a481d60f52e5fc9cfd0634dd69e82db309de5e1eedf12832461f2e399_ppc64le",
"8Base-OSE-LOGGING-5.2:openshift-logging/log-file-metric-exporter-rhel8@sha256:c442371d189720167dd3de9deaab587dad8ab810977040da26f3457cfd6eb10e_s390x",
"8Base-OSE-LOGGING-5.2:openshift-logging/logging-curator5-rhel8@sha256:3dbc18048c93b6281f14b3472ed538a20b12b7e6c0524d61afda291b5bf11541_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/logging-curator5-rhel8@sha256:640ff6c8d8c3c16ba43f87f4d323e93d7d8cdae1df44d7220c79083e8284ebd6_s390x",
"8Base-OSE-LOGGING-5.2:openshift-logging/logging-curator5-rhel8@sha256:c93eef1216995a01b8a76d547798b4a327d8fd2be746c40cf4e3b6cc84cea56c_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "nodejs-ua-parser-js: ReDoS via malicious User-Agent header"
},
{
"cve": "CVE-2021-44832",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2021-12-28T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OSE-LOGGING-5.2:openshift-logging/cluster-logging-operator-bundle@sha256:f4834508c179ac8ec28747587ea9a5c581e66b8a43dbc484e0b471ec44c5e7a8_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/cluster-logging-rhel8-operator@sha256:34c1103c3d1fa2f4edc3629c5708ec29828627101eb57dd7256a91d247f30fde_ppc64le",
"8Base-OSE-LOGGING-5.2:openshift-logging/cluster-logging-rhel8-operator@sha256:3fa8f9590e009139c5d3c7f104d3bfee279e6a4a648b9f76defad60fa0a32954_s390x",
"8Base-OSE-LOGGING-5.2:openshift-logging/cluster-logging-rhel8-operator@sha256:ec5a23b5aabdf0103bfe6a19abbf5ff8911b8d0b48b72167517506b53cd32e71_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch-operator-bundle@sha256:e33d3f89fa14cef83be2bf1d15cf5bb1df57ffd9258902613a2a1309cbc11981_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch-proxy-rhel8@sha256:1738c1f613bc80f825795bba194000dd354e15aa05e881ef103e63ce4c905ac8_s390x",
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch-proxy-rhel8@sha256:26e82e33639172e754d954c2de492f7ec0bff4760c7284fe85231d74e83da3cc_ppc64le",
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch-proxy-rhel8@sha256:bda4a51803d41c805074962d4207f0c56a4248d50d09bcd01017d55ea974166f_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch-rhel8-operator@sha256:2f7f3178fff00f6096e340392dfe2e005f7fa6553eae194cb765dd026432d010_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch-rhel8-operator@sha256:48b2b1685ae38774ec04f860f11a246838f8925be0b5adc0ec60bbde57419fb1_ppc64le",
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch-rhel8-operator@sha256:c4029eab5cf3ef8e00f774a04b786003e31073c85a585f50689009110d2a5f76_s390x",
"8Base-OSE-LOGGING-5.2:openshift-logging/eventrouter-rhel8@sha256:5bfaebca00db5b6ae5acb4a929be36f40704ac5a64806a13561c05b2409ed264_ppc64le",
"8Base-OSE-LOGGING-5.2:openshift-logging/eventrouter-rhel8@sha256:a0a4983317c397185b3c3dfda4f3399cad0b53daebe68a553991558fed8657cd_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/eventrouter-rhel8@sha256:d5ae1f16eec322d9c9fb5604641cb038a831a0c7de331feb2999775e7958ed55_s390x",
"8Base-OSE-LOGGING-5.2:openshift-logging/fluentd-rhel8@sha256:2ce16348308819fb21fa98c69ca56eb70b62cf36fb1c233d1928764b393dd3f0_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/fluentd-rhel8@sha256:a1f3ef5cafecc311f1c206ea40fda0f53badc8a520d30ad4461a25a2177cc393_s390x",
"8Base-OSE-LOGGING-5.2:openshift-logging/fluentd-rhel8@sha256:ac04d56e69fa742413b95177b2298502b8f9108be6bceb96b8ea4f9afbed5f74_ppc64le",
"8Base-OSE-LOGGING-5.2:openshift-logging/kibana6-rhel8@sha256:5ec68bc1aa764552cb1471a1844708747fced656c031b8c8428deecd3137eb3a_s390x",
"8Base-OSE-LOGGING-5.2:openshift-logging/kibana6-rhel8@sha256:8da444779bc4d8fefb85fe2a373d4f4280db9c41198e321e74b6cab05aed6922_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/kibana6-rhel8@sha256:e29a5cc022aa302459cff0ba435c24164ea5578d4f1468ab6bdfea0011220406_ppc64le",
"8Base-OSE-LOGGING-5.2:openshift-logging/log-file-metric-exporter-rhel8@sha256:59abfdea0e2fbafa7355967f3dc43700b82907aeaea520a10a87d4a77adc5963_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/log-file-metric-exporter-rhel8@sha256:c347e82a481d60f52e5fc9cfd0634dd69e82db309de5e1eedf12832461f2e399_ppc64le",
"8Base-OSE-LOGGING-5.2:openshift-logging/log-file-metric-exporter-rhel8@sha256:c442371d189720167dd3de9deaab587dad8ab810977040da26f3457cfd6eb10e_s390x",
"8Base-OSE-LOGGING-5.2:openshift-logging/logging-curator5-rhel8@sha256:3dbc18048c93b6281f14b3472ed538a20b12b7e6c0524d61afda291b5bf11541_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/logging-curator5-rhel8@sha256:640ff6c8d8c3c16ba43f87f4d323e93d7d8cdae1df44d7220c79083e8284ebd6_s390x",
"8Base-OSE-LOGGING-5.2:openshift-logging/logging-curator5-rhel8@sha256:c93eef1216995a01b8a76d547798b4a327d8fd2be746c40cf4e3b6cc84cea56c_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2035951"
}
],
"notes": [
{
"category": "description",
"text": "Apache Log4j2 versions 2.0-beta7 through 2.17.0 (excluding security fix releases 2.3.2 and 2.12.4) are vulnerable to a remote code execution (RCE) attack where an attacker with permission to modify the logging configuration file can construct a malicious configuration using a JDBC Appender with a data source referencing a JNDI URI which can execute remote code. This issue is fixed by limiting JNDI data source names to the java protocol in Log4j2 versions 2.17.1, 2.12.4, and 2.3.2.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "log4j-core: remote code execution via JDBC Appender",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Log4j 1.x is not impacted by this vulnerability. Therefore versions of log4j shipped with Red Hat Enterprise Linux are NOT affected by this flaw.\n\nFor Elasticsearch, as shipped in OpenShift Container Platform and OpenShift Logging, access to the log4j2.properties configuration is limited only to the cluster administrators and exploitation requires cluster logging changes, what reduced the impact of this vulnerability significantly [0].\n\n[0] https://discuss.elastic.co/t/apache-log4j2-remote-code-execution-rce-vulnerability-cve-2021-44228-esa-2021-31/291476#update-jan-6-5",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch6-rhel8@sha256:42925c7c419dd52bf611e6860b3c989ba396f9e5f1d9a459f5db6b958f932552_ppc64le",
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch6-rhel8@sha256:be1dd8dfaf204fa739a202ac7ddfcf3ed4441c97d05fa914cbbff34d5467bd76_s390x",
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch6-rhel8@sha256:d78003468c5d530a8dddd9841ecd23921b6987187ef09a0b97eeda0e7e914c94_amd64"
],
"known_not_affected": [
"8Base-OSE-LOGGING-5.2:openshift-logging/cluster-logging-operator-bundle@sha256:f4834508c179ac8ec28747587ea9a5c581e66b8a43dbc484e0b471ec44c5e7a8_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/cluster-logging-rhel8-operator@sha256:34c1103c3d1fa2f4edc3629c5708ec29828627101eb57dd7256a91d247f30fde_ppc64le",
"8Base-OSE-LOGGING-5.2:openshift-logging/cluster-logging-rhel8-operator@sha256:3fa8f9590e009139c5d3c7f104d3bfee279e6a4a648b9f76defad60fa0a32954_s390x",
"8Base-OSE-LOGGING-5.2:openshift-logging/cluster-logging-rhel8-operator@sha256:ec5a23b5aabdf0103bfe6a19abbf5ff8911b8d0b48b72167517506b53cd32e71_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch-operator-bundle@sha256:e33d3f89fa14cef83be2bf1d15cf5bb1df57ffd9258902613a2a1309cbc11981_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch-proxy-rhel8@sha256:1738c1f613bc80f825795bba194000dd354e15aa05e881ef103e63ce4c905ac8_s390x",
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch-proxy-rhel8@sha256:26e82e33639172e754d954c2de492f7ec0bff4760c7284fe85231d74e83da3cc_ppc64le",
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch-proxy-rhel8@sha256:bda4a51803d41c805074962d4207f0c56a4248d50d09bcd01017d55ea974166f_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch-rhel8-operator@sha256:2f7f3178fff00f6096e340392dfe2e005f7fa6553eae194cb765dd026432d010_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch-rhel8-operator@sha256:48b2b1685ae38774ec04f860f11a246838f8925be0b5adc0ec60bbde57419fb1_ppc64le",
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch-rhel8-operator@sha256:c4029eab5cf3ef8e00f774a04b786003e31073c85a585f50689009110d2a5f76_s390x",
"8Base-OSE-LOGGING-5.2:openshift-logging/eventrouter-rhel8@sha256:5bfaebca00db5b6ae5acb4a929be36f40704ac5a64806a13561c05b2409ed264_ppc64le",
"8Base-OSE-LOGGING-5.2:openshift-logging/eventrouter-rhel8@sha256:a0a4983317c397185b3c3dfda4f3399cad0b53daebe68a553991558fed8657cd_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/eventrouter-rhel8@sha256:d5ae1f16eec322d9c9fb5604641cb038a831a0c7de331feb2999775e7958ed55_s390x",
"8Base-OSE-LOGGING-5.2:openshift-logging/fluentd-rhel8@sha256:2ce16348308819fb21fa98c69ca56eb70b62cf36fb1c233d1928764b393dd3f0_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/fluentd-rhel8@sha256:a1f3ef5cafecc311f1c206ea40fda0f53badc8a520d30ad4461a25a2177cc393_s390x",
"8Base-OSE-LOGGING-5.2:openshift-logging/fluentd-rhel8@sha256:ac04d56e69fa742413b95177b2298502b8f9108be6bceb96b8ea4f9afbed5f74_ppc64le",
"8Base-OSE-LOGGING-5.2:openshift-logging/kibana6-rhel8@sha256:5ec68bc1aa764552cb1471a1844708747fced656c031b8c8428deecd3137eb3a_s390x",
"8Base-OSE-LOGGING-5.2:openshift-logging/kibana6-rhel8@sha256:8da444779bc4d8fefb85fe2a373d4f4280db9c41198e321e74b6cab05aed6922_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/kibana6-rhel8@sha256:e29a5cc022aa302459cff0ba435c24164ea5578d4f1468ab6bdfea0011220406_ppc64le",
"8Base-OSE-LOGGING-5.2:openshift-logging/log-file-metric-exporter-rhel8@sha256:59abfdea0e2fbafa7355967f3dc43700b82907aeaea520a10a87d4a77adc5963_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/log-file-metric-exporter-rhel8@sha256:c347e82a481d60f52e5fc9cfd0634dd69e82db309de5e1eedf12832461f2e399_ppc64le",
"8Base-OSE-LOGGING-5.2:openshift-logging/log-file-metric-exporter-rhel8@sha256:c442371d189720167dd3de9deaab587dad8ab810977040da26f3457cfd6eb10e_s390x",
"8Base-OSE-LOGGING-5.2:openshift-logging/logging-curator5-rhel8@sha256:3dbc18048c93b6281f14b3472ed538a20b12b7e6c0524d61afda291b5bf11541_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/logging-curator5-rhel8@sha256:640ff6c8d8c3c16ba43f87f4d323e93d7d8cdae1df44d7220c79083e8284ebd6_s390x",
"8Base-OSE-LOGGING-5.2:openshift-logging/logging-curator5-rhel8@sha256:c93eef1216995a01b8a76d547798b4a327d8fd2be746c40cf4e3b6cc84cea56c_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-44832"
},
{
"category": "external",
"summary": "RHBZ#2035951",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2035951"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-44832",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44832"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-44832",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-44832"
},
{
"category": "external",
"summary": "https://issues.apache.org/jira/browse/LOG4J2-3293",
"url": "https://issues.apache.org/jira/browse/LOG4J2-3293"
}
],
"release_date": "2021-12-28T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-01-21T19:04:46+00:00",
"details": "For OpenShift Container Platform 4.8 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:\n\nhttps://docs.openshift.com/container-platform/4.8/release_notes/ocp-4-8-release-notes.html\n\nFor Red Hat OpenShift Logging 5.2, see the following instructions to apply this update:\n\nhttps://docs.openshift.com/container-platform/4.7/logging/cluster-logging-upgrading.html",
"product_ids": [
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch6-rhel8@sha256:42925c7c419dd52bf611e6860b3c989ba396f9e5f1d9a459f5db6b958f932552_ppc64le",
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch6-rhel8@sha256:be1dd8dfaf204fa739a202ac7ddfcf3ed4441c97d05fa914cbbff34d5467bd76_s390x",
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch6-rhel8@sha256:d78003468c5d530a8dddd9841ecd23921b6987187ef09a0b97eeda0e7e914c94_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:0230"
},
{
"category": "workaround",
"details": "As per upstream:\n- In prior releases confirm that if the JDBC Appender is being used it is not configured to use any protocol other than Java.\n- Note that only the log4j-core JAR file is impacted by this vulnerability. Applications using only the log4j-api JAR file without the log4j-core JAR file are not impacted by this vulnerability.",
"product_ids": [
"8Base-OSE-LOGGING-5.2:openshift-logging/cluster-logging-operator-bundle@sha256:f4834508c179ac8ec28747587ea9a5c581e66b8a43dbc484e0b471ec44c5e7a8_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/cluster-logging-rhel8-operator@sha256:34c1103c3d1fa2f4edc3629c5708ec29828627101eb57dd7256a91d247f30fde_ppc64le",
"8Base-OSE-LOGGING-5.2:openshift-logging/cluster-logging-rhel8-operator@sha256:3fa8f9590e009139c5d3c7f104d3bfee279e6a4a648b9f76defad60fa0a32954_s390x",
"8Base-OSE-LOGGING-5.2:openshift-logging/cluster-logging-rhel8-operator@sha256:ec5a23b5aabdf0103bfe6a19abbf5ff8911b8d0b48b72167517506b53cd32e71_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch-operator-bundle@sha256:e33d3f89fa14cef83be2bf1d15cf5bb1df57ffd9258902613a2a1309cbc11981_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch-proxy-rhel8@sha256:1738c1f613bc80f825795bba194000dd354e15aa05e881ef103e63ce4c905ac8_s390x",
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch-proxy-rhel8@sha256:26e82e33639172e754d954c2de492f7ec0bff4760c7284fe85231d74e83da3cc_ppc64le",
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch-proxy-rhel8@sha256:bda4a51803d41c805074962d4207f0c56a4248d50d09bcd01017d55ea974166f_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch-rhel8-operator@sha256:2f7f3178fff00f6096e340392dfe2e005f7fa6553eae194cb765dd026432d010_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch-rhel8-operator@sha256:48b2b1685ae38774ec04f860f11a246838f8925be0b5adc0ec60bbde57419fb1_ppc64le",
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch-rhel8-operator@sha256:c4029eab5cf3ef8e00f774a04b786003e31073c85a585f50689009110d2a5f76_s390x",
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch6-rhel8@sha256:42925c7c419dd52bf611e6860b3c989ba396f9e5f1d9a459f5db6b958f932552_ppc64le",
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch6-rhel8@sha256:be1dd8dfaf204fa739a202ac7ddfcf3ed4441c97d05fa914cbbff34d5467bd76_s390x",
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch6-rhel8@sha256:d78003468c5d530a8dddd9841ecd23921b6987187ef09a0b97eeda0e7e914c94_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/eventrouter-rhel8@sha256:5bfaebca00db5b6ae5acb4a929be36f40704ac5a64806a13561c05b2409ed264_ppc64le",
"8Base-OSE-LOGGING-5.2:openshift-logging/eventrouter-rhel8@sha256:a0a4983317c397185b3c3dfda4f3399cad0b53daebe68a553991558fed8657cd_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/eventrouter-rhel8@sha256:d5ae1f16eec322d9c9fb5604641cb038a831a0c7de331feb2999775e7958ed55_s390x",
"8Base-OSE-LOGGING-5.2:openshift-logging/fluentd-rhel8@sha256:2ce16348308819fb21fa98c69ca56eb70b62cf36fb1c233d1928764b393dd3f0_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/fluentd-rhel8@sha256:a1f3ef5cafecc311f1c206ea40fda0f53badc8a520d30ad4461a25a2177cc393_s390x",
"8Base-OSE-LOGGING-5.2:openshift-logging/fluentd-rhel8@sha256:ac04d56e69fa742413b95177b2298502b8f9108be6bceb96b8ea4f9afbed5f74_ppc64le",
"8Base-OSE-LOGGING-5.2:openshift-logging/kibana6-rhel8@sha256:5ec68bc1aa764552cb1471a1844708747fced656c031b8c8428deecd3137eb3a_s390x",
"8Base-OSE-LOGGING-5.2:openshift-logging/kibana6-rhel8@sha256:8da444779bc4d8fefb85fe2a373d4f4280db9c41198e321e74b6cab05aed6922_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/kibana6-rhel8@sha256:e29a5cc022aa302459cff0ba435c24164ea5578d4f1468ab6bdfea0011220406_ppc64le",
"8Base-OSE-LOGGING-5.2:openshift-logging/log-file-metric-exporter-rhel8@sha256:59abfdea0e2fbafa7355967f3dc43700b82907aeaea520a10a87d4a77adc5963_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/log-file-metric-exporter-rhel8@sha256:c347e82a481d60f52e5fc9cfd0634dd69e82db309de5e1eedf12832461f2e399_ppc64le",
"8Base-OSE-LOGGING-5.2:openshift-logging/log-file-metric-exporter-rhel8@sha256:c442371d189720167dd3de9deaab587dad8ab810977040da26f3457cfd6eb10e_s390x",
"8Base-OSE-LOGGING-5.2:openshift-logging/logging-curator5-rhel8@sha256:3dbc18048c93b6281f14b3472ed538a20b12b7e6c0524d61afda291b5bf11541_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/logging-curator5-rhel8@sha256:640ff6c8d8c3c16ba43f87f4d323e93d7d8cdae1df44d7220c79083e8284ebd6_s390x",
"8Base-OSE-LOGGING-5.2:openshift-logging/logging-curator5-rhel8@sha256:c93eef1216995a01b8a76d547798b4a327d8fd2be746c40cf4e3b6cc84cea56c_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-OSE-LOGGING-5.2:openshift-logging/cluster-logging-operator-bundle@sha256:f4834508c179ac8ec28747587ea9a5c581e66b8a43dbc484e0b471ec44c5e7a8_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/cluster-logging-rhel8-operator@sha256:34c1103c3d1fa2f4edc3629c5708ec29828627101eb57dd7256a91d247f30fde_ppc64le",
"8Base-OSE-LOGGING-5.2:openshift-logging/cluster-logging-rhel8-operator@sha256:3fa8f9590e009139c5d3c7f104d3bfee279e6a4a648b9f76defad60fa0a32954_s390x",
"8Base-OSE-LOGGING-5.2:openshift-logging/cluster-logging-rhel8-operator@sha256:ec5a23b5aabdf0103bfe6a19abbf5ff8911b8d0b48b72167517506b53cd32e71_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch-operator-bundle@sha256:e33d3f89fa14cef83be2bf1d15cf5bb1df57ffd9258902613a2a1309cbc11981_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch-proxy-rhel8@sha256:1738c1f613bc80f825795bba194000dd354e15aa05e881ef103e63ce4c905ac8_s390x",
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch-proxy-rhel8@sha256:26e82e33639172e754d954c2de492f7ec0bff4760c7284fe85231d74e83da3cc_ppc64le",
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch-proxy-rhel8@sha256:bda4a51803d41c805074962d4207f0c56a4248d50d09bcd01017d55ea974166f_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch-rhel8-operator@sha256:2f7f3178fff00f6096e340392dfe2e005f7fa6553eae194cb765dd026432d010_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch-rhel8-operator@sha256:48b2b1685ae38774ec04f860f11a246838f8925be0b5adc0ec60bbde57419fb1_ppc64le",
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch-rhel8-operator@sha256:c4029eab5cf3ef8e00f774a04b786003e31073c85a585f50689009110d2a5f76_s390x",
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch6-rhel8@sha256:42925c7c419dd52bf611e6860b3c989ba396f9e5f1d9a459f5db6b958f932552_ppc64le",
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch6-rhel8@sha256:be1dd8dfaf204fa739a202ac7ddfcf3ed4441c97d05fa914cbbff34d5467bd76_s390x",
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch6-rhel8@sha256:d78003468c5d530a8dddd9841ecd23921b6987187ef09a0b97eeda0e7e914c94_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/eventrouter-rhel8@sha256:5bfaebca00db5b6ae5acb4a929be36f40704ac5a64806a13561c05b2409ed264_ppc64le",
"8Base-OSE-LOGGING-5.2:openshift-logging/eventrouter-rhel8@sha256:a0a4983317c397185b3c3dfda4f3399cad0b53daebe68a553991558fed8657cd_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/eventrouter-rhel8@sha256:d5ae1f16eec322d9c9fb5604641cb038a831a0c7de331feb2999775e7958ed55_s390x",
"8Base-OSE-LOGGING-5.2:openshift-logging/fluentd-rhel8@sha256:2ce16348308819fb21fa98c69ca56eb70b62cf36fb1c233d1928764b393dd3f0_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/fluentd-rhel8@sha256:a1f3ef5cafecc311f1c206ea40fda0f53badc8a520d30ad4461a25a2177cc393_s390x",
"8Base-OSE-LOGGING-5.2:openshift-logging/fluentd-rhel8@sha256:ac04d56e69fa742413b95177b2298502b8f9108be6bceb96b8ea4f9afbed5f74_ppc64le",
"8Base-OSE-LOGGING-5.2:openshift-logging/kibana6-rhel8@sha256:5ec68bc1aa764552cb1471a1844708747fced656c031b8c8428deecd3137eb3a_s390x",
"8Base-OSE-LOGGING-5.2:openshift-logging/kibana6-rhel8@sha256:8da444779bc4d8fefb85fe2a373d4f4280db9c41198e321e74b6cab05aed6922_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/kibana6-rhel8@sha256:e29a5cc022aa302459cff0ba435c24164ea5578d4f1468ab6bdfea0011220406_ppc64le",
"8Base-OSE-LOGGING-5.2:openshift-logging/log-file-metric-exporter-rhel8@sha256:59abfdea0e2fbafa7355967f3dc43700b82907aeaea520a10a87d4a77adc5963_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/log-file-metric-exporter-rhel8@sha256:c347e82a481d60f52e5fc9cfd0634dd69e82db309de5e1eedf12832461f2e399_ppc64le",
"8Base-OSE-LOGGING-5.2:openshift-logging/log-file-metric-exporter-rhel8@sha256:c442371d189720167dd3de9deaab587dad8ab810977040da26f3457cfd6eb10e_s390x",
"8Base-OSE-LOGGING-5.2:openshift-logging/logging-curator5-rhel8@sha256:3dbc18048c93b6281f14b3472ed538a20b12b7e6c0524d61afda291b5bf11541_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/logging-curator5-rhel8@sha256:640ff6c8d8c3c16ba43f87f4d323e93d7d8cdae1df44d7220c79083e8284ebd6_s390x",
"8Base-OSE-LOGGING-5.2:openshift-logging/logging-curator5-rhel8@sha256:c93eef1216995a01b8a76d547798b4a327d8fd2be746c40cf4e3b6cc84cea56c_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "log4j-core: remote code execution via JDBC Appender"
}
]
}
RHSA-2022:0138
Vulnerability from csaf_redhat - Published: 2022-01-13 15:25 - Updated: 2025-11-21 18:27Summary
Red Hat Security Advisory: Red Hat AMQ Streams 2.0.0 release and security update
Notes
Topic
Red Hat AMQ Streams 2.0.0 is now available from the Red Hat Customer Portal.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat AMQ Streams, based on the Apache Kafka project, offers a distributed backbone that allows microservices and other applications to share data with extremely high throughput and extremely low latency.
This release of Red Hat AMQ Streams 2.0.0 serves as a replacement for Red Hat AMQ Streams 1.8.4, and includes security and bug fixes, and enhancements.
Security Fix(es):
* jetty: crafted URIs allow bypassing security constraints (CVE-2021-34429)
* netty-codec: Bzip2Decoder doesn't allow setting size restrictions for decompressed data (CVE-2021-37136)
* netty-codec: SnappyFrameDecoder doesn't restrict chunk length and may buffer skippable chunks in an unnecessary way (CVE-2021-37137)
* Kafka: Timing Attack Vulnerability for Apache Kafka Connect and Clients (CVE-2021-38153)
* log4j-core: remote code execution via JDBC Appender (CVE-2021-44832)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Red Hat AMQ Streams 2.0.0 is now available from the Red Hat Customer Portal.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat AMQ Streams, based on the Apache Kafka project, offers a distributed backbone that allows microservices and other applications to share data with extremely high throughput and extremely low latency. \n\nThis release of Red Hat AMQ Streams 2.0.0 serves as a replacement for Red Hat AMQ Streams 1.8.4, and includes security and bug fixes, and enhancements.\n\nSecurity Fix(es):\n\n* jetty: crafted URIs allow bypassing security constraints (CVE-2021-34429)\n\n* netty-codec: Bzip2Decoder doesn\u0027t allow setting size restrictions for decompressed data (CVE-2021-37136)\n\n* netty-codec: SnappyFrameDecoder doesn\u0027t restrict chunk length and may buffer skippable chunks in an unnecessary way (CVE-2021-37137)\n\n* Kafka: Timing Attack Vulnerability for Apache Kafka Connect and Clients (CVE-2021-38153)\n\n* log4j-core: remote code execution via JDBC Appender (CVE-2021-44832)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2022:0138",
"url": "https://access.redhat.com/errata/RHSA-2022:0138"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=distributions\u0026product=jboss.amq.streams\u0026version=2.0.0",
"url": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=distributions\u0026product=jboss.amq.streams\u0026version=2.0.0"
},
{
"category": "external",
"summary": "1985223",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1985223"
},
{
"category": "external",
"summary": "2004133",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2004133"
},
{
"category": "external",
"summary": "2004135",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2004135"
},
{
"category": "external",
"summary": "2009041",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2009041"
},
{
"category": "external",
"summary": "2035951",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2035951"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2022/rhsa-2022_0138.json"
}
],
"title": "Red Hat Security Advisory: Red Hat AMQ Streams 2.0.0 release and security update",
"tracking": {
"current_release_date": "2025-11-21T18:27:51+00:00",
"generator": {
"date": "2025-11-21T18:27:51+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.12"
}
},
"id": "RHSA-2022:0138",
"initial_release_date": "2022-01-13T15:25:07+00:00",
"revision_history": [
{
"date": "2022-01-13T15:25:07+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2022-01-13T15:25:08+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-11-21T18:27:51+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat AMQ Streams 2.0.0",
"product": {
"name": "Red Hat AMQ Streams 2.0.0",
"product_id": "Red Hat AMQ Streams 2.0.0",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:amq_streams:2"
}
}
}
],
"category": "product_family",
"name": "Red Hat JBoss AMQ"
}
],
"category": "vendor",
"name": "Red Hat"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-34429",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"discovery_date": "2021-07-23T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1985223"
}
],
"notes": [
{
"category": "description",
"text": "For Eclipse Jetty versions 9.4.37-9.4.42, 10.0.1-10.0.5 \u0026 11.0.1-11.0.5, URIs can be crafted using some encoded characters to access the content of the WEB-INF directory and/or bypass some security constraints. This is a variation of the vulnerability reported in CVE-2021-28164/GHSA-v7ff-8wcx-gmc5.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jetty: crafted URIs allow bypassing security constraints",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "OCP 3.11 is out of the support scope for Moderate and Low impact vulnerabilities because is already in the Maintenance Support phase, hence the affected OCP 3.11 component has been marked as \"ooss\".\n\nRed Hat OpenStack Platform\u0027s OpenDaylight will not be updated for this flaw because it was deprecated as of OpenStack Platform 14 and is only receiving security fixes for Critical flaws.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AMQ Streams 2.0.0"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-34429"
},
{
"category": "external",
"summary": "RHBZ#1985223",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1985223"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-34429",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-34429"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-34429",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-34429"
}
],
"release_date": "2021-07-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-01-13T15:25:07+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat AMQ Streams 2.0.0"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:0138"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"Red Hat AMQ Streams 2.0.0"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jetty: crafted URIs allow bypassing security constraints"
},
{
"cve": "CVE-2021-37136",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2021-09-14T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2004133"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Netty\u0027s netty-codec due to size restrictions for decompressed data in the Bzip2Decoder. By sending a specially-crafted input, a remote attacker could cause a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "netty-codec: Bzip2Decoder doesn\u0027t allow setting size restrictions for decompressed data",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "In the OpenShift Container Platform (OCP), the Hive/Presto/Hadoop components that comprise the OCP Metering stack ship the vulnerable version of netty-codec package. Since the release of OCP 4.6, the Metering product has been deprecated [1], so the affected components are marked as wontfix. This may be fixed in the future.\n\nStarting in OCP 4.7, the elasticsearch component is shipping as a part of the OpenShift Logging product (openshift-logging/elasticsearch6-rhel8). The elasticsearch component delivered in OCP 4.6 is marked as `Out of support scope` because these versions are already under Maintenance Phase of the support.\n\n[1] https://docs.openshift.com/container-platform/4.6/release_notes/ocp-4-6-release-notes.html#ocp-4-6-metering-operator-deprecated",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AMQ Streams 2.0.0"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-37136"
},
{
"category": "external",
"summary": "RHBZ#2004133",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2004133"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-37136",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-37136"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-37136",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-37136"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/security/advisories/GHSA-grg4-wf29-r9vv",
"url": "https://github.com/netty/netty/security/advisories/GHSA-grg4-wf29-r9vv"
}
],
"release_date": "2021-09-09T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-01-13T15:25:07+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat AMQ Streams 2.0.0"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:0138"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat AMQ Streams 2.0.0"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "netty-codec: Bzip2Decoder doesn\u0027t allow setting size restrictions for decompressed data"
},
{
"cve": "CVE-2021-37137",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2021-09-14T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2004135"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Netty\u0027s netty-codec due to unrestricted chunk lengths in the SnappyFrameDecoder. By sending a specially-crafted input, a remote attacker could cause excessive memory usage resulting in a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "netty-codec: SnappyFrameDecoder doesn\u0027t restrict chunk length and may buffer skippable chunks in an unnecessary way",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "In OpenShift Container Platform (OCP), the Hive/Presto/Hadoop components that comprise the OCP Metering stack, ship the vulnerable version of netty-codec package.\nSince the release of OCP 4.6, the Metering product has been deprecated [1], hence the affected components are marked as wontfix.\nThis may be fixed in the future.\n\nStarting in OCP 4.7, the elasticsearch component is shipping as a part of the OpenShift Logging product (openshift-logging/elasticsearch6-rhel8). The elasticsearch component delivered in OCP 4.6 is marked as `Out of support scope` because these versions are already under Maintenance Phase of the support.\n\n[1] https://docs.openshift.com/container-platform/4.6/release_notes/ocp-4-6-release-notes.html#ocp-4-6-metering-operator-deprecated",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AMQ Streams 2.0.0"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-37137"
},
{
"category": "external",
"summary": "RHBZ#2004135",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2004135"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-37137",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-37137"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-37137",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-37137"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/security/advisories/GHSA-grg4-wf29-r9vv",
"url": "https://github.com/netty/netty/security/advisories/GHSA-grg4-wf29-r9vv"
}
],
"release_date": "2021-09-09T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-01-13T15:25:07+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat AMQ Streams 2.0.0"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:0138"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat AMQ Streams 2.0.0"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "netty-codec: SnappyFrameDecoder doesn\u0027t restrict chunk length and may buffer skippable chunks in an unnecessary way"
},
{
"cve": "CVE-2021-38153",
"cwe": {
"id": "CWE-367",
"name": "Time-of-check Time-of-use (TOCTOU) Race Condition"
},
"discovery_date": "2021-09-21T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2009041"
}
],
"notes": [
{
"category": "description",
"text": "Some components in Apache Kafka use `Arrays.equals` to validate a password or key, which is vulnerable to timing attacks that make brute force attacks for such credentials more likely to be successful. Users should upgrade to 2.8.1 or higher, or 3.0.0 or higher where this vulnerability has been fixed. The affected versions include Apache Kafka 2.0.0, 2.0.1, 2.1.0, 2.1.1, 2.2.0, 2.2.1, 2.2.2, 2.3.0, 2.3.1, 2.4.0, 2.4.1, 2.5.0, 2.5.1, 2.6.0, 2.6.1, 2.6.2, 2.7.0, 2.7.1, and 2.8.0.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Kafka: Timing Attack Vulnerability for Apache Kafka Connect and Clients",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AMQ Streams 2.0.0"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-38153"
},
{
"category": "external",
"summary": "RHBZ#2009041",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2009041"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-38153",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-38153"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-38153",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-38153"
}
],
"release_date": "2021-09-21T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-01-13T15:25:07+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat AMQ Streams 2.0.0"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:0138"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"Red Hat AMQ Streams 2.0.0"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "Kafka: Timing Attack Vulnerability for Apache Kafka Connect and Clients"
},
{
"cve": "CVE-2021-44832",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2021-12-28T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2035951"
}
],
"notes": [
{
"category": "description",
"text": "Apache Log4j2 versions 2.0-beta7 through 2.17.0 (excluding security fix releases 2.3.2 and 2.12.4) are vulnerable to a remote code execution (RCE) attack where an attacker with permission to modify the logging configuration file can construct a malicious configuration using a JDBC Appender with a data source referencing a JNDI URI which can execute remote code. This issue is fixed by limiting JNDI data source names to the java protocol in Log4j2 versions 2.17.1, 2.12.4, and 2.3.2.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "log4j-core: remote code execution via JDBC Appender",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Log4j 1.x is not impacted by this vulnerability. Therefore versions of log4j shipped with Red Hat Enterprise Linux are NOT affected by this flaw.\n\nFor Elasticsearch, as shipped in OpenShift Container Platform and OpenShift Logging, access to the log4j2.properties configuration is limited only to the cluster administrators and exploitation requires cluster logging changes, what reduced the impact of this vulnerability significantly [0].\n\n[0] https://discuss.elastic.co/t/apache-log4j2-remote-code-execution-rce-vulnerability-cve-2021-44228-esa-2021-31/291476#update-jan-6-5",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AMQ Streams 2.0.0"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-44832"
},
{
"category": "external",
"summary": "RHBZ#2035951",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2035951"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-44832",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44832"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-44832",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-44832"
},
{
"category": "external",
"summary": "https://issues.apache.org/jira/browse/LOG4J2-3293",
"url": "https://issues.apache.org/jira/browse/LOG4J2-3293"
}
],
"release_date": "2021-12-28T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-01-13T15:25:07+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat AMQ Streams 2.0.0"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:0138"
},
{
"category": "workaround",
"details": "As per upstream:\n- In prior releases confirm that if the JDBC Appender is being used it is not configured to use any protocol other than Java.\n- Note that only the log4j-core JAR file is impacted by this vulnerability. Applications using only the log4j-api JAR file without the log4j-core JAR file are not impacted by this vulnerability.",
"product_ids": [
"Red Hat AMQ Streams 2.0.0"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat AMQ Streams 2.0.0"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "log4j-core: remote code execution via JDBC Appender"
},
{
"cve": "CVE-2021-45046",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2021-12-14T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2032580"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Apache Log4j logging library in versions from 2.0.0 and before 2.16.0. A remote attacker with control over Thread Context Map (MDC) input data could craft malicious input using a JNDI Lookup pattern resulting in remote code execution (RCE) in a limited number of environments.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "log4j-core: DoS in log4j 2.x with thread context message pattern and context lookup pattern (incomplete fix for CVE-2021-44228)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Although we have matched Apache\u0027s CVSS score, with the exception of the scope metric which will remain unaltered at \"unchanged\"; as we believe code execution would be at the permission levels of the running JVM and not exceeding that of the original CVE-2021-44228 flaw.\n \nWe have given this vulnerability an impact rating of Moderate, this is because of the unlikely nature of log4j lookup mapping values being derived from attacker controlled values. This is not the default configuration for end-applications using log4j 2.x and would require explicit action from a privileged user (a developer or administrator) to access the vulnerability. \nIn certain non-default configurations, it was found that the fix to address CVE-2021-44228 in Apache Log4j 2.15.0 was insufficient.\n\nThis issue affects the log4j version between 2.0 and 2.15. Log4j 1.x is NOT impacted by this vulnerability. \n\nPrerequisites to exploit this flaw are :\n\n- A remotely accessible endpoint with any protocol (HTTP, TCP, etc) that allows an attacker to send arbitrary data,\n- A log statement in the endpoint that logs the attacker controlled data.\n- Log4j configuration file should be explicitly configured to use a non-default Pattern Layout with a Context Lookup eg. ($${ctx:loginId}) \n\nIn most cases, the mitigation suggested for CVE-2021-44228 (i.e. to set the system property `log4j2.noFormatMsgLookup` to `true) does NOT mitigate this specific vulnerability. \nLog4j 2.16.0 fixes this issue by removing support for message lookup patterns and disabling JNDI functionality by default.\n\nFor Elasticsearch, as shipped in OpenShift 3.11, the \"log4j2.formatMsgNoLookups=true\" system property mitigation is sufficient as there are no included non-standard configurations that allow for exploitation:\n\nhttps://github.com/openshift/openshift-ansible/blob/release-3.11/roles/openshift_logging_elasticsearch/templates/log4j2.properties.j2\n\nhttps://discuss.elastic.co/t/apache-log4j2-remote-code-execution-rce-vulnerability-cve-2021-44228-esa-2021-31/291476\n\nFor CodeReady Studio the fix for this flaw is available on CodeReady Studio 12.21.3 and above versions.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AMQ Streams 2.0.0"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-45046"
},
{
"category": "external",
"summary": "RHBZ#2032580",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2032580"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-45046",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-45046"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-45046",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-45046"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2021-44228",
"url": "https://access.redhat.com/security/cve/CVE-2021-44228"
},
{
"category": "external",
"summary": "https://logging.apache.org/log4j/2.x/security.html",
"url": "https://logging.apache.org/log4j/2.x/security.html"
},
{
"category": "external",
"summary": "https://www.openwall.com/lists/oss-security/2021/12/14/4",
"url": "https://www.openwall.com/lists/oss-security/2021/12/14/4"
},
{
"category": "external",
"summary": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog",
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
}
],
"release_date": "2021-12-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-01-13T15:25:07+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat AMQ Streams 2.0.0"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:0138"
},
{
"category": "workaround",
"details": "For Log4j versions up to and including 2.15.0, this issue can be mitigated by removing the JndiLookup class from the classpath (example: zip -q -d log4j-core-*.jar org/apache/logging/log4j/core/lookup/JndiLookup.class).",
"product_ids": [
"Red Hat AMQ Streams 2.0.0"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat AMQ Streams 2.0.0"
]
}
],
"threats": [
{
"category": "exploit_status",
"date": "2023-05-01T00:00:00+00:00",
"details": "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
},
{
"category": "impact",
"details": "Moderate"
}
],
"title": "log4j-core: DoS in log4j 2.x with thread context message pattern and context lookup pattern (incomplete fix for CVE-2021-44228)"
}
]
}
RHSA-2022:0216
Vulnerability from csaf_redhat - Published: 2022-01-20 16:00 - Updated: 2025-11-21 18:28Summary
Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.4 security update
Notes
Topic
A security update is now available for Red Hat JBoss Enterprise Application Platform 7.4.
Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime.
This asynchronous patch is a security update for Red Hat JBoss Enterprise Application Platform 7.4.
Security Fix(es):
* log4j-core: remote code execution via JDBC Appender (CVE-2021-44832)
* log4j-core: DoS in log4j 2.x with thread context message pattern and context lookup pattern (incomplete fix for CVE-2021-44228) (CVE-2021-45046)
* log4j-core: DoS in log4j 2.x with Thread Context Map (MDC) input data contains a recursive lookup and context lookup pattern (CVE-2021-45105)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Low"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "A security update is now available for Red Hat JBoss Enterprise Application Platform 7.4.\n\nRed Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime.\n\nThis asynchronous patch is a security update for Red Hat JBoss Enterprise Application Platform 7.4.\n\nSecurity Fix(es):\n\n* log4j-core: remote code execution via JDBC Appender (CVE-2021-44832)\n\n* log4j-core: DoS in log4j 2.x with thread context message pattern and context lookup pattern (incomplete fix for CVE-2021-44228) (CVE-2021-45046)\n\n* log4j-core: DoS in log4j 2.x with Thread Context Map (MDC) input data contains a recursive lookup and context lookup pattern (CVE-2021-45105)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2022:0216",
"url": "https://access.redhat.com/errata/RHSA-2022:0216"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#low",
"url": "https://access.redhat.com/security/updates/classification/#low"
},
{
"category": "external",
"summary": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=securityPatches\u0026product=appplatform\u0026version=7.4",
"url": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=securityPatches\u0026product=appplatform\u0026version=7.4"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/vulnerabilities/RHSB-2021-009",
"url": "https://access.redhat.com/security/vulnerabilities/RHSB-2021-009"
},
{
"category": "external",
"summary": "https://access.redhat.com/solutions/6577421",
"url": "https://access.redhat.com/solutions/6577421"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.4/",
"url": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.4/"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.4/html-single/installation_guide/",
"url": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.4/html-single/installation_guide/"
},
{
"category": "external",
"summary": "2032580",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2032580"
},
{
"category": "external",
"summary": "2034067",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2034067"
},
{
"category": "external",
"summary": "2035951",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2035951"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2022/rhsa-2022_0216.json"
}
],
"title": "Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.4 security update",
"tracking": {
"current_release_date": "2025-11-21T18:28:01+00:00",
"generator": {
"date": "2025-11-21T18:28:01+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.12"
}
},
"id": "RHSA-2022:0216",
"initial_release_date": "2022-01-20T16:00:06+00:00",
"revision_history": [
{
"date": "2022-01-20T16:00:06+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2025-10-23T23:11:16+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-11-21T18:28:01+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat JBoss Enterprise Application Platform 7",
"product": {
"name": "Red Hat JBoss Enterprise Application Platform 7",
"product_id": "Red Hat JBoss Enterprise Application Platform 7",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4"
}
}
}
],
"category": "product_family",
"name": "Red Hat JBoss Enterprise Application Platform"
}
],
"category": "vendor",
"name": "Red Hat"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-44832",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2021-12-28T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2035951"
}
],
"notes": [
{
"category": "description",
"text": "Apache Log4j2 versions 2.0-beta7 through 2.17.0 (excluding security fix releases 2.3.2 and 2.12.4) are vulnerable to a remote code execution (RCE) attack where an attacker with permission to modify the logging configuration file can construct a malicious configuration using a JDBC Appender with a data source referencing a JNDI URI which can execute remote code. This issue is fixed by limiting JNDI data source names to the java protocol in Log4j2 versions 2.17.1, 2.12.4, and 2.3.2.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "log4j-core: remote code execution via JDBC Appender",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Log4j 1.x is not impacted by this vulnerability. Therefore versions of log4j shipped with Red Hat Enterprise Linux are NOT affected by this flaw.\n\nFor Elasticsearch, as shipped in OpenShift Container Platform and OpenShift Logging, access to the log4j2.properties configuration is limited only to the cluster administrators and exploitation requires cluster logging changes, what reduced the impact of this vulnerability significantly [0].\n\n[0] https://discuss.elastic.co/t/apache-log4j2-remote-code-execution-rce-vulnerability-cve-2021-44228-esa-2021-31/291476#update-jan-6-5",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Enterprise Application Platform 7"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-44832"
},
{
"category": "external",
"summary": "RHBZ#2035951",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2035951"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-44832",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44832"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-44832",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-44832"
},
{
"category": "external",
"summary": "https://issues.apache.org/jira/browse/LOG4J2-3293",
"url": "https://issues.apache.org/jira/browse/LOG4J2-3293"
}
],
"release_date": "2021-12-28T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-01-20T16:00:06+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat JBoss Enterprise Application Platform 7"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:0216"
},
{
"category": "workaround",
"details": "As per upstream:\n- In prior releases confirm that if the JDBC Appender is being used it is not configured to use any protocol other than Java.\n- Note that only the log4j-core JAR file is impacted by this vulnerability. Applications using only the log4j-api JAR file without the log4j-core JAR file are not impacted by this vulnerability.",
"product_ids": [
"Red Hat JBoss Enterprise Application Platform 7"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat JBoss Enterprise Application Platform 7"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "log4j-core: remote code execution via JDBC Appender"
},
{
"cve": "CVE-2021-45046",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2021-12-14T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2032580"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Apache Log4j logging library in versions from 2.0.0 and before 2.16.0. A remote attacker with control over Thread Context Map (MDC) input data could craft malicious input using a JNDI Lookup pattern resulting in remote code execution (RCE) in a limited number of environments.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "log4j-core: DoS in log4j 2.x with thread context message pattern and context lookup pattern (incomplete fix for CVE-2021-44228)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Although we have matched Apache\u0027s CVSS score, with the exception of the scope metric which will remain unaltered at \"unchanged\"; as we believe code execution would be at the permission levels of the running JVM and not exceeding that of the original CVE-2021-44228 flaw.\n \nWe have given this vulnerability an impact rating of Moderate, this is because of the unlikely nature of log4j lookup mapping values being derived from attacker controlled values. This is not the default configuration for end-applications using log4j 2.x and would require explicit action from a privileged user (a developer or administrator) to access the vulnerability. \nIn certain non-default configurations, it was found that the fix to address CVE-2021-44228 in Apache Log4j 2.15.0 was insufficient.\n\nThis issue affects the log4j version between 2.0 and 2.15. Log4j 1.x is NOT impacted by this vulnerability. \n\nPrerequisites to exploit this flaw are :\n\n- A remotely accessible endpoint with any protocol (HTTP, TCP, etc) that allows an attacker to send arbitrary data,\n- A log statement in the endpoint that logs the attacker controlled data.\n- Log4j configuration file should be explicitly configured to use a non-default Pattern Layout with a Context Lookup eg. ($${ctx:loginId}) \n\nIn most cases, the mitigation suggested for CVE-2021-44228 (i.e. to set the system property `log4j2.noFormatMsgLookup` to `true) does NOT mitigate this specific vulnerability. \nLog4j 2.16.0 fixes this issue by removing support for message lookup patterns and disabling JNDI functionality by default.\n\nFor Elasticsearch, as shipped in OpenShift 3.11, the \"log4j2.formatMsgNoLookups=true\" system property mitigation is sufficient as there are no included non-standard configurations that allow for exploitation:\n\nhttps://github.com/openshift/openshift-ansible/blob/release-3.11/roles/openshift_logging_elasticsearch/templates/log4j2.properties.j2\n\nhttps://discuss.elastic.co/t/apache-log4j2-remote-code-execution-rce-vulnerability-cve-2021-44228-esa-2021-31/291476\n\nFor CodeReady Studio the fix for this flaw is available on CodeReady Studio 12.21.3 and above versions.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Enterprise Application Platform 7"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-45046"
},
{
"category": "external",
"summary": "RHBZ#2032580",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2032580"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-45046",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-45046"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-45046",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-45046"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2021-44228",
"url": "https://access.redhat.com/security/cve/CVE-2021-44228"
},
{
"category": "external",
"summary": "https://logging.apache.org/log4j/2.x/security.html",
"url": "https://logging.apache.org/log4j/2.x/security.html"
},
{
"category": "external",
"summary": "https://www.openwall.com/lists/oss-security/2021/12/14/4",
"url": "https://www.openwall.com/lists/oss-security/2021/12/14/4"
},
{
"category": "external",
"summary": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog",
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
}
],
"release_date": "2021-12-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-01-20T16:00:06+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat JBoss Enterprise Application Platform 7"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:0216"
},
{
"category": "workaround",
"details": "For Log4j versions up to and including 2.15.0, this issue can be mitigated by removing the JndiLookup class from the classpath (example: zip -q -d log4j-core-*.jar org/apache/logging/log4j/core/lookup/JndiLookup.class).",
"product_ids": [
"Red Hat JBoss Enterprise Application Platform 7"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat JBoss Enterprise Application Platform 7"
]
}
],
"threats": [
{
"category": "exploit_status",
"date": "2023-05-01T00:00:00+00:00",
"details": "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
},
{
"category": "impact",
"details": "Low"
}
],
"title": "log4j-core: DoS in log4j 2.x with thread context message pattern and context lookup pattern (incomplete fix for CVE-2021-44228)"
},
{
"cve": "CVE-2021-45105",
"cwe": {
"id": "CWE-674",
"name": "Uncontrolled Recursion"
},
"discovery_date": "2021-12-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2034067"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Apache Log4j logging library 2.x. when the logging configuration uses a non-default Pattern Layout with a Context Lookup. Attackers with control over Thread Context Map (MDC) input data can craft malicious input data that contains a recursive lookup and can cause Denial of Service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "log4j-core: DoS in log4j 2.x with Thread Context Map (MDC) input data contains a recursive lookup and context lookup pattern",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Product Security has performed an analysis of this flaw and has classified the Attack Complexity(AC) as High because there are multiple factors involved which are beyond attacker\u0027s control:\n\n- The application has to use the logging configuration using a Context Map Lookup (for example, $${ctx:loginId}) which is a non-default Pattern Layout.\n- The application developer has to use the map org.apache.logging.log4j.ThreadContext in the application code and save at-least one key (for example, ThreadContext.put(\"loginId\", \"myId\");) in the ThreadContext map object.\n- Attackers must also know this saved key name in order to exploit this flaw.\n\nNote that saving keys in this map is a non-essential usage of log4j and just an optional feature provided. Refer to https://logging.apache.org/log4j/2.x/manual/lookups.html#ContextMapLookup to know more about the Context Map Lookup feature of Log4j.\n\nLog4j 1.x is not impacted by this vulnerability. Note that only the log4j-core JAR file is impacted by this vulnerability. Applications using ONLY the log4j-api JAR file without the log4j-core JAR file are NOT impacted by this vulnerability.\n\n\nDespite including a vulnerable version of Log4j 2.x, this vulnerability is not exploitable in Elasticsearch[0], as shipped in OpenShift Container Platform and OpenShift Logging. OpenShift 3.11 specifically does not contain any context lookups:\n\nhttps://github.com/openshift/openshift-ansible/blob/release-3.11/roles/openshift_logging_elasticsearch/templates/log4j2.properties.j2\n\nThis vulnerability is therefore rated Low for Elasticsearch in OpenShift Container Platform and OpenShift Logging.\n\n[0] https://discuss.elastic.co/t/apache-log4j2-remote-code-execution-rce-vulnerability-cve-2021-44228-esa-2021-31/291476#update-december-18-4",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Enterprise Application Platform 7"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-45105"
},
{
"category": "external",
"summary": "RHBZ#2034067",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2034067"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-45105",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-45105"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-45105",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-45105"
},
{
"category": "external",
"summary": "https://issues.apache.org/jira/browse/LOG4J2-3230",
"url": "https://issues.apache.org/jira/browse/LOG4J2-3230"
},
{
"category": "external",
"summary": "https://logging.apache.org/log4j/2.x/security.html",
"url": "https://logging.apache.org/log4j/2.x/security.html"
},
{
"category": "external",
"summary": "https://www.openwall.com/lists/oss-security/2021/12/19/1",
"url": "https://www.openwall.com/lists/oss-security/2021/12/19/1"
}
],
"release_date": "2021-12-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-01-20T16:00:06+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat JBoss Enterprise Application Platform 7"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:0216"
},
{
"category": "workaround",
"details": "For Log4j 2 versions up to and including 2.16.0, this flaw can be mitigated by:\n- In PatternLayout in the Log4j logging configuration, replace Context Lookups like ${ctx:loginId} or $${ctx:loginId} with Thread Context Map patterns (%X, %mdc, or %MDC) like %X{loginId}.\n- Otherwise, in the Log4j logging configuration, remove references to Context Lookups like ${ctx:loginId} or $${ctx:loginId} where they originate from sources external to the application such as HTTP headers or user input.",
"product_ids": [
"Red Hat JBoss Enterprise Application Platform 7"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat JBoss Enterprise Application Platform 7"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "log4j-core: DoS in log4j 2.x with Thread Context Map (MDC) input data contains a recursive lookup and context lookup pattern"
}
]
}
RHSA-2022_1297
Vulnerability from csaf_redhat - Published: 2022-04-11 13:00 - Updated: 2024-11-26 02:52Summary
Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.4.4 security update
Notes
Topic
A security update is now available for Red Hat JBoss Enterprise Application Platform 7.4 for Red Hat Enterprise Linux 8.
Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime.
This release of Red Hat JBoss Enterprise Application Platform 7.4.4 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.4.3 and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.4.4 Release Notes for information about the most significant bug fixes and enhancements included in this release.
Security Fix(es):
* log4j: SQL injection in Log4j 1.x when application is configured to use JDBCAppender (CVE-2022-23305)
* log4j: Unsafe deserialization flaw in Chainsaw log viewer (CVE-2022-23307)
* log4j: Remote code execution in Log4j 1.x when application is configured to use JMSAppender (CVE-2021-4104)
* log4j-core: remote code execution via JDBC Appender (CVE-2021-44832)
* log4j-core: DoS in log4j 2.x with thread context message pattern and context lookup pattern (incomplete fix for CVE-2021-44228) (CVE-2021-45046)
* log4j-core: DoS in log4j 2.x with Thread Context Map (MDC) input data contains a recursive lookup and context lookup pattern (CVE-2021-45105)
* log4j: Remote code execution in Log4j 1.x when application is configured to use JMSSink (CVE-2022-23302)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Low"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "A security update is now available for Red Hat JBoss Enterprise Application Platform 7.4 for Red Hat Enterprise Linux 8.\n\nRed Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime.\n\nThis release of Red Hat JBoss Enterprise Application Platform 7.4.4 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.4.3 and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.4.4 Release Notes for information about the most significant bug fixes and enhancements included in this release.\n\nSecurity Fix(es):\n\n* log4j: SQL injection in Log4j 1.x when application is configured to use JDBCAppender (CVE-2022-23305)\n\n* log4j: Unsafe deserialization flaw in Chainsaw log viewer (CVE-2022-23307)\n\n* log4j: Remote code execution in Log4j 1.x when application is configured to use JMSAppender (CVE-2021-4104)\n\n* log4j-core: remote code execution via JDBC Appender (CVE-2021-44832)\n\n* log4j-core: DoS in log4j 2.x with thread context message pattern and context lookup pattern (incomplete fix for CVE-2021-44228) (CVE-2021-45046)\n\n* log4j-core: DoS in log4j 2.x with Thread Context Map (MDC) input data contains a recursive lookup and context lookup pattern (CVE-2021-45105)\n\n* log4j: Remote code execution in Log4j 1.x when application is configured to use JMSSink (CVE-2022-23302)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2022:1297",
"url": "https://access.redhat.com/errata/RHSA-2022:1297"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#low",
"url": "https://access.redhat.com/security/updates/classification/#low"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.4/",
"url": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.4/"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.4/html-single/installation_guide/",
"url": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.4/html-single/installation_guide/"
},
{
"category": "external",
"summary": "2031667",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2031667"
},
{
"category": "external",
"summary": "2032580",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2032580"
},
{
"category": "external",
"summary": "2034067",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2034067"
},
{
"category": "external",
"summary": "2035951",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2035951"
},
{
"category": "external",
"summary": "2041949",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2041949"
},
{
"category": "external",
"summary": "2041959",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2041959"
},
{
"category": "external",
"summary": "2041967",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2041967"
},
{
"category": "external",
"summary": "JBEAP-22105",
"url": "https://issues.redhat.com/browse/JBEAP-22105"
},
{
"category": "external",
"summary": "JBEAP-22385",
"url": "https://issues.redhat.com/browse/JBEAP-22385"
},
{
"category": "external",
"summary": "JBEAP-22731",
"url": "https://issues.redhat.com/browse/JBEAP-22731"
},
{
"category": "external",
"summary": "JBEAP-22738",
"url": "https://issues.redhat.com/browse/JBEAP-22738"
},
{
"category": "external",
"summary": "JBEAP-22819",
"url": "https://issues.redhat.com/browse/JBEAP-22819"
},
{
"category": "external",
"summary": "JBEAP-22839",
"url": "https://issues.redhat.com/browse/JBEAP-22839"
},
{
"category": "external",
"summary": "JBEAP-22864",
"url": "https://issues.redhat.com/browse/JBEAP-22864"
},
{
"category": "external",
"summary": "JBEAP-22900",
"url": "https://issues.redhat.com/browse/JBEAP-22900"
},
{
"category": "external",
"summary": "JBEAP-22904",
"url": "https://issues.redhat.com/browse/JBEAP-22904"
},
{
"category": "external",
"summary": "JBEAP-22911",
"url": "https://issues.redhat.com/browse/JBEAP-22911"
},
{
"category": "external",
"summary": "JBEAP-22912",
"url": "https://issues.redhat.com/browse/JBEAP-22912"
},
{
"category": "external",
"summary": "JBEAP-22913",
"url": "https://issues.redhat.com/browse/JBEAP-22913"
},
{
"category": "external",
"summary": "JBEAP-22935",
"url": "https://issues.redhat.com/browse/JBEAP-22935"
},
{
"category": "external",
"summary": "JBEAP-22945",
"url": "https://issues.redhat.com/browse/JBEAP-22945"
},
{
"category": "external",
"summary": "JBEAP-22973",
"url": "https://issues.redhat.com/browse/JBEAP-22973"
},
{
"category": "external",
"summary": "JBEAP-23038",
"url": "https://issues.redhat.com/browse/JBEAP-23038"
},
{
"category": "external",
"summary": "JBEAP-23040",
"url": "https://issues.redhat.com/browse/JBEAP-23040"
},
{
"category": "external",
"summary": "JBEAP-23045",
"url": "https://issues.redhat.com/browse/JBEAP-23045"
},
{
"category": "external",
"summary": "JBEAP-23101",
"url": "https://issues.redhat.com/browse/JBEAP-23101"
},
{
"category": "external",
"summary": "JBEAP-23105",
"url": "https://issues.redhat.com/browse/JBEAP-23105"
},
{
"category": "external",
"summary": "JBEAP-23143",
"url": "https://issues.redhat.com/browse/JBEAP-23143"
},
{
"category": "external",
"summary": "JBEAP-23177",
"url": "https://issues.redhat.com/browse/JBEAP-23177"
},
{
"category": "external",
"summary": "JBEAP-23323",
"url": "https://issues.redhat.com/browse/JBEAP-23323"
},
{
"category": "external",
"summary": "JBEAP-23373",
"url": "https://issues.redhat.com/browse/JBEAP-23373"
},
{
"category": "external",
"summary": "JBEAP-23374",
"url": "https://issues.redhat.com/browse/JBEAP-23374"
},
{
"category": "external",
"summary": "JBEAP-23375",
"url": "https://issues.redhat.com/browse/JBEAP-23375"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2022/rhsa-2022_1297.json"
}
],
"title": "Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.4.4 security update",
"tracking": {
"current_release_date": "2024-11-26T02:52:57+00:00",
"generator": {
"date": "2024-11-26T02:52:57+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.1"
}
},
"id": "RHSA-2022:1297",
"initial_release_date": "2022-04-11T13:00:18+00:00",
"revision_history": [
{
"date": "2022-04-11T13:00:18+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2022-04-11T13:00:18+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-26T02:52:57+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat JBoss EAP 7.4 for RHEL 8",
"product": {
"name": "Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat JBoss Enterprise Application Platform"
},
{
"branches": [
{
"category": "product_version",
"name": "eap7-jboss-xnio-base-0:3.8.6-1.Final_redhat_00001.1.el8eap.src",
"product": {
"name": "eap7-jboss-xnio-base-0:3.8.6-1.Final_redhat_00001.1.el8eap.src",
"product_id": "eap7-jboss-xnio-base-0:3.8.6-1.Final_redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-xnio-base@3.8.6-1.Final_redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-xom-0:1.3.7-1.redhat_00001.1.el8eap.src",
"product": {
"name": "eap7-xom-0:1.3.7-1.redhat_00001.1.el8eap.src",
"product_id": "eap7-xom-0:1.3.7-1.redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-xom@1.3.7-1.redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-hal-console-0:3.3.9-1.Final_redhat_00001.1.el8eap.src",
"product": {
"name": "eap7-hal-console-0:3.3.9-1.Final_redhat_00001.1.el8eap.src",
"product_id": "eap7-hal-console-0:3.3.9-1.Final_redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hal-console@3.3.9-1.Final_redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-undertow-0:2.2.16-1.Final_redhat_00001.1.el8eap.src",
"product": {
"name": "eap7-undertow-0:2.2.16-1.Final_redhat_00001.1.el8eap.src",
"product_id": "eap7-undertow-0:2.2.16-1.Final_redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-undertow@2.2.16-1.Final_redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-0:5.3.25-1.Final_redhat_00002.1.el8eap.src",
"product": {
"name": "eap7-hibernate-0:5.3.25-1.Final_redhat_00002.1.el8eap.src",
"product_id": "eap7-hibernate-0:5.3.25-1.Final_redhat_00002.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate@5.3.25-1.Final_redhat_00002.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-narayana-0:5.11.4-1.Final_redhat_00001.1.el8eap.src",
"product": {
"name": "eap7-narayana-0:5.11.4-1.Final_redhat_00001.1.el8eap.src",
"product_id": "eap7-narayana-0:5.11.4-1.Final_redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-narayana@5.11.4-1.Final_redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-0:2.16.0-7.redhat_00034.1.el8eap.src",
"product": {
"name": "eap7-activemq-artemis-0:2.16.0-7.redhat_00034.1.el8eap.src",
"product_id": "eap7-activemq-artemis-0:2.16.0-7.redhat_00034.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis@2.16.0-7.redhat_00034.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-elytron-0:1.15.11-1.Final_redhat_00002.1.el8eap.src",
"product": {
"name": "eap7-wildfly-elytron-0:1.15.11-1.Final_redhat_00002.1.el8eap.src",
"product_id": "eap7-wildfly-elytron-0:1.15.11-1.Final_redhat_00002.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-elytron@1.15.11-1.Final_redhat_00002.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-objectweb-asm-0:9.1.0-1.redhat_00002.1.el8eap.src",
"product": {
"name": "eap7-objectweb-asm-0:9.1.0-1.redhat_00002.1.el8eap.src",
"product_id": "eap7-objectweb-asm-0:9.1.0-1.redhat_00002.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-objectweb-asm@9.1.0-1.redhat_00002.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-infinispan-0:11.0.15-1.Final_redhat_00001.1.el8eap.src",
"product": {
"name": "eap7-infinispan-0:11.0.15-1.Final_redhat_00001.1.el8eap.src",
"product_id": "eap7-infinispan-0:11.0.15-1.Final_redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-infinispan@11.0.15-1.Final_redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-log4j-0:2.17.1-1.redhat_00001.1.el8eap.src",
"product": {
"name": "eap7-log4j-0:2.17.1-1.redhat_00001.1.el8eap.src",
"product_id": "eap7-log4j-0:2.17.1-1.redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-log4j@2.17.1-1.redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-vfs-0:3.2.16-1.Final_redhat_00001.1.el8eap.src",
"product": {
"name": "eap7-jboss-vfs-0:3.2.16-1.Final_redhat_00001.1.el8eap.src",
"product_id": "eap7-jboss-vfs-0:3.2.16-1.Final_redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-vfs@3.2.16-1.Final_redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-yasson-0:1.0.10-1.redhat_00001.1.el8eap.src",
"product": {
"name": "eap7-yasson-0:1.0.10-1.redhat_00001.1.el8eap.src",
"product_id": "eap7-yasson-0:1.0.10-1.redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-yasson@1.0.10-1.redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-ecj-1:3.26.0-1.redhat_00002.1.el8eap.src",
"product": {
"name": "eap7-ecj-1:3.26.0-1.redhat_00002.1.el8eap.src",
"product_id": "eap7-ecj-1:3.26.0-1.redhat_00002.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ecj@3.26.0-1.redhat_00002.1.el8eap?arch=src\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "eap7-jbossws-cxf-0:5.4.4-1.Final_redhat_00001.1.el8eap.src",
"product": {
"name": "eap7-jbossws-cxf-0:5.4.4-1.Final_redhat_00001.1.el8eap.src",
"product_id": "eap7-jbossws-cxf-0:5.4.4-1.Final_redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jbossws-cxf@5.4.4-1.Final_redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-openssl-0:2.2.0-3.Final_redhat_00002.1.el8eap.src",
"product": {
"name": "eap7-wildfly-openssl-0:2.2.0-3.Final_redhat_00002.1.el8eap.src",
"product_id": "eap7-wildfly-openssl-0:2.2.0-3.Final_redhat_00002.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-openssl@2.2.0-3.Final_redhat_00002.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-openssl-el8-x86_64-0:2.2.0-2.Final_redhat_00002.1.el8eap.src",
"product": {
"name": "eap7-wildfly-openssl-el8-x86_64-0:2.2.0-2.Final_redhat_00002.1.el8eap.src",
"product_id": "eap7-wildfly-openssl-el8-x86_64-0:2.2.0-2.Final_redhat_00002.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-openssl-el8-x86_64@2.2.0-2.Final_redhat_00002.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-0:1.10.0-15.Final_redhat_00014.1.el8eap.src",
"product": {
"name": "eap7-jboss-server-migration-0:1.10.0-15.Final_redhat_00014.1.el8eap.src",
"product_id": "eap7-jboss-server-migration-0:1.10.0-15.Final_redhat_00014.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration@1.10.0-15.Final_redhat_00014.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-0:7.4.4-3.GA_redhat_00011.1.el8eap.src",
"product": {
"name": "eap7-wildfly-0:7.4.4-3.GA_redhat_00011.1.el8eap.src",
"product_id": "eap7-wildfly-0:7.4.4-3.GA_redhat_00011.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly@7.4.4-3.GA_redhat_00011.1.el8eap?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "eap7-jboss-xnio-base-0:3.8.6-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-jboss-xnio-base-0:3.8.6-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-jboss-xnio-base-0:3.8.6-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-xnio-base@3.8.6-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-xom-0:1.3.7-1.redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-xom-0:1.3.7-1.redhat_00001.1.el8eap.noarch",
"product_id": "eap7-xom-0:1.3.7-1.redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-xom@1.3.7-1.redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-hal-console-0:3.3.9-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-hal-console-0:3.3.9-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-hal-console-0:3.3.9-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hal-console@3.3.9-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-undertow-0:2.2.16-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-undertow-0:2.2.16-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-undertow-0:2.2.16-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-undertow@2.2.16-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-0:5.3.25-1.Final_redhat_00002.1.el8eap.noarch",
"product": {
"name": "eap7-hibernate-0:5.3.25-1.Final_redhat_00002.1.el8eap.noarch",
"product_id": "eap7-hibernate-0:5.3.25-1.Final_redhat_00002.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate@5.3.25-1.Final_redhat_00002.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-core-0:5.3.25-1.Final_redhat_00002.1.el8eap.noarch",
"product": {
"name": "eap7-hibernate-core-0:5.3.25-1.Final_redhat_00002.1.el8eap.noarch",
"product_id": "eap7-hibernate-core-0:5.3.25-1.Final_redhat_00002.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate-core@5.3.25-1.Final_redhat_00002.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-entitymanager-0:5.3.25-1.Final_redhat_00002.1.el8eap.noarch",
"product": {
"name": "eap7-hibernate-entitymanager-0:5.3.25-1.Final_redhat_00002.1.el8eap.noarch",
"product_id": "eap7-hibernate-entitymanager-0:5.3.25-1.Final_redhat_00002.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate-entitymanager@5.3.25-1.Final_redhat_00002.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-envers-0:5.3.25-1.Final_redhat_00002.1.el8eap.noarch",
"product": {
"name": "eap7-hibernate-envers-0:5.3.25-1.Final_redhat_00002.1.el8eap.noarch",
"product_id": "eap7-hibernate-envers-0:5.3.25-1.Final_redhat_00002.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate-envers@5.3.25-1.Final_redhat_00002.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-java8-0:5.3.25-1.Final_redhat_00002.1.el8eap.noarch",
"product": {
"name": "eap7-hibernate-java8-0:5.3.25-1.Final_redhat_00002.1.el8eap.noarch",
"product_id": "eap7-hibernate-java8-0:5.3.25-1.Final_redhat_00002.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate-java8@5.3.25-1.Final_redhat_00002.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-narayana-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-narayana-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-narayana-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-narayana@5.11.4-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-narayana-compensations-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-narayana-compensations-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-narayana-compensations-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-narayana-compensations@5.11.4-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-narayana-jbosstxbridge-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-narayana-jbosstxbridge-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-narayana-jbosstxbridge-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-narayana-jbosstxbridge@5.11.4-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-narayana-jbossxts-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-narayana-jbossxts-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-narayana-jbossxts-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-narayana-jbossxts@5.11.4-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-narayana-jts-idlj-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-narayana-jts-idlj-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-narayana-jts-idlj-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-narayana-jts-idlj@5.11.4-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-narayana-jts-integration-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-narayana-jts-integration-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-narayana-jts-integration-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-narayana-jts-integration@5.11.4-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-narayana-restat-api-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-narayana-restat-api-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-narayana-restat-api-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-narayana-restat-api@5.11.4-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-narayana-restat-bridge-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-narayana-restat-bridge-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-narayana-restat-bridge-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-narayana-restat-bridge@5.11.4-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-narayana-restat-integration-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-narayana-restat-integration-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-narayana-restat-integration-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-narayana-restat-integration@5.11.4-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-narayana-restat-util-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-narayana-restat-util-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-narayana-restat-util-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-narayana-restat-util@5.11.4-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-narayana-txframework-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-narayana-txframework-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-narayana-txframework-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-narayana-txframework@5.11.4-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"product": {
"name": "eap7-activemq-artemis-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"product_id": "eap7-activemq-artemis-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis@2.16.0-7.redhat_00034.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-cli-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"product": {
"name": "eap7-activemq-artemis-cli-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"product_id": "eap7-activemq-artemis-cli-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-cli@2.16.0-7.redhat_00034.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-commons-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"product": {
"name": "eap7-activemq-artemis-commons-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"product_id": "eap7-activemq-artemis-commons-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-commons@2.16.0-7.redhat_00034.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-core-client-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"product": {
"name": "eap7-activemq-artemis-core-client-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"product_id": "eap7-activemq-artemis-core-client-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-core-client@2.16.0-7.redhat_00034.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-dto-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"product": {
"name": "eap7-activemq-artemis-dto-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"product_id": "eap7-activemq-artemis-dto-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-dto@2.16.0-7.redhat_00034.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-hornetq-protocol-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"product": {
"name": "eap7-activemq-artemis-hornetq-protocol-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"product_id": "eap7-activemq-artemis-hornetq-protocol-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-hornetq-protocol@2.16.0-7.redhat_00034.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-hqclient-protocol-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"product": {
"name": "eap7-activemq-artemis-hqclient-protocol-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"product_id": "eap7-activemq-artemis-hqclient-protocol-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-hqclient-protocol@2.16.0-7.redhat_00034.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-jdbc-store-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"product": {
"name": "eap7-activemq-artemis-jdbc-store-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"product_id": "eap7-activemq-artemis-jdbc-store-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-jdbc-store@2.16.0-7.redhat_00034.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-jms-client-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"product": {
"name": "eap7-activemq-artemis-jms-client-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"product_id": "eap7-activemq-artemis-jms-client-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-jms-client@2.16.0-7.redhat_00034.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-jms-server-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"product": {
"name": "eap7-activemq-artemis-jms-server-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"product_id": "eap7-activemq-artemis-jms-server-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-jms-server@2.16.0-7.redhat_00034.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-journal-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"product": {
"name": "eap7-activemq-artemis-journal-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"product_id": "eap7-activemq-artemis-journal-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-journal@2.16.0-7.redhat_00034.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-ra-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"product": {
"name": "eap7-activemq-artemis-ra-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"product_id": "eap7-activemq-artemis-ra-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-ra@2.16.0-7.redhat_00034.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-selector-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"product": {
"name": "eap7-activemq-artemis-selector-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"product_id": "eap7-activemq-artemis-selector-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-selector@2.16.0-7.redhat_00034.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-server-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"product": {
"name": "eap7-activemq-artemis-server-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"product_id": "eap7-activemq-artemis-server-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-server@2.16.0-7.redhat_00034.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-service-extensions-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"product": {
"name": "eap7-activemq-artemis-service-extensions-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"product_id": "eap7-activemq-artemis-service-extensions-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-service-extensions@2.16.0-7.redhat_00034.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-tools-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"product": {
"name": "eap7-activemq-artemis-tools-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"product_id": "eap7-activemq-artemis-tools-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-tools@2.16.0-7.redhat_00034.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-elytron-0:1.15.11-1.Final_redhat_00002.1.el8eap.noarch",
"product": {
"name": "eap7-wildfly-elytron-0:1.15.11-1.Final_redhat_00002.1.el8eap.noarch",
"product_id": "eap7-wildfly-elytron-0:1.15.11-1.Final_redhat_00002.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-elytron@1.15.11-1.Final_redhat_00002.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-elytron-tool-0:1.15.11-1.Final_redhat_00002.1.el8eap.noarch",
"product": {
"name": "eap7-wildfly-elytron-tool-0:1.15.11-1.Final_redhat_00002.1.el8eap.noarch",
"product_id": "eap7-wildfly-elytron-tool-0:1.15.11-1.Final_redhat_00002.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-elytron-tool@1.15.11-1.Final_redhat_00002.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-objectweb-asm-0:9.1.0-1.redhat_00002.1.el8eap.noarch",
"product": {
"name": "eap7-objectweb-asm-0:9.1.0-1.redhat_00002.1.el8eap.noarch",
"product_id": "eap7-objectweb-asm-0:9.1.0-1.redhat_00002.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-objectweb-asm@9.1.0-1.redhat_00002.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-infinispan-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-infinispan-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-infinispan-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-infinispan@11.0.15-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-infinispan-cachestore-jdbc-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-infinispan-cachestore-jdbc-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-infinispan-cachestore-jdbc-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-infinispan-cachestore-jdbc@11.0.15-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-infinispan-cachestore-remote-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-infinispan-cachestore-remote-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-infinispan-cachestore-remote-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-infinispan-cachestore-remote@11.0.15-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-infinispan-client-hotrod-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-infinispan-client-hotrod-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-infinispan-client-hotrod-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-infinispan-client-hotrod@11.0.15-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-infinispan-commons-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-infinispan-commons-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-infinispan-commons-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-infinispan-commons@11.0.15-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-infinispan-component-annotations-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-infinispan-component-annotations-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-infinispan-component-annotations-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-infinispan-component-annotations@11.0.15-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-infinispan-core-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-infinispan-core-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-infinispan-core-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-infinispan-core@11.0.15-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-infinispan-hibernate-cache-commons-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-infinispan-hibernate-cache-commons-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-infinispan-hibernate-cache-commons-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-infinispan-hibernate-cache-commons@11.0.15-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-infinispan-hibernate-cache-spi-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-infinispan-hibernate-cache-spi-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-infinispan-hibernate-cache-spi-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-infinispan-hibernate-cache-spi@11.0.15-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-infinispan-hibernate-cache-v53-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-infinispan-hibernate-cache-v53-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-infinispan-hibernate-cache-v53-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-infinispan-hibernate-cache-v53@11.0.15-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-log4j-0:2.17.1-1.redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-log4j-0:2.17.1-1.redhat_00001.1.el8eap.noarch",
"product_id": "eap7-log4j-0:2.17.1-1.redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-log4j@2.17.1-1.redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-vfs-0:3.2.16-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-jboss-vfs-0:3.2.16-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-jboss-vfs-0:3.2.16-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-vfs@3.2.16-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-yasson-0:1.0.10-1.redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-yasson-0:1.0.10-1.redhat_00001.1.el8eap.noarch",
"product_id": "eap7-yasson-0:1.0.10-1.redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-yasson@1.0.10-1.redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ecj-1:3.26.0-1.redhat_00002.1.el8eap.noarch",
"product": {
"name": "eap7-ecj-1:3.26.0-1.redhat_00002.1.el8eap.noarch",
"product_id": "eap7-ecj-1:3.26.0-1.redhat_00002.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ecj@3.26.0-1.redhat_00002.1.el8eap?arch=noarch\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "eap7-jbossws-cxf-0:5.4.4-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-jbossws-cxf-0:5.4.4-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-jbossws-cxf-0:5.4.4-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jbossws-cxf@5.4.4-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-openssl-0:2.2.0-3.Final_redhat_00002.1.el8eap.noarch",
"product": {
"name": "eap7-wildfly-openssl-0:2.2.0-3.Final_redhat_00002.1.el8eap.noarch",
"product_id": "eap7-wildfly-openssl-0:2.2.0-3.Final_redhat_00002.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-openssl@2.2.0-3.Final_redhat_00002.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-openssl-java-0:2.2.0-3.Final_redhat_00002.1.el8eap.noarch",
"product": {
"name": "eap7-wildfly-openssl-java-0:2.2.0-3.Final_redhat_00002.1.el8eap.noarch",
"product_id": "eap7-wildfly-openssl-java-0:2.2.0-3.Final_redhat_00002.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-openssl-java@2.2.0-3.Final_redhat_00002.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-0:1.10.0-15.Final_redhat_00014.1.el8eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-0:1.10.0-15.Final_redhat_00014.1.el8eap.noarch",
"product_id": "eap7-jboss-server-migration-0:1.10.0-15.Final_redhat_00014.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration@1.10.0-15.Final_redhat_00014.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-cli-0:1.10.0-15.Final_redhat_00014.1.el8eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-cli-0:1.10.0-15.Final_redhat_00014.1.el8eap.noarch",
"product_id": "eap7-jboss-server-migration-cli-0:1.10.0-15.Final_redhat_00014.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-cli@1.10.0-15.Final_redhat_00014.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-core-0:1.10.0-15.Final_redhat_00014.1.el8eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-core-0:1.10.0-15.Final_redhat_00014.1.el8eap.noarch",
"product_id": "eap7-jboss-server-migration-core-0:1.10.0-15.Final_redhat_00014.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-core@1.10.0-15.Final_redhat_00014.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-0:7.4.4-3.GA_redhat_00011.1.el8eap.noarch",
"product": {
"name": "eap7-wildfly-0:7.4.4-3.GA_redhat_00011.1.el8eap.noarch",
"product_id": "eap7-wildfly-0:7.4.4-3.GA_redhat_00011.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly@7.4.4-3.GA_redhat_00011.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-javadocs-0:7.4.4-3.GA_redhat_00011.1.el8eap.noarch",
"product": {
"name": "eap7-wildfly-javadocs-0:7.4.4-3.GA_redhat_00011.1.el8eap.noarch",
"product_id": "eap7-wildfly-javadocs-0:7.4.4-3.GA_redhat_00011.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-javadocs@7.4.4-3.GA_redhat_00011.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-modules-0:7.4.4-3.GA_redhat_00011.1.el8eap.noarch",
"product": {
"name": "eap7-wildfly-modules-0:7.4.4-3.GA_redhat_00011.1.el8eap.noarch",
"product_id": "eap7-wildfly-modules-0:7.4.4-3.GA_redhat_00011.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-modules@7.4.4-3.GA_redhat_00011.1.el8eap?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "eap7-wildfly-openssl-el8-x86_64-0:2.2.0-2.Final_redhat_00002.1.el8eap.x86_64",
"product": {
"name": "eap7-wildfly-openssl-el8-x86_64-0:2.2.0-2.Final_redhat_00002.1.el8eap.x86_64",
"product_id": "eap7-wildfly-openssl-el8-x86_64-0:2.2.0-2.Final_redhat_00002.1.el8eap.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-openssl-el8-x86_64@2.2.0-2.Final_redhat_00002.1.el8eap?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-openssl-el8-x86_64-debuginfo-0:2.2.0-2.Final_redhat_00002.1.el8eap.x86_64",
"product": {
"name": "eap7-wildfly-openssl-el8-x86_64-debuginfo-0:2.2.0-2.Final_redhat_00002.1.el8eap.x86_64",
"product_id": "eap7-wildfly-openssl-el8-x86_64-debuginfo-0:2.2.0-2.Final_redhat_00002.1.el8eap.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-openssl-el8-x86_64-debuginfo@2.2.0-2.Final_redhat_00002.1.el8eap?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-0:2.16.0-7.redhat_00034.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-7.redhat_00034.1.el8eap.noarch"
},
"product_reference": "eap7-activemq-artemis-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-0:2.16.0-7.redhat_00034.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-7.redhat_00034.1.el8eap.src"
},
"product_reference": "eap7-activemq-artemis-0:2.16.0-7.redhat_00034.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-cli-0:2.16.0-7.redhat_00034.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-7.redhat_00034.1.el8eap.noarch"
},
"product_reference": "eap7-activemq-artemis-cli-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-commons-0:2.16.0-7.redhat_00034.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-7.redhat_00034.1.el8eap.noarch"
},
"product_reference": "eap7-activemq-artemis-commons-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-core-client-0:2.16.0-7.redhat_00034.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-7.redhat_00034.1.el8eap.noarch"
},
"product_reference": "eap7-activemq-artemis-core-client-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-dto-0:2.16.0-7.redhat_00034.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-7.redhat_00034.1.el8eap.noarch"
},
"product_reference": "eap7-activemq-artemis-dto-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-hornetq-protocol-0:2.16.0-7.redhat_00034.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-7.redhat_00034.1.el8eap.noarch"
},
"product_reference": "eap7-activemq-artemis-hornetq-protocol-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-hqclient-protocol-0:2.16.0-7.redhat_00034.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-7.redhat_00034.1.el8eap.noarch"
},
"product_reference": "eap7-activemq-artemis-hqclient-protocol-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-jdbc-store-0:2.16.0-7.redhat_00034.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-7.redhat_00034.1.el8eap.noarch"
},
"product_reference": "eap7-activemq-artemis-jdbc-store-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-jms-client-0:2.16.0-7.redhat_00034.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-7.redhat_00034.1.el8eap.noarch"
},
"product_reference": "eap7-activemq-artemis-jms-client-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-jms-server-0:2.16.0-7.redhat_00034.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-7.redhat_00034.1.el8eap.noarch"
},
"product_reference": "eap7-activemq-artemis-jms-server-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-journal-0:2.16.0-7.redhat_00034.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-7.redhat_00034.1.el8eap.noarch"
},
"product_reference": "eap7-activemq-artemis-journal-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-ra-0:2.16.0-7.redhat_00034.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-7.redhat_00034.1.el8eap.noarch"
},
"product_reference": "eap7-activemq-artemis-ra-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-selector-0:2.16.0-7.redhat_00034.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-7.redhat_00034.1.el8eap.noarch"
},
"product_reference": "eap7-activemq-artemis-selector-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-server-0:2.16.0-7.redhat_00034.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-7.redhat_00034.1.el8eap.noarch"
},
"product_reference": "eap7-activemq-artemis-server-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-service-extensions-0:2.16.0-7.redhat_00034.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-7.redhat_00034.1.el8eap.noarch"
},
"product_reference": "eap7-activemq-artemis-service-extensions-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-tools-0:2.16.0-7.redhat_00034.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-7.redhat_00034.1.el8eap.noarch"
},
"product_reference": "eap7-activemq-artemis-tools-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ecj-1:3.26.0-1.redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-ecj-1:3.26.0-1.redhat_00002.1.el8eap.noarch"
},
"product_reference": "eap7-ecj-1:3.26.0-1.redhat_00002.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ecj-1:3.26.0-1.redhat_00002.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-ecj-1:3.26.0-1.redhat_00002.1.el8eap.src"
},
"product_reference": "eap7-ecj-1:3.26.0-1.redhat_00002.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hal-console-0:3.3.9-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-hal-console-0:3.3.9-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-hal-console-0:3.3.9-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hal-console-0:3.3.9-1.Final_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-hal-console-0:3.3.9-1.Final_redhat_00001.1.el8eap.src"
},
"product_reference": "eap7-hal-console-0:3.3.9-1.Final_redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-0:5.3.25-1.Final_redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-hibernate-0:5.3.25-1.Final_redhat_00002.1.el8eap.noarch"
},
"product_reference": "eap7-hibernate-0:5.3.25-1.Final_redhat_00002.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-0:5.3.25-1.Final_redhat_00002.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-hibernate-0:5.3.25-1.Final_redhat_00002.1.el8eap.src"
},
"product_reference": "eap7-hibernate-0:5.3.25-1.Final_redhat_00002.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-core-0:5.3.25-1.Final_redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.25-1.Final_redhat_00002.1.el8eap.noarch"
},
"product_reference": "eap7-hibernate-core-0:5.3.25-1.Final_redhat_00002.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-entitymanager-0:5.3.25-1.Final_redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.25-1.Final_redhat_00002.1.el8eap.noarch"
},
"product_reference": "eap7-hibernate-entitymanager-0:5.3.25-1.Final_redhat_00002.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-envers-0:5.3.25-1.Final_redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.25-1.Final_redhat_00002.1.el8eap.noarch"
},
"product_reference": "eap7-hibernate-envers-0:5.3.25-1.Final_redhat_00002.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-java8-0:5.3.25-1.Final_redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-hibernate-java8-0:5.3.25-1.Final_redhat_00002.1.el8eap.noarch"
},
"product_reference": "eap7-hibernate-java8-0:5.3.25-1.Final_redhat_00002.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-infinispan-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-infinispan-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-infinispan-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-infinispan-0:11.0.15-1.Final_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-infinispan-0:11.0.15-1.Final_redhat_00001.1.el8eap.src"
},
"product_reference": "eap7-infinispan-0:11.0.15-1.Final_redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-infinispan-cachestore-jdbc-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-infinispan-cachestore-jdbc-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-infinispan-cachestore-remote-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-infinispan-cachestore-remote-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-infinispan-client-hotrod-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-infinispan-client-hotrod-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-infinispan-commons-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-infinispan-commons-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-infinispan-commons-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-infinispan-component-annotations-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-infinispan-component-annotations-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-infinispan-core-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-infinispan-core-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-infinispan-core-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-infinispan-hibernate-cache-commons-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-infinispan-hibernate-cache-commons-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-infinispan-hibernate-cache-spi-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-infinispan-hibernate-cache-spi-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-infinispan-hibernate-cache-v53-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-infinispan-hibernate-cache-v53-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-0:1.10.0-15.Final_redhat_00014.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-15.Final_redhat_00014.1.el8eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-0:1.10.0-15.Final_redhat_00014.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-0:1.10.0-15.Final_redhat_00014.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-15.Final_redhat_00014.1.el8eap.src"
},
"product_reference": "eap7-jboss-server-migration-0:1.10.0-15.Final_redhat_00014.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-cli-0:1.10.0-15.Final_redhat_00014.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-15.Final_redhat_00014.1.el8eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-cli-0:1.10.0-15.Final_redhat_00014.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-core-0:1.10.0-15.Final_redhat_00014.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-15.Final_redhat_00014.1.el8eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-core-0:1.10.0-15.Final_redhat_00014.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-vfs-0:3.2.16-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-jboss-vfs-0:3.2.16-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-jboss-vfs-0:3.2.16-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-vfs-0:3.2.16-1.Final_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-jboss-vfs-0:3.2.16-1.Final_redhat_00001.1.el8eap.src"
},
"product_reference": "eap7-jboss-vfs-0:3.2.16-1.Final_redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-xnio-base-0:3.8.6-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.6-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-jboss-xnio-base-0:3.8.6-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-xnio-base-0:3.8.6-1.Final_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.6-1.Final_redhat_00001.1.el8eap.src"
},
"product_reference": "eap7-jboss-xnio-base-0:3.8.6-1.Final_redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jbossws-cxf-0:5.4.4-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.4-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-jbossws-cxf-0:5.4.4-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jbossws-cxf-0:5.4.4-1.Final_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.4-1.Final_redhat_00001.1.el8eap.src"
},
"product_reference": "eap7-jbossws-cxf-0:5.4.4-1.Final_redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-log4j-0:2.17.1-1.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-log4j-0:2.17.1-1.redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-log4j-0:2.17.1-1.redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-log4j-0:2.17.1-1.redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-log4j-0:2.17.1-1.redhat_00001.1.el8eap.src"
},
"product_reference": "eap7-log4j-0:2.17.1-1.redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-narayana-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-narayana-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-narayana-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-narayana-0:5.11.4-1.Final_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-narayana-0:5.11.4-1.Final_redhat_00001.1.el8eap.src"
},
"product_reference": "eap7-narayana-0:5.11.4-1.Final_redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-narayana-compensations-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-narayana-compensations-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-narayana-compensations-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-narayana-jbosstxbridge-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-narayana-jbosstxbridge-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-narayana-jbosstxbridge-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-narayana-jbossxts-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-narayana-jbossxts-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-narayana-jbossxts-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-narayana-jts-idlj-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-narayana-jts-idlj-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-narayana-jts-idlj-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-narayana-jts-integration-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-narayana-jts-integration-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-narayana-jts-integration-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-narayana-restat-api-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-narayana-restat-api-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-narayana-restat-api-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-narayana-restat-bridge-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-narayana-restat-bridge-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-narayana-restat-bridge-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-narayana-restat-integration-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-narayana-restat-integration-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-narayana-restat-integration-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-narayana-restat-util-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-narayana-restat-util-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-narayana-restat-util-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-narayana-txframework-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-narayana-txframework-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-narayana-txframework-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-objectweb-asm-0:9.1.0-1.redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-objectweb-asm-0:9.1.0-1.redhat_00002.1.el8eap.noarch"
},
"product_reference": "eap7-objectweb-asm-0:9.1.0-1.redhat_00002.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-objectweb-asm-0:9.1.0-1.redhat_00002.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-objectweb-asm-0:9.1.0-1.redhat_00002.1.el8eap.src"
},
"product_reference": "eap7-objectweb-asm-0:9.1.0-1.redhat_00002.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-undertow-0:2.2.16-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-undertow-0:2.2.16-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-undertow-0:2.2.16-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-undertow-0:2.2.16-1.Final_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-undertow-0:2.2.16-1.Final_redhat_00001.1.el8eap.src"
},
"product_reference": "eap7-undertow-0:2.2.16-1.Final_redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-0:7.4.4-3.GA_redhat_00011.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.4-3.GA_redhat_00011.1.el8eap.noarch"
},
"product_reference": "eap7-wildfly-0:7.4.4-3.GA_redhat_00011.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-0:7.4.4-3.GA_redhat_00011.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.4-3.GA_redhat_00011.1.el8eap.src"
},
"product_reference": "eap7-wildfly-0:7.4.4-3.GA_redhat_00011.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-elytron-0:1.15.11-1.Final_redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.11-1.Final_redhat_00002.1.el8eap.noarch"
},
"product_reference": "eap7-wildfly-elytron-0:1.15.11-1.Final_redhat_00002.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-elytron-0:1.15.11-1.Final_redhat_00002.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.11-1.Final_redhat_00002.1.el8eap.src"
},
"product_reference": "eap7-wildfly-elytron-0:1.15.11-1.Final_redhat_00002.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-elytron-tool-0:1.15.11-1.Final_redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.11-1.Final_redhat_00002.1.el8eap.noarch"
},
"product_reference": "eap7-wildfly-elytron-tool-0:1.15.11-1.Final_redhat_00002.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-javadocs-0:7.4.4-3.GA_redhat_00011.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.4-3.GA_redhat_00011.1.el8eap.noarch"
},
"product_reference": "eap7-wildfly-javadocs-0:7.4.4-3.GA_redhat_00011.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-modules-0:7.4.4-3.GA_redhat_00011.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.4-3.GA_redhat_00011.1.el8eap.noarch"
},
"product_reference": "eap7-wildfly-modules-0:7.4.4-3.GA_redhat_00011.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-openssl-0:2.2.0-3.Final_redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-wildfly-openssl-0:2.2.0-3.Final_redhat_00002.1.el8eap.noarch"
},
"product_reference": "eap7-wildfly-openssl-0:2.2.0-3.Final_redhat_00002.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-openssl-0:2.2.0-3.Final_redhat_00002.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-wildfly-openssl-0:2.2.0-3.Final_redhat_00002.1.el8eap.src"
},
"product_reference": "eap7-wildfly-openssl-0:2.2.0-3.Final_redhat_00002.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-openssl-el8-x86_64-0:2.2.0-2.Final_redhat_00002.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-wildfly-openssl-el8-x86_64-0:2.2.0-2.Final_redhat_00002.1.el8eap.src"
},
"product_reference": "eap7-wildfly-openssl-el8-x86_64-0:2.2.0-2.Final_redhat_00002.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-openssl-el8-x86_64-0:2.2.0-2.Final_redhat_00002.1.el8eap.x86_64 as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-wildfly-openssl-el8-x86_64-0:2.2.0-2.Final_redhat_00002.1.el8eap.x86_64"
},
"product_reference": "eap7-wildfly-openssl-el8-x86_64-0:2.2.0-2.Final_redhat_00002.1.el8eap.x86_64",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-openssl-el8-x86_64-debuginfo-0:2.2.0-2.Final_redhat_00002.1.el8eap.x86_64 as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-wildfly-openssl-el8-x86_64-debuginfo-0:2.2.0-2.Final_redhat_00002.1.el8eap.x86_64"
},
"product_reference": "eap7-wildfly-openssl-el8-x86_64-debuginfo-0:2.2.0-2.Final_redhat_00002.1.el8eap.x86_64",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-openssl-java-0:2.2.0-3.Final_redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-wildfly-openssl-java-0:2.2.0-3.Final_redhat_00002.1.el8eap.noarch"
},
"product_reference": "eap7-wildfly-openssl-java-0:2.2.0-3.Final_redhat_00002.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-xom-0:1.3.7-1.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-xom-0:1.3.7-1.redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-xom-0:1.3.7-1.redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-xom-0:1.3.7-1.redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-xom-0:1.3.7-1.redhat_00001.1.el8eap.src"
},
"product_reference": "eap7-xom-0:1.3.7-1.redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-yasson-0:1.0.10-1.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-yasson-0:1.0.10-1.redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-yasson-0:1.0.10-1.redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-yasson-0:1.0.10-1.redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-yasson-0:1.0.10-1.redhat_00001.1.el8eap.src"
},
"product_reference": "eap7-yasson-0:1.0.10-1.redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.4"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-4104",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2021-12-13T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-7.redhat_00034.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ecj-1:3.26.0-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ecj-1:3.26.0-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.9-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.9-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-0:5.3.25-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-0:5.3.25-1.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.25-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.25-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.25-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-java8-0:5.3.25-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-0:11.0.15-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-commons-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-core-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-15.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-15.Final_redhat_00014.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-15.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-15.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-vfs-0:3.2.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-vfs-0:3.2.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.6-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.4-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-narayana-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-0:5.11.4-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-narayana-compensations-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-jbosstxbridge-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-jbossxts-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-jts-idlj-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-jts-integration-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-restat-api-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-restat-bridge-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-restat-integration-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-restat-util-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-txframework-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-objectweb-asm-0:9.1.0-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-objectweb-asm-0:9.1.0-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.4-3.GA_redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.4-3.GA_redhat_00011.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.11-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.11-1.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.11-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.4-3.GA_redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.4-3.GA_redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-openssl-0:2.2.0-3.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-openssl-0:2.2.0-3.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-openssl-el8-x86_64-0:2.2.0-2.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-openssl-el8-x86_64-0:2.2.0-2.Final_redhat_00002.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-wildfly-openssl-el8-x86_64-debuginfo-0:2.2.0-2.Final_redhat_00002.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-wildfly-openssl-java-0:2.2.0-3.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-xom-0:1.3.7-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-xom-0:1.3.7-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-yasson-0:1.0.10-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-yasson-0:1.0.10-1.redhat_00001.1.el8eap.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2031667"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Java logging library Apache Log4j in version 1.x. JMSAppender in Log4j 1.x is vulnerable to deserialization of untrusted data. This allows a remote attacker to execute code on the server if the deployed application is configured to use JMSAppender and to the attacker\u0027s JNDI LDAP endpoint.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "log4j: Remote code execution in Log4j 1.x when application is configured to use JMSAppender",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Based on the conditions to be exploitable (see details below), the risk is much lower than Log4j 2.x and Red Hat has assessed this to be Moderate severity. This flaw has been filed for Log4j 1.x, and the corresponding flaw information for Log4j 2.x is available at: https://access.redhat.com/security/cve/CVE-2021-44228\n\nNote this flaw ONLY affects applications which are specifically configured to use JMSAppender, which is not the default, or when the attacker has write access to the Log4j configuration for adding JMSAppender to the attacker\u0027s JNDI LDAP endpoint. \n\nIf the Log4j configuration is set TopicBindingName or TopicConnectionFactoryBindingName configurations allowing JMSAppender to perform JNDI requests that result in remote code execution in a similar fashion to CVE-2021-44228 Log4j 2.x, Log4j 1.x is vulnerable. However, the attack vector is reduced as it depends on having write access, which is not a standard configuration rather than untrusted user input. These are sufficient factors beyond the attacker\u0027s control.\n\nThe tomcat package shipped with Red Hat Enterprise Linux does not include log4j but it does include a default configuration for log4j, log4j.properties, which could be used with tomcat if users choose to install and configure the library. The JMSAppender is not enabled by default, and the permissions of the file can only be modified as root.\n\nRed Hat Virtualization ships log4j12-1.2.17, but it is used and configured in a way which makes this flaw not possible to exploit. Therefore impact is rated Low.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-JBEAP-7.4:eap7-log4j-0:2.17.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-log4j-0:2.17.1-1.redhat_00001.1.el8eap.src"
],
"known_not_affected": [
"8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-7.redhat_00034.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ecj-1:3.26.0-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ecj-1:3.26.0-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.9-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.9-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-0:5.3.25-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-0:5.3.25-1.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.25-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.25-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.25-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-java8-0:5.3.25-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-0:11.0.15-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-commons-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-core-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-15.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-15.Final_redhat_00014.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-15.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-15.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-vfs-0:3.2.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-vfs-0:3.2.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.6-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.4-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-narayana-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-0:5.11.4-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-narayana-compensations-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-jbosstxbridge-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-jbossxts-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-jts-idlj-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-jts-integration-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-restat-api-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-restat-bridge-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-restat-integration-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-restat-util-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-txframework-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-objectweb-asm-0:9.1.0-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-objectweb-asm-0:9.1.0-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.4-3.GA_redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.4-3.GA_redhat_00011.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.11-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.11-1.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.11-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.4-3.GA_redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.4-3.GA_redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-openssl-0:2.2.0-3.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-openssl-0:2.2.0-3.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-openssl-el8-x86_64-0:2.2.0-2.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-openssl-el8-x86_64-0:2.2.0-2.Final_redhat_00002.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-wildfly-openssl-el8-x86_64-debuginfo-0:2.2.0-2.Final_redhat_00002.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-wildfly-openssl-java-0:2.2.0-3.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-xom-0:1.3.7-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-xom-0:1.3.7-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-yasson-0:1.0.10-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-yasson-0:1.0.10-1.redhat_00001.1.el8eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-4104"
},
{
"category": "external",
"summary": "RHBZ#2031667",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2031667"
},
{
"category": "external",
"summary": "RHSB-2021-009",
"url": "https://access.redhat.com/security/vulnerabilities/RHSB-2021-009"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-4104",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-4104"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-4104",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-4104"
},
{
"category": "external",
"summary": "https://github.com/apache/logging-log4j2/pull/608#issuecomment-990494126",
"url": "https://github.com/apache/logging-log4j2/pull/608#issuecomment-990494126"
},
{
"category": "external",
"summary": "https://github.com/apache/logging-log4j2/pull/608#issuecomment-991723301",
"url": "https://github.com/apache/logging-log4j2/pull/608#issuecomment-991723301"
},
{
"category": "external",
"summary": "https://lists.apache.org/thread/0x4zvtq92yggdgvwfgsftqrj4xx5w0nx",
"url": "https://lists.apache.org/thread/0x4zvtq92yggdgvwfgsftqrj4xx5w0nx"
},
{
"category": "external",
"summary": "https://www.openwall.com/lists/oss-security/2021/12/13/1",
"url": "https://www.openwall.com/lists/oss-security/2021/12/13/1"
}
],
"release_date": "2021-12-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-04-11T13:00:18+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-JBEAP-7.4:eap7-log4j-0:2.17.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-log4j-0:2.17.1-1.redhat_00001.1.el8eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:1297"
},
{
"category": "workaround",
"details": "These are the possible mitigations for this flaw for releases version 1.x:\n\n- Comment out or remove JMSAppender in the Log4j configuration if it is used\n- Remove the JMSAppender class from the classpath. For example:\n```\nzip -q -d log4j-*.jar org/apache/log4j/net/JMSAppender.class\n```\n- Restrict access for the OS user on the platform running the application to prevent modifying the Log4j configuration by the attacker.",
"product_ids": [
"8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-7.redhat_00034.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ecj-1:3.26.0-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ecj-1:3.26.0-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.9-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.9-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-0:5.3.25-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-0:5.3.25-1.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.25-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.25-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.25-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-java8-0:5.3.25-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-0:11.0.15-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-commons-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-core-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-15.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-15.Final_redhat_00014.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-15.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-15.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-vfs-0:3.2.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-vfs-0:3.2.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.6-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.4-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-log4j-0:2.17.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-log4j-0:2.17.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-narayana-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-0:5.11.4-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-narayana-compensations-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-jbosstxbridge-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-jbossxts-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-jts-idlj-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-jts-integration-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-restat-api-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-restat-bridge-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-restat-integration-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-restat-util-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-txframework-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-objectweb-asm-0:9.1.0-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-objectweb-asm-0:9.1.0-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.4-3.GA_redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.4-3.GA_redhat_00011.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.11-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.11-1.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.11-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.4-3.GA_redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.4-3.GA_redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-openssl-0:2.2.0-3.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-openssl-0:2.2.0-3.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-openssl-el8-x86_64-0:2.2.0-2.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-openssl-el8-x86_64-0:2.2.0-2.Final_redhat_00002.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-wildfly-openssl-el8-x86_64-debuginfo-0:2.2.0-2.Final_redhat_00002.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-wildfly-openssl-java-0:2.2.0-3.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-xom-0:1.3.7-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-xom-0:1.3.7-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-yasson-0:1.0.10-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-yasson-0:1.0.10-1.redhat_00001.1.el8eap.src"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-JBEAP-7.4:eap7-log4j-0:2.17.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-log4j-0:2.17.1-1.redhat_00001.1.el8eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "log4j: Remote code execution in Log4j 1.x when application is configured to use JMSAppender"
},
{
"cve": "CVE-2021-44832",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2021-12-28T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-7.redhat_00034.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ecj-1:3.26.0-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ecj-1:3.26.0-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.9-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.9-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-0:5.3.25-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-0:5.3.25-1.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.25-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.25-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.25-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-java8-0:5.3.25-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-0:11.0.15-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-commons-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-core-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-15.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-15.Final_redhat_00014.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-15.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-15.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-vfs-0:3.2.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-vfs-0:3.2.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.6-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.4-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-narayana-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-0:5.11.4-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-narayana-compensations-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-jbosstxbridge-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-jbossxts-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-jts-idlj-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-jts-integration-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-restat-api-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-restat-bridge-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-restat-integration-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-restat-util-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-txframework-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-objectweb-asm-0:9.1.0-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-objectweb-asm-0:9.1.0-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.4-3.GA_redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.4-3.GA_redhat_00011.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.11-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.11-1.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.11-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.4-3.GA_redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.4-3.GA_redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-openssl-0:2.2.0-3.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-openssl-0:2.2.0-3.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-openssl-el8-x86_64-0:2.2.0-2.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-openssl-el8-x86_64-0:2.2.0-2.Final_redhat_00002.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-wildfly-openssl-el8-x86_64-debuginfo-0:2.2.0-2.Final_redhat_00002.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-wildfly-openssl-java-0:2.2.0-3.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-xom-0:1.3.7-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-xom-0:1.3.7-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-yasson-0:1.0.10-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-yasson-0:1.0.10-1.redhat_00001.1.el8eap.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2035951"
}
],
"notes": [
{
"category": "description",
"text": "Apache Log4j2 versions 2.0-beta7 through 2.17.0 (excluding security fix releases 2.3.2 and 2.12.4) are vulnerable to a remote code execution (RCE) attack where an attacker with permission to modify the logging configuration file can construct a malicious configuration using a JDBC Appender with a data source referencing a JNDI URI which can execute remote code. This issue is fixed by limiting JNDI data source names to the java protocol in Log4j2 versions 2.17.1, 2.12.4, and 2.3.2.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "log4j-core: remote code execution via JDBC Appender",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Log4j 1.x is not impacted by this vulnerability. Therefore versions of log4j shipped with Red Hat Enterprise Linux are NOT affected by this flaw.\n\nFor Elasticsearch, as shipped in OpenShift Container Platform and OpenShift Logging, access to the log4j2.properties configuration is limited only to the cluster administrators and exploitation requires cluster logging changes, what reduced the impact of this vulnerability significantly [0].\n\n[0] https://discuss.elastic.co/t/apache-log4j2-remote-code-execution-rce-vulnerability-cve-2021-44228-esa-2021-31/291476#update-jan-6-5",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-JBEAP-7.4:eap7-log4j-0:2.17.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-log4j-0:2.17.1-1.redhat_00001.1.el8eap.src"
],
"known_not_affected": [
"8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-7.redhat_00034.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ecj-1:3.26.0-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ecj-1:3.26.0-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.9-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.9-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-0:5.3.25-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-0:5.3.25-1.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.25-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.25-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.25-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-java8-0:5.3.25-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-0:11.0.15-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-commons-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-core-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-15.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-15.Final_redhat_00014.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-15.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-15.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-vfs-0:3.2.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-vfs-0:3.2.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.6-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.4-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-narayana-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-0:5.11.4-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-narayana-compensations-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-jbosstxbridge-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-jbossxts-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-jts-idlj-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-jts-integration-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-restat-api-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-restat-bridge-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-restat-integration-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-restat-util-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-txframework-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-objectweb-asm-0:9.1.0-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-objectweb-asm-0:9.1.0-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.4-3.GA_redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.4-3.GA_redhat_00011.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.11-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.11-1.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.11-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.4-3.GA_redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.4-3.GA_redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-openssl-0:2.2.0-3.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-openssl-0:2.2.0-3.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-openssl-el8-x86_64-0:2.2.0-2.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-openssl-el8-x86_64-0:2.2.0-2.Final_redhat_00002.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-wildfly-openssl-el8-x86_64-debuginfo-0:2.2.0-2.Final_redhat_00002.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-wildfly-openssl-java-0:2.2.0-3.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-xom-0:1.3.7-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-xom-0:1.3.7-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-yasson-0:1.0.10-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-yasson-0:1.0.10-1.redhat_00001.1.el8eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-44832"
},
{
"category": "external",
"summary": "RHBZ#2035951",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2035951"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-44832",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44832"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-44832",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-44832"
},
{
"category": "external",
"summary": "https://issues.apache.org/jira/browse/LOG4J2-3293",
"url": "https://issues.apache.org/jira/browse/LOG4J2-3293"
}
],
"release_date": "2021-12-28T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-04-11T13:00:18+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-JBEAP-7.4:eap7-log4j-0:2.17.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-log4j-0:2.17.1-1.redhat_00001.1.el8eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:1297"
},
{
"category": "workaround",
"details": "As per upstream:\n- In prior releases confirm that if the JDBC Appender is being used it is not configured to use any protocol other than Java.\n- Note that only the log4j-core JAR file is impacted by this vulnerability. Applications using only the log4j-api JAR file without the log4j-core JAR file are not impacted by this vulnerability.",
"product_ids": [
"8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-7.redhat_00034.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ecj-1:3.26.0-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ecj-1:3.26.0-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.9-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.9-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-0:5.3.25-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-0:5.3.25-1.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.25-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.25-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.25-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-java8-0:5.3.25-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-0:11.0.15-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-commons-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-core-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-15.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-15.Final_redhat_00014.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-15.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-15.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-vfs-0:3.2.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-vfs-0:3.2.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.6-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.4-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-log4j-0:2.17.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-log4j-0:2.17.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-narayana-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-0:5.11.4-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-narayana-compensations-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-jbosstxbridge-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-jbossxts-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-jts-idlj-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-jts-integration-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-restat-api-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-restat-bridge-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-restat-integration-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-restat-util-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-txframework-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-objectweb-asm-0:9.1.0-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-objectweb-asm-0:9.1.0-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.4-3.GA_redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.4-3.GA_redhat_00011.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.11-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.11-1.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.11-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.4-3.GA_redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.4-3.GA_redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-openssl-0:2.2.0-3.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-openssl-0:2.2.0-3.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-openssl-el8-x86_64-0:2.2.0-2.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-openssl-el8-x86_64-0:2.2.0-2.Final_redhat_00002.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-wildfly-openssl-el8-x86_64-debuginfo-0:2.2.0-2.Final_redhat_00002.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-wildfly-openssl-java-0:2.2.0-3.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-xom-0:1.3.7-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-xom-0:1.3.7-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-yasson-0:1.0.10-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-yasson-0:1.0.10-1.redhat_00001.1.el8eap.src"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-JBEAP-7.4:eap7-log4j-0:2.17.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-log4j-0:2.17.1-1.redhat_00001.1.el8eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "log4j-core: remote code execution via JDBC Appender"
},
{
"cve": "CVE-2021-45046",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2021-12-14T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-7.redhat_00034.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ecj-1:3.26.0-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ecj-1:3.26.0-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.9-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.9-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-0:5.3.25-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-0:5.3.25-1.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.25-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.25-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.25-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-java8-0:5.3.25-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-0:11.0.15-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-commons-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-core-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-15.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-15.Final_redhat_00014.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-15.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-15.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-vfs-0:3.2.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-vfs-0:3.2.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.6-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.4-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-narayana-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-0:5.11.4-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-narayana-compensations-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-jbosstxbridge-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-jbossxts-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-jts-idlj-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-jts-integration-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-restat-api-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-restat-bridge-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-restat-integration-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-restat-util-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-txframework-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-objectweb-asm-0:9.1.0-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-objectweb-asm-0:9.1.0-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.4-3.GA_redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.4-3.GA_redhat_00011.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.11-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.11-1.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.11-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.4-3.GA_redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.4-3.GA_redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-openssl-0:2.2.0-3.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-openssl-0:2.2.0-3.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-openssl-el8-x86_64-0:2.2.0-2.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-openssl-el8-x86_64-0:2.2.0-2.Final_redhat_00002.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-wildfly-openssl-el8-x86_64-debuginfo-0:2.2.0-2.Final_redhat_00002.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-wildfly-openssl-java-0:2.2.0-3.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-xom-0:1.3.7-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-xom-0:1.3.7-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-yasson-0:1.0.10-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-yasson-0:1.0.10-1.redhat_00001.1.el8eap.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2032580"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Apache Log4j logging library in versions from 2.0.0 and before 2.16.0. A remote attacker with control over Thread Context Map (MDC) input data could craft malicious input using a JNDI Lookup pattern resulting in remote code execution (RCE) in a limited number of environments.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "log4j-core: DoS in log4j 2.x with thread context message pattern and context lookup pattern (incomplete fix for CVE-2021-44228)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Although we have matched Apache\u0027s CVSS score, with the exception of the scope metric which will remain unaltered at \"unchanged\"; as we believe code execution would be at the permission levels of the running JVM and not exceeding that of the original CVE-2021-44228 flaw.\n \nWe have given this vulnerability an impact rating of Moderate, this is because of the unlikely nature of log4j lookup mapping values being derived from attacker controlled values. This is not the default configuration for end-applications using log4j 2.x and would require explicit action from a privileged user (a developer or administrator) to access the vulnerability. \nIn certain non-default configurations, it was found that the fix to address CVE-2021-44228 in Apache Log4j 2.15.0 was insufficient.\n\nThis issue affects the log4j version between 2.0 and 2.15. Log4j 1.x is NOT impacted by this vulnerability. \n\nPrerequisites to exploit this flaw are :\n\n- A remotely accessible endpoint with any protocol (HTTP, TCP, etc) that allows an attacker to send arbitrary data,\n- A log statement in the endpoint that logs the attacker controlled data.\n- Log4j configuration file should be explicitly configured to use a non-default Pattern Layout with a Context Lookup eg. ($${ctx:loginId}) \n\nIn most cases, the mitigation suggested for CVE-2021-44228 (i.e. to set the system property `log4j2.noFormatMsgLookup` to `true) does NOT mitigate this specific vulnerability. \nLog4j 2.16.0 fixes this issue by removing support for message lookup patterns and disabling JNDI functionality by default.\n\nFor Elasticsearch, as shipped in OpenShift 3.11, the \"log4j2.formatMsgNoLookups=true\" system property mitigation is sufficient as there are no included non-standard configurations that allow for exploitation:\n\nhttps://github.com/openshift/openshift-ansible/blob/release-3.11/roles/openshift_logging_elasticsearch/templates/log4j2.properties.j2\n\nhttps://discuss.elastic.co/t/apache-log4j2-remote-code-execution-rce-vulnerability-cve-2021-44228-esa-2021-31/291476\n\nFor CodeReady Studio the fix for this flaw is available on CodeReady Studio 12.21.3 and above versions.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-JBEAP-7.4:eap7-log4j-0:2.17.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-log4j-0:2.17.1-1.redhat_00001.1.el8eap.src"
],
"known_not_affected": [
"8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-7.redhat_00034.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ecj-1:3.26.0-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ecj-1:3.26.0-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.9-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.9-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-0:5.3.25-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-0:5.3.25-1.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.25-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.25-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.25-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-java8-0:5.3.25-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-0:11.0.15-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-commons-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-core-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-15.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-15.Final_redhat_00014.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-15.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-15.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-vfs-0:3.2.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-vfs-0:3.2.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.6-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.4-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-narayana-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-0:5.11.4-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-narayana-compensations-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-jbosstxbridge-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-jbossxts-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-jts-idlj-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-jts-integration-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-restat-api-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-restat-bridge-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-restat-integration-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-restat-util-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-txframework-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-objectweb-asm-0:9.1.0-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-objectweb-asm-0:9.1.0-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.4-3.GA_redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.4-3.GA_redhat_00011.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.11-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.11-1.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.11-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.4-3.GA_redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.4-3.GA_redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-openssl-0:2.2.0-3.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-openssl-0:2.2.0-3.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-openssl-el8-x86_64-0:2.2.0-2.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-openssl-el8-x86_64-0:2.2.0-2.Final_redhat_00002.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-wildfly-openssl-el8-x86_64-debuginfo-0:2.2.0-2.Final_redhat_00002.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-wildfly-openssl-java-0:2.2.0-3.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-xom-0:1.3.7-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-xom-0:1.3.7-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-yasson-0:1.0.10-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-yasson-0:1.0.10-1.redhat_00001.1.el8eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-45046"
},
{
"category": "external",
"summary": "RHBZ#2032580",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2032580"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-45046",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-45046"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-45046",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-45046"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2021-44228",
"url": "https://access.redhat.com/security/cve/CVE-2021-44228"
},
{
"category": "external",
"summary": "https://logging.apache.org/log4j/2.x/security.html",
"url": "https://logging.apache.org/log4j/2.x/security.html"
},
{
"category": "external",
"summary": "https://www.openwall.com/lists/oss-security/2021/12/14/4",
"url": "https://www.openwall.com/lists/oss-security/2021/12/14/4"
},
{
"category": "external",
"summary": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog",
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
}
],
"release_date": "2021-12-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-04-11T13:00:18+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-JBEAP-7.4:eap7-log4j-0:2.17.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-log4j-0:2.17.1-1.redhat_00001.1.el8eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:1297"
},
{
"category": "workaround",
"details": "For Log4j versions up to and including 2.15.0, this issue can be mitigated by removing the JndiLookup class from the classpath (example: zip -q -d log4j-core-*.jar org/apache/logging/log4j/core/lookup/JndiLookup.class).",
"product_ids": [
"8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-7.redhat_00034.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ecj-1:3.26.0-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ecj-1:3.26.0-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.9-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.9-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-0:5.3.25-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-0:5.3.25-1.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.25-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.25-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.25-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-java8-0:5.3.25-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-0:11.0.15-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-commons-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-core-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-15.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-15.Final_redhat_00014.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-15.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-15.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-vfs-0:3.2.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-vfs-0:3.2.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.6-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.4-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-log4j-0:2.17.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-log4j-0:2.17.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-narayana-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-0:5.11.4-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-narayana-compensations-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-jbosstxbridge-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-jbossxts-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-jts-idlj-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-jts-integration-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-restat-api-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-restat-bridge-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-restat-integration-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-restat-util-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-txframework-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-objectweb-asm-0:9.1.0-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-objectweb-asm-0:9.1.0-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.4-3.GA_redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.4-3.GA_redhat_00011.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.11-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.11-1.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.11-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.4-3.GA_redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.4-3.GA_redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-openssl-0:2.2.0-3.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-openssl-0:2.2.0-3.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-openssl-el8-x86_64-0:2.2.0-2.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-openssl-el8-x86_64-0:2.2.0-2.Final_redhat_00002.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-wildfly-openssl-el8-x86_64-debuginfo-0:2.2.0-2.Final_redhat_00002.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-wildfly-openssl-java-0:2.2.0-3.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-xom-0:1.3.7-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-xom-0:1.3.7-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-yasson-0:1.0.10-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-yasson-0:1.0.10-1.redhat_00001.1.el8eap.src"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-JBEAP-7.4:eap7-log4j-0:2.17.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-log4j-0:2.17.1-1.redhat_00001.1.el8eap.src"
]
}
],
"threats": [
{
"category": "exploit_status",
"date": "2023-05-01T00:00:00+00:00",
"details": "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
},
{
"category": "impact",
"details": "Low"
}
],
"title": "log4j-core: DoS in log4j 2.x with thread context message pattern and context lookup pattern (incomplete fix for CVE-2021-44228)"
},
{
"cve": "CVE-2021-45105",
"cwe": {
"id": "CWE-674",
"name": "Uncontrolled Recursion"
},
"discovery_date": "2021-12-19T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-7.redhat_00034.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ecj-1:3.26.0-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ecj-1:3.26.0-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.9-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.9-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-0:5.3.25-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-0:5.3.25-1.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.25-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.25-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.25-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-java8-0:5.3.25-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-0:11.0.15-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-commons-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-core-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-15.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-15.Final_redhat_00014.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-15.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-15.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-vfs-0:3.2.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-vfs-0:3.2.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.6-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.4-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-narayana-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-0:5.11.4-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-narayana-compensations-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-jbosstxbridge-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-jbossxts-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-jts-idlj-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-jts-integration-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-restat-api-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-restat-bridge-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-restat-integration-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-restat-util-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-txframework-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-objectweb-asm-0:9.1.0-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-objectweb-asm-0:9.1.0-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.4-3.GA_redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.4-3.GA_redhat_00011.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.11-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.11-1.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.11-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.4-3.GA_redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.4-3.GA_redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-openssl-0:2.2.0-3.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-openssl-0:2.2.0-3.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-openssl-el8-x86_64-0:2.2.0-2.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-openssl-el8-x86_64-0:2.2.0-2.Final_redhat_00002.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-wildfly-openssl-el8-x86_64-debuginfo-0:2.2.0-2.Final_redhat_00002.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-wildfly-openssl-java-0:2.2.0-3.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-xom-0:1.3.7-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-xom-0:1.3.7-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-yasson-0:1.0.10-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-yasson-0:1.0.10-1.redhat_00001.1.el8eap.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2034067"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Apache Log4j logging library 2.x. when the logging configuration uses a non-default Pattern Layout with a Context Lookup. Attackers with control over Thread Context Map (MDC) input data can craft malicious input data that contains a recursive lookup and can cause Denial of Service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "log4j-core: DoS in log4j 2.x with Thread Context Map (MDC) input data contains a recursive lookup and context lookup pattern",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Product Security has performed an analysis of this flaw and has classified the Attack Complexity(AC) as High because there are multiple factors involved which are beyond attacker\u0027s control:\n\n- The application has to use the logging configuration using a Context Map Lookup (for example, $${ctx:loginId}) which is a non-default Pattern Layout.\n- The application developer has to use the map org.apache.logging.log4j.ThreadContext in the application code and save at-least one key (for example, ThreadContext.put(\"loginId\", \"myId\");) in the ThreadContext map object.\n- Attackers must also know this saved key name in order to exploit this flaw.\n\nNote that saving keys in this map is a non-essential usage of log4j and just an optional feature provided. Refer to https://logging.apache.org/log4j/2.x/manual/lookups.html#ContextMapLookup to know more about the Context Map Lookup feature of Log4j.\n\nLog4j 1.x is not impacted by this vulnerability. Note that only the log4j-core JAR file is impacted by this vulnerability. Applications using ONLY the log4j-api JAR file without the log4j-core JAR file are NOT impacted by this vulnerability.\n\n\nDespite including a vulnerable version of Log4j 2.x, this vulnerability is not exploitable in Elasticsearch[0], as shipped in OpenShift Container Platform and OpenShift Logging. OpenShift 3.11 specifically does not contain any context lookups:\n\nhttps://github.com/openshift/openshift-ansible/blob/release-3.11/roles/openshift_logging_elasticsearch/templates/log4j2.properties.j2\n\nThis vulnerability is therefore rated Low for Elasticsearch in OpenShift Container Platform and OpenShift Logging.\n\n[0] https://discuss.elastic.co/t/apache-log4j2-remote-code-execution-rce-vulnerability-cve-2021-44228-esa-2021-31/291476#update-december-18-4",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-JBEAP-7.4:eap7-log4j-0:2.17.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-log4j-0:2.17.1-1.redhat_00001.1.el8eap.src"
],
"known_not_affected": [
"8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-7.redhat_00034.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ecj-1:3.26.0-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ecj-1:3.26.0-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.9-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.9-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-0:5.3.25-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-0:5.3.25-1.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.25-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.25-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.25-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-java8-0:5.3.25-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-0:11.0.15-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-commons-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-core-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-15.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-15.Final_redhat_00014.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-15.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-15.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-vfs-0:3.2.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-vfs-0:3.2.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.6-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.4-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-narayana-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-0:5.11.4-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-narayana-compensations-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-jbosstxbridge-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-jbossxts-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-jts-idlj-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-jts-integration-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-restat-api-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-restat-bridge-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-restat-integration-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-restat-util-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-txframework-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-objectweb-asm-0:9.1.0-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-objectweb-asm-0:9.1.0-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.4-3.GA_redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.4-3.GA_redhat_00011.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.11-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.11-1.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.11-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.4-3.GA_redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.4-3.GA_redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-openssl-0:2.2.0-3.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-openssl-0:2.2.0-3.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-openssl-el8-x86_64-0:2.2.0-2.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-openssl-el8-x86_64-0:2.2.0-2.Final_redhat_00002.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-wildfly-openssl-el8-x86_64-debuginfo-0:2.2.0-2.Final_redhat_00002.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-wildfly-openssl-java-0:2.2.0-3.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-xom-0:1.3.7-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-xom-0:1.3.7-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-yasson-0:1.0.10-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-yasson-0:1.0.10-1.redhat_00001.1.el8eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-45105"
},
{
"category": "external",
"summary": "RHBZ#2034067",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2034067"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-45105",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-45105"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-45105",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-45105"
},
{
"category": "external",
"summary": "https://issues.apache.org/jira/browse/LOG4J2-3230",
"url": "https://issues.apache.org/jira/browse/LOG4J2-3230"
},
{
"category": "external",
"summary": "https://logging.apache.org/log4j/2.x/security.html",
"url": "https://logging.apache.org/log4j/2.x/security.html"
},
{
"category": "external",
"summary": "https://www.openwall.com/lists/oss-security/2021/12/19/1",
"url": "https://www.openwall.com/lists/oss-security/2021/12/19/1"
}
],
"release_date": "2021-12-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-04-11T13:00:18+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-JBEAP-7.4:eap7-log4j-0:2.17.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-log4j-0:2.17.1-1.redhat_00001.1.el8eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:1297"
},
{
"category": "workaround",
"details": "For Log4j 2 versions up to and including 2.16.0, this flaw can be mitigated by:\n- In PatternLayout in the Log4j logging configuration, replace Context Lookups like ${ctx:loginId} or $${ctx:loginId} with Thread Context Map patterns (%X, %mdc, or %MDC) like %X{loginId}.\n- Otherwise, in the Log4j logging configuration, remove references to Context Lookups like ${ctx:loginId} or $${ctx:loginId} where they originate from sources external to the application such as HTTP headers or user input.",
"product_ids": [
"8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-7.redhat_00034.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ecj-1:3.26.0-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ecj-1:3.26.0-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.9-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.9-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-0:5.3.25-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-0:5.3.25-1.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.25-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.25-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.25-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-java8-0:5.3.25-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-0:11.0.15-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-commons-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-core-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-15.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-15.Final_redhat_00014.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-15.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-15.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-vfs-0:3.2.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-vfs-0:3.2.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.6-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.4-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-log4j-0:2.17.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-log4j-0:2.17.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-narayana-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-0:5.11.4-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-narayana-compensations-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-jbosstxbridge-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-jbossxts-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-jts-idlj-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-jts-integration-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-restat-api-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-restat-bridge-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-restat-integration-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-restat-util-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-txframework-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-objectweb-asm-0:9.1.0-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-objectweb-asm-0:9.1.0-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.4-3.GA_redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.4-3.GA_redhat_00011.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.11-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.11-1.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.11-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.4-3.GA_redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.4-3.GA_redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-openssl-0:2.2.0-3.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-openssl-0:2.2.0-3.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-openssl-el8-x86_64-0:2.2.0-2.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-openssl-el8-x86_64-0:2.2.0-2.Final_redhat_00002.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-wildfly-openssl-el8-x86_64-debuginfo-0:2.2.0-2.Final_redhat_00002.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-wildfly-openssl-java-0:2.2.0-3.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-xom-0:1.3.7-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-xom-0:1.3.7-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-yasson-0:1.0.10-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-yasson-0:1.0.10-1.redhat_00001.1.el8eap.src"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-JBEAP-7.4:eap7-log4j-0:2.17.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-log4j-0:2.17.1-1.redhat_00001.1.el8eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "log4j-core: DoS in log4j 2.x with Thread Context Map (MDC) input data contains a recursive lookup and context lookup pattern"
},
{
"cve": "CVE-2022-23302",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2022-01-18T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-7.redhat_00034.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ecj-1:3.26.0-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ecj-1:3.26.0-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.9-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.9-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-0:5.3.25-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-0:5.3.25-1.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.25-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.25-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.25-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-java8-0:5.3.25-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-0:11.0.15-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-commons-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-core-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-15.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-15.Final_redhat_00014.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-15.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-15.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-vfs-0:3.2.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-vfs-0:3.2.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.6-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.4-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-narayana-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-0:5.11.4-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-narayana-compensations-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-jbosstxbridge-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-jbossxts-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-jts-idlj-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-jts-integration-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-restat-api-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-restat-bridge-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-restat-integration-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-restat-util-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-txframework-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-objectweb-asm-0:9.1.0-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-objectweb-asm-0:9.1.0-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.4-3.GA_redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.4-3.GA_redhat_00011.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.11-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.11-1.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.11-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.4-3.GA_redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.4-3.GA_redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-openssl-0:2.2.0-3.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-openssl-0:2.2.0-3.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-openssl-el8-x86_64-0:2.2.0-2.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-openssl-el8-x86_64-0:2.2.0-2.Final_redhat_00002.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-wildfly-openssl-el8-x86_64-debuginfo-0:2.2.0-2.Final_redhat_00002.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-wildfly-openssl-java-0:2.2.0-3.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-xom-0:1.3.7-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-xom-0:1.3.7-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-yasson-0:1.0.10-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-yasson-0:1.0.10-1.redhat_00001.1.el8eap.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2041949"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Java logging library Apache Log4j in version 1.x. JMSSink in Log4j 1.x is vulnerable to deserialization of untrusted data. This allows a remote attacker to execute code on the server if JMSSink is deployed and has been configured to perform JNDI requests.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "log4j: Remote code execution in Log4j 1.x when application is configured to use JMSSink",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Note this flaw ONLY affects applications which are specifically configured to use JMSSink, which is not the default, or when the attacker has write access to the Log4j configuration for adding JMSSink to the attacker\u0027s JNDI LDAP endpoint.\n\nRed Hat Satellite bundles log4j-over-slf4j with Candlepin, however, product is not affected as it uses logback framework for logging.\n\nRed Hat Virtualization and OpenShift Container Platform in the OCP Metering stack (the Hive/Presto/Hadoop components) ship a vulnerable version of the log4j package, however JMSSink is not used. Therefore the impact of this vulnerability for these products is rated Low.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-JBEAP-7.4:eap7-log4j-0:2.17.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-log4j-0:2.17.1-1.redhat_00001.1.el8eap.src"
],
"known_not_affected": [
"8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-7.redhat_00034.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ecj-1:3.26.0-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ecj-1:3.26.0-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.9-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.9-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-0:5.3.25-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-0:5.3.25-1.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.25-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.25-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.25-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-java8-0:5.3.25-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-0:11.0.15-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-commons-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-core-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-15.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-15.Final_redhat_00014.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-15.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-15.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-vfs-0:3.2.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-vfs-0:3.2.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.6-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.4-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-narayana-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-0:5.11.4-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-narayana-compensations-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-jbosstxbridge-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-jbossxts-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-jts-idlj-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-jts-integration-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-restat-api-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-restat-bridge-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-restat-integration-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-restat-util-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-txframework-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-objectweb-asm-0:9.1.0-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-objectweb-asm-0:9.1.0-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.4-3.GA_redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.4-3.GA_redhat_00011.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.11-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.11-1.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.11-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.4-3.GA_redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.4-3.GA_redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-openssl-0:2.2.0-3.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-openssl-0:2.2.0-3.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-openssl-el8-x86_64-0:2.2.0-2.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-openssl-el8-x86_64-0:2.2.0-2.Final_redhat_00002.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-wildfly-openssl-el8-x86_64-debuginfo-0:2.2.0-2.Final_redhat_00002.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-wildfly-openssl-java-0:2.2.0-3.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-xom-0:1.3.7-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-xom-0:1.3.7-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-yasson-0:1.0.10-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-yasson-0:1.0.10-1.redhat_00001.1.el8eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-23302"
},
{
"category": "external",
"summary": "RHBZ#2041949",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2041949"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-23302",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23302"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-23302",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-23302"
},
{
"category": "external",
"summary": "https://www.openwall.com/lists/oss-security/2022/01/18/3",
"url": "https://www.openwall.com/lists/oss-security/2022/01/18/3"
}
],
"release_date": "2022-01-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-04-11T13:00:18+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-JBEAP-7.4:eap7-log4j-0:2.17.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-log4j-0:2.17.1-1.redhat_00001.1.el8eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:1297"
},
{
"category": "workaround",
"details": "These are the possible mitigations for this flaw for releases version 1.x:\n\n- Comment out or remove JMSSink in the Log4j configuration if it is used\n- Remove the JMSSink class from the server\u0027s jar files. For example:\n```\nzip -q -d log4j-*.jar org/apache/log4j/net/JMSSink.class\n```\n- Restrict access for the OS user on the platform running the application to prevent modifying the Log4j configuration by the attacker.",
"product_ids": [
"8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-7.redhat_00034.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ecj-1:3.26.0-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ecj-1:3.26.0-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.9-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.9-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-0:5.3.25-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-0:5.3.25-1.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.25-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.25-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.25-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-java8-0:5.3.25-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-0:11.0.15-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-commons-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-core-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-15.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-15.Final_redhat_00014.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-15.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-15.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-vfs-0:3.2.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-vfs-0:3.2.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.6-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.4-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-log4j-0:2.17.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-log4j-0:2.17.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-narayana-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-0:5.11.4-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-narayana-compensations-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-jbosstxbridge-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-jbossxts-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-jts-idlj-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-jts-integration-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-restat-api-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-restat-bridge-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-restat-integration-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-restat-util-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-txframework-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-objectweb-asm-0:9.1.0-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-objectweb-asm-0:9.1.0-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.4-3.GA_redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.4-3.GA_redhat_00011.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.11-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.11-1.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.11-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.4-3.GA_redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.4-3.GA_redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-openssl-0:2.2.0-3.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-openssl-0:2.2.0-3.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-openssl-el8-x86_64-0:2.2.0-2.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-openssl-el8-x86_64-0:2.2.0-2.Final_redhat_00002.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-wildfly-openssl-el8-x86_64-debuginfo-0:2.2.0-2.Final_redhat_00002.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-wildfly-openssl-java-0:2.2.0-3.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-xom-0:1.3.7-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-xom-0:1.3.7-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-yasson-0:1.0.10-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-yasson-0:1.0.10-1.redhat_00001.1.el8eap.src"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-JBEAP-7.4:eap7-log4j-0:2.17.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-log4j-0:2.17.1-1.redhat_00001.1.el8eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "log4j: Remote code execution in Log4j 1.x when application is configured to use JMSSink"
},
{
"cve": "CVE-2022-23305",
"cwe": {
"id": "CWE-89",
"name": "Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)"
},
"discovery_date": "2022-01-18T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-7.redhat_00034.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ecj-1:3.26.0-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ecj-1:3.26.0-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.9-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.9-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-0:5.3.25-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-0:5.3.25-1.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.25-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.25-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.25-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-java8-0:5.3.25-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-0:11.0.15-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-commons-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-core-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-15.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-15.Final_redhat_00014.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-15.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-15.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-vfs-0:3.2.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-vfs-0:3.2.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.6-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.4-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-narayana-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-0:5.11.4-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-narayana-compensations-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-jbosstxbridge-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-jbossxts-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-jts-idlj-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-jts-integration-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-restat-api-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-restat-bridge-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-restat-integration-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-restat-util-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-txframework-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-objectweb-asm-0:9.1.0-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-objectweb-asm-0:9.1.0-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.4-3.GA_redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.4-3.GA_redhat_00011.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.11-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.11-1.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.11-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.4-3.GA_redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.4-3.GA_redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-openssl-0:2.2.0-3.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-openssl-0:2.2.0-3.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-openssl-el8-x86_64-0:2.2.0-2.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-openssl-el8-x86_64-0:2.2.0-2.Final_redhat_00002.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-wildfly-openssl-el8-x86_64-debuginfo-0:2.2.0-2.Final_redhat_00002.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-wildfly-openssl-java-0:2.2.0-3.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-xom-0:1.3.7-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-xom-0:1.3.7-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-yasson-0:1.0.10-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-yasson-0:1.0.10-1.redhat_00001.1.el8eap.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2041959"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Java logging library Apache Log4j in version 1.x. JDBCAppender in Log4j 1.x is vulnerable to SQL injection in untrusted data. This allows a remote attacker to run SQL statements in the database if the deployed application is configured to use JDBCAppender with certain interpolation tokens.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "log4j: SQL injection in Log4j 1.x when application is configured to use JDBCAppender",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Note this issue only affects Log4j 1.x when specifically configured to use the JDBCAppender, which is not the default.\n\nRed Hat Satellite bundles log4j-over-slf4j with Candlepin, however, product is not affected as it uses logback framework for logging.\n\nRed Hat Virtualization and OpenShift Container Platform in the OCP Metering stack (the Hive/Presto/Hadoop components) ship a vulnerable version of the log4j package, however JDBCAppender is not used. Therefore the impact of this vulnerability for these products is rated Low.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-JBEAP-7.4:eap7-log4j-0:2.17.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-log4j-0:2.17.1-1.redhat_00001.1.el8eap.src"
],
"known_not_affected": [
"8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-7.redhat_00034.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ecj-1:3.26.0-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ecj-1:3.26.0-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.9-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.9-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-0:5.3.25-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-0:5.3.25-1.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.25-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.25-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.25-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-java8-0:5.3.25-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-0:11.0.15-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-commons-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-core-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-15.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-15.Final_redhat_00014.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-15.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-15.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-vfs-0:3.2.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-vfs-0:3.2.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.6-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.4-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-narayana-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-0:5.11.4-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-narayana-compensations-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-jbosstxbridge-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-jbossxts-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-jts-idlj-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-jts-integration-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-restat-api-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-restat-bridge-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-restat-integration-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-restat-util-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-txframework-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-objectweb-asm-0:9.1.0-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-objectweb-asm-0:9.1.0-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.4-3.GA_redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.4-3.GA_redhat_00011.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.11-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.11-1.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.11-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.4-3.GA_redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.4-3.GA_redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-openssl-0:2.2.0-3.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-openssl-0:2.2.0-3.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-openssl-el8-x86_64-0:2.2.0-2.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-openssl-el8-x86_64-0:2.2.0-2.Final_redhat_00002.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-wildfly-openssl-el8-x86_64-debuginfo-0:2.2.0-2.Final_redhat_00002.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-wildfly-openssl-java-0:2.2.0-3.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-xom-0:1.3.7-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-xom-0:1.3.7-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-yasson-0:1.0.10-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-yasson-0:1.0.10-1.redhat_00001.1.el8eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-23305"
},
{
"category": "external",
"summary": "RHBZ#2041959",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2041959"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-23305",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23305"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-23305",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-23305"
},
{
"category": "external",
"summary": "https://www.openwall.com/lists/oss-security/2022/01/18/4",
"url": "https://www.openwall.com/lists/oss-security/2022/01/18/4"
}
],
"release_date": "2022-01-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-04-11T13:00:18+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-JBEAP-7.4:eap7-log4j-0:2.17.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-log4j-0:2.17.1-1.redhat_00001.1.el8eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:1297"
},
{
"category": "workaround",
"details": "These are the possible mitigations for this flaw for releases version 1.x:\n\n- Comment out or remove JDBCAppender in the Log4j configuration if it is used\n- Remove the JDBCAppender class from the server\u0027s jar files. For example:\n```\nzip -q -d log4j-*.jar org/apache/log4j/jdbc/JDBCAppender.class\n```",
"product_ids": [
"8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-7.redhat_00034.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ecj-1:3.26.0-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ecj-1:3.26.0-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.9-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.9-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-0:5.3.25-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-0:5.3.25-1.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.25-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.25-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.25-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-java8-0:5.3.25-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-0:11.0.15-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-commons-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-core-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-15.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-15.Final_redhat_00014.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-15.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-15.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-vfs-0:3.2.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-vfs-0:3.2.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.6-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.4-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-log4j-0:2.17.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-log4j-0:2.17.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-narayana-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-0:5.11.4-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-narayana-compensations-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-jbosstxbridge-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-jbossxts-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-jts-idlj-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-jts-integration-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-restat-api-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-restat-bridge-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-restat-integration-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-restat-util-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-txframework-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-objectweb-asm-0:9.1.0-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-objectweb-asm-0:9.1.0-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.4-3.GA_redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.4-3.GA_redhat_00011.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.11-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.11-1.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.11-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.4-3.GA_redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.4-3.GA_redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-openssl-0:2.2.0-3.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-openssl-0:2.2.0-3.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-openssl-el8-x86_64-0:2.2.0-2.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-openssl-el8-x86_64-0:2.2.0-2.Final_redhat_00002.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-wildfly-openssl-el8-x86_64-debuginfo-0:2.2.0-2.Final_redhat_00002.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-wildfly-openssl-java-0:2.2.0-3.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-xom-0:1.3.7-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-xom-0:1.3.7-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-yasson-0:1.0.10-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-yasson-0:1.0.10-1.redhat_00001.1.el8eap.src"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-JBEAP-7.4:eap7-log4j-0:2.17.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-log4j-0:2.17.1-1.redhat_00001.1.el8eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "log4j: SQL injection in Log4j 1.x when application is configured to use JDBCAppender"
},
{
"cve": "CVE-2022-23307",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2022-01-18T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-7.redhat_00034.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ecj-1:3.26.0-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ecj-1:3.26.0-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.9-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.9-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-0:5.3.25-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-0:5.3.25-1.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.25-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.25-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.25-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-java8-0:5.3.25-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-0:11.0.15-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-commons-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-core-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-15.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-15.Final_redhat_00014.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-15.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-15.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-vfs-0:3.2.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-vfs-0:3.2.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.6-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.4-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-narayana-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-0:5.11.4-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-narayana-compensations-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-jbosstxbridge-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-jbossxts-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-jts-idlj-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-jts-integration-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-restat-api-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-restat-bridge-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-restat-integration-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-restat-util-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-txframework-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-objectweb-asm-0:9.1.0-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-objectweb-asm-0:9.1.0-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.4-3.GA_redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.4-3.GA_redhat_00011.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.11-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.11-1.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.11-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.4-3.GA_redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.4-3.GA_redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-openssl-0:2.2.0-3.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-openssl-0:2.2.0-3.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-openssl-el8-x86_64-0:2.2.0-2.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-openssl-el8-x86_64-0:2.2.0-2.Final_redhat_00002.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-wildfly-openssl-el8-x86_64-debuginfo-0:2.2.0-2.Final_redhat_00002.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-wildfly-openssl-java-0:2.2.0-3.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-xom-0:1.3.7-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-xom-0:1.3.7-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-yasson-0:1.0.10-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-yasson-0:1.0.10-1.redhat_00001.1.el8eap.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2041967"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the log4j 1.x chainsaw component, where the contents of certain log entries are deserialized and possibly permit code execution. This flaw allows an attacker to send a malicious request with serialized data to the server to be deserialized when the chainsaw component is run.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "log4j: Unsafe deserialization flaw in Chainsaw log viewer",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Chainsaw is a standalone graphical user interface for viewing log entries in log4j. This flaw may be bypassed by using other available means to access log entries.\n\nRed Hat Satellite bundles log4j-over-slf4j with Candlepin, however, product is not affected as it uses logback framework for logging.\n\nRed Hat Virtualization ships a vulnerable version of the log4j package, however chainsaw is not part of typical use cases. An attacker looking to exploit this would need to not only be able to generate a malicious log entry, but also have the necessary access and permissions to start chainsaw on the engine node. Therefore the impact of this vulnerability for Red Hat Virtualization is rated Low.\n\nSimilar to Red Hat Virtualization in OpenShift Container Platform (OCP), the Hive/Presto/Hadoop components that comprise the OCP Metering stack, ship the vulnerable version of log4j package, however vulnerable chainsaw component is not used by default. Therefore the impact to OCP is reduced to Low.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-JBEAP-7.4:eap7-log4j-0:2.17.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-log4j-0:2.17.1-1.redhat_00001.1.el8eap.src"
],
"known_not_affected": [
"8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-7.redhat_00034.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ecj-1:3.26.0-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ecj-1:3.26.0-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.9-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.9-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-0:5.3.25-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-0:5.3.25-1.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.25-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.25-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.25-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-java8-0:5.3.25-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-0:11.0.15-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-commons-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-core-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-15.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-15.Final_redhat_00014.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-15.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-15.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-vfs-0:3.2.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-vfs-0:3.2.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.6-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.4-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-narayana-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-0:5.11.4-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-narayana-compensations-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-jbosstxbridge-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-jbossxts-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-jts-idlj-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-jts-integration-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-restat-api-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-restat-bridge-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-restat-integration-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-restat-util-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-txframework-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-objectweb-asm-0:9.1.0-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-objectweb-asm-0:9.1.0-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.4-3.GA_redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.4-3.GA_redhat_00011.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.11-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.11-1.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.11-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.4-3.GA_redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.4-3.GA_redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-openssl-0:2.2.0-3.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-openssl-0:2.2.0-3.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-openssl-el8-x86_64-0:2.2.0-2.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-openssl-el8-x86_64-0:2.2.0-2.Final_redhat_00002.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-wildfly-openssl-el8-x86_64-debuginfo-0:2.2.0-2.Final_redhat_00002.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-wildfly-openssl-java-0:2.2.0-3.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-xom-0:1.3.7-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-xom-0:1.3.7-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-yasson-0:1.0.10-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-yasson-0:1.0.10-1.redhat_00001.1.el8eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-23307"
},
{
"category": "external",
"summary": "RHBZ#2041967",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2041967"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-23307",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23307"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-23307",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-23307"
},
{
"category": "external",
"summary": "https://www.openwall.com/lists/oss-security/2022/01/18/5",
"url": "https://www.openwall.com/lists/oss-security/2022/01/18/5"
}
],
"release_date": "2022-01-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-04-11T13:00:18+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-JBEAP-7.4:eap7-log4j-0:2.17.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-log4j-0:2.17.1-1.redhat_00001.1.el8eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:1297"
},
{
"category": "workaround",
"details": "These are the mitigations available for this flaw for log4j 1.x:\n- Avoid using Chainsaw to view logs, and instead use some other utility, especially if there is a log view available within the product itself.\n- Remove the Chainsaw classes from the log4j jar files. For example:\n```\nzip -q -d log4j-*.jar org/apache/log4j/chainsaw/*\n```\n(log4j jars may be nested in zip archives within product)",
"product_ids": [
"8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-7.redhat_00034.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ecj-1:3.26.0-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ecj-1:3.26.0-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.9-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.9-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-0:5.3.25-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-0:5.3.25-1.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.25-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.25-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.25-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-java8-0:5.3.25-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-0:11.0.15-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-commons-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-core-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-15.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-15.Final_redhat_00014.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-15.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-15.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-vfs-0:3.2.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-vfs-0:3.2.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.6-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.4-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-log4j-0:2.17.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-log4j-0:2.17.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-narayana-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-0:5.11.4-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-narayana-compensations-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-jbosstxbridge-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-jbossxts-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-jts-idlj-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-jts-integration-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-restat-api-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-restat-bridge-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-restat-integration-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-restat-util-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-txframework-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-objectweb-asm-0:9.1.0-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-objectweb-asm-0:9.1.0-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.4-3.GA_redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.4-3.GA_redhat_00011.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.11-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.11-1.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.11-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.4-3.GA_redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.4-3.GA_redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-openssl-0:2.2.0-3.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-openssl-0:2.2.0-3.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-openssl-el8-x86_64-0:2.2.0-2.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-openssl-el8-x86_64-0:2.2.0-2.Final_redhat_00002.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-wildfly-openssl-el8-x86_64-debuginfo-0:2.2.0-2.Final_redhat_00002.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-wildfly-openssl-java-0:2.2.0-3.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-xom-0:1.3.7-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-xom-0:1.3.7-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-yasson-0:1.0.10-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-yasson-0:1.0.10-1.redhat_00001.1.el8eap.src"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-JBEAP-7.4:eap7-log4j-0:2.17.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-log4j-0:2.17.1-1.redhat_00001.1.el8eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "log4j: Unsafe deserialization flaw in Chainsaw log viewer"
}
]
}
RHSA-2022_0222
Vulnerability from csaf_redhat - Published: 2022-01-20 18:54 - Updated: 2024-11-24 21:29Summary
Red Hat Security Advisory: Red Hat Integration Camel Extensions for Quarkus 2.2 security update
Notes
Topic
A security update to Red Hat Integration Camel Extensions for Quarkus 2.2 is now available. The purpose of this text-only errata is to inform you about the security issues fixed.
Red Hat Product Security has rated this update as having an impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
This update of Red Hat Integration - Camel Extensions for Quarkus serves as a replacement for 2.2 GA and includes the following security Fix(es):
Security Fix(es):
* log4j-core: remote code execution via JDBC Appender (CVE-2021-44832)
* log4j-core: DoS in log4j 2.x with thread context message pattern and context lookup pattern (incomplete fix for CVE-2021-44228) (CVE-2021-45046)
* log4j-core: DoS in log4j 2.x with Thread Context Map (MDC) input data contains a recursive lookup and context lookup pattern (CVE-2021-45105)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "A security update to Red Hat Integration Camel Extensions for Quarkus 2.2 is now available. The purpose of this text-only errata is to inform you about the security issues fixed.\n\nRed Hat Product Security has rated this update as having an impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "This update of Red Hat Integration - Camel Extensions for Quarkus serves as a replacement for 2.2 GA and includes the following security Fix(es):\n\nSecurity Fix(es):\n\n* log4j-core: remote code execution via JDBC Appender (CVE-2021-44832)\n\n* log4j-core: DoS in log4j 2.x with thread context message pattern and context lookup pattern (incomplete fix for CVE-2021-44228) (CVE-2021-45046)\n\n* log4j-core: DoS in log4j 2.x with Thread Context Map (MDC) input data contains a recursive lookup and context lookup pattern (CVE-2021-45105)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2022:0222",
"url": "https://access.redhat.com/errata/RHSA-2022:0222"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=distributions\u0026product=red.hat.integration\u0026version=2022-Q1",
"url": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=distributions\u0026product=red.hat.integration\u0026version=2022-Q1"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_integration/2022.q1",
"url": "https://access.redhat.com/documentation/en-us/red_hat_integration/2022.q1"
},
{
"category": "external",
"summary": "2032580",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2032580"
},
{
"category": "external",
"summary": "2034067",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2034067"
},
{
"category": "external",
"summary": "2035951",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2035951"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2022/rhsa-2022_0222.json"
}
],
"title": "Red Hat Security Advisory: Red Hat Integration Camel Extensions for Quarkus 2.2 security update",
"tracking": {
"current_release_date": "2024-11-24T21:29:49+00:00",
"generator": {
"date": "2024-11-24T21:29:49+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.1"
}
},
"id": "RHSA-2022:0222",
"initial_release_date": "2022-01-20T18:54:26+00:00",
"revision_history": [
{
"date": "2022-01-20T18:54:26+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2022-01-20T18:54:26+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-24T21:29:49+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Integration Camel Extensions for Quarkus 2.2",
"product": {
"name": "Red Hat Integration Camel Extensions for Quarkus 2.2",
"product_id": "Red Hat Integration Camel Extensions for Quarkus 2.2",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:camel_quarkus:2.2"
}
}
}
],
"category": "product_family",
"name": "Red Hat Integration"
}
],
"category": "vendor",
"name": "Red Hat"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-44832",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2021-12-28T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2035951"
}
],
"notes": [
{
"category": "description",
"text": "Apache Log4j2 versions 2.0-beta7 through 2.17.0 (excluding security fix releases 2.3.2 and 2.12.4) are vulnerable to a remote code execution (RCE) attack where an attacker with permission to modify the logging configuration file can construct a malicious configuration using a JDBC Appender with a data source referencing a JNDI URI which can execute remote code. This issue is fixed by limiting JNDI data source names to the java protocol in Log4j2 versions 2.17.1, 2.12.4, and 2.3.2.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "log4j-core: remote code execution via JDBC Appender",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Log4j 1.x is not impacted by this vulnerability. Therefore versions of log4j shipped with Red Hat Enterprise Linux are NOT affected by this flaw.\n\nFor Elasticsearch, as shipped in OpenShift Container Platform and OpenShift Logging, access to the log4j2.properties configuration is limited only to the cluster administrators and exploitation requires cluster logging changes, what reduced the impact of this vulnerability significantly [0].\n\n[0] https://discuss.elastic.co/t/apache-log4j2-remote-code-execution-rce-vulnerability-cve-2021-44228-esa-2021-31/291476#update-jan-6-5",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Integration Camel Extensions for Quarkus 2.2"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-44832"
},
{
"category": "external",
"summary": "RHBZ#2035951",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2035951"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-44832",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44832"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-44832",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-44832"
},
{
"category": "external",
"summary": "https://issues.apache.org/jira/browse/LOG4J2-3293",
"url": "https://issues.apache.org/jira/browse/LOG4J2-3293"
}
],
"release_date": "2021-12-28T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-01-20T18:54:26+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat Integration Camel Extensions for Quarkus 2.2"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:0222"
},
{
"category": "workaround",
"details": "As per upstream:\n- In prior releases confirm that if the JDBC Appender is being used it is not configured to use any protocol other than Java.\n- Note that only the log4j-core JAR file is impacted by this vulnerability. Applications using only the log4j-api JAR file without the log4j-core JAR file are not impacted by this vulnerability.",
"product_ids": [
"Red Hat Integration Camel Extensions for Quarkus 2.2"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat Integration Camel Extensions for Quarkus 2.2"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "log4j-core: remote code execution via JDBC Appender"
},
{
"cve": "CVE-2021-45046",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2021-12-14T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2032580"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Apache Log4j logging library in versions from 2.0.0 and before 2.16.0. A remote attacker with control over Thread Context Map (MDC) input data could craft malicious input using a JNDI Lookup pattern resulting in remote code execution (RCE) in a limited number of environments.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "log4j-core: DoS in log4j 2.x with thread context message pattern and context lookup pattern (incomplete fix for CVE-2021-44228)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Although we have matched Apache\u0027s CVSS score, with the exception of the scope metric which will remain unaltered at \"unchanged\"; as we believe code execution would be at the permission levels of the running JVM and not exceeding that of the original CVE-2021-44228 flaw.\n \nWe have given this vulnerability an impact rating of Moderate, this is because of the unlikely nature of log4j lookup mapping values being derived from attacker controlled values. This is not the default configuration for end-applications using log4j 2.x and would require explicit action from a privileged user (a developer or administrator) to access the vulnerability. \nIn certain non-default configurations, it was found that the fix to address CVE-2021-44228 in Apache Log4j 2.15.0 was insufficient.\n\nThis issue affects the log4j version between 2.0 and 2.15. Log4j 1.x is NOT impacted by this vulnerability. \n\nPrerequisites to exploit this flaw are :\n\n- A remotely accessible endpoint with any protocol (HTTP, TCP, etc) that allows an attacker to send arbitrary data,\n- A log statement in the endpoint that logs the attacker controlled data.\n- Log4j configuration file should be explicitly configured to use a non-default Pattern Layout with a Context Lookup eg. ($${ctx:loginId}) \n\nIn most cases, the mitigation suggested for CVE-2021-44228 (i.e. to set the system property `log4j2.noFormatMsgLookup` to `true) does NOT mitigate this specific vulnerability. \nLog4j 2.16.0 fixes this issue by removing support for message lookup patterns and disabling JNDI functionality by default.\n\nFor Elasticsearch, as shipped in OpenShift 3.11, the \"log4j2.formatMsgNoLookups=true\" system property mitigation is sufficient as there are no included non-standard configurations that allow for exploitation:\n\nhttps://github.com/openshift/openshift-ansible/blob/release-3.11/roles/openshift_logging_elasticsearch/templates/log4j2.properties.j2\n\nhttps://discuss.elastic.co/t/apache-log4j2-remote-code-execution-rce-vulnerability-cve-2021-44228-esa-2021-31/291476\n\nFor CodeReady Studio the fix for this flaw is available on CodeReady Studio 12.21.3 and above versions.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Integration Camel Extensions for Quarkus 2.2"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-45046"
},
{
"category": "external",
"summary": "RHBZ#2032580",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2032580"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-45046",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-45046"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-45046",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-45046"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2021-44228",
"url": "https://access.redhat.com/security/cve/CVE-2021-44228"
},
{
"category": "external",
"summary": "https://logging.apache.org/log4j/2.x/security.html",
"url": "https://logging.apache.org/log4j/2.x/security.html"
},
{
"category": "external",
"summary": "https://www.openwall.com/lists/oss-security/2021/12/14/4",
"url": "https://www.openwall.com/lists/oss-security/2021/12/14/4"
},
{
"category": "external",
"summary": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog",
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
}
],
"release_date": "2021-12-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-01-20T18:54:26+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat Integration Camel Extensions for Quarkus 2.2"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:0222"
},
{
"category": "workaround",
"details": "For Log4j versions up to and including 2.15.0, this issue can be mitigated by removing the JndiLookup class from the classpath (example: zip -q -d log4j-core-*.jar org/apache/logging/log4j/core/lookup/JndiLookup.class).",
"product_ids": [
"Red Hat Integration Camel Extensions for Quarkus 2.2"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat Integration Camel Extensions for Quarkus 2.2"
]
}
],
"threats": [
{
"category": "exploit_status",
"date": "2023-05-01T00:00:00+00:00",
"details": "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
},
{
"category": "impact",
"details": "Moderate"
}
],
"title": "log4j-core: DoS in log4j 2.x with thread context message pattern and context lookup pattern (incomplete fix for CVE-2021-44228)"
},
{
"cve": "CVE-2021-45105",
"cwe": {
"id": "CWE-674",
"name": "Uncontrolled Recursion"
},
"discovery_date": "2021-12-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2034067"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Apache Log4j logging library 2.x. when the logging configuration uses a non-default Pattern Layout with a Context Lookup. Attackers with control over Thread Context Map (MDC) input data can craft malicious input data that contains a recursive lookup and can cause Denial of Service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "log4j-core: DoS in log4j 2.x with Thread Context Map (MDC) input data contains a recursive lookup and context lookup pattern",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Product Security has performed an analysis of this flaw and has classified the Attack Complexity(AC) as High because there are multiple factors involved which are beyond attacker\u0027s control:\n\n- The application has to use the logging configuration using a Context Map Lookup (for example, $${ctx:loginId}) which is a non-default Pattern Layout.\n- The application developer has to use the map org.apache.logging.log4j.ThreadContext in the application code and save at-least one key (for example, ThreadContext.put(\"loginId\", \"myId\");) in the ThreadContext map object.\n- Attackers must also know this saved key name in order to exploit this flaw.\n\nNote that saving keys in this map is a non-essential usage of log4j and just an optional feature provided. Refer to https://logging.apache.org/log4j/2.x/manual/lookups.html#ContextMapLookup to know more about the Context Map Lookup feature of Log4j.\n\nLog4j 1.x is not impacted by this vulnerability. Note that only the log4j-core JAR file is impacted by this vulnerability. Applications using ONLY the log4j-api JAR file without the log4j-core JAR file are NOT impacted by this vulnerability.\n\n\nDespite including a vulnerable version of Log4j 2.x, this vulnerability is not exploitable in Elasticsearch[0], as shipped in OpenShift Container Platform and OpenShift Logging. OpenShift 3.11 specifically does not contain any context lookups:\n\nhttps://github.com/openshift/openshift-ansible/blob/release-3.11/roles/openshift_logging_elasticsearch/templates/log4j2.properties.j2\n\nThis vulnerability is therefore rated Low for Elasticsearch in OpenShift Container Platform and OpenShift Logging.\n\n[0] https://discuss.elastic.co/t/apache-log4j2-remote-code-execution-rce-vulnerability-cve-2021-44228-esa-2021-31/291476#update-december-18-4",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Integration Camel Extensions for Quarkus 2.2"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-45105"
},
{
"category": "external",
"summary": "RHBZ#2034067",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2034067"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-45105",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-45105"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-45105",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-45105"
},
{
"category": "external",
"summary": "https://issues.apache.org/jira/browse/LOG4J2-3230",
"url": "https://issues.apache.org/jira/browse/LOG4J2-3230"
},
{
"category": "external",
"summary": "https://logging.apache.org/log4j/2.x/security.html",
"url": "https://logging.apache.org/log4j/2.x/security.html"
},
{
"category": "external",
"summary": "https://www.openwall.com/lists/oss-security/2021/12/19/1",
"url": "https://www.openwall.com/lists/oss-security/2021/12/19/1"
}
],
"release_date": "2021-12-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-01-20T18:54:26+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat Integration Camel Extensions for Quarkus 2.2"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:0222"
},
{
"category": "workaround",
"details": "For Log4j 2 versions up to and including 2.16.0, this flaw can be mitigated by:\n- In PatternLayout in the Log4j logging configuration, replace Context Lookups like ${ctx:loginId} or $${ctx:loginId} with Thread Context Map patterns (%X, %mdc, or %MDC) like %X{loginId}.\n- Otherwise, in the Log4j logging configuration, remove references to Context Lookups like ${ctx:loginId} or $${ctx:loginId} where they originate from sources external to the application such as HTTP headers or user input.",
"product_ids": [
"Red Hat Integration Camel Extensions for Quarkus 2.2"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Integration Camel Extensions for Quarkus 2.2"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "log4j-core: DoS in log4j 2.x with Thread Context Map (MDC) input data contains a recursive lookup and context lookup pattern"
}
]
}
RHSA-2022:1299
Vulnerability from csaf_redhat - Published: 2022-04-11 13:00 - Updated: 2025-11-21 18:29Summary
Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.4.4 security update
Notes
Topic
A security update is now available for Red Hat JBoss Enterprise Application Platform 7.4.
Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime.
This release of Red Hat JBoss Enterprise Application Platform 7.4.4 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.4.3 and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.4.4 Release Notes for information about the most significant bug fixes and enhancements included in this release.
Security Fix(es):
* log4j: SQL injection in Log4j 1.x when application is configured to use JDBCAppender (CVE-2022-23305)
* log4j: Unsafe deserialization flaw in Chainsaw log viewer (CVE-2022-23307)
* log4j: Remote code execution in Log4j 1.x when application is configured to use JMSAppender (CVE-2021-4104)
* log4j-core: remote code execution via JDBC Appender (CVE-2021-44832)
* log4j-core: DoS in log4j 2.x with thread context message pattern and context lookup pattern (incomplete fix for CVE-2021-44228) (CVE-2021-45046)
* log4j-core: DoS in log4j 2.x with Thread Context Map (MDC) input data contains a recursive lookup and context lookup pattern (CVE-2021-45105)
* log4j: Remote code execution in Log4j 1.x when application is configured to use JMSSink (CVE-2022-23302)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Low"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "A security update is now available for Red Hat JBoss Enterprise Application Platform 7.4.\n\nRed Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime.\n\nThis release of Red Hat JBoss Enterprise Application Platform 7.4.4 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.4.3 and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.4.4 Release Notes for information about the most significant bug fixes and enhancements included in this release.\n\nSecurity Fix(es):\n\n* log4j: SQL injection in Log4j 1.x when application is configured to use JDBCAppender (CVE-2022-23305)\n\n* log4j: Unsafe deserialization flaw in Chainsaw log viewer (CVE-2022-23307)\n\n* log4j: Remote code execution in Log4j 1.x when application is configured to use JMSAppender (CVE-2021-4104)\n\n* log4j-core: remote code execution via JDBC Appender (CVE-2021-44832)\n\n* log4j-core: DoS in log4j 2.x with thread context message pattern and context lookup pattern (incomplete fix for CVE-2021-44228) (CVE-2021-45046)\n\n* log4j-core: DoS in log4j 2.x with Thread Context Map (MDC) input data contains a recursive lookup and context lookup pattern (CVE-2021-45105)\n\n* log4j: Remote code execution in Log4j 1.x when application is configured to use JMSSink (CVE-2022-23302)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2022:1299",
"url": "https://access.redhat.com/errata/RHSA-2022:1299"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#low",
"url": "https://access.redhat.com/security/updates/classification/#low"
},
{
"category": "external",
"summary": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=securityPatches\u0026product=appplatform\u0026version=7.4",
"url": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=securityPatches\u0026product=appplatform\u0026version=7.4"
},
{
"category": "external",
"summary": "https://docs.redhat.com/en/documentation/red_hat_jboss_enterprise_application_platform/7.4",
"url": "https://docs.redhat.com/en/documentation/red_hat_jboss_enterprise_application_platform/7.4"
},
{
"category": "external",
"summary": "https://docs.redhat.com/en/documentation/red_hat_jboss_enterprise_application_platform/7.4/html-single/installation_guide/index",
"url": "https://docs.redhat.com/en/documentation/red_hat_jboss_enterprise_application_platform/7.4/html-single/installation_guide/index"
},
{
"category": "external",
"summary": "2031667",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2031667"
},
{
"category": "external",
"summary": "2032580",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2032580"
},
{
"category": "external",
"summary": "2034067",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2034067"
},
{
"category": "external",
"summary": "2035951",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2035951"
},
{
"category": "external",
"summary": "2041949",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2041949"
},
{
"category": "external",
"summary": "2041959",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2041959"
},
{
"category": "external",
"summary": "2041967",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2041967"
},
{
"category": "external",
"summary": "JBEAP-22105",
"url": "https://issues.redhat.com/browse/JBEAP-22105"
},
{
"category": "external",
"summary": "JBEAP-22385",
"url": "https://issues.redhat.com/browse/JBEAP-22385"
},
{
"category": "external",
"summary": "JBEAP-22731",
"url": "https://issues.redhat.com/browse/JBEAP-22731"
},
{
"category": "external",
"summary": "JBEAP-22738",
"url": "https://issues.redhat.com/browse/JBEAP-22738"
},
{
"category": "external",
"summary": "JBEAP-22819",
"url": "https://issues.redhat.com/browse/JBEAP-22819"
},
{
"category": "external",
"summary": "JBEAP-22839",
"url": "https://issues.redhat.com/browse/JBEAP-22839"
},
{
"category": "external",
"summary": "JBEAP-22864",
"url": "https://issues.redhat.com/browse/JBEAP-22864"
},
{
"category": "external",
"summary": "JBEAP-22904",
"url": "https://issues.redhat.com/browse/JBEAP-22904"
},
{
"category": "external",
"summary": "JBEAP-22911",
"url": "https://issues.redhat.com/browse/JBEAP-22911"
},
{
"category": "external",
"summary": "JBEAP-22912",
"url": "https://issues.redhat.com/browse/JBEAP-22912"
},
{
"category": "external",
"summary": "JBEAP-22913",
"url": "https://issues.redhat.com/browse/JBEAP-22913"
},
{
"category": "external",
"summary": "JBEAP-22935",
"url": "https://issues.redhat.com/browse/JBEAP-22935"
},
{
"category": "external",
"summary": "JBEAP-22945",
"url": "https://issues.redhat.com/browse/JBEAP-22945"
},
{
"category": "external",
"summary": "JBEAP-22973",
"url": "https://issues.redhat.com/browse/JBEAP-22973"
},
{
"category": "external",
"summary": "JBEAP-23038",
"url": "https://issues.redhat.com/browse/JBEAP-23038"
},
{
"category": "external",
"summary": "JBEAP-23040",
"url": "https://issues.redhat.com/browse/JBEAP-23040"
},
{
"category": "external",
"summary": "JBEAP-23045",
"url": "https://issues.redhat.com/browse/JBEAP-23045"
},
{
"category": "external",
"summary": "JBEAP-23101",
"url": "https://issues.redhat.com/browse/JBEAP-23101"
},
{
"category": "external",
"summary": "JBEAP-23105",
"url": "https://issues.redhat.com/browse/JBEAP-23105"
},
{
"category": "external",
"summary": "JBEAP-23143",
"url": "https://issues.redhat.com/browse/JBEAP-23143"
},
{
"category": "external",
"summary": "JBEAP-23177",
"url": "https://issues.redhat.com/browse/JBEAP-23177"
},
{
"category": "external",
"summary": "JBEAP-23323",
"url": "https://issues.redhat.com/browse/JBEAP-23323"
},
{
"category": "external",
"summary": "JBEAP-23373",
"url": "https://issues.redhat.com/browse/JBEAP-23373"
},
{
"category": "external",
"summary": "JBEAP-23374",
"url": "https://issues.redhat.com/browse/JBEAP-23374"
},
{
"category": "external",
"summary": "JBEAP-23375",
"url": "https://issues.redhat.com/browse/JBEAP-23375"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2022/rhsa-2022_1299.json"
}
],
"title": "Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.4.4 security update",
"tracking": {
"current_release_date": "2025-11-21T18:29:50+00:00",
"generator": {
"date": "2025-11-21T18:29:50+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.12"
}
},
"id": "RHSA-2022:1299",
"initial_release_date": "2022-04-11T13:00:49+00:00",
"revision_history": [
{
"date": "2022-04-11T13:00:49+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2025-10-23T23:09:38+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-11-21T18:29:50+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat JBoss Enterprise Application Platform 7",
"product": {
"name": "Red Hat JBoss Enterprise Application Platform 7",
"product_id": "Red Hat JBoss Enterprise Application Platform 7",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4"
}
}
}
],
"category": "product_family",
"name": "Red Hat JBoss Enterprise Application Platform"
}
],
"category": "vendor",
"name": "Red Hat"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-4104",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2021-12-13T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2031667"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Java logging library Apache Log4j in version 1.x. JMSAppender in Log4j 1.x is vulnerable to deserialization of untrusted data. This allows a remote attacker to execute code on the server if the deployed application is configured to use JMSAppender and to the attacker\u0027s JNDI LDAP endpoint.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "log4j: Remote code execution in Log4j 1.x when application is configured to use JMSAppender",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Based on the conditions to be exploitable (see details below), the risk is much lower than Log4j 2.x and Red Hat has assessed this to be Moderate severity. This flaw has been filed for Log4j 1.x, and the corresponding flaw information for Log4j 2.x is available at: https://access.redhat.com/security/cve/CVE-2021-44228\n\nNote this flaw ONLY affects applications which are specifically configured to use JMSAppender, which is not the default, or when the attacker has write access to the Log4j configuration for adding JMSAppender to the attacker\u0027s JNDI LDAP endpoint. \n\nIf the Log4j configuration is set TopicBindingName or TopicConnectionFactoryBindingName configurations allowing JMSAppender to perform JNDI requests that result in remote code execution in a similar fashion to CVE-2021-44228 Log4j 2.x, Log4j 1.x is vulnerable. However, the attack vector is reduced as it depends on having write access, which is not a standard configuration rather than untrusted user input. These are sufficient factors beyond the attacker\u0027s control.\n\nThe tomcat package shipped with Red Hat Enterprise Linux does not include log4j but it does include a default configuration for log4j, log4j.properties, which could be used with tomcat if users choose to install and configure the library. The JMSAppender is not enabled by default, and the permissions of the file can only be modified as root.\n\nRed Hat Virtualization ships log4j12-1.2.17, but it is used and configured in a way which makes this flaw not possible to exploit. Therefore impact is rated Low.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Enterprise Application Platform 7"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-4104"
},
{
"category": "external",
"summary": "RHBZ#2031667",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2031667"
},
{
"category": "external",
"summary": "RHSB-2021-009",
"url": "https://access.redhat.com/security/vulnerabilities/RHSB-2021-009"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-4104",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-4104"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-4104",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-4104"
},
{
"category": "external",
"summary": "https://github.com/apache/logging-log4j2/pull/608#issuecomment-990494126",
"url": "https://github.com/apache/logging-log4j2/pull/608#issuecomment-990494126"
},
{
"category": "external",
"summary": "https://github.com/apache/logging-log4j2/pull/608#issuecomment-991723301",
"url": "https://github.com/apache/logging-log4j2/pull/608#issuecomment-991723301"
},
{
"category": "external",
"summary": "https://lists.apache.org/thread/0x4zvtq92yggdgvwfgsftqrj4xx5w0nx",
"url": "https://lists.apache.org/thread/0x4zvtq92yggdgvwfgsftqrj4xx5w0nx"
},
{
"category": "external",
"summary": "https://www.openwall.com/lists/oss-security/2021/12/13/1",
"url": "https://www.openwall.com/lists/oss-security/2021/12/13/1"
}
],
"release_date": "2021-12-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-04-11T13:00:49+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat JBoss Enterprise Application Platform 7"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:1299"
},
{
"category": "workaround",
"details": "These are the possible mitigations for this flaw for releases version 1.x:\n\n- Comment out or remove JMSAppender in the Log4j configuration if it is used\n- Remove the JMSAppender class from the classpath. For example:\n```\nzip -q -d log4j-*.jar org/apache/log4j/net/JMSAppender.class\n```\n- Restrict access for the OS user on the platform running the application to prevent modifying the Log4j configuration by the attacker.",
"product_ids": [
"Red Hat JBoss Enterprise Application Platform 7"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat JBoss Enterprise Application Platform 7"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "log4j: Remote code execution in Log4j 1.x when application is configured to use JMSAppender"
},
{
"cve": "CVE-2021-44832",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2021-12-28T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2035951"
}
],
"notes": [
{
"category": "description",
"text": "Apache Log4j2 versions 2.0-beta7 through 2.17.0 (excluding security fix releases 2.3.2 and 2.12.4) are vulnerable to a remote code execution (RCE) attack where an attacker with permission to modify the logging configuration file can construct a malicious configuration using a JDBC Appender with a data source referencing a JNDI URI which can execute remote code. This issue is fixed by limiting JNDI data source names to the java protocol in Log4j2 versions 2.17.1, 2.12.4, and 2.3.2.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "log4j-core: remote code execution via JDBC Appender",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Log4j 1.x is not impacted by this vulnerability. Therefore versions of log4j shipped with Red Hat Enterprise Linux are NOT affected by this flaw.\n\nFor Elasticsearch, as shipped in OpenShift Container Platform and OpenShift Logging, access to the log4j2.properties configuration is limited only to the cluster administrators and exploitation requires cluster logging changes, what reduced the impact of this vulnerability significantly [0].\n\n[0] https://discuss.elastic.co/t/apache-log4j2-remote-code-execution-rce-vulnerability-cve-2021-44228-esa-2021-31/291476#update-jan-6-5",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Enterprise Application Platform 7"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-44832"
},
{
"category": "external",
"summary": "RHBZ#2035951",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2035951"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-44832",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44832"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-44832",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-44832"
},
{
"category": "external",
"summary": "https://issues.apache.org/jira/browse/LOG4J2-3293",
"url": "https://issues.apache.org/jira/browse/LOG4J2-3293"
}
],
"release_date": "2021-12-28T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-04-11T13:00:49+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat JBoss Enterprise Application Platform 7"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:1299"
},
{
"category": "workaround",
"details": "As per upstream:\n- In prior releases confirm that if the JDBC Appender is being used it is not configured to use any protocol other than Java.\n- Note that only the log4j-core JAR file is impacted by this vulnerability. Applications using only the log4j-api JAR file without the log4j-core JAR file are not impacted by this vulnerability.",
"product_ids": [
"Red Hat JBoss Enterprise Application Platform 7"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat JBoss Enterprise Application Platform 7"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "log4j-core: remote code execution via JDBC Appender"
},
{
"cve": "CVE-2021-45046",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2021-12-14T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2032580"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Apache Log4j logging library in versions from 2.0.0 and before 2.16.0. A remote attacker with control over Thread Context Map (MDC) input data could craft malicious input using a JNDI Lookup pattern resulting in remote code execution (RCE) in a limited number of environments.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "log4j-core: DoS in log4j 2.x with thread context message pattern and context lookup pattern (incomplete fix for CVE-2021-44228)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Although we have matched Apache\u0027s CVSS score, with the exception of the scope metric which will remain unaltered at \"unchanged\"; as we believe code execution would be at the permission levels of the running JVM and not exceeding that of the original CVE-2021-44228 flaw.\n \nWe have given this vulnerability an impact rating of Moderate, this is because of the unlikely nature of log4j lookup mapping values being derived from attacker controlled values. This is not the default configuration for end-applications using log4j 2.x and would require explicit action from a privileged user (a developer or administrator) to access the vulnerability. \nIn certain non-default configurations, it was found that the fix to address CVE-2021-44228 in Apache Log4j 2.15.0 was insufficient.\n\nThis issue affects the log4j version between 2.0 and 2.15. Log4j 1.x is NOT impacted by this vulnerability. \n\nPrerequisites to exploit this flaw are :\n\n- A remotely accessible endpoint with any protocol (HTTP, TCP, etc) that allows an attacker to send arbitrary data,\n- A log statement in the endpoint that logs the attacker controlled data.\n- Log4j configuration file should be explicitly configured to use a non-default Pattern Layout with a Context Lookup eg. ($${ctx:loginId}) \n\nIn most cases, the mitigation suggested for CVE-2021-44228 (i.e. to set the system property `log4j2.noFormatMsgLookup` to `true) does NOT mitigate this specific vulnerability. \nLog4j 2.16.0 fixes this issue by removing support for message lookup patterns and disabling JNDI functionality by default.\n\nFor Elasticsearch, as shipped in OpenShift 3.11, the \"log4j2.formatMsgNoLookups=true\" system property mitigation is sufficient as there are no included non-standard configurations that allow for exploitation:\n\nhttps://github.com/openshift/openshift-ansible/blob/release-3.11/roles/openshift_logging_elasticsearch/templates/log4j2.properties.j2\n\nhttps://discuss.elastic.co/t/apache-log4j2-remote-code-execution-rce-vulnerability-cve-2021-44228-esa-2021-31/291476\n\nFor CodeReady Studio the fix for this flaw is available on CodeReady Studio 12.21.3 and above versions.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Enterprise Application Platform 7"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-45046"
},
{
"category": "external",
"summary": "RHBZ#2032580",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2032580"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-45046",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-45046"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-45046",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-45046"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2021-44228",
"url": "https://access.redhat.com/security/cve/CVE-2021-44228"
},
{
"category": "external",
"summary": "https://logging.apache.org/log4j/2.x/security.html",
"url": "https://logging.apache.org/log4j/2.x/security.html"
},
{
"category": "external",
"summary": "https://www.openwall.com/lists/oss-security/2021/12/14/4",
"url": "https://www.openwall.com/lists/oss-security/2021/12/14/4"
},
{
"category": "external",
"summary": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog",
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
}
],
"release_date": "2021-12-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-04-11T13:00:49+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat JBoss Enterprise Application Platform 7"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:1299"
},
{
"category": "workaround",
"details": "For Log4j versions up to and including 2.15.0, this issue can be mitigated by removing the JndiLookup class from the classpath (example: zip -q -d log4j-core-*.jar org/apache/logging/log4j/core/lookup/JndiLookup.class).",
"product_ids": [
"Red Hat JBoss Enterprise Application Platform 7"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat JBoss Enterprise Application Platform 7"
]
}
],
"threats": [
{
"category": "exploit_status",
"date": "2023-05-01T00:00:00+00:00",
"details": "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
},
{
"category": "impact",
"details": "Low"
}
],
"title": "log4j-core: DoS in log4j 2.x with thread context message pattern and context lookup pattern (incomplete fix for CVE-2021-44228)"
},
{
"cve": "CVE-2021-45105",
"cwe": {
"id": "CWE-674",
"name": "Uncontrolled Recursion"
},
"discovery_date": "2021-12-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2034067"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Apache Log4j logging library 2.x. when the logging configuration uses a non-default Pattern Layout with a Context Lookup. Attackers with control over Thread Context Map (MDC) input data can craft malicious input data that contains a recursive lookup and can cause Denial of Service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "log4j-core: DoS in log4j 2.x with Thread Context Map (MDC) input data contains a recursive lookup and context lookup pattern",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Product Security has performed an analysis of this flaw and has classified the Attack Complexity(AC) as High because there are multiple factors involved which are beyond attacker\u0027s control:\n\n- The application has to use the logging configuration using a Context Map Lookup (for example, $${ctx:loginId}) which is a non-default Pattern Layout.\n- The application developer has to use the map org.apache.logging.log4j.ThreadContext in the application code and save at-least one key (for example, ThreadContext.put(\"loginId\", \"myId\");) in the ThreadContext map object.\n- Attackers must also know this saved key name in order to exploit this flaw.\n\nNote that saving keys in this map is a non-essential usage of log4j and just an optional feature provided. Refer to https://logging.apache.org/log4j/2.x/manual/lookups.html#ContextMapLookup to know more about the Context Map Lookup feature of Log4j.\n\nLog4j 1.x is not impacted by this vulnerability. Note that only the log4j-core JAR file is impacted by this vulnerability. Applications using ONLY the log4j-api JAR file without the log4j-core JAR file are NOT impacted by this vulnerability.\n\n\nDespite including a vulnerable version of Log4j 2.x, this vulnerability is not exploitable in Elasticsearch[0], as shipped in OpenShift Container Platform and OpenShift Logging. OpenShift 3.11 specifically does not contain any context lookups:\n\nhttps://github.com/openshift/openshift-ansible/blob/release-3.11/roles/openshift_logging_elasticsearch/templates/log4j2.properties.j2\n\nThis vulnerability is therefore rated Low for Elasticsearch in OpenShift Container Platform and OpenShift Logging.\n\n[0] https://discuss.elastic.co/t/apache-log4j2-remote-code-execution-rce-vulnerability-cve-2021-44228-esa-2021-31/291476#update-december-18-4",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Enterprise Application Platform 7"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-45105"
},
{
"category": "external",
"summary": "RHBZ#2034067",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2034067"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-45105",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-45105"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-45105",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-45105"
},
{
"category": "external",
"summary": "https://issues.apache.org/jira/browse/LOG4J2-3230",
"url": "https://issues.apache.org/jira/browse/LOG4J2-3230"
},
{
"category": "external",
"summary": "https://logging.apache.org/log4j/2.x/security.html",
"url": "https://logging.apache.org/log4j/2.x/security.html"
},
{
"category": "external",
"summary": "https://www.openwall.com/lists/oss-security/2021/12/19/1",
"url": "https://www.openwall.com/lists/oss-security/2021/12/19/1"
}
],
"release_date": "2021-12-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-04-11T13:00:49+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat JBoss Enterprise Application Platform 7"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:1299"
},
{
"category": "workaround",
"details": "For Log4j 2 versions up to and including 2.16.0, this flaw can be mitigated by:\n- In PatternLayout in the Log4j logging configuration, replace Context Lookups like ${ctx:loginId} or $${ctx:loginId} with Thread Context Map patterns (%X, %mdc, or %MDC) like %X{loginId}.\n- Otherwise, in the Log4j logging configuration, remove references to Context Lookups like ${ctx:loginId} or $${ctx:loginId} where they originate from sources external to the application such as HTTP headers or user input.",
"product_ids": [
"Red Hat JBoss Enterprise Application Platform 7"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat JBoss Enterprise Application Platform 7"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "log4j-core: DoS in log4j 2.x with Thread Context Map (MDC) input data contains a recursive lookup and context lookup pattern"
},
{
"cve": "CVE-2022-23302",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2022-01-18T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2041949"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Java logging library Apache Log4j in version 1.x. JMSSink in Log4j 1.x is vulnerable to deserialization of untrusted data. This allows a remote attacker to execute code on the server if JMSSink is deployed and has been configured to perform JNDI requests.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "log4j: Remote code execution in Log4j 1.x when application is configured to use JMSSink",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Note this flaw ONLY affects applications which are specifically configured to use JMSSink, which is not the default, or when the attacker has write access to the Log4j configuration for adding JMSSink to the attacker\u0027s JNDI LDAP endpoint.\n\nRed Hat Satellite bundles log4j-over-slf4j with Candlepin, however, product is not affected as it uses logback framework for logging.\n\nRed Hat Virtualization and OpenShift Container Platform in the OCP Metering stack (the Hive/Presto/Hadoop components) ship a vulnerable version of the log4j package, however JMSSink is not used. Therefore the impact of this vulnerability for these products is rated Low.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Enterprise Application Platform 7"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-23302"
},
{
"category": "external",
"summary": "RHBZ#2041949",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2041949"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-23302",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23302"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-23302",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-23302"
},
{
"category": "external",
"summary": "https://www.openwall.com/lists/oss-security/2022/01/18/3",
"url": "https://www.openwall.com/lists/oss-security/2022/01/18/3"
}
],
"release_date": "2022-01-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-04-11T13:00:49+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat JBoss Enterprise Application Platform 7"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:1299"
},
{
"category": "workaround",
"details": "These are the possible mitigations for this flaw for releases version 1.x:\n\n- Comment out or remove JMSSink in the Log4j configuration if it is used\n- Remove the JMSSink class from the server\u0027s jar files. For example:\n```\nzip -q -d log4j-*.jar org/apache/log4j/net/JMSSink.class\n```\n- Restrict access for the OS user on the platform running the application to prevent modifying the Log4j configuration by the attacker.",
"product_ids": [
"Red Hat JBoss Enterprise Application Platform 7"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat JBoss Enterprise Application Platform 7"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "log4j: Remote code execution in Log4j 1.x when application is configured to use JMSSink"
},
{
"cve": "CVE-2022-23305",
"cwe": {
"id": "CWE-89",
"name": "Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)"
},
"discovery_date": "2022-01-18T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2041959"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Java logging library Apache Log4j in version 1.x. JDBCAppender in Log4j 1.x is vulnerable to SQL injection in untrusted data. This allows a remote attacker to run SQL statements in the database if the deployed application is configured to use JDBCAppender with certain interpolation tokens.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "log4j: SQL injection in Log4j 1.x when application is configured to use JDBCAppender",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Note this issue only affects Log4j 1.x when specifically configured to use the JDBCAppender, which is not the default.\n\nRed Hat Satellite bundles log4j-over-slf4j with Candlepin, however, product is not affected as it uses logback framework for logging.\n\nRed Hat Virtualization and OpenShift Container Platform in the OCP Metering stack (the Hive/Presto/Hadoop components) ship a vulnerable version of the log4j package, however JDBCAppender is not used. Therefore the impact of this vulnerability for these products is rated Low.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Enterprise Application Platform 7"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-23305"
},
{
"category": "external",
"summary": "RHBZ#2041959",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2041959"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-23305",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23305"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-23305",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-23305"
},
{
"category": "external",
"summary": "https://www.openwall.com/lists/oss-security/2022/01/18/4",
"url": "https://www.openwall.com/lists/oss-security/2022/01/18/4"
}
],
"release_date": "2022-01-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-04-11T13:00:49+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat JBoss Enterprise Application Platform 7"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:1299"
},
{
"category": "workaround",
"details": "These are the possible mitigations for this flaw for releases version 1.x:\n\n- Comment out or remove JDBCAppender in the Log4j configuration if it is used\n- Remove the JDBCAppender class from the server\u0027s jar files. For example:\n```\nzip -q -d log4j-*.jar org/apache/log4j/jdbc/JDBCAppender.class\n```",
"product_ids": [
"Red Hat JBoss Enterprise Application Platform 7"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat JBoss Enterprise Application Platform 7"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "log4j: SQL injection in Log4j 1.x when application is configured to use JDBCAppender"
},
{
"cve": "CVE-2022-23307",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2022-01-18T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2041967"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the log4j 1.x chainsaw component, where the contents of certain log entries are deserialized and possibly permit code execution. This flaw allows an attacker to send a malicious request with serialized data to the server to be deserialized when the chainsaw component is run.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "log4j: Unsafe deserialization flaw in Chainsaw log viewer",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Chainsaw is a standalone graphical user interface for viewing log entries in log4j. This flaw may be bypassed by using other available means to access log entries.\n\nRed Hat Satellite bundles log4j-over-slf4j with Candlepin, however, product is not affected as it uses logback framework for logging.\n\nRed Hat Virtualization ships a vulnerable version of the log4j package, however chainsaw is not part of typical use cases. An attacker looking to exploit this would need to not only be able to generate a malicious log entry, but also have the necessary access and permissions to start chainsaw on the engine node. Therefore the impact of this vulnerability for Red Hat Virtualization is rated Low.\n\nSimilar to Red Hat Virtualization in OpenShift Container Platform (OCP), the Hive/Presto/Hadoop components that comprise the OCP Metering stack, ship the vulnerable version of log4j package, however vulnerable chainsaw component is not used by default. Therefore the impact to OCP is reduced to Low.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Enterprise Application Platform 7"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-23307"
},
{
"category": "external",
"summary": "RHBZ#2041967",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2041967"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-23307",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23307"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-23307",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-23307"
},
{
"category": "external",
"summary": "https://www.openwall.com/lists/oss-security/2022/01/18/5",
"url": "https://www.openwall.com/lists/oss-security/2022/01/18/5"
}
],
"release_date": "2022-01-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-04-11T13:00:49+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat JBoss Enterprise Application Platform 7"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:1299"
},
{
"category": "workaround",
"details": "These are the mitigations available for this flaw for log4j 1.x:\n- Avoid using Chainsaw to view logs, and instead use some other utility, especially if there is a log view available within the product itself.\n- Remove the Chainsaw classes from the log4j jar files. For example:\n```\nzip -q -d log4j-*.jar org/apache/log4j/chainsaw/*\n```\n(log4j jars may be nested in zip archives within product)",
"product_ids": [
"Red Hat JBoss Enterprise Application Platform 7"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat JBoss Enterprise Application Platform 7"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "log4j: Unsafe deserialization flaw in Chainsaw log viewer"
}
]
}
RHSA-2022_0227
Vulnerability from csaf_redhat - Published: 2022-01-20 21:40 - Updated: 2024-11-24 21:30Summary
Red Hat Security Advisory: Red Hat OpenShift Enterprise Logging bug fix and security update (5.3.3)
Notes
Topic
An update is now available for OpenShift Logging (5.3.3)
Red Hat Product Security has rated this update as having a security impact of
Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives
a detailed severity rating, is available for each vulnerability from the CVE
link(s) in the References section.
Details
Openshift Logging Bug Fix Release (5.3.3)
Security Fix(es):
* log4j-core: remote code execution via JDBC Appender (CVE-2021-44832)
* nodejs-ua-parser-js: ReDoS via malicious User-Agent header (CVE-2021-27292)
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update is now available for OpenShift Logging (5.3.3)\n\nRed Hat Product Security has rated this update as having a security impact of\nModerate. A Common Vulnerability Scoring System (CVSS) base score, which gives\na detailed severity rating, is available for each vulnerability from the CVE\nlink(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Openshift Logging Bug Fix Release (5.3.3)\n\nSecurity Fix(es):\n\n* log4j-core: remote code execution via JDBC Appender (CVE-2021-44832)\n\n* nodejs-ua-parser-js: ReDoS via malicious User-Agent header (CVE-2021-27292)",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2022:0227",
"url": "https://access.redhat.com/errata/RHSA-2022:0227"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "1940613",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1940613"
},
{
"category": "external",
"summary": "2035951",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2035951"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2022/rhsa-2022_0227.json"
}
],
"title": "Red Hat Security Advisory: Red Hat OpenShift Enterprise Logging bug fix and security update (5.3.3)",
"tracking": {
"current_release_date": "2024-11-24T21:30:11+00:00",
"generator": {
"date": "2024-11-24T21:30:11+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.1"
}
},
"id": "RHSA-2022:0227",
"initial_release_date": "2022-01-20T21:40:25+00:00",
"revision_history": [
{
"date": "2022-01-20T21:40:25+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2022-01-20T21:40:25+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-24T21:30:11+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "OpenShift Logging 5.3",
"product": {
"name": "OpenShift Logging 5.3",
"product_id": "8Base-OSE-LOGGING-5.3",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:logging:5.3::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenShift Enterprise"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-logging/cluster-logging-rhel8-operator@sha256:74e4ae6c04abc489b90cab07c40f24f68ab7f92e366d3661ba3130ca6fa205c9_amd64",
"product": {
"name": "openshift-logging/cluster-logging-rhel8-operator@sha256:74e4ae6c04abc489b90cab07c40f24f68ab7f92e366d3661ba3130ca6fa205c9_amd64",
"product_id": "openshift-logging/cluster-logging-rhel8-operator@sha256:74e4ae6c04abc489b90cab07c40f24f68ab7f92e366d3661ba3130ca6fa205c9_amd64",
"product_identification_helper": {
"purl": "pkg:oci/cluster-logging-rhel8-operator@sha256:74e4ae6c04abc489b90cab07c40f24f68ab7f92e366d3661ba3130ca6fa205c9?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/cluster-logging-rhel8-operator\u0026tag=v5.3.3-3"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/cluster-logging-operator-bundle@sha256:1eab02e25f64839b15747d2bb8e0e6f8c3f632e9372a5ee926cde2c1e5cbc998_amd64",
"product": {
"name": "openshift-logging/cluster-logging-operator-bundle@sha256:1eab02e25f64839b15747d2bb8e0e6f8c3f632e9372a5ee926cde2c1e5cbc998_amd64",
"product_id": "openshift-logging/cluster-logging-operator-bundle@sha256:1eab02e25f64839b15747d2bb8e0e6f8c3f632e9372a5ee926cde2c1e5cbc998_amd64",
"product_identification_helper": {
"purl": "pkg:oci/cluster-logging-operator-bundle@sha256:1eab02e25f64839b15747d2bb8e0e6f8c3f632e9372a5ee926cde2c1e5cbc998?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/cluster-logging-operator-bundle\u0026tag=v5.3.3-4"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch-rhel8-operator@sha256:1e342d10db70e1b160f906c65e6caa25aa64c519dd7ae7e8233fe2fe65121207_amd64",
"product": {
"name": "openshift-logging/elasticsearch-rhel8-operator@sha256:1e342d10db70e1b160f906c65e6caa25aa64c519dd7ae7e8233fe2fe65121207_amd64",
"product_id": "openshift-logging/elasticsearch-rhel8-operator@sha256:1e342d10db70e1b160f906c65e6caa25aa64c519dd7ae7e8233fe2fe65121207_amd64",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch-rhel8-operator@sha256:1e342d10db70e1b160f906c65e6caa25aa64c519dd7ae7e8233fe2fe65121207?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch-rhel8-operator\u0026tag=v5.3.3-3"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch-operator-bundle@sha256:eec91dbe056a85b3a8b61c5ce4d9383e182440f5ea496fac64a22cd7920daf5f_amd64",
"product": {
"name": "openshift-logging/elasticsearch-operator-bundle@sha256:eec91dbe056a85b3a8b61c5ce4d9383e182440f5ea496fac64a22cd7920daf5f_amd64",
"product_id": "openshift-logging/elasticsearch-operator-bundle@sha256:eec91dbe056a85b3a8b61c5ce4d9383e182440f5ea496fac64a22cd7920daf5f_amd64",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch-operator-bundle@sha256:eec91dbe056a85b3a8b61c5ce4d9383e182440f5ea496fac64a22cd7920daf5f?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch-operator-bundle\u0026tag=v5.3.3-4"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:37eda3069f8fb47a90b0adef38e93df074dbe57821e3c306da03e2c1e267e9ed_amd64",
"product": {
"name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:37eda3069f8fb47a90b0adef38e93df074dbe57821e3c306da03e2c1e267e9ed_amd64",
"product_id": "openshift-logging/elasticsearch-proxy-rhel8@sha256:37eda3069f8fb47a90b0adef38e93df074dbe57821e3c306da03e2c1e267e9ed_amd64",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch-proxy-rhel8@sha256:37eda3069f8fb47a90b0adef38e93df074dbe57821e3c306da03e2c1e267e9ed?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch-proxy-rhel8\u0026tag=v1.0.0-103"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/log-file-metric-exporter-rhel8@sha256:25f94f0e27668fe254b7ff74731d39b7ed9f6c278c52dcf759893d9a1abe4895_amd64",
"product": {
"name": "openshift-logging/log-file-metric-exporter-rhel8@sha256:25f94f0e27668fe254b7ff74731d39b7ed9f6c278c52dcf759893d9a1abe4895_amd64",
"product_id": "openshift-logging/log-file-metric-exporter-rhel8@sha256:25f94f0e27668fe254b7ff74731d39b7ed9f6c278c52dcf759893d9a1abe4895_amd64",
"product_identification_helper": {
"purl": "pkg:oci/log-file-metric-exporter-rhel8@sha256:25f94f0e27668fe254b7ff74731d39b7ed9f6c278c52dcf759893d9a1abe4895?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel8\u0026tag=v1.0.0-70"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/logging-curator5-rhel8@sha256:b722f8982018f215a0a1566a561d742f1f7d99a2b507b8a7e874f6db1a6fef08_amd64",
"product": {
"name": "openshift-logging/logging-curator5-rhel8@sha256:b722f8982018f215a0a1566a561d742f1f7d99a2b507b8a7e874f6db1a6fef08_amd64",
"product_id": "openshift-logging/logging-curator5-rhel8@sha256:b722f8982018f215a0a1566a561d742f1f7d99a2b507b8a7e874f6db1a6fef08_amd64",
"product_identification_helper": {
"purl": "pkg:oci/logging-curator5-rhel8@sha256:b722f8982018f215a0a1566a561d742f1f7d99a2b507b8a7e874f6db1a6fef08?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/logging-curator5-rhel8\u0026tag=v5.8.1-72"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch6-rhel8@sha256:5e2d853cc71ec673ce0f6bcc14628c2fd650a9153b8d7e5f8cd1a1b2ef36093e_amd64",
"product": {
"name": "openshift-logging/elasticsearch6-rhel8@sha256:5e2d853cc71ec673ce0f6bcc14628c2fd650a9153b8d7e5f8cd1a1b2ef36093e_amd64",
"product_id": "openshift-logging/elasticsearch6-rhel8@sha256:5e2d853cc71ec673ce0f6bcc14628c2fd650a9153b8d7e5f8cd1a1b2ef36093e_amd64",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch6-rhel8@sha256:5e2d853cc71ec673ce0f6bcc14628c2fd650a9153b8d7e5f8cd1a1b2ef36093e?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch6-rhel8\u0026tag=v6.8.1-99"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/eventrouter-rhel8@sha256:956fb983f6ca0991c2d2a03f7054bd2c9881c03883e44d7b695dba475df62a29_amd64",
"product": {
"name": "openshift-logging/eventrouter-rhel8@sha256:956fb983f6ca0991c2d2a03f7054bd2c9881c03883e44d7b695dba475df62a29_amd64",
"product_id": "openshift-logging/eventrouter-rhel8@sha256:956fb983f6ca0991c2d2a03f7054bd2c9881c03883e44d7b695dba475df62a29_amd64",
"product_identification_helper": {
"purl": "pkg:oci/eventrouter-rhel8@sha256:956fb983f6ca0991c2d2a03f7054bd2c9881c03883e44d7b695dba475df62a29?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/eventrouter-rhel8\u0026tag=v0.3.0-98"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/fluentd-rhel8@sha256:ae0cf89749b44739b6f2560c3f6527cee2606b67388a7d965dd76644a25420f5_amd64",
"product": {
"name": "openshift-logging/fluentd-rhel8@sha256:ae0cf89749b44739b6f2560c3f6527cee2606b67388a7d965dd76644a25420f5_amd64",
"product_id": "openshift-logging/fluentd-rhel8@sha256:ae0cf89749b44739b6f2560c3f6527cee2606b67388a7d965dd76644a25420f5_amd64",
"product_identification_helper": {
"purl": "pkg:oci/fluentd-rhel8@sha256:ae0cf89749b44739b6f2560c3f6527cee2606b67388a7d965dd76644a25420f5?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/fluentd-rhel8\u0026tag=v1.7.4-103"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/kibana6-rhel8@sha256:680c44946a899270de101bca06b22ed5b4eba0b85c1e01e21e30fc6a2740ab2d_amd64",
"product": {
"name": "openshift-logging/kibana6-rhel8@sha256:680c44946a899270de101bca06b22ed5b4eba0b85c1e01e21e30fc6a2740ab2d_amd64",
"product_id": "openshift-logging/kibana6-rhel8@sha256:680c44946a899270de101bca06b22ed5b4eba0b85c1e01e21e30fc6a2740ab2d_amd64",
"product_identification_helper": {
"purl": "pkg:oci/kibana6-rhel8@sha256:680c44946a899270de101bca06b22ed5b4eba0b85c1e01e21e30fc6a2740ab2d?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/kibana6-rhel8\u0026tag=v6.8.1-109"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-logging/cluster-logging-rhel8-operator@sha256:6c544de84925d0e3883a5d091c17a33362a0138271bbbda6663eb1407f98e0c5_s390x",
"product": {
"name": "openshift-logging/cluster-logging-rhel8-operator@sha256:6c544de84925d0e3883a5d091c17a33362a0138271bbbda6663eb1407f98e0c5_s390x",
"product_id": "openshift-logging/cluster-logging-rhel8-operator@sha256:6c544de84925d0e3883a5d091c17a33362a0138271bbbda6663eb1407f98e0c5_s390x",
"product_identification_helper": {
"purl": "pkg:oci/cluster-logging-rhel8-operator@sha256:6c544de84925d0e3883a5d091c17a33362a0138271bbbda6663eb1407f98e0c5?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/cluster-logging-rhel8-operator\u0026tag=v5.3.3-3"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch-rhel8-operator@sha256:f7e2c329f04793173ae4412aa096cf86ce7225c94b059c56d8c9e7dbe71b9a19_s390x",
"product": {
"name": "openshift-logging/elasticsearch-rhel8-operator@sha256:f7e2c329f04793173ae4412aa096cf86ce7225c94b059c56d8c9e7dbe71b9a19_s390x",
"product_id": "openshift-logging/elasticsearch-rhel8-operator@sha256:f7e2c329f04793173ae4412aa096cf86ce7225c94b059c56d8c9e7dbe71b9a19_s390x",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch-rhel8-operator@sha256:f7e2c329f04793173ae4412aa096cf86ce7225c94b059c56d8c9e7dbe71b9a19?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch-rhel8-operator\u0026tag=v5.3.3-3"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:1d7fe3558d416cf1ce9cd59e68f71ac3123b1cb8a3435001d2fa356198ea821c_s390x",
"product": {
"name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:1d7fe3558d416cf1ce9cd59e68f71ac3123b1cb8a3435001d2fa356198ea821c_s390x",
"product_id": "openshift-logging/elasticsearch-proxy-rhel8@sha256:1d7fe3558d416cf1ce9cd59e68f71ac3123b1cb8a3435001d2fa356198ea821c_s390x",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch-proxy-rhel8@sha256:1d7fe3558d416cf1ce9cd59e68f71ac3123b1cb8a3435001d2fa356198ea821c?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch-proxy-rhel8\u0026tag=v1.0.0-103"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/log-file-metric-exporter-rhel8@sha256:fd70baba0ba7a59a994ca33527ecb2575ab199daeb4ecd34581cccf0db246c59_s390x",
"product": {
"name": "openshift-logging/log-file-metric-exporter-rhel8@sha256:fd70baba0ba7a59a994ca33527ecb2575ab199daeb4ecd34581cccf0db246c59_s390x",
"product_id": "openshift-logging/log-file-metric-exporter-rhel8@sha256:fd70baba0ba7a59a994ca33527ecb2575ab199daeb4ecd34581cccf0db246c59_s390x",
"product_identification_helper": {
"purl": "pkg:oci/log-file-metric-exporter-rhel8@sha256:fd70baba0ba7a59a994ca33527ecb2575ab199daeb4ecd34581cccf0db246c59?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel8\u0026tag=v1.0.0-70"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/logging-curator5-rhel8@sha256:1d900ee34e14094e24b855acfbeec3f2f3c82f3fcc07d3b4cebe5e92ea1a8fde_s390x",
"product": {
"name": "openshift-logging/logging-curator5-rhel8@sha256:1d900ee34e14094e24b855acfbeec3f2f3c82f3fcc07d3b4cebe5e92ea1a8fde_s390x",
"product_id": "openshift-logging/logging-curator5-rhel8@sha256:1d900ee34e14094e24b855acfbeec3f2f3c82f3fcc07d3b4cebe5e92ea1a8fde_s390x",
"product_identification_helper": {
"purl": "pkg:oci/logging-curator5-rhel8@sha256:1d900ee34e14094e24b855acfbeec3f2f3c82f3fcc07d3b4cebe5e92ea1a8fde?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/logging-curator5-rhel8\u0026tag=v5.8.1-72"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch6-rhel8@sha256:ac206b3da24eb8df95e2e3b0bec234e84b8e5ef7000234f069855b73de77d846_s390x",
"product": {
"name": "openshift-logging/elasticsearch6-rhel8@sha256:ac206b3da24eb8df95e2e3b0bec234e84b8e5ef7000234f069855b73de77d846_s390x",
"product_id": "openshift-logging/elasticsearch6-rhel8@sha256:ac206b3da24eb8df95e2e3b0bec234e84b8e5ef7000234f069855b73de77d846_s390x",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch6-rhel8@sha256:ac206b3da24eb8df95e2e3b0bec234e84b8e5ef7000234f069855b73de77d846?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch6-rhel8\u0026tag=v6.8.1-99"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/eventrouter-rhel8@sha256:440473f04ef4cfd1d016063daabf011eb2ba6b9acea96312a72f215277333e53_s390x",
"product": {
"name": "openshift-logging/eventrouter-rhel8@sha256:440473f04ef4cfd1d016063daabf011eb2ba6b9acea96312a72f215277333e53_s390x",
"product_id": "openshift-logging/eventrouter-rhel8@sha256:440473f04ef4cfd1d016063daabf011eb2ba6b9acea96312a72f215277333e53_s390x",
"product_identification_helper": {
"purl": "pkg:oci/eventrouter-rhel8@sha256:440473f04ef4cfd1d016063daabf011eb2ba6b9acea96312a72f215277333e53?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/eventrouter-rhel8\u0026tag=v0.3.0-98"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/fluentd-rhel8@sha256:4b114196ac78f93575475437a794c881fe79126f3e73fed1fe5ea9f89fcdb6c1_s390x",
"product": {
"name": "openshift-logging/fluentd-rhel8@sha256:4b114196ac78f93575475437a794c881fe79126f3e73fed1fe5ea9f89fcdb6c1_s390x",
"product_id": "openshift-logging/fluentd-rhel8@sha256:4b114196ac78f93575475437a794c881fe79126f3e73fed1fe5ea9f89fcdb6c1_s390x",
"product_identification_helper": {
"purl": "pkg:oci/fluentd-rhel8@sha256:4b114196ac78f93575475437a794c881fe79126f3e73fed1fe5ea9f89fcdb6c1?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/fluentd-rhel8\u0026tag=v1.7.4-103"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/kibana6-rhel8@sha256:61a6311f2ca53f6e600007bd9ffc90c7183f81db8fee8d839991565d82be5f2e_s390x",
"product": {
"name": "openshift-logging/kibana6-rhel8@sha256:61a6311f2ca53f6e600007bd9ffc90c7183f81db8fee8d839991565d82be5f2e_s390x",
"product_id": "openshift-logging/kibana6-rhel8@sha256:61a6311f2ca53f6e600007bd9ffc90c7183f81db8fee8d839991565d82be5f2e_s390x",
"product_identification_helper": {
"purl": "pkg:oci/kibana6-rhel8@sha256:61a6311f2ca53f6e600007bd9ffc90c7183f81db8fee8d839991565d82be5f2e?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/kibana6-rhel8\u0026tag=v6.8.1-109"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-logging/cluster-logging-rhel8-operator@sha256:9f622b5daa152e2b8d94fa12defc3c08d93fddb34b1b4edbf841da5f00d7918d_ppc64le",
"product": {
"name": "openshift-logging/cluster-logging-rhel8-operator@sha256:9f622b5daa152e2b8d94fa12defc3c08d93fddb34b1b4edbf841da5f00d7918d_ppc64le",
"product_id": "openshift-logging/cluster-logging-rhel8-operator@sha256:9f622b5daa152e2b8d94fa12defc3c08d93fddb34b1b4edbf841da5f00d7918d_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/cluster-logging-rhel8-operator@sha256:9f622b5daa152e2b8d94fa12defc3c08d93fddb34b1b4edbf841da5f00d7918d?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/cluster-logging-rhel8-operator\u0026tag=v5.3.3-3"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch-rhel8-operator@sha256:1209bca75d71152af832b0e11dfee461f4c6fdbeda6b91743e637ce453702f3c_ppc64le",
"product": {
"name": "openshift-logging/elasticsearch-rhel8-operator@sha256:1209bca75d71152af832b0e11dfee461f4c6fdbeda6b91743e637ce453702f3c_ppc64le",
"product_id": "openshift-logging/elasticsearch-rhel8-operator@sha256:1209bca75d71152af832b0e11dfee461f4c6fdbeda6b91743e637ce453702f3c_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch-rhel8-operator@sha256:1209bca75d71152af832b0e11dfee461f4c6fdbeda6b91743e637ce453702f3c?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch-rhel8-operator\u0026tag=v5.3.3-3"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:183da02fcaa5915a0552e5c4c4716b521cb5a698590fc1f58e0cede837f52b49_ppc64le",
"product": {
"name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:183da02fcaa5915a0552e5c4c4716b521cb5a698590fc1f58e0cede837f52b49_ppc64le",
"product_id": "openshift-logging/elasticsearch-proxy-rhel8@sha256:183da02fcaa5915a0552e5c4c4716b521cb5a698590fc1f58e0cede837f52b49_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch-proxy-rhel8@sha256:183da02fcaa5915a0552e5c4c4716b521cb5a698590fc1f58e0cede837f52b49?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch-proxy-rhel8\u0026tag=v1.0.0-103"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/log-file-metric-exporter-rhel8@sha256:ce82cceec1ccb2e951cc54fbc6bd1109a616034f9462b19f13dffa35902e0cef_ppc64le",
"product": {
"name": "openshift-logging/log-file-metric-exporter-rhel8@sha256:ce82cceec1ccb2e951cc54fbc6bd1109a616034f9462b19f13dffa35902e0cef_ppc64le",
"product_id": "openshift-logging/log-file-metric-exporter-rhel8@sha256:ce82cceec1ccb2e951cc54fbc6bd1109a616034f9462b19f13dffa35902e0cef_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/log-file-metric-exporter-rhel8@sha256:ce82cceec1ccb2e951cc54fbc6bd1109a616034f9462b19f13dffa35902e0cef?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel8\u0026tag=v1.0.0-70"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/logging-curator5-rhel8@sha256:04cb0712418289fc446752a0c274d1036886312b7a63b54ebbeeab1421c10924_ppc64le",
"product": {
"name": "openshift-logging/logging-curator5-rhel8@sha256:04cb0712418289fc446752a0c274d1036886312b7a63b54ebbeeab1421c10924_ppc64le",
"product_id": "openshift-logging/logging-curator5-rhel8@sha256:04cb0712418289fc446752a0c274d1036886312b7a63b54ebbeeab1421c10924_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/logging-curator5-rhel8@sha256:04cb0712418289fc446752a0c274d1036886312b7a63b54ebbeeab1421c10924?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/logging-curator5-rhel8\u0026tag=v5.8.1-72"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch6-rhel8@sha256:a8942268c538c264d5a7950f91106c44b1a431262a7af31ed02bed79f1c22d93_ppc64le",
"product": {
"name": "openshift-logging/elasticsearch6-rhel8@sha256:a8942268c538c264d5a7950f91106c44b1a431262a7af31ed02bed79f1c22d93_ppc64le",
"product_id": "openshift-logging/elasticsearch6-rhel8@sha256:a8942268c538c264d5a7950f91106c44b1a431262a7af31ed02bed79f1c22d93_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch6-rhel8@sha256:a8942268c538c264d5a7950f91106c44b1a431262a7af31ed02bed79f1c22d93?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch6-rhel8\u0026tag=v6.8.1-99"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/eventrouter-rhel8@sha256:b1b03c78595d10ae30b5a35983784eaea11f1f9763944b2f9938117149bdd511_ppc64le",
"product": {
"name": "openshift-logging/eventrouter-rhel8@sha256:b1b03c78595d10ae30b5a35983784eaea11f1f9763944b2f9938117149bdd511_ppc64le",
"product_id": "openshift-logging/eventrouter-rhel8@sha256:b1b03c78595d10ae30b5a35983784eaea11f1f9763944b2f9938117149bdd511_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/eventrouter-rhel8@sha256:b1b03c78595d10ae30b5a35983784eaea11f1f9763944b2f9938117149bdd511?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/eventrouter-rhel8\u0026tag=v0.3.0-98"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/fluentd-rhel8@sha256:4cf7cc86ccb8059ee5083d6e68a413e1db804ff45e126a9f87b1d52e8dd82855_ppc64le",
"product": {
"name": "openshift-logging/fluentd-rhel8@sha256:4cf7cc86ccb8059ee5083d6e68a413e1db804ff45e126a9f87b1d52e8dd82855_ppc64le",
"product_id": "openshift-logging/fluentd-rhel8@sha256:4cf7cc86ccb8059ee5083d6e68a413e1db804ff45e126a9f87b1d52e8dd82855_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/fluentd-rhel8@sha256:4cf7cc86ccb8059ee5083d6e68a413e1db804ff45e126a9f87b1d52e8dd82855?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/fluentd-rhel8\u0026tag=v1.7.4-103"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/kibana6-rhel8@sha256:278eb4ecec21f235a26693b3f6c1b0cdfab5635f5a5ac51dd0540c6ab69c1316_ppc64le",
"product": {
"name": "openshift-logging/kibana6-rhel8@sha256:278eb4ecec21f235a26693b3f6c1b0cdfab5635f5a5ac51dd0540c6ab69c1316_ppc64le",
"product_id": "openshift-logging/kibana6-rhel8@sha256:278eb4ecec21f235a26693b3f6c1b0cdfab5635f5a5ac51dd0540c6ab69c1316_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/kibana6-rhel8@sha256:278eb4ecec21f235a26693b3f6c1b0cdfab5635f5a5ac51dd0540c6ab69c1316?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/kibana6-rhel8\u0026tag=v6.8.1-109"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/cluster-logging-operator-bundle@sha256:1eab02e25f64839b15747d2bb8e0e6f8c3f632e9372a5ee926cde2c1e5cbc998_amd64 as a component of OpenShift Logging 5.3",
"product_id": "8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-operator-bundle@sha256:1eab02e25f64839b15747d2bb8e0e6f8c3f632e9372a5ee926cde2c1e5cbc998_amd64"
},
"product_reference": "openshift-logging/cluster-logging-operator-bundle@sha256:1eab02e25f64839b15747d2bb8e0e6f8c3f632e9372a5ee926cde2c1e5cbc998_amd64",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/cluster-logging-rhel8-operator@sha256:6c544de84925d0e3883a5d091c17a33362a0138271bbbda6663eb1407f98e0c5_s390x as a component of OpenShift Logging 5.3",
"product_id": "8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-rhel8-operator@sha256:6c544de84925d0e3883a5d091c17a33362a0138271bbbda6663eb1407f98e0c5_s390x"
},
"product_reference": "openshift-logging/cluster-logging-rhel8-operator@sha256:6c544de84925d0e3883a5d091c17a33362a0138271bbbda6663eb1407f98e0c5_s390x",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/cluster-logging-rhel8-operator@sha256:74e4ae6c04abc489b90cab07c40f24f68ab7f92e366d3661ba3130ca6fa205c9_amd64 as a component of OpenShift Logging 5.3",
"product_id": "8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-rhel8-operator@sha256:74e4ae6c04abc489b90cab07c40f24f68ab7f92e366d3661ba3130ca6fa205c9_amd64"
},
"product_reference": "openshift-logging/cluster-logging-rhel8-operator@sha256:74e4ae6c04abc489b90cab07c40f24f68ab7f92e366d3661ba3130ca6fa205c9_amd64",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/cluster-logging-rhel8-operator@sha256:9f622b5daa152e2b8d94fa12defc3c08d93fddb34b1b4edbf841da5f00d7918d_ppc64le as a component of OpenShift Logging 5.3",
"product_id": "8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-rhel8-operator@sha256:9f622b5daa152e2b8d94fa12defc3c08d93fddb34b1b4edbf841da5f00d7918d_ppc64le"
},
"product_reference": "openshift-logging/cluster-logging-rhel8-operator@sha256:9f622b5daa152e2b8d94fa12defc3c08d93fddb34b1b4edbf841da5f00d7918d_ppc64le",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch-operator-bundle@sha256:eec91dbe056a85b3a8b61c5ce4d9383e182440f5ea496fac64a22cd7920daf5f_amd64 as a component of OpenShift Logging 5.3",
"product_id": "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-operator-bundle@sha256:eec91dbe056a85b3a8b61c5ce4d9383e182440f5ea496fac64a22cd7920daf5f_amd64"
},
"product_reference": "openshift-logging/elasticsearch-operator-bundle@sha256:eec91dbe056a85b3a8b61c5ce4d9383e182440f5ea496fac64a22cd7920daf5f_amd64",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:183da02fcaa5915a0552e5c4c4716b521cb5a698590fc1f58e0cede837f52b49_ppc64le as a component of OpenShift Logging 5.3",
"product_id": "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-proxy-rhel8@sha256:183da02fcaa5915a0552e5c4c4716b521cb5a698590fc1f58e0cede837f52b49_ppc64le"
},
"product_reference": "openshift-logging/elasticsearch-proxy-rhel8@sha256:183da02fcaa5915a0552e5c4c4716b521cb5a698590fc1f58e0cede837f52b49_ppc64le",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:1d7fe3558d416cf1ce9cd59e68f71ac3123b1cb8a3435001d2fa356198ea821c_s390x as a component of OpenShift Logging 5.3",
"product_id": "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-proxy-rhel8@sha256:1d7fe3558d416cf1ce9cd59e68f71ac3123b1cb8a3435001d2fa356198ea821c_s390x"
},
"product_reference": "openshift-logging/elasticsearch-proxy-rhel8@sha256:1d7fe3558d416cf1ce9cd59e68f71ac3123b1cb8a3435001d2fa356198ea821c_s390x",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:37eda3069f8fb47a90b0adef38e93df074dbe57821e3c306da03e2c1e267e9ed_amd64 as a component of OpenShift Logging 5.3",
"product_id": "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-proxy-rhel8@sha256:37eda3069f8fb47a90b0adef38e93df074dbe57821e3c306da03e2c1e267e9ed_amd64"
},
"product_reference": "openshift-logging/elasticsearch-proxy-rhel8@sha256:37eda3069f8fb47a90b0adef38e93df074dbe57821e3c306da03e2c1e267e9ed_amd64",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch-rhel8-operator@sha256:1209bca75d71152af832b0e11dfee461f4c6fdbeda6b91743e637ce453702f3c_ppc64le as a component of OpenShift Logging 5.3",
"product_id": "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-rhel8-operator@sha256:1209bca75d71152af832b0e11dfee461f4c6fdbeda6b91743e637ce453702f3c_ppc64le"
},
"product_reference": "openshift-logging/elasticsearch-rhel8-operator@sha256:1209bca75d71152af832b0e11dfee461f4c6fdbeda6b91743e637ce453702f3c_ppc64le",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch-rhel8-operator@sha256:1e342d10db70e1b160f906c65e6caa25aa64c519dd7ae7e8233fe2fe65121207_amd64 as a component of OpenShift Logging 5.3",
"product_id": "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-rhel8-operator@sha256:1e342d10db70e1b160f906c65e6caa25aa64c519dd7ae7e8233fe2fe65121207_amd64"
},
"product_reference": "openshift-logging/elasticsearch-rhel8-operator@sha256:1e342d10db70e1b160f906c65e6caa25aa64c519dd7ae7e8233fe2fe65121207_amd64",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch-rhel8-operator@sha256:f7e2c329f04793173ae4412aa096cf86ce7225c94b059c56d8c9e7dbe71b9a19_s390x as a component of OpenShift Logging 5.3",
"product_id": "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-rhel8-operator@sha256:f7e2c329f04793173ae4412aa096cf86ce7225c94b059c56d8c9e7dbe71b9a19_s390x"
},
"product_reference": "openshift-logging/elasticsearch-rhel8-operator@sha256:f7e2c329f04793173ae4412aa096cf86ce7225c94b059c56d8c9e7dbe71b9a19_s390x",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch6-rhel8@sha256:5e2d853cc71ec673ce0f6bcc14628c2fd650a9153b8d7e5f8cd1a1b2ef36093e_amd64 as a component of OpenShift Logging 5.3",
"product_id": "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch6-rhel8@sha256:5e2d853cc71ec673ce0f6bcc14628c2fd650a9153b8d7e5f8cd1a1b2ef36093e_amd64"
},
"product_reference": "openshift-logging/elasticsearch6-rhel8@sha256:5e2d853cc71ec673ce0f6bcc14628c2fd650a9153b8d7e5f8cd1a1b2ef36093e_amd64",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch6-rhel8@sha256:a8942268c538c264d5a7950f91106c44b1a431262a7af31ed02bed79f1c22d93_ppc64le as a component of OpenShift Logging 5.3",
"product_id": "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch6-rhel8@sha256:a8942268c538c264d5a7950f91106c44b1a431262a7af31ed02bed79f1c22d93_ppc64le"
},
"product_reference": "openshift-logging/elasticsearch6-rhel8@sha256:a8942268c538c264d5a7950f91106c44b1a431262a7af31ed02bed79f1c22d93_ppc64le",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch6-rhel8@sha256:ac206b3da24eb8df95e2e3b0bec234e84b8e5ef7000234f069855b73de77d846_s390x as a component of OpenShift Logging 5.3",
"product_id": "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch6-rhel8@sha256:ac206b3da24eb8df95e2e3b0bec234e84b8e5ef7000234f069855b73de77d846_s390x"
},
"product_reference": "openshift-logging/elasticsearch6-rhel8@sha256:ac206b3da24eb8df95e2e3b0bec234e84b8e5ef7000234f069855b73de77d846_s390x",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/eventrouter-rhel8@sha256:440473f04ef4cfd1d016063daabf011eb2ba6b9acea96312a72f215277333e53_s390x as a component of OpenShift Logging 5.3",
"product_id": "8Base-OSE-LOGGING-5.3:openshift-logging/eventrouter-rhel8@sha256:440473f04ef4cfd1d016063daabf011eb2ba6b9acea96312a72f215277333e53_s390x"
},
"product_reference": "openshift-logging/eventrouter-rhel8@sha256:440473f04ef4cfd1d016063daabf011eb2ba6b9acea96312a72f215277333e53_s390x",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/eventrouter-rhel8@sha256:956fb983f6ca0991c2d2a03f7054bd2c9881c03883e44d7b695dba475df62a29_amd64 as a component of OpenShift Logging 5.3",
"product_id": "8Base-OSE-LOGGING-5.3:openshift-logging/eventrouter-rhel8@sha256:956fb983f6ca0991c2d2a03f7054bd2c9881c03883e44d7b695dba475df62a29_amd64"
},
"product_reference": "openshift-logging/eventrouter-rhel8@sha256:956fb983f6ca0991c2d2a03f7054bd2c9881c03883e44d7b695dba475df62a29_amd64",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/eventrouter-rhel8@sha256:b1b03c78595d10ae30b5a35983784eaea11f1f9763944b2f9938117149bdd511_ppc64le as a component of OpenShift Logging 5.3",
"product_id": "8Base-OSE-LOGGING-5.3:openshift-logging/eventrouter-rhel8@sha256:b1b03c78595d10ae30b5a35983784eaea11f1f9763944b2f9938117149bdd511_ppc64le"
},
"product_reference": "openshift-logging/eventrouter-rhel8@sha256:b1b03c78595d10ae30b5a35983784eaea11f1f9763944b2f9938117149bdd511_ppc64le",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/fluentd-rhel8@sha256:4b114196ac78f93575475437a794c881fe79126f3e73fed1fe5ea9f89fcdb6c1_s390x as a component of OpenShift Logging 5.3",
"product_id": "8Base-OSE-LOGGING-5.3:openshift-logging/fluentd-rhel8@sha256:4b114196ac78f93575475437a794c881fe79126f3e73fed1fe5ea9f89fcdb6c1_s390x"
},
"product_reference": "openshift-logging/fluentd-rhel8@sha256:4b114196ac78f93575475437a794c881fe79126f3e73fed1fe5ea9f89fcdb6c1_s390x",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/fluentd-rhel8@sha256:4cf7cc86ccb8059ee5083d6e68a413e1db804ff45e126a9f87b1d52e8dd82855_ppc64le as a component of OpenShift Logging 5.3",
"product_id": "8Base-OSE-LOGGING-5.3:openshift-logging/fluentd-rhel8@sha256:4cf7cc86ccb8059ee5083d6e68a413e1db804ff45e126a9f87b1d52e8dd82855_ppc64le"
},
"product_reference": "openshift-logging/fluentd-rhel8@sha256:4cf7cc86ccb8059ee5083d6e68a413e1db804ff45e126a9f87b1d52e8dd82855_ppc64le",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/fluentd-rhel8@sha256:ae0cf89749b44739b6f2560c3f6527cee2606b67388a7d965dd76644a25420f5_amd64 as a component of OpenShift Logging 5.3",
"product_id": "8Base-OSE-LOGGING-5.3:openshift-logging/fluentd-rhel8@sha256:ae0cf89749b44739b6f2560c3f6527cee2606b67388a7d965dd76644a25420f5_amd64"
},
"product_reference": "openshift-logging/fluentd-rhel8@sha256:ae0cf89749b44739b6f2560c3f6527cee2606b67388a7d965dd76644a25420f5_amd64",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/kibana6-rhel8@sha256:278eb4ecec21f235a26693b3f6c1b0cdfab5635f5a5ac51dd0540c6ab69c1316_ppc64le as a component of OpenShift Logging 5.3",
"product_id": "8Base-OSE-LOGGING-5.3:openshift-logging/kibana6-rhel8@sha256:278eb4ecec21f235a26693b3f6c1b0cdfab5635f5a5ac51dd0540c6ab69c1316_ppc64le"
},
"product_reference": "openshift-logging/kibana6-rhel8@sha256:278eb4ecec21f235a26693b3f6c1b0cdfab5635f5a5ac51dd0540c6ab69c1316_ppc64le",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/kibana6-rhel8@sha256:61a6311f2ca53f6e600007bd9ffc90c7183f81db8fee8d839991565d82be5f2e_s390x as a component of OpenShift Logging 5.3",
"product_id": "8Base-OSE-LOGGING-5.3:openshift-logging/kibana6-rhel8@sha256:61a6311f2ca53f6e600007bd9ffc90c7183f81db8fee8d839991565d82be5f2e_s390x"
},
"product_reference": "openshift-logging/kibana6-rhel8@sha256:61a6311f2ca53f6e600007bd9ffc90c7183f81db8fee8d839991565d82be5f2e_s390x",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/kibana6-rhel8@sha256:680c44946a899270de101bca06b22ed5b4eba0b85c1e01e21e30fc6a2740ab2d_amd64 as a component of OpenShift Logging 5.3",
"product_id": "8Base-OSE-LOGGING-5.3:openshift-logging/kibana6-rhel8@sha256:680c44946a899270de101bca06b22ed5b4eba0b85c1e01e21e30fc6a2740ab2d_amd64"
},
"product_reference": "openshift-logging/kibana6-rhel8@sha256:680c44946a899270de101bca06b22ed5b4eba0b85c1e01e21e30fc6a2740ab2d_amd64",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/log-file-metric-exporter-rhel8@sha256:25f94f0e27668fe254b7ff74731d39b7ed9f6c278c52dcf759893d9a1abe4895_amd64 as a component of OpenShift Logging 5.3",
"product_id": "8Base-OSE-LOGGING-5.3:openshift-logging/log-file-metric-exporter-rhel8@sha256:25f94f0e27668fe254b7ff74731d39b7ed9f6c278c52dcf759893d9a1abe4895_amd64"
},
"product_reference": "openshift-logging/log-file-metric-exporter-rhel8@sha256:25f94f0e27668fe254b7ff74731d39b7ed9f6c278c52dcf759893d9a1abe4895_amd64",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/log-file-metric-exporter-rhel8@sha256:ce82cceec1ccb2e951cc54fbc6bd1109a616034f9462b19f13dffa35902e0cef_ppc64le as a component of OpenShift Logging 5.3",
"product_id": "8Base-OSE-LOGGING-5.3:openshift-logging/log-file-metric-exporter-rhel8@sha256:ce82cceec1ccb2e951cc54fbc6bd1109a616034f9462b19f13dffa35902e0cef_ppc64le"
},
"product_reference": "openshift-logging/log-file-metric-exporter-rhel8@sha256:ce82cceec1ccb2e951cc54fbc6bd1109a616034f9462b19f13dffa35902e0cef_ppc64le",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/log-file-metric-exporter-rhel8@sha256:fd70baba0ba7a59a994ca33527ecb2575ab199daeb4ecd34581cccf0db246c59_s390x as a component of OpenShift Logging 5.3",
"product_id": "8Base-OSE-LOGGING-5.3:openshift-logging/log-file-metric-exporter-rhel8@sha256:fd70baba0ba7a59a994ca33527ecb2575ab199daeb4ecd34581cccf0db246c59_s390x"
},
"product_reference": "openshift-logging/log-file-metric-exporter-rhel8@sha256:fd70baba0ba7a59a994ca33527ecb2575ab199daeb4ecd34581cccf0db246c59_s390x",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/logging-curator5-rhel8@sha256:04cb0712418289fc446752a0c274d1036886312b7a63b54ebbeeab1421c10924_ppc64le as a component of OpenShift Logging 5.3",
"product_id": "8Base-OSE-LOGGING-5.3:openshift-logging/logging-curator5-rhel8@sha256:04cb0712418289fc446752a0c274d1036886312b7a63b54ebbeeab1421c10924_ppc64le"
},
"product_reference": "openshift-logging/logging-curator5-rhel8@sha256:04cb0712418289fc446752a0c274d1036886312b7a63b54ebbeeab1421c10924_ppc64le",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/logging-curator5-rhel8@sha256:1d900ee34e14094e24b855acfbeec3f2f3c82f3fcc07d3b4cebe5e92ea1a8fde_s390x as a component of OpenShift Logging 5.3",
"product_id": "8Base-OSE-LOGGING-5.3:openshift-logging/logging-curator5-rhel8@sha256:1d900ee34e14094e24b855acfbeec3f2f3c82f3fcc07d3b4cebe5e92ea1a8fde_s390x"
},
"product_reference": "openshift-logging/logging-curator5-rhel8@sha256:1d900ee34e14094e24b855acfbeec3f2f3c82f3fcc07d3b4cebe5e92ea1a8fde_s390x",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/logging-curator5-rhel8@sha256:b722f8982018f215a0a1566a561d742f1f7d99a2b507b8a7e874f6db1a6fef08_amd64 as a component of OpenShift Logging 5.3",
"product_id": "8Base-OSE-LOGGING-5.3:openshift-logging/logging-curator5-rhel8@sha256:b722f8982018f215a0a1566a561d742f1f7d99a2b507b8a7e874f6db1a6fef08_amd64"
},
"product_reference": "openshift-logging/logging-curator5-rhel8@sha256:b722f8982018f215a0a1566a561d742f1f7d99a2b507b8a7e874f6db1a6fef08_amd64",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.3"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-27292",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2021-03-17T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-operator-bundle@sha256:1eab02e25f64839b15747d2bb8e0e6f8c3f632e9372a5ee926cde2c1e5cbc998_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-rhel8-operator@sha256:6c544de84925d0e3883a5d091c17a33362a0138271bbbda6663eb1407f98e0c5_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-rhel8-operator@sha256:74e4ae6c04abc489b90cab07c40f24f68ab7f92e366d3661ba3130ca6fa205c9_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-rhel8-operator@sha256:9f622b5daa152e2b8d94fa12defc3c08d93fddb34b1b4edbf841da5f00d7918d_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-operator-bundle@sha256:eec91dbe056a85b3a8b61c5ce4d9383e182440f5ea496fac64a22cd7920daf5f_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-proxy-rhel8@sha256:183da02fcaa5915a0552e5c4c4716b521cb5a698590fc1f58e0cede837f52b49_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-proxy-rhel8@sha256:1d7fe3558d416cf1ce9cd59e68f71ac3123b1cb8a3435001d2fa356198ea821c_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-proxy-rhel8@sha256:37eda3069f8fb47a90b0adef38e93df074dbe57821e3c306da03e2c1e267e9ed_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-rhel8-operator@sha256:1209bca75d71152af832b0e11dfee461f4c6fdbeda6b91743e637ce453702f3c_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-rhel8-operator@sha256:1e342d10db70e1b160f906c65e6caa25aa64c519dd7ae7e8233fe2fe65121207_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-rhel8-operator@sha256:f7e2c329f04793173ae4412aa096cf86ce7225c94b059c56d8c9e7dbe71b9a19_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch6-rhel8@sha256:5e2d853cc71ec673ce0f6bcc14628c2fd650a9153b8d7e5f8cd1a1b2ef36093e_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch6-rhel8@sha256:a8942268c538c264d5a7950f91106c44b1a431262a7af31ed02bed79f1c22d93_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch6-rhel8@sha256:ac206b3da24eb8df95e2e3b0bec234e84b8e5ef7000234f069855b73de77d846_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/eventrouter-rhel8@sha256:440473f04ef4cfd1d016063daabf011eb2ba6b9acea96312a72f215277333e53_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/eventrouter-rhel8@sha256:956fb983f6ca0991c2d2a03f7054bd2c9881c03883e44d7b695dba475df62a29_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/eventrouter-rhel8@sha256:b1b03c78595d10ae30b5a35983784eaea11f1f9763944b2f9938117149bdd511_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/fluentd-rhel8@sha256:4b114196ac78f93575475437a794c881fe79126f3e73fed1fe5ea9f89fcdb6c1_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/fluentd-rhel8@sha256:4cf7cc86ccb8059ee5083d6e68a413e1db804ff45e126a9f87b1d52e8dd82855_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/fluentd-rhel8@sha256:ae0cf89749b44739b6f2560c3f6527cee2606b67388a7d965dd76644a25420f5_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/log-file-metric-exporter-rhel8@sha256:25f94f0e27668fe254b7ff74731d39b7ed9f6c278c52dcf759893d9a1abe4895_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/log-file-metric-exporter-rhel8@sha256:ce82cceec1ccb2e951cc54fbc6bd1109a616034f9462b19f13dffa35902e0cef_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/log-file-metric-exporter-rhel8@sha256:fd70baba0ba7a59a994ca33527ecb2575ab199daeb4ecd34581cccf0db246c59_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/logging-curator5-rhel8@sha256:04cb0712418289fc446752a0c274d1036886312b7a63b54ebbeeab1421c10924_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/logging-curator5-rhel8@sha256:1d900ee34e14094e24b855acfbeec3f2f3c82f3fcc07d3b4cebe5e92ea1a8fde_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/logging-curator5-rhel8@sha256:b722f8982018f215a0a1566a561d742f1f7d99a2b507b8a7e874f6db1a6fef08_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1940613"
}
],
"notes": [
{
"category": "description",
"text": "A regular expression denial of service (ReDoS) vulnerability was found in the npm library `ua-parser-js`. If a supplied user agent matches the `Noble` string and contains many spaces then the regex will conduct backtracking, taking an ever increasing amount of time depending on the number of spaces supplied. An attacker can use this vulnerability to potentially craft a malicious user agent resulting in a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "nodejs-ua-parser-js: ReDoS via malicious User-Agent header",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "While some components do package a vulnerable version of ua-parser-js, access to them requires OpenShift OAuth credentials and hence have been marked with a Low impact. This applies to the following products:\n - OpenShift Container Platform (OCP)\n - OpenShift ServiceMesh (OSSM) \n - Red Hat OpenShift Jaeger (RHOSJ)\n - Red Hat OpenShift Logging\n\nThe OCP presto-container does ship the vulnerable component, however since OCP 4.6 the Metering product has been deprecated [1], set as wont-fix and may be fixed in a future release.\n\nRed Hat Advanced Cluster Management for Kubernetes (RHACM) ships graphql-tools that pulls 0.7.23 version of ua-parser-js that uses the affected code.\n\n[1] - https://access.redhat.com/solutions/5707561",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OSE-LOGGING-5.3:openshift-logging/kibana6-rhel8@sha256:278eb4ecec21f235a26693b3f6c1b0cdfab5635f5a5ac51dd0540c6ab69c1316_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/kibana6-rhel8@sha256:61a6311f2ca53f6e600007bd9ffc90c7183f81db8fee8d839991565d82be5f2e_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/kibana6-rhel8@sha256:680c44946a899270de101bca06b22ed5b4eba0b85c1e01e21e30fc6a2740ab2d_amd64"
],
"known_not_affected": [
"8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-operator-bundle@sha256:1eab02e25f64839b15747d2bb8e0e6f8c3f632e9372a5ee926cde2c1e5cbc998_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-rhel8-operator@sha256:6c544de84925d0e3883a5d091c17a33362a0138271bbbda6663eb1407f98e0c5_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-rhel8-operator@sha256:74e4ae6c04abc489b90cab07c40f24f68ab7f92e366d3661ba3130ca6fa205c9_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-rhel8-operator@sha256:9f622b5daa152e2b8d94fa12defc3c08d93fddb34b1b4edbf841da5f00d7918d_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-operator-bundle@sha256:eec91dbe056a85b3a8b61c5ce4d9383e182440f5ea496fac64a22cd7920daf5f_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-proxy-rhel8@sha256:183da02fcaa5915a0552e5c4c4716b521cb5a698590fc1f58e0cede837f52b49_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-proxy-rhel8@sha256:1d7fe3558d416cf1ce9cd59e68f71ac3123b1cb8a3435001d2fa356198ea821c_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-proxy-rhel8@sha256:37eda3069f8fb47a90b0adef38e93df074dbe57821e3c306da03e2c1e267e9ed_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-rhel8-operator@sha256:1209bca75d71152af832b0e11dfee461f4c6fdbeda6b91743e637ce453702f3c_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-rhel8-operator@sha256:1e342d10db70e1b160f906c65e6caa25aa64c519dd7ae7e8233fe2fe65121207_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-rhel8-operator@sha256:f7e2c329f04793173ae4412aa096cf86ce7225c94b059c56d8c9e7dbe71b9a19_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch6-rhel8@sha256:5e2d853cc71ec673ce0f6bcc14628c2fd650a9153b8d7e5f8cd1a1b2ef36093e_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch6-rhel8@sha256:a8942268c538c264d5a7950f91106c44b1a431262a7af31ed02bed79f1c22d93_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch6-rhel8@sha256:ac206b3da24eb8df95e2e3b0bec234e84b8e5ef7000234f069855b73de77d846_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/eventrouter-rhel8@sha256:440473f04ef4cfd1d016063daabf011eb2ba6b9acea96312a72f215277333e53_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/eventrouter-rhel8@sha256:956fb983f6ca0991c2d2a03f7054bd2c9881c03883e44d7b695dba475df62a29_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/eventrouter-rhel8@sha256:b1b03c78595d10ae30b5a35983784eaea11f1f9763944b2f9938117149bdd511_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/fluentd-rhel8@sha256:4b114196ac78f93575475437a794c881fe79126f3e73fed1fe5ea9f89fcdb6c1_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/fluentd-rhel8@sha256:4cf7cc86ccb8059ee5083d6e68a413e1db804ff45e126a9f87b1d52e8dd82855_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/fluentd-rhel8@sha256:ae0cf89749b44739b6f2560c3f6527cee2606b67388a7d965dd76644a25420f5_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/log-file-metric-exporter-rhel8@sha256:25f94f0e27668fe254b7ff74731d39b7ed9f6c278c52dcf759893d9a1abe4895_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/log-file-metric-exporter-rhel8@sha256:ce82cceec1ccb2e951cc54fbc6bd1109a616034f9462b19f13dffa35902e0cef_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/log-file-metric-exporter-rhel8@sha256:fd70baba0ba7a59a994ca33527ecb2575ab199daeb4ecd34581cccf0db246c59_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/logging-curator5-rhel8@sha256:04cb0712418289fc446752a0c274d1036886312b7a63b54ebbeeab1421c10924_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/logging-curator5-rhel8@sha256:1d900ee34e14094e24b855acfbeec3f2f3c82f3fcc07d3b4cebe5e92ea1a8fde_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/logging-curator5-rhel8@sha256:b722f8982018f215a0a1566a561d742f1f7d99a2b507b8a7e874f6db1a6fef08_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-27292"
},
{
"category": "external",
"summary": "RHBZ#1940613",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1940613"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-27292",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-27292"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-27292",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-27292"
},
{
"category": "external",
"summary": "https://gist.github.com/b-c-ds/6941d80d6b4e694df4bc269493b7be76",
"url": "https://gist.github.com/b-c-ds/6941d80d6b4e694df4bc269493b7be76"
}
],
"release_date": "2021-02-11T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-01-20T21:40:25+00:00",
"details": "For OpenShift Container Platform 4.9 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:\n\nhttps://docs.openshift.com/container-platform/4.9/release_notes/ocp-4-9-release-notes.html\n\nFor Red Hat OpenShift Logging 5.3, see the following instructions to apply this update:\n\nhttps://docs.openshift.com/container-platform/4.7/logging/cluster-logging-upgrading.html",
"product_ids": [
"8Base-OSE-LOGGING-5.3:openshift-logging/kibana6-rhel8@sha256:278eb4ecec21f235a26693b3f6c1b0cdfab5635f5a5ac51dd0540c6ab69c1316_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/kibana6-rhel8@sha256:61a6311f2ca53f6e600007bd9ffc90c7183f81db8fee8d839991565d82be5f2e_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/kibana6-rhel8@sha256:680c44946a899270de101bca06b22ed5b4eba0b85c1e01e21e30fc6a2740ab2d_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:0227"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-OSE-LOGGING-5.3:openshift-logging/kibana6-rhel8@sha256:278eb4ecec21f235a26693b3f6c1b0cdfab5635f5a5ac51dd0540c6ab69c1316_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/kibana6-rhel8@sha256:61a6311f2ca53f6e600007bd9ffc90c7183f81db8fee8d839991565d82be5f2e_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/kibana6-rhel8@sha256:680c44946a899270de101bca06b22ed5b4eba0b85c1e01e21e30fc6a2740ab2d_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "nodejs-ua-parser-js: ReDoS via malicious User-Agent header"
},
{
"cve": "CVE-2021-44832",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2021-12-28T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-operator-bundle@sha256:1eab02e25f64839b15747d2bb8e0e6f8c3f632e9372a5ee926cde2c1e5cbc998_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-rhel8-operator@sha256:6c544de84925d0e3883a5d091c17a33362a0138271bbbda6663eb1407f98e0c5_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-rhel8-operator@sha256:74e4ae6c04abc489b90cab07c40f24f68ab7f92e366d3661ba3130ca6fa205c9_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-rhel8-operator@sha256:9f622b5daa152e2b8d94fa12defc3c08d93fddb34b1b4edbf841da5f00d7918d_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-operator-bundle@sha256:eec91dbe056a85b3a8b61c5ce4d9383e182440f5ea496fac64a22cd7920daf5f_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-proxy-rhel8@sha256:183da02fcaa5915a0552e5c4c4716b521cb5a698590fc1f58e0cede837f52b49_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-proxy-rhel8@sha256:1d7fe3558d416cf1ce9cd59e68f71ac3123b1cb8a3435001d2fa356198ea821c_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-proxy-rhel8@sha256:37eda3069f8fb47a90b0adef38e93df074dbe57821e3c306da03e2c1e267e9ed_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-rhel8-operator@sha256:1209bca75d71152af832b0e11dfee461f4c6fdbeda6b91743e637ce453702f3c_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-rhel8-operator@sha256:1e342d10db70e1b160f906c65e6caa25aa64c519dd7ae7e8233fe2fe65121207_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-rhel8-operator@sha256:f7e2c329f04793173ae4412aa096cf86ce7225c94b059c56d8c9e7dbe71b9a19_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/eventrouter-rhel8@sha256:440473f04ef4cfd1d016063daabf011eb2ba6b9acea96312a72f215277333e53_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/eventrouter-rhel8@sha256:956fb983f6ca0991c2d2a03f7054bd2c9881c03883e44d7b695dba475df62a29_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/eventrouter-rhel8@sha256:b1b03c78595d10ae30b5a35983784eaea11f1f9763944b2f9938117149bdd511_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/fluentd-rhel8@sha256:4b114196ac78f93575475437a794c881fe79126f3e73fed1fe5ea9f89fcdb6c1_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/fluentd-rhel8@sha256:4cf7cc86ccb8059ee5083d6e68a413e1db804ff45e126a9f87b1d52e8dd82855_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/fluentd-rhel8@sha256:ae0cf89749b44739b6f2560c3f6527cee2606b67388a7d965dd76644a25420f5_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/kibana6-rhel8@sha256:278eb4ecec21f235a26693b3f6c1b0cdfab5635f5a5ac51dd0540c6ab69c1316_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/kibana6-rhel8@sha256:61a6311f2ca53f6e600007bd9ffc90c7183f81db8fee8d839991565d82be5f2e_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/kibana6-rhel8@sha256:680c44946a899270de101bca06b22ed5b4eba0b85c1e01e21e30fc6a2740ab2d_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/log-file-metric-exporter-rhel8@sha256:25f94f0e27668fe254b7ff74731d39b7ed9f6c278c52dcf759893d9a1abe4895_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/log-file-metric-exporter-rhel8@sha256:ce82cceec1ccb2e951cc54fbc6bd1109a616034f9462b19f13dffa35902e0cef_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/log-file-metric-exporter-rhel8@sha256:fd70baba0ba7a59a994ca33527ecb2575ab199daeb4ecd34581cccf0db246c59_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/logging-curator5-rhel8@sha256:04cb0712418289fc446752a0c274d1036886312b7a63b54ebbeeab1421c10924_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/logging-curator5-rhel8@sha256:1d900ee34e14094e24b855acfbeec3f2f3c82f3fcc07d3b4cebe5e92ea1a8fde_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/logging-curator5-rhel8@sha256:b722f8982018f215a0a1566a561d742f1f7d99a2b507b8a7e874f6db1a6fef08_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2035951"
}
],
"notes": [
{
"category": "description",
"text": "Apache Log4j2 versions 2.0-beta7 through 2.17.0 (excluding security fix releases 2.3.2 and 2.12.4) are vulnerable to a remote code execution (RCE) attack where an attacker with permission to modify the logging configuration file can construct a malicious configuration using a JDBC Appender with a data source referencing a JNDI URI which can execute remote code. This issue is fixed by limiting JNDI data source names to the java protocol in Log4j2 versions 2.17.1, 2.12.4, and 2.3.2.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "log4j-core: remote code execution via JDBC Appender",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Log4j 1.x is not impacted by this vulnerability. Therefore versions of log4j shipped with Red Hat Enterprise Linux are NOT affected by this flaw.\n\nFor Elasticsearch, as shipped in OpenShift Container Platform and OpenShift Logging, access to the log4j2.properties configuration is limited only to the cluster administrators and exploitation requires cluster logging changes, what reduced the impact of this vulnerability significantly [0].\n\n[0] https://discuss.elastic.co/t/apache-log4j2-remote-code-execution-rce-vulnerability-cve-2021-44228-esa-2021-31/291476#update-jan-6-5",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch6-rhel8@sha256:5e2d853cc71ec673ce0f6bcc14628c2fd650a9153b8d7e5f8cd1a1b2ef36093e_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch6-rhel8@sha256:a8942268c538c264d5a7950f91106c44b1a431262a7af31ed02bed79f1c22d93_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch6-rhel8@sha256:ac206b3da24eb8df95e2e3b0bec234e84b8e5ef7000234f069855b73de77d846_s390x"
],
"known_not_affected": [
"8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-operator-bundle@sha256:1eab02e25f64839b15747d2bb8e0e6f8c3f632e9372a5ee926cde2c1e5cbc998_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-rhel8-operator@sha256:6c544de84925d0e3883a5d091c17a33362a0138271bbbda6663eb1407f98e0c5_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-rhel8-operator@sha256:74e4ae6c04abc489b90cab07c40f24f68ab7f92e366d3661ba3130ca6fa205c9_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-rhel8-operator@sha256:9f622b5daa152e2b8d94fa12defc3c08d93fddb34b1b4edbf841da5f00d7918d_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-operator-bundle@sha256:eec91dbe056a85b3a8b61c5ce4d9383e182440f5ea496fac64a22cd7920daf5f_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-proxy-rhel8@sha256:183da02fcaa5915a0552e5c4c4716b521cb5a698590fc1f58e0cede837f52b49_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-proxy-rhel8@sha256:1d7fe3558d416cf1ce9cd59e68f71ac3123b1cb8a3435001d2fa356198ea821c_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-proxy-rhel8@sha256:37eda3069f8fb47a90b0adef38e93df074dbe57821e3c306da03e2c1e267e9ed_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-rhel8-operator@sha256:1209bca75d71152af832b0e11dfee461f4c6fdbeda6b91743e637ce453702f3c_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-rhel8-operator@sha256:1e342d10db70e1b160f906c65e6caa25aa64c519dd7ae7e8233fe2fe65121207_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-rhel8-operator@sha256:f7e2c329f04793173ae4412aa096cf86ce7225c94b059c56d8c9e7dbe71b9a19_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/eventrouter-rhel8@sha256:440473f04ef4cfd1d016063daabf011eb2ba6b9acea96312a72f215277333e53_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/eventrouter-rhel8@sha256:956fb983f6ca0991c2d2a03f7054bd2c9881c03883e44d7b695dba475df62a29_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/eventrouter-rhel8@sha256:b1b03c78595d10ae30b5a35983784eaea11f1f9763944b2f9938117149bdd511_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/fluentd-rhel8@sha256:4b114196ac78f93575475437a794c881fe79126f3e73fed1fe5ea9f89fcdb6c1_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/fluentd-rhel8@sha256:4cf7cc86ccb8059ee5083d6e68a413e1db804ff45e126a9f87b1d52e8dd82855_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/fluentd-rhel8@sha256:ae0cf89749b44739b6f2560c3f6527cee2606b67388a7d965dd76644a25420f5_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/kibana6-rhel8@sha256:278eb4ecec21f235a26693b3f6c1b0cdfab5635f5a5ac51dd0540c6ab69c1316_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/kibana6-rhel8@sha256:61a6311f2ca53f6e600007bd9ffc90c7183f81db8fee8d839991565d82be5f2e_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/kibana6-rhel8@sha256:680c44946a899270de101bca06b22ed5b4eba0b85c1e01e21e30fc6a2740ab2d_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/log-file-metric-exporter-rhel8@sha256:25f94f0e27668fe254b7ff74731d39b7ed9f6c278c52dcf759893d9a1abe4895_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/log-file-metric-exporter-rhel8@sha256:ce82cceec1ccb2e951cc54fbc6bd1109a616034f9462b19f13dffa35902e0cef_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/log-file-metric-exporter-rhel8@sha256:fd70baba0ba7a59a994ca33527ecb2575ab199daeb4ecd34581cccf0db246c59_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/logging-curator5-rhel8@sha256:04cb0712418289fc446752a0c274d1036886312b7a63b54ebbeeab1421c10924_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/logging-curator5-rhel8@sha256:1d900ee34e14094e24b855acfbeec3f2f3c82f3fcc07d3b4cebe5e92ea1a8fde_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/logging-curator5-rhel8@sha256:b722f8982018f215a0a1566a561d742f1f7d99a2b507b8a7e874f6db1a6fef08_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-44832"
},
{
"category": "external",
"summary": "RHBZ#2035951",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2035951"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-44832",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44832"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-44832",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-44832"
},
{
"category": "external",
"summary": "https://issues.apache.org/jira/browse/LOG4J2-3293",
"url": "https://issues.apache.org/jira/browse/LOG4J2-3293"
}
],
"release_date": "2021-12-28T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-01-20T21:40:25+00:00",
"details": "For OpenShift Container Platform 4.9 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:\n\nhttps://docs.openshift.com/container-platform/4.9/release_notes/ocp-4-9-release-notes.html\n\nFor Red Hat OpenShift Logging 5.3, see the following instructions to apply this update:\n\nhttps://docs.openshift.com/container-platform/4.7/logging/cluster-logging-upgrading.html",
"product_ids": [
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch6-rhel8@sha256:5e2d853cc71ec673ce0f6bcc14628c2fd650a9153b8d7e5f8cd1a1b2ef36093e_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch6-rhel8@sha256:a8942268c538c264d5a7950f91106c44b1a431262a7af31ed02bed79f1c22d93_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch6-rhel8@sha256:ac206b3da24eb8df95e2e3b0bec234e84b8e5ef7000234f069855b73de77d846_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:0227"
},
{
"category": "workaround",
"details": "As per upstream:\n- In prior releases confirm that if the JDBC Appender is being used it is not configured to use any protocol other than Java.\n- Note that only the log4j-core JAR file is impacted by this vulnerability. Applications using only the log4j-api JAR file without the log4j-core JAR file are not impacted by this vulnerability.",
"product_ids": [
"8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-operator-bundle@sha256:1eab02e25f64839b15747d2bb8e0e6f8c3f632e9372a5ee926cde2c1e5cbc998_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-rhel8-operator@sha256:6c544de84925d0e3883a5d091c17a33362a0138271bbbda6663eb1407f98e0c5_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-rhel8-operator@sha256:74e4ae6c04abc489b90cab07c40f24f68ab7f92e366d3661ba3130ca6fa205c9_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-rhel8-operator@sha256:9f622b5daa152e2b8d94fa12defc3c08d93fddb34b1b4edbf841da5f00d7918d_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-operator-bundle@sha256:eec91dbe056a85b3a8b61c5ce4d9383e182440f5ea496fac64a22cd7920daf5f_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-proxy-rhel8@sha256:183da02fcaa5915a0552e5c4c4716b521cb5a698590fc1f58e0cede837f52b49_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-proxy-rhel8@sha256:1d7fe3558d416cf1ce9cd59e68f71ac3123b1cb8a3435001d2fa356198ea821c_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-proxy-rhel8@sha256:37eda3069f8fb47a90b0adef38e93df074dbe57821e3c306da03e2c1e267e9ed_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-rhel8-operator@sha256:1209bca75d71152af832b0e11dfee461f4c6fdbeda6b91743e637ce453702f3c_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-rhel8-operator@sha256:1e342d10db70e1b160f906c65e6caa25aa64c519dd7ae7e8233fe2fe65121207_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-rhel8-operator@sha256:f7e2c329f04793173ae4412aa096cf86ce7225c94b059c56d8c9e7dbe71b9a19_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch6-rhel8@sha256:5e2d853cc71ec673ce0f6bcc14628c2fd650a9153b8d7e5f8cd1a1b2ef36093e_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch6-rhel8@sha256:a8942268c538c264d5a7950f91106c44b1a431262a7af31ed02bed79f1c22d93_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch6-rhel8@sha256:ac206b3da24eb8df95e2e3b0bec234e84b8e5ef7000234f069855b73de77d846_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/eventrouter-rhel8@sha256:440473f04ef4cfd1d016063daabf011eb2ba6b9acea96312a72f215277333e53_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/eventrouter-rhel8@sha256:956fb983f6ca0991c2d2a03f7054bd2c9881c03883e44d7b695dba475df62a29_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/eventrouter-rhel8@sha256:b1b03c78595d10ae30b5a35983784eaea11f1f9763944b2f9938117149bdd511_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/fluentd-rhel8@sha256:4b114196ac78f93575475437a794c881fe79126f3e73fed1fe5ea9f89fcdb6c1_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/fluentd-rhel8@sha256:4cf7cc86ccb8059ee5083d6e68a413e1db804ff45e126a9f87b1d52e8dd82855_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/fluentd-rhel8@sha256:ae0cf89749b44739b6f2560c3f6527cee2606b67388a7d965dd76644a25420f5_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/kibana6-rhel8@sha256:278eb4ecec21f235a26693b3f6c1b0cdfab5635f5a5ac51dd0540c6ab69c1316_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/kibana6-rhel8@sha256:61a6311f2ca53f6e600007bd9ffc90c7183f81db8fee8d839991565d82be5f2e_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/kibana6-rhel8@sha256:680c44946a899270de101bca06b22ed5b4eba0b85c1e01e21e30fc6a2740ab2d_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/log-file-metric-exporter-rhel8@sha256:25f94f0e27668fe254b7ff74731d39b7ed9f6c278c52dcf759893d9a1abe4895_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/log-file-metric-exporter-rhel8@sha256:ce82cceec1ccb2e951cc54fbc6bd1109a616034f9462b19f13dffa35902e0cef_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/log-file-metric-exporter-rhel8@sha256:fd70baba0ba7a59a994ca33527ecb2575ab199daeb4ecd34581cccf0db246c59_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/logging-curator5-rhel8@sha256:04cb0712418289fc446752a0c274d1036886312b7a63b54ebbeeab1421c10924_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/logging-curator5-rhel8@sha256:1d900ee34e14094e24b855acfbeec3f2f3c82f3fcc07d3b4cebe5e92ea1a8fde_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/logging-curator5-rhel8@sha256:b722f8982018f215a0a1566a561d742f1f7d99a2b507b8a7e874f6db1a6fef08_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch6-rhel8@sha256:5e2d853cc71ec673ce0f6bcc14628c2fd650a9153b8d7e5f8cd1a1b2ef36093e_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch6-rhel8@sha256:a8942268c538c264d5a7950f91106c44b1a431262a7af31ed02bed79f1c22d93_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch6-rhel8@sha256:ac206b3da24eb8df95e2e3b0bec234e84b8e5ef7000234f069855b73de77d846_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "log4j-core: remote code execution via JDBC Appender"
}
]
}
RHSA-2022:0205
Vulnerability from csaf_redhat - Published: 2022-01-20 11:39 - Updated: 2025-11-21 18:28Summary
Red Hat Security Advisory: Red Hat Data Grid 8.2.3 security update
Notes
Topic
An update for Red Hat Data Grid is now available.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat Data Grid is an in-memory, distributed, NoSQL datastore solution. It increases application response times and allows for dramatically improving performance while providing availability, reliability, and elastic scale.
Data Grid 8.2.3 replaces Data Grid 8.2.2 and includes bug fixes and enhancements. Find out more about Data Grid 8.2.3 in the Release Notes [3].
Security Fix(es):
* log4j-core: remote code execution via JDBC Appender (CVE-2021-44832)
* log4j-core: DoS in log4j 2.x with thread context message pattern and context lookup pattern (incomplete fix for CVE-2021-44228) (CVE-2021-45046)
* log4j-core: DoS in log4j 2.x with Thread Context Map (MDC) input data contains a recursive lookup and context lookup pattern (CVE-2021-45105)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for Red Hat Data Grid is now available.\n \nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat Data Grid is an in-memory, distributed, NoSQL datastore solution. It increases application response times and allows for dramatically improving performance while providing availability, reliability, and elastic scale.\n \nData Grid 8.2.3 replaces Data Grid 8.2.2 and includes bug fixes and enhancements. Find out more about Data Grid 8.2.3 in the Release Notes [3].\n\nSecurity Fix(es):\n\n* log4j-core: remote code execution via JDBC Appender (CVE-2021-44832)\n\n* log4j-core: DoS in log4j 2.x with thread context message pattern and context lookup pattern (incomplete fix for CVE-2021-44228) (CVE-2021-45046)\n\n* log4j-core: DoS in log4j 2.x with Thread Context Map (MDC) input data contains a recursive lookup and context lookup pattern (CVE-2021-45105)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2022:0205",
"url": "https://access.redhat.com/errata/RHSA-2022:0205"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=securityPatches\u0026product=data.grid\u0026version=8.2",
"url": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=securityPatches\u0026product=data.grid\u0026version=8.2"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_data_grid/8.2/html-single/red_hat_data_grid_8.2_release_notes/index",
"url": "https://access.redhat.com/documentation/en-us/red_hat_data_grid/8.2/html-single/red_hat_data_grid_8.2_release_notes/index"
},
{
"category": "external",
"summary": "2032580",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2032580"
},
{
"category": "external",
"summary": "2034067",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2034067"
},
{
"category": "external",
"summary": "2035951",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2035951"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2022/rhsa-2022_0205.json"
}
],
"title": "Red Hat Security Advisory: Red Hat Data Grid 8.2.3 security update",
"tracking": {
"current_release_date": "2025-11-21T18:28:01+00:00",
"generator": {
"date": "2025-11-21T18:28:01+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.12"
}
},
"id": "RHSA-2022:0205",
"initial_release_date": "2022-01-20T11:39:58+00:00",
"revision_history": [
{
"date": "2022-01-20T11:39:58+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2022-01-20T11:39:58+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-11-21T18:28:01+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Data Grid 8.2.3",
"product": {
"name": "Red Hat Data Grid 8.2.3",
"product_id": "Red Hat Data Grid 8.2.3",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_data_grid:8.2"
}
}
}
],
"category": "product_family",
"name": "Red Hat JBoss Data Grid"
}
],
"category": "vendor",
"name": "Red Hat"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-44832",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2021-12-28T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2035951"
}
],
"notes": [
{
"category": "description",
"text": "Apache Log4j2 versions 2.0-beta7 through 2.17.0 (excluding security fix releases 2.3.2 and 2.12.4) are vulnerable to a remote code execution (RCE) attack where an attacker with permission to modify the logging configuration file can construct a malicious configuration using a JDBC Appender with a data source referencing a JNDI URI which can execute remote code. This issue is fixed by limiting JNDI data source names to the java protocol in Log4j2 versions 2.17.1, 2.12.4, and 2.3.2.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "log4j-core: remote code execution via JDBC Appender",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Log4j 1.x is not impacted by this vulnerability. Therefore versions of log4j shipped with Red Hat Enterprise Linux are NOT affected by this flaw.\n\nFor Elasticsearch, as shipped in OpenShift Container Platform and OpenShift Logging, access to the log4j2.properties configuration is limited only to the cluster administrators and exploitation requires cluster logging changes, what reduced the impact of this vulnerability significantly [0].\n\n[0] https://discuss.elastic.co/t/apache-log4j2-remote-code-execution-rce-vulnerability-cve-2021-44228-esa-2021-31/291476#update-jan-6-5",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Data Grid 8.2.3"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-44832"
},
{
"category": "external",
"summary": "RHBZ#2035951",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2035951"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-44832",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44832"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-44832",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-44832"
},
{
"category": "external",
"summary": "https://issues.apache.org/jira/browse/LOG4J2-3293",
"url": "https://issues.apache.org/jira/browse/LOG4J2-3293"
}
],
"release_date": "2021-12-28T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-01-20T11:39:58+00:00",
"details": "To install this update, do the following:\n \n1. Download the Data Grid 8.2.3 server patch from the customer portal[\u00b2].\n2. Back up your existing Data Grid installation. You should back up databases, configuration files, and so on.\n3. Install the Data Grid 8.2.3 server patch. Refer to the 8.2.3 Release Notes[\u00b3] for patching instructions.\n4. Restart Data Grid to ensure the changes take effect.",
"product_ids": [
"Red Hat Data Grid 8.2.3"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:0205"
},
{
"category": "workaround",
"details": "As per upstream:\n- In prior releases confirm that if the JDBC Appender is being used it is not configured to use any protocol other than Java.\n- Note that only the log4j-core JAR file is impacted by this vulnerability. Applications using only the log4j-api JAR file without the log4j-core JAR file are not impacted by this vulnerability.",
"product_ids": [
"Red Hat Data Grid 8.2.3"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat Data Grid 8.2.3"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "log4j-core: remote code execution via JDBC Appender"
},
{
"cve": "CVE-2021-45046",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2021-12-14T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2032580"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Apache Log4j logging library in versions from 2.0.0 and before 2.16.0. A remote attacker with control over Thread Context Map (MDC) input data could craft malicious input using a JNDI Lookup pattern resulting in remote code execution (RCE) in a limited number of environments.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "log4j-core: DoS in log4j 2.x with thread context message pattern and context lookup pattern (incomplete fix for CVE-2021-44228)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Although we have matched Apache\u0027s CVSS score, with the exception of the scope metric which will remain unaltered at \"unchanged\"; as we believe code execution would be at the permission levels of the running JVM and not exceeding that of the original CVE-2021-44228 flaw.\n \nWe have given this vulnerability an impact rating of Moderate, this is because of the unlikely nature of log4j lookup mapping values being derived from attacker controlled values. This is not the default configuration for end-applications using log4j 2.x and would require explicit action from a privileged user (a developer or administrator) to access the vulnerability. \nIn certain non-default configurations, it was found that the fix to address CVE-2021-44228 in Apache Log4j 2.15.0 was insufficient.\n\nThis issue affects the log4j version between 2.0 and 2.15. Log4j 1.x is NOT impacted by this vulnerability. \n\nPrerequisites to exploit this flaw are :\n\n- A remotely accessible endpoint with any protocol (HTTP, TCP, etc) that allows an attacker to send arbitrary data,\n- A log statement in the endpoint that logs the attacker controlled data.\n- Log4j configuration file should be explicitly configured to use a non-default Pattern Layout with a Context Lookup eg. ($${ctx:loginId}) \n\nIn most cases, the mitigation suggested for CVE-2021-44228 (i.e. to set the system property `log4j2.noFormatMsgLookup` to `true) does NOT mitigate this specific vulnerability. \nLog4j 2.16.0 fixes this issue by removing support for message lookup patterns and disabling JNDI functionality by default.\n\nFor Elasticsearch, as shipped in OpenShift 3.11, the \"log4j2.formatMsgNoLookups=true\" system property mitigation is sufficient as there are no included non-standard configurations that allow for exploitation:\n\nhttps://github.com/openshift/openshift-ansible/blob/release-3.11/roles/openshift_logging_elasticsearch/templates/log4j2.properties.j2\n\nhttps://discuss.elastic.co/t/apache-log4j2-remote-code-execution-rce-vulnerability-cve-2021-44228-esa-2021-31/291476\n\nFor CodeReady Studio the fix for this flaw is available on CodeReady Studio 12.21.3 and above versions.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Data Grid 8.2.3"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-45046"
},
{
"category": "external",
"summary": "RHBZ#2032580",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2032580"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-45046",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-45046"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-45046",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-45046"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2021-44228",
"url": "https://access.redhat.com/security/cve/CVE-2021-44228"
},
{
"category": "external",
"summary": "https://logging.apache.org/log4j/2.x/security.html",
"url": "https://logging.apache.org/log4j/2.x/security.html"
},
{
"category": "external",
"summary": "https://www.openwall.com/lists/oss-security/2021/12/14/4",
"url": "https://www.openwall.com/lists/oss-security/2021/12/14/4"
},
{
"category": "external",
"summary": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog",
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
}
],
"release_date": "2021-12-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-01-20T11:39:58+00:00",
"details": "To install this update, do the following:\n \n1. Download the Data Grid 8.2.3 server patch from the customer portal[\u00b2].\n2. Back up your existing Data Grid installation. You should back up databases, configuration files, and so on.\n3. Install the Data Grid 8.2.3 server patch. Refer to the 8.2.3 Release Notes[\u00b3] for patching instructions.\n4. Restart Data Grid to ensure the changes take effect.",
"product_ids": [
"Red Hat Data Grid 8.2.3"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:0205"
},
{
"category": "workaround",
"details": "For Log4j versions up to and including 2.15.0, this issue can be mitigated by removing the JndiLookup class from the classpath (example: zip -q -d log4j-core-*.jar org/apache/logging/log4j/core/lookup/JndiLookup.class).",
"product_ids": [
"Red Hat Data Grid 8.2.3"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat Data Grid 8.2.3"
]
}
],
"threats": [
{
"category": "exploit_status",
"date": "2023-05-01T00:00:00+00:00",
"details": "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
},
{
"category": "impact",
"details": "Moderate"
}
],
"title": "log4j-core: DoS in log4j 2.x with thread context message pattern and context lookup pattern (incomplete fix for CVE-2021-44228)"
},
{
"cve": "CVE-2021-45105",
"cwe": {
"id": "CWE-674",
"name": "Uncontrolled Recursion"
},
"discovery_date": "2021-12-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2034067"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Apache Log4j logging library 2.x. when the logging configuration uses a non-default Pattern Layout with a Context Lookup. Attackers with control over Thread Context Map (MDC) input data can craft malicious input data that contains a recursive lookup and can cause Denial of Service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "log4j-core: DoS in log4j 2.x with Thread Context Map (MDC) input data contains a recursive lookup and context lookup pattern",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Product Security has performed an analysis of this flaw and has classified the Attack Complexity(AC) as High because there are multiple factors involved which are beyond attacker\u0027s control:\n\n- The application has to use the logging configuration using a Context Map Lookup (for example, $${ctx:loginId}) which is a non-default Pattern Layout.\n- The application developer has to use the map org.apache.logging.log4j.ThreadContext in the application code and save at-least one key (for example, ThreadContext.put(\"loginId\", \"myId\");) in the ThreadContext map object.\n- Attackers must also know this saved key name in order to exploit this flaw.\n\nNote that saving keys in this map is a non-essential usage of log4j and just an optional feature provided. Refer to https://logging.apache.org/log4j/2.x/manual/lookups.html#ContextMapLookup to know more about the Context Map Lookup feature of Log4j.\n\nLog4j 1.x is not impacted by this vulnerability. Note that only the log4j-core JAR file is impacted by this vulnerability. Applications using ONLY the log4j-api JAR file without the log4j-core JAR file are NOT impacted by this vulnerability.\n\n\nDespite including a vulnerable version of Log4j 2.x, this vulnerability is not exploitable in Elasticsearch[0], as shipped in OpenShift Container Platform and OpenShift Logging. OpenShift 3.11 specifically does not contain any context lookups:\n\nhttps://github.com/openshift/openshift-ansible/blob/release-3.11/roles/openshift_logging_elasticsearch/templates/log4j2.properties.j2\n\nThis vulnerability is therefore rated Low for Elasticsearch in OpenShift Container Platform and OpenShift Logging.\n\n[0] https://discuss.elastic.co/t/apache-log4j2-remote-code-execution-rce-vulnerability-cve-2021-44228-esa-2021-31/291476#update-december-18-4",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Data Grid 8.2.3"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-45105"
},
{
"category": "external",
"summary": "RHBZ#2034067",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2034067"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-45105",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-45105"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-45105",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-45105"
},
{
"category": "external",
"summary": "https://issues.apache.org/jira/browse/LOG4J2-3230",
"url": "https://issues.apache.org/jira/browse/LOG4J2-3230"
},
{
"category": "external",
"summary": "https://logging.apache.org/log4j/2.x/security.html",
"url": "https://logging.apache.org/log4j/2.x/security.html"
},
{
"category": "external",
"summary": "https://www.openwall.com/lists/oss-security/2021/12/19/1",
"url": "https://www.openwall.com/lists/oss-security/2021/12/19/1"
}
],
"release_date": "2021-12-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-01-20T11:39:58+00:00",
"details": "To install this update, do the following:\n \n1. Download the Data Grid 8.2.3 server patch from the customer portal[\u00b2].\n2. Back up your existing Data Grid installation. You should back up databases, configuration files, and so on.\n3. Install the Data Grid 8.2.3 server patch. Refer to the 8.2.3 Release Notes[\u00b3] for patching instructions.\n4. Restart Data Grid to ensure the changes take effect.",
"product_ids": [
"Red Hat Data Grid 8.2.3"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:0205"
},
{
"category": "workaround",
"details": "For Log4j 2 versions up to and including 2.16.0, this flaw can be mitigated by:\n- In PatternLayout in the Log4j logging configuration, replace Context Lookups like ${ctx:loginId} or $${ctx:loginId} with Thread Context Map patterns (%X, %mdc, or %MDC) like %X{loginId}.\n- Otherwise, in the Log4j logging configuration, remove references to Context Lookups like ${ctx:loginId} or $${ctx:loginId} where they originate from sources external to the application such as HTTP headers or user input.",
"product_ids": [
"Red Hat Data Grid 8.2.3"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Data Grid 8.2.3"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "log4j-core: DoS in log4j 2.x with Thread Context Map (MDC) input data contains a recursive lookup and context lookup pattern"
}
]
}
RHSA-2022:0225
Vulnerability from csaf_redhat - Published: 2022-01-20 21:09 - Updated: 2025-11-21 18:28Summary
Red Hat Security Advisory: Red Hat OpenShift Enterprise Logging bug fix and security update (5.0.12)
Notes
Topic
An update is now available for OpenShift Logging (5.0.12)
Red Hat Product Security has rated this update as having a security impact of
Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives
a detailed severity rating, is available for each vulnerability from the CVE
link(s) in the References section.
Details
Openshift Logging Bug Fix Release (5.0.12)
Security Fix(es):
* log4j-core: remote code execution via JDBC Appender (CVE-2021-44832)
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update is now available for OpenShift Logging (5.0.12)\n\nRed Hat Product Security has rated this update as having a security impact of\nModerate. A Common Vulnerability Scoring System (CVSS) base score, which gives\na detailed severity rating, is available for each vulnerability from the CVE\nlink(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Openshift Logging Bug Fix Release (5.0.12)\n\nSecurity Fix(es):\n\n* log4j-core: remote code execution via JDBC Appender (CVE-2021-44832)",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2022:0225",
"url": "https://access.redhat.com/errata/RHSA-2022:0225"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "2035951",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2035951"
},
{
"category": "external",
"summary": "LOG-2089",
"url": "https://issues.redhat.com/browse/LOG-2089"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2022/rhsa-2022_0225.json"
}
],
"title": "Red Hat Security Advisory: Red Hat OpenShift Enterprise Logging bug fix and security update (5.0.12)",
"tracking": {
"current_release_date": "2025-11-21T18:28:02+00:00",
"generator": {
"date": "2025-11-21T18:28:02+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.12"
}
},
"id": "RHSA-2022:0225",
"initial_release_date": "2022-01-20T21:09:05+00:00",
"revision_history": [
{
"date": "2022-01-20T21:09:05+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2022-01-20T21:09:06+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-11-21T18:28:02+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "OpenShift Logging 5.0",
"product": {
"name": "OpenShift Logging 5.0",
"product_id": "8Base-OSE-LOGGING-5.0",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:logging:5.0::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenShift Enterprise"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-logging/cluster-logging-rhel8-operator@sha256:989d85eee44074af63c6aea0f80a11c86338a32eed0db930feec87c7d08d5135_s390x",
"product": {
"name": "openshift-logging/cluster-logging-rhel8-operator@sha256:989d85eee44074af63c6aea0f80a11c86338a32eed0db930feec87c7d08d5135_s390x",
"product_id": "openshift-logging/cluster-logging-rhel8-operator@sha256:989d85eee44074af63c6aea0f80a11c86338a32eed0db930feec87c7d08d5135_s390x",
"product_identification_helper": {
"purl": "pkg:oci/cluster-logging-rhel8-operator@sha256:989d85eee44074af63c6aea0f80a11c86338a32eed0db930feec87c7d08d5135?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/cluster-logging-rhel8-operator\u0026tag=v5.0.12-1"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch-rhel8-operator@sha256:d9b8605f7d19097c5f0a91d678cc2f102af892878871880023fc41721b276ef7_s390x",
"product": {
"name": "openshift-logging/elasticsearch-rhel8-operator@sha256:d9b8605f7d19097c5f0a91d678cc2f102af892878871880023fc41721b276ef7_s390x",
"product_id": "openshift-logging/elasticsearch-rhel8-operator@sha256:d9b8605f7d19097c5f0a91d678cc2f102af892878871880023fc41721b276ef7_s390x",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch-rhel8-operator@sha256:d9b8605f7d19097c5f0a91d678cc2f102af892878871880023fc41721b276ef7?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch-rhel8-operator\u0026tag=v5.0.12-1"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:dba9c39a48e4f4a93db4daa1d596a08fc60c8c55c6b7889a7b69be241c7cd119_s390x",
"product": {
"name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:dba9c39a48e4f4a93db4daa1d596a08fc60c8c55c6b7889a7b69be241c7cd119_s390x",
"product_id": "openshift-logging/elasticsearch-proxy-rhel8@sha256:dba9c39a48e4f4a93db4daa1d596a08fc60c8c55c6b7889a7b69be241c7cd119_s390x",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch-proxy-rhel8@sha256:dba9c39a48e4f4a93db4daa1d596a08fc60c8c55c6b7889a7b69be241c7cd119?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch-proxy-rhel8\u0026tag=v5.0.12-1"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/logging-curator5-rhel8@sha256:f561d39b3e7249000f22471454d04323d529217842e293d0bc10af30acaa7ad8_s390x",
"product": {
"name": "openshift-logging/logging-curator5-rhel8@sha256:f561d39b3e7249000f22471454d04323d529217842e293d0bc10af30acaa7ad8_s390x",
"product_id": "openshift-logging/logging-curator5-rhel8@sha256:f561d39b3e7249000f22471454d04323d529217842e293d0bc10af30acaa7ad8_s390x",
"product_identification_helper": {
"purl": "pkg:oci/logging-curator5-rhel8@sha256:f561d39b3e7249000f22471454d04323d529217842e293d0bc10af30acaa7ad8?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/logging-curator5-rhel8\u0026tag=v5.0.12-1"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch6-rhel8@sha256:5b6bd22611e78f26389183e0e3cc6f860eda122720909a3644f6edc7eae4e8da_s390x",
"product": {
"name": "openshift-logging/elasticsearch6-rhel8@sha256:5b6bd22611e78f26389183e0e3cc6f860eda122720909a3644f6edc7eae4e8da_s390x",
"product_id": "openshift-logging/elasticsearch6-rhel8@sha256:5b6bd22611e78f26389183e0e3cc6f860eda122720909a3644f6edc7eae4e8da_s390x",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch6-rhel8@sha256:5b6bd22611e78f26389183e0e3cc6f860eda122720909a3644f6edc7eae4e8da?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch6-rhel8\u0026tag=v5.0.12-1"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/eventrouter-rhel8@sha256:b64462859b9229e261a14035b65ab702bd301fcba043254796c9bf28205e6d79_s390x",
"product": {
"name": "openshift-logging/eventrouter-rhel8@sha256:b64462859b9229e261a14035b65ab702bd301fcba043254796c9bf28205e6d79_s390x",
"product_id": "openshift-logging/eventrouter-rhel8@sha256:b64462859b9229e261a14035b65ab702bd301fcba043254796c9bf28205e6d79_s390x",
"product_identification_helper": {
"purl": "pkg:oci/eventrouter-rhel8@sha256:b64462859b9229e261a14035b65ab702bd301fcba043254796c9bf28205e6d79?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/eventrouter-rhel8\u0026tag=v5.0.12-1"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/fluentd-rhel8@sha256:a1fce6215b404d0107dc435c7f3458d7c3acc4f927ad177af43b18c9cadc1bb1_s390x",
"product": {
"name": "openshift-logging/fluentd-rhel8@sha256:a1fce6215b404d0107dc435c7f3458d7c3acc4f927ad177af43b18c9cadc1bb1_s390x",
"product_id": "openshift-logging/fluentd-rhel8@sha256:a1fce6215b404d0107dc435c7f3458d7c3acc4f927ad177af43b18c9cadc1bb1_s390x",
"product_identification_helper": {
"purl": "pkg:oci/fluentd-rhel8@sha256:a1fce6215b404d0107dc435c7f3458d7c3acc4f927ad177af43b18c9cadc1bb1?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/fluentd-rhel8\u0026tag=v5.0.12-1"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/kibana6-rhel8@sha256:23a36e4ba3a8c26585c28a0fc1a947a2f35092fdc92631c9e242928556143374_s390x",
"product": {
"name": "openshift-logging/kibana6-rhel8@sha256:23a36e4ba3a8c26585c28a0fc1a947a2f35092fdc92631c9e242928556143374_s390x",
"product_id": "openshift-logging/kibana6-rhel8@sha256:23a36e4ba3a8c26585c28a0fc1a947a2f35092fdc92631c9e242928556143374_s390x",
"product_identification_helper": {
"purl": "pkg:oci/kibana6-rhel8@sha256:23a36e4ba3a8c26585c28a0fc1a947a2f35092fdc92631c9e242928556143374?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/kibana6-rhel8\u0026tag=v5.0.12-1"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-logging/cluster-logging-rhel8-operator@sha256:6444d97d9ed0d5e07c8df5a9ae55cb431250c5432cec6e90ecaae0fbe00be6d5_ppc64le",
"product": {
"name": "openshift-logging/cluster-logging-rhel8-operator@sha256:6444d97d9ed0d5e07c8df5a9ae55cb431250c5432cec6e90ecaae0fbe00be6d5_ppc64le",
"product_id": "openshift-logging/cluster-logging-rhel8-operator@sha256:6444d97d9ed0d5e07c8df5a9ae55cb431250c5432cec6e90ecaae0fbe00be6d5_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/cluster-logging-rhel8-operator@sha256:6444d97d9ed0d5e07c8df5a9ae55cb431250c5432cec6e90ecaae0fbe00be6d5?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/cluster-logging-rhel8-operator\u0026tag=v5.0.12-1"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch-rhel8-operator@sha256:87a757926b3934d21632b830511ca077d9fdb12417fa8886fad85c10143a6842_ppc64le",
"product": {
"name": "openshift-logging/elasticsearch-rhel8-operator@sha256:87a757926b3934d21632b830511ca077d9fdb12417fa8886fad85c10143a6842_ppc64le",
"product_id": "openshift-logging/elasticsearch-rhel8-operator@sha256:87a757926b3934d21632b830511ca077d9fdb12417fa8886fad85c10143a6842_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch-rhel8-operator@sha256:87a757926b3934d21632b830511ca077d9fdb12417fa8886fad85c10143a6842?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch-rhel8-operator\u0026tag=v5.0.12-1"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:411a7dc6932d910e53aeb09320d25325ff4228930ae198cfe67d21404fa0e3ed_ppc64le",
"product": {
"name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:411a7dc6932d910e53aeb09320d25325ff4228930ae198cfe67d21404fa0e3ed_ppc64le",
"product_id": "openshift-logging/elasticsearch-proxy-rhel8@sha256:411a7dc6932d910e53aeb09320d25325ff4228930ae198cfe67d21404fa0e3ed_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch-proxy-rhel8@sha256:411a7dc6932d910e53aeb09320d25325ff4228930ae198cfe67d21404fa0e3ed?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch-proxy-rhel8\u0026tag=v5.0.12-1"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/logging-curator5-rhel8@sha256:76bb02283a7740fbc2f25fd95e0f0b30118a585296a62bcc745872ecdd93ba1e_ppc64le",
"product": {
"name": "openshift-logging/logging-curator5-rhel8@sha256:76bb02283a7740fbc2f25fd95e0f0b30118a585296a62bcc745872ecdd93ba1e_ppc64le",
"product_id": "openshift-logging/logging-curator5-rhel8@sha256:76bb02283a7740fbc2f25fd95e0f0b30118a585296a62bcc745872ecdd93ba1e_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/logging-curator5-rhel8@sha256:76bb02283a7740fbc2f25fd95e0f0b30118a585296a62bcc745872ecdd93ba1e?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/logging-curator5-rhel8\u0026tag=v5.0.12-1"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch6-rhel8@sha256:c014b38a59a73f425c8ebd764148bad4956f24eda4670c42fd67826546df01be_ppc64le",
"product": {
"name": "openshift-logging/elasticsearch6-rhel8@sha256:c014b38a59a73f425c8ebd764148bad4956f24eda4670c42fd67826546df01be_ppc64le",
"product_id": "openshift-logging/elasticsearch6-rhel8@sha256:c014b38a59a73f425c8ebd764148bad4956f24eda4670c42fd67826546df01be_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch6-rhel8@sha256:c014b38a59a73f425c8ebd764148bad4956f24eda4670c42fd67826546df01be?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch6-rhel8\u0026tag=v5.0.12-1"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/eventrouter-rhel8@sha256:4afc627224c584844325fac536c2e8f0b510fa4ff84b9b05bdafe2d8505f4eac_ppc64le",
"product": {
"name": "openshift-logging/eventrouter-rhel8@sha256:4afc627224c584844325fac536c2e8f0b510fa4ff84b9b05bdafe2d8505f4eac_ppc64le",
"product_id": "openshift-logging/eventrouter-rhel8@sha256:4afc627224c584844325fac536c2e8f0b510fa4ff84b9b05bdafe2d8505f4eac_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/eventrouter-rhel8@sha256:4afc627224c584844325fac536c2e8f0b510fa4ff84b9b05bdafe2d8505f4eac?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/eventrouter-rhel8\u0026tag=v5.0.12-1"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/fluentd-rhel8@sha256:70d1eeac2c53a0c77fdcf1ae305c12786227aa6e7f4f1f3ab4365a119111f1ea_ppc64le",
"product": {
"name": "openshift-logging/fluentd-rhel8@sha256:70d1eeac2c53a0c77fdcf1ae305c12786227aa6e7f4f1f3ab4365a119111f1ea_ppc64le",
"product_id": "openshift-logging/fluentd-rhel8@sha256:70d1eeac2c53a0c77fdcf1ae305c12786227aa6e7f4f1f3ab4365a119111f1ea_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/fluentd-rhel8@sha256:70d1eeac2c53a0c77fdcf1ae305c12786227aa6e7f4f1f3ab4365a119111f1ea?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/fluentd-rhel8\u0026tag=v5.0.12-1"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/kibana6-rhel8@sha256:7cc111b0928dd598abfe6f4db5c021e056e7fa1270a3953168924f5194f00db5_ppc64le",
"product": {
"name": "openshift-logging/kibana6-rhel8@sha256:7cc111b0928dd598abfe6f4db5c021e056e7fa1270a3953168924f5194f00db5_ppc64le",
"product_id": "openshift-logging/kibana6-rhel8@sha256:7cc111b0928dd598abfe6f4db5c021e056e7fa1270a3953168924f5194f00db5_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/kibana6-rhel8@sha256:7cc111b0928dd598abfe6f4db5c021e056e7fa1270a3953168924f5194f00db5?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/kibana6-rhel8\u0026tag=v5.0.12-1"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-logging/cluster-logging-rhel8-operator@sha256:e5f8312c65a081ae6433e9d8ed6e81682f5883781f4c757585559800b19fcb94_amd64",
"product": {
"name": "openshift-logging/cluster-logging-rhel8-operator@sha256:e5f8312c65a081ae6433e9d8ed6e81682f5883781f4c757585559800b19fcb94_amd64",
"product_id": "openshift-logging/cluster-logging-rhel8-operator@sha256:e5f8312c65a081ae6433e9d8ed6e81682f5883781f4c757585559800b19fcb94_amd64",
"product_identification_helper": {
"purl": "pkg:oci/cluster-logging-rhel8-operator@sha256:e5f8312c65a081ae6433e9d8ed6e81682f5883781f4c757585559800b19fcb94?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/cluster-logging-rhel8-operator\u0026tag=v5.0.12-1"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/cluster-logging-operator-bundle@sha256:88c8992a0850de9983c13c3a8e5b5cb2ed1779e31e86c0c7195ab0d38fc2727d_amd64",
"product": {
"name": "openshift-logging/cluster-logging-operator-bundle@sha256:88c8992a0850de9983c13c3a8e5b5cb2ed1779e31e86c0c7195ab0d38fc2727d_amd64",
"product_id": "openshift-logging/cluster-logging-operator-bundle@sha256:88c8992a0850de9983c13c3a8e5b5cb2ed1779e31e86c0c7195ab0d38fc2727d_amd64",
"product_identification_helper": {
"purl": "pkg:oci/cluster-logging-operator-bundle@sha256:88c8992a0850de9983c13c3a8e5b5cb2ed1779e31e86c0c7195ab0d38fc2727d?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/cluster-logging-operator-bundle\u0026tag=v5.0.12-1"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch-rhel8-operator@sha256:31ee1ebcb1276a491a5fee1b86aacbd1ebc0c07bdd4c9b536ce95c948995b6d0_amd64",
"product": {
"name": "openshift-logging/elasticsearch-rhel8-operator@sha256:31ee1ebcb1276a491a5fee1b86aacbd1ebc0c07bdd4c9b536ce95c948995b6d0_amd64",
"product_id": "openshift-logging/elasticsearch-rhel8-operator@sha256:31ee1ebcb1276a491a5fee1b86aacbd1ebc0c07bdd4c9b536ce95c948995b6d0_amd64",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch-rhel8-operator@sha256:31ee1ebcb1276a491a5fee1b86aacbd1ebc0c07bdd4c9b536ce95c948995b6d0?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch-rhel8-operator\u0026tag=v5.0.12-1"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch-operator-bundle@sha256:6fda7c65e256b5ca27a3e0b99d5289fd3eb67cc738787f659ee449e79e01e56c_amd64",
"product": {
"name": "openshift-logging/elasticsearch-operator-bundle@sha256:6fda7c65e256b5ca27a3e0b99d5289fd3eb67cc738787f659ee449e79e01e56c_amd64",
"product_id": "openshift-logging/elasticsearch-operator-bundle@sha256:6fda7c65e256b5ca27a3e0b99d5289fd3eb67cc738787f659ee449e79e01e56c_amd64",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch-operator-bundle@sha256:6fda7c65e256b5ca27a3e0b99d5289fd3eb67cc738787f659ee449e79e01e56c?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch-operator-bundle\u0026tag=v5.0.12-1"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:a3a23a88514f9f9117f2dceb99c7686b2056ebf3b7dd3c82efa34f5855e549e8_amd64",
"product": {
"name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:a3a23a88514f9f9117f2dceb99c7686b2056ebf3b7dd3c82efa34f5855e549e8_amd64",
"product_id": "openshift-logging/elasticsearch-proxy-rhel8@sha256:a3a23a88514f9f9117f2dceb99c7686b2056ebf3b7dd3c82efa34f5855e549e8_amd64",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch-proxy-rhel8@sha256:a3a23a88514f9f9117f2dceb99c7686b2056ebf3b7dd3c82efa34f5855e549e8?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch-proxy-rhel8\u0026tag=v5.0.12-1"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/logging-curator5-rhel8@sha256:3f1a81fdc28c7254be59a8a3630f4c36c05f655bab886627393823ffa9ad2cf6_amd64",
"product": {
"name": "openshift-logging/logging-curator5-rhel8@sha256:3f1a81fdc28c7254be59a8a3630f4c36c05f655bab886627393823ffa9ad2cf6_amd64",
"product_id": "openshift-logging/logging-curator5-rhel8@sha256:3f1a81fdc28c7254be59a8a3630f4c36c05f655bab886627393823ffa9ad2cf6_amd64",
"product_identification_helper": {
"purl": "pkg:oci/logging-curator5-rhel8@sha256:3f1a81fdc28c7254be59a8a3630f4c36c05f655bab886627393823ffa9ad2cf6?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/logging-curator5-rhel8\u0026tag=v5.0.12-1"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch6-rhel8@sha256:15aef84c7916059dbddcdb5abadf9bd17ce282d4ab1e85c7b9473a025fc1d7ae_amd64",
"product": {
"name": "openshift-logging/elasticsearch6-rhel8@sha256:15aef84c7916059dbddcdb5abadf9bd17ce282d4ab1e85c7b9473a025fc1d7ae_amd64",
"product_id": "openshift-logging/elasticsearch6-rhel8@sha256:15aef84c7916059dbddcdb5abadf9bd17ce282d4ab1e85c7b9473a025fc1d7ae_amd64",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch6-rhel8@sha256:15aef84c7916059dbddcdb5abadf9bd17ce282d4ab1e85c7b9473a025fc1d7ae?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch6-rhel8\u0026tag=v5.0.12-1"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/eventrouter-rhel8@sha256:f659b70ed9b1ecb132337b75e6b3891f3e0452be4bf39e3cff517a51d6520f7a_amd64",
"product": {
"name": "openshift-logging/eventrouter-rhel8@sha256:f659b70ed9b1ecb132337b75e6b3891f3e0452be4bf39e3cff517a51d6520f7a_amd64",
"product_id": "openshift-logging/eventrouter-rhel8@sha256:f659b70ed9b1ecb132337b75e6b3891f3e0452be4bf39e3cff517a51d6520f7a_amd64",
"product_identification_helper": {
"purl": "pkg:oci/eventrouter-rhel8@sha256:f659b70ed9b1ecb132337b75e6b3891f3e0452be4bf39e3cff517a51d6520f7a?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/eventrouter-rhel8\u0026tag=v5.0.12-1"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/fluentd-rhel8@sha256:b7139adf92aec389c86c3d2911773520abe984a6902cf92f1d7a124480f60823_amd64",
"product": {
"name": "openshift-logging/fluentd-rhel8@sha256:b7139adf92aec389c86c3d2911773520abe984a6902cf92f1d7a124480f60823_amd64",
"product_id": "openshift-logging/fluentd-rhel8@sha256:b7139adf92aec389c86c3d2911773520abe984a6902cf92f1d7a124480f60823_amd64",
"product_identification_helper": {
"purl": "pkg:oci/fluentd-rhel8@sha256:b7139adf92aec389c86c3d2911773520abe984a6902cf92f1d7a124480f60823?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/fluentd-rhel8\u0026tag=v5.0.12-1"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/kibana6-rhel8@sha256:749d9a8434d2c5a4251d59701a3a57ece72b2fe8f3a450c6e3161905cbbd4ce3_amd64",
"product": {
"name": "openshift-logging/kibana6-rhel8@sha256:749d9a8434d2c5a4251d59701a3a57ece72b2fe8f3a450c6e3161905cbbd4ce3_amd64",
"product_id": "openshift-logging/kibana6-rhel8@sha256:749d9a8434d2c5a4251d59701a3a57ece72b2fe8f3a450c6e3161905cbbd4ce3_amd64",
"product_identification_helper": {
"purl": "pkg:oci/kibana6-rhel8@sha256:749d9a8434d2c5a4251d59701a3a57ece72b2fe8f3a450c6e3161905cbbd4ce3?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/kibana6-rhel8\u0026tag=v5.0.12-1"
}
}
}
],
"category": "architecture",
"name": "amd64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/cluster-logging-operator-bundle@sha256:88c8992a0850de9983c13c3a8e5b5cb2ed1779e31e86c0c7195ab0d38fc2727d_amd64 as a component of OpenShift Logging 5.0",
"product_id": "8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-operator-bundle@sha256:88c8992a0850de9983c13c3a8e5b5cb2ed1779e31e86c0c7195ab0d38fc2727d_amd64"
},
"product_reference": "openshift-logging/cluster-logging-operator-bundle@sha256:88c8992a0850de9983c13c3a8e5b5cb2ed1779e31e86c0c7195ab0d38fc2727d_amd64",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/cluster-logging-rhel8-operator@sha256:6444d97d9ed0d5e07c8df5a9ae55cb431250c5432cec6e90ecaae0fbe00be6d5_ppc64le as a component of OpenShift Logging 5.0",
"product_id": "8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:6444d97d9ed0d5e07c8df5a9ae55cb431250c5432cec6e90ecaae0fbe00be6d5_ppc64le"
},
"product_reference": "openshift-logging/cluster-logging-rhel8-operator@sha256:6444d97d9ed0d5e07c8df5a9ae55cb431250c5432cec6e90ecaae0fbe00be6d5_ppc64le",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/cluster-logging-rhel8-operator@sha256:989d85eee44074af63c6aea0f80a11c86338a32eed0db930feec87c7d08d5135_s390x as a component of OpenShift Logging 5.0",
"product_id": "8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:989d85eee44074af63c6aea0f80a11c86338a32eed0db930feec87c7d08d5135_s390x"
},
"product_reference": "openshift-logging/cluster-logging-rhel8-operator@sha256:989d85eee44074af63c6aea0f80a11c86338a32eed0db930feec87c7d08d5135_s390x",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/cluster-logging-rhel8-operator@sha256:e5f8312c65a081ae6433e9d8ed6e81682f5883781f4c757585559800b19fcb94_amd64 as a component of OpenShift Logging 5.0",
"product_id": "8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:e5f8312c65a081ae6433e9d8ed6e81682f5883781f4c757585559800b19fcb94_amd64"
},
"product_reference": "openshift-logging/cluster-logging-rhel8-operator@sha256:e5f8312c65a081ae6433e9d8ed6e81682f5883781f4c757585559800b19fcb94_amd64",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch-operator-bundle@sha256:6fda7c65e256b5ca27a3e0b99d5289fd3eb67cc738787f659ee449e79e01e56c_amd64 as a component of OpenShift Logging 5.0",
"product_id": "8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-operator-bundle@sha256:6fda7c65e256b5ca27a3e0b99d5289fd3eb67cc738787f659ee449e79e01e56c_amd64"
},
"product_reference": "openshift-logging/elasticsearch-operator-bundle@sha256:6fda7c65e256b5ca27a3e0b99d5289fd3eb67cc738787f659ee449e79e01e56c_amd64",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:411a7dc6932d910e53aeb09320d25325ff4228930ae198cfe67d21404fa0e3ed_ppc64le as a component of OpenShift Logging 5.0",
"product_id": "8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:411a7dc6932d910e53aeb09320d25325ff4228930ae198cfe67d21404fa0e3ed_ppc64le"
},
"product_reference": "openshift-logging/elasticsearch-proxy-rhel8@sha256:411a7dc6932d910e53aeb09320d25325ff4228930ae198cfe67d21404fa0e3ed_ppc64le",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:a3a23a88514f9f9117f2dceb99c7686b2056ebf3b7dd3c82efa34f5855e549e8_amd64 as a component of OpenShift Logging 5.0",
"product_id": "8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:a3a23a88514f9f9117f2dceb99c7686b2056ebf3b7dd3c82efa34f5855e549e8_amd64"
},
"product_reference": "openshift-logging/elasticsearch-proxy-rhel8@sha256:a3a23a88514f9f9117f2dceb99c7686b2056ebf3b7dd3c82efa34f5855e549e8_amd64",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:dba9c39a48e4f4a93db4daa1d596a08fc60c8c55c6b7889a7b69be241c7cd119_s390x as a component of OpenShift Logging 5.0",
"product_id": "8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:dba9c39a48e4f4a93db4daa1d596a08fc60c8c55c6b7889a7b69be241c7cd119_s390x"
},
"product_reference": "openshift-logging/elasticsearch-proxy-rhel8@sha256:dba9c39a48e4f4a93db4daa1d596a08fc60c8c55c6b7889a7b69be241c7cd119_s390x",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch-rhel8-operator@sha256:31ee1ebcb1276a491a5fee1b86aacbd1ebc0c07bdd4c9b536ce95c948995b6d0_amd64 as a component of OpenShift Logging 5.0",
"product_id": "8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:31ee1ebcb1276a491a5fee1b86aacbd1ebc0c07bdd4c9b536ce95c948995b6d0_amd64"
},
"product_reference": "openshift-logging/elasticsearch-rhel8-operator@sha256:31ee1ebcb1276a491a5fee1b86aacbd1ebc0c07bdd4c9b536ce95c948995b6d0_amd64",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch-rhel8-operator@sha256:87a757926b3934d21632b830511ca077d9fdb12417fa8886fad85c10143a6842_ppc64le as a component of OpenShift Logging 5.0",
"product_id": "8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:87a757926b3934d21632b830511ca077d9fdb12417fa8886fad85c10143a6842_ppc64le"
},
"product_reference": "openshift-logging/elasticsearch-rhel8-operator@sha256:87a757926b3934d21632b830511ca077d9fdb12417fa8886fad85c10143a6842_ppc64le",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch-rhel8-operator@sha256:d9b8605f7d19097c5f0a91d678cc2f102af892878871880023fc41721b276ef7_s390x as a component of OpenShift Logging 5.0",
"product_id": "8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:d9b8605f7d19097c5f0a91d678cc2f102af892878871880023fc41721b276ef7_s390x"
},
"product_reference": "openshift-logging/elasticsearch-rhel8-operator@sha256:d9b8605f7d19097c5f0a91d678cc2f102af892878871880023fc41721b276ef7_s390x",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch6-rhel8@sha256:15aef84c7916059dbddcdb5abadf9bd17ce282d4ab1e85c7b9473a025fc1d7ae_amd64 as a component of OpenShift Logging 5.0",
"product_id": "8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:15aef84c7916059dbddcdb5abadf9bd17ce282d4ab1e85c7b9473a025fc1d7ae_amd64"
},
"product_reference": "openshift-logging/elasticsearch6-rhel8@sha256:15aef84c7916059dbddcdb5abadf9bd17ce282d4ab1e85c7b9473a025fc1d7ae_amd64",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch6-rhel8@sha256:5b6bd22611e78f26389183e0e3cc6f860eda122720909a3644f6edc7eae4e8da_s390x as a component of OpenShift Logging 5.0",
"product_id": "8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:5b6bd22611e78f26389183e0e3cc6f860eda122720909a3644f6edc7eae4e8da_s390x"
},
"product_reference": "openshift-logging/elasticsearch6-rhel8@sha256:5b6bd22611e78f26389183e0e3cc6f860eda122720909a3644f6edc7eae4e8da_s390x",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch6-rhel8@sha256:c014b38a59a73f425c8ebd764148bad4956f24eda4670c42fd67826546df01be_ppc64le as a component of OpenShift Logging 5.0",
"product_id": "8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:c014b38a59a73f425c8ebd764148bad4956f24eda4670c42fd67826546df01be_ppc64le"
},
"product_reference": "openshift-logging/elasticsearch6-rhel8@sha256:c014b38a59a73f425c8ebd764148bad4956f24eda4670c42fd67826546df01be_ppc64le",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/eventrouter-rhel8@sha256:4afc627224c584844325fac536c2e8f0b510fa4ff84b9b05bdafe2d8505f4eac_ppc64le as a component of OpenShift Logging 5.0",
"product_id": "8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:4afc627224c584844325fac536c2e8f0b510fa4ff84b9b05bdafe2d8505f4eac_ppc64le"
},
"product_reference": "openshift-logging/eventrouter-rhel8@sha256:4afc627224c584844325fac536c2e8f0b510fa4ff84b9b05bdafe2d8505f4eac_ppc64le",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/eventrouter-rhel8@sha256:b64462859b9229e261a14035b65ab702bd301fcba043254796c9bf28205e6d79_s390x as a component of OpenShift Logging 5.0",
"product_id": "8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:b64462859b9229e261a14035b65ab702bd301fcba043254796c9bf28205e6d79_s390x"
},
"product_reference": "openshift-logging/eventrouter-rhel8@sha256:b64462859b9229e261a14035b65ab702bd301fcba043254796c9bf28205e6d79_s390x",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/eventrouter-rhel8@sha256:f659b70ed9b1ecb132337b75e6b3891f3e0452be4bf39e3cff517a51d6520f7a_amd64 as a component of OpenShift Logging 5.0",
"product_id": "8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:f659b70ed9b1ecb132337b75e6b3891f3e0452be4bf39e3cff517a51d6520f7a_amd64"
},
"product_reference": "openshift-logging/eventrouter-rhel8@sha256:f659b70ed9b1ecb132337b75e6b3891f3e0452be4bf39e3cff517a51d6520f7a_amd64",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/fluentd-rhel8@sha256:70d1eeac2c53a0c77fdcf1ae305c12786227aa6e7f4f1f3ab4365a119111f1ea_ppc64le as a component of OpenShift Logging 5.0",
"product_id": "8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:70d1eeac2c53a0c77fdcf1ae305c12786227aa6e7f4f1f3ab4365a119111f1ea_ppc64le"
},
"product_reference": "openshift-logging/fluentd-rhel8@sha256:70d1eeac2c53a0c77fdcf1ae305c12786227aa6e7f4f1f3ab4365a119111f1ea_ppc64le",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/fluentd-rhel8@sha256:a1fce6215b404d0107dc435c7f3458d7c3acc4f927ad177af43b18c9cadc1bb1_s390x as a component of OpenShift Logging 5.0",
"product_id": "8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:a1fce6215b404d0107dc435c7f3458d7c3acc4f927ad177af43b18c9cadc1bb1_s390x"
},
"product_reference": "openshift-logging/fluentd-rhel8@sha256:a1fce6215b404d0107dc435c7f3458d7c3acc4f927ad177af43b18c9cadc1bb1_s390x",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/fluentd-rhel8@sha256:b7139adf92aec389c86c3d2911773520abe984a6902cf92f1d7a124480f60823_amd64 as a component of OpenShift Logging 5.0",
"product_id": "8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:b7139adf92aec389c86c3d2911773520abe984a6902cf92f1d7a124480f60823_amd64"
},
"product_reference": "openshift-logging/fluentd-rhel8@sha256:b7139adf92aec389c86c3d2911773520abe984a6902cf92f1d7a124480f60823_amd64",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/kibana6-rhel8@sha256:23a36e4ba3a8c26585c28a0fc1a947a2f35092fdc92631c9e242928556143374_s390x as a component of OpenShift Logging 5.0",
"product_id": "8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:23a36e4ba3a8c26585c28a0fc1a947a2f35092fdc92631c9e242928556143374_s390x"
},
"product_reference": "openshift-logging/kibana6-rhel8@sha256:23a36e4ba3a8c26585c28a0fc1a947a2f35092fdc92631c9e242928556143374_s390x",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/kibana6-rhel8@sha256:749d9a8434d2c5a4251d59701a3a57ece72b2fe8f3a450c6e3161905cbbd4ce3_amd64 as a component of OpenShift Logging 5.0",
"product_id": "8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:749d9a8434d2c5a4251d59701a3a57ece72b2fe8f3a450c6e3161905cbbd4ce3_amd64"
},
"product_reference": "openshift-logging/kibana6-rhel8@sha256:749d9a8434d2c5a4251d59701a3a57ece72b2fe8f3a450c6e3161905cbbd4ce3_amd64",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/kibana6-rhel8@sha256:7cc111b0928dd598abfe6f4db5c021e056e7fa1270a3953168924f5194f00db5_ppc64le as a component of OpenShift Logging 5.0",
"product_id": "8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:7cc111b0928dd598abfe6f4db5c021e056e7fa1270a3953168924f5194f00db5_ppc64le"
},
"product_reference": "openshift-logging/kibana6-rhel8@sha256:7cc111b0928dd598abfe6f4db5c021e056e7fa1270a3953168924f5194f00db5_ppc64le",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/logging-curator5-rhel8@sha256:3f1a81fdc28c7254be59a8a3630f4c36c05f655bab886627393823ffa9ad2cf6_amd64 as a component of OpenShift Logging 5.0",
"product_id": "8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:3f1a81fdc28c7254be59a8a3630f4c36c05f655bab886627393823ffa9ad2cf6_amd64"
},
"product_reference": "openshift-logging/logging-curator5-rhel8@sha256:3f1a81fdc28c7254be59a8a3630f4c36c05f655bab886627393823ffa9ad2cf6_amd64",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/logging-curator5-rhel8@sha256:76bb02283a7740fbc2f25fd95e0f0b30118a585296a62bcc745872ecdd93ba1e_ppc64le as a component of OpenShift Logging 5.0",
"product_id": "8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:76bb02283a7740fbc2f25fd95e0f0b30118a585296a62bcc745872ecdd93ba1e_ppc64le"
},
"product_reference": "openshift-logging/logging-curator5-rhel8@sha256:76bb02283a7740fbc2f25fd95e0f0b30118a585296a62bcc745872ecdd93ba1e_ppc64le",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/logging-curator5-rhel8@sha256:f561d39b3e7249000f22471454d04323d529217842e293d0bc10af30acaa7ad8_s390x as a component of OpenShift Logging 5.0",
"product_id": "8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:f561d39b3e7249000f22471454d04323d529217842e293d0bc10af30acaa7ad8_s390x"
},
"product_reference": "openshift-logging/logging-curator5-rhel8@sha256:f561d39b3e7249000f22471454d04323d529217842e293d0bc10af30acaa7ad8_s390x",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.0"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-44832",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2021-12-28T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-operator-bundle@sha256:88c8992a0850de9983c13c3a8e5b5cb2ed1779e31e86c0c7195ab0d38fc2727d_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:6444d97d9ed0d5e07c8df5a9ae55cb431250c5432cec6e90ecaae0fbe00be6d5_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:989d85eee44074af63c6aea0f80a11c86338a32eed0db930feec87c7d08d5135_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:e5f8312c65a081ae6433e9d8ed6e81682f5883781f4c757585559800b19fcb94_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-operator-bundle@sha256:6fda7c65e256b5ca27a3e0b99d5289fd3eb67cc738787f659ee449e79e01e56c_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:411a7dc6932d910e53aeb09320d25325ff4228930ae198cfe67d21404fa0e3ed_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:a3a23a88514f9f9117f2dceb99c7686b2056ebf3b7dd3c82efa34f5855e549e8_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:dba9c39a48e4f4a93db4daa1d596a08fc60c8c55c6b7889a7b69be241c7cd119_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:31ee1ebcb1276a491a5fee1b86aacbd1ebc0c07bdd4c9b536ce95c948995b6d0_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:87a757926b3934d21632b830511ca077d9fdb12417fa8886fad85c10143a6842_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:d9b8605f7d19097c5f0a91d678cc2f102af892878871880023fc41721b276ef7_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:4afc627224c584844325fac536c2e8f0b510fa4ff84b9b05bdafe2d8505f4eac_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:b64462859b9229e261a14035b65ab702bd301fcba043254796c9bf28205e6d79_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:f659b70ed9b1ecb132337b75e6b3891f3e0452be4bf39e3cff517a51d6520f7a_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:70d1eeac2c53a0c77fdcf1ae305c12786227aa6e7f4f1f3ab4365a119111f1ea_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:a1fce6215b404d0107dc435c7f3458d7c3acc4f927ad177af43b18c9cadc1bb1_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:b7139adf92aec389c86c3d2911773520abe984a6902cf92f1d7a124480f60823_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:23a36e4ba3a8c26585c28a0fc1a947a2f35092fdc92631c9e242928556143374_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:749d9a8434d2c5a4251d59701a3a57ece72b2fe8f3a450c6e3161905cbbd4ce3_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:7cc111b0928dd598abfe6f4db5c021e056e7fa1270a3953168924f5194f00db5_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:3f1a81fdc28c7254be59a8a3630f4c36c05f655bab886627393823ffa9ad2cf6_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:76bb02283a7740fbc2f25fd95e0f0b30118a585296a62bcc745872ecdd93ba1e_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:f561d39b3e7249000f22471454d04323d529217842e293d0bc10af30acaa7ad8_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2035951"
}
],
"notes": [
{
"category": "description",
"text": "Apache Log4j2 versions 2.0-beta7 through 2.17.0 (excluding security fix releases 2.3.2 and 2.12.4) are vulnerable to a remote code execution (RCE) attack where an attacker with permission to modify the logging configuration file can construct a malicious configuration using a JDBC Appender with a data source referencing a JNDI URI which can execute remote code. This issue is fixed by limiting JNDI data source names to the java protocol in Log4j2 versions 2.17.1, 2.12.4, and 2.3.2.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "log4j-core: remote code execution via JDBC Appender",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Log4j 1.x is not impacted by this vulnerability. Therefore versions of log4j shipped with Red Hat Enterprise Linux are NOT affected by this flaw.\n\nFor Elasticsearch, as shipped in OpenShift Container Platform and OpenShift Logging, access to the log4j2.properties configuration is limited only to the cluster administrators and exploitation requires cluster logging changes, what reduced the impact of this vulnerability significantly [0].\n\n[0] https://discuss.elastic.co/t/apache-log4j2-remote-code-execution-rce-vulnerability-cve-2021-44228-esa-2021-31/291476#update-jan-6-5",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:15aef84c7916059dbddcdb5abadf9bd17ce282d4ab1e85c7b9473a025fc1d7ae_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:5b6bd22611e78f26389183e0e3cc6f860eda122720909a3644f6edc7eae4e8da_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:c014b38a59a73f425c8ebd764148bad4956f24eda4670c42fd67826546df01be_ppc64le"
],
"known_not_affected": [
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-operator-bundle@sha256:88c8992a0850de9983c13c3a8e5b5cb2ed1779e31e86c0c7195ab0d38fc2727d_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:6444d97d9ed0d5e07c8df5a9ae55cb431250c5432cec6e90ecaae0fbe00be6d5_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:989d85eee44074af63c6aea0f80a11c86338a32eed0db930feec87c7d08d5135_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:e5f8312c65a081ae6433e9d8ed6e81682f5883781f4c757585559800b19fcb94_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-operator-bundle@sha256:6fda7c65e256b5ca27a3e0b99d5289fd3eb67cc738787f659ee449e79e01e56c_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:411a7dc6932d910e53aeb09320d25325ff4228930ae198cfe67d21404fa0e3ed_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:a3a23a88514f9f9117f2dceb99c7686b2056ebf3b7dd3c82efa34f5855e549e8_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:dba9c39a48e4f4a93db4daa1d596a08fc60c8c55c6b7889a7b69be241c7cd119_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:31ee1ebcb1276a491a5fee1b86aacbd1ebc0c07bdd4c9b536ce95c948995b6d0_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:87a757926b3934d21632b830511ca077d9fdb12417fa8886fad85c10143a6842_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:d9b8605f7d19097c5f0a91d678cc2f102af892878871880023fc41721b276ef7_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:4afc627224c584844325fac536c2e8f0b510fa4ff84b9b05bdafe2d8505f4eac_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:b64462859b9229e261a14035b65ab702bd301fcba043254796c9bf28205e6d79_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:f659b70ed9b1ecb132337b75e6b3891f3e0452be4bf39e3cff517a51d6520f7a_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:70d1eeac2c53a0c77fdcf1ae305c12786227aa6e7f4f1f3ab4365a119111f1ea_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:a1fce6215b404d0107dc435c7f3458d7c3acc4f927ad177af43b18c9cadc1bb1_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:b7139adf92aec389c86c3d2911773520abe984a6902cf92f1d7a124480f60823_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:23a36e4ba3a8c26585c28a0fc1a947a2f35092fdc92631c9e242928556143374_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:749d9a8434d2c5a4251d59701a3a57ece72b2fe8f3a450c6e3161905cbbd4ce3_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:7cc111b0928dd598abfe6f4db5c021e056e7fa1270a3953168924f5194f00db5_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:3f1a81fdc28c7254be59a8a3630f4c36c05f655bab886627393823ffa9ad2cf6_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:76bb02283a7740fbc2f25fd95e0f0b30118a585296a62bcc745872ecdd93ba1e_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:f561d39b3e7249000f22471454d04323d529217842e293d0bc10af30acaa7ad8_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-44832"
},
{
"category": "external",
"summary": "RHBZ#2035951",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2035951"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-44832",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44832"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-44832",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-44832"
},
{
"category": "external",
"summary": "https://issues.apache.org/jira/browse/LOG4J2-3293",
"url": "https://issues.apache.org/jira/browse/LOG4J2-3293"
}
],
"release_date": "2021-12-28T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-01-20T21:09:05+00:00",
"details": "For OpenShift Container Platform 4.7 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:\n\nhttps://docs.openshift.com/container-platform/4.7/release_notes/ocp-4-7-release-notes.html\n\nFor Red Hat OpenShift Logging 5.0, see the following instructions to apply this update:\n\nhttps://docs.openshift.com/container-platform/4.7/logging/cluster-logging-upgrading.html",
"product_ids": [
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:15aef84c7916059dbddcdb5abadf9bd17ce282d4ab1e85c7b9473a025fc1d7ae_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:5b6bd22611e78f26389183e0e3cc6f860eda122720909a3644f6edc7eae4e8da_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:c014b38a59a73f425c8ebd764148bad4956f24eda4670c42fd67826546df01be_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:0225"
},
{
"category": "workaround",
"details": "As per upstream:\n- In prior releases confirm that if the JDBC Appender is being used it is not configured to use any protocol other than Java.\n- Note that only the log4j-core JAR file is impacted by this vulnerability. Applications using only the log4j-api JAR file without the log4j-core JAR file are not impacted by this vulnerability.",
"product_ids": [
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-operator-bundle@sha256:88c8992a0850de9983c13c3a8e5b5cb2ed1779e31e86c0c7195ab0d38fc2727d_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:6444d97d9ed0d5e07c8df5a9ae55cb431250c5432cec6e90ecaae0fbe00be6d5_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:989d85eee44074af63c6aea0f80a11c86338a32eed0db930feec87c7d08d5135_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:e5f8312c65a081ae6433e9d8ed6e81682f5883781f4c757585559800b19fcb94_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-operator-bundle@sha256:6fda7c65e256b5ca27a3e0b99d5289fd3eb67cc738787f659ee449e79e01e56c_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:411a7dc6932d910e53aeb09320d25325ff4228930ae198cfe67d21404fa0e3ed_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:a3a23a88514f9f9117f2dceb99c7686b2056ebf3b7dd3c82efa34f5855e549e8_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:dba9c39a48e4f4a93db4daa1d596a08fc60c8c55c6b7889a7b69be241c7cd119_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:31ee1ebcb1276a491a5fee1b86aacbd1ebc0c07bdd4c9b536ce95c948995b6d0_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:87a757926b3934d21632b830511ca077d9fdb12417fa8886fad85c10143a6842_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:d9b8605f7d19097c5f0a91d678cc2f102af892878871880023fc41721b276ef7_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:15aef84c7916059dbddcdb5abadf9bd17ce282d4ab1e85c7b9473a025fc1d7ae_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:5b6bd22611e78f26389183e0e3cc6f860eda122720909a3644f6edc7eae4e8da_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:c014b38a59a73f425c8ebd764148bad4956f24eda4670c42fd67826546df01be_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:4afc627224c584844325fac536c2e8f0b510fa4ff84b9b05bdafe2d8505f4eac_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:b64462859b9229e261a14035b65ab702bd301fcba043254796c9bf28205e6d79_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:f659b70ed9b1ecb132337b75e6b3891f3e0452be4bf39e3cff517a51d6520f7a_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:70d1eeac2c53a0c77fdcf1ae305c12786227aa6e7f4f1f3ab4365a119111f1ea_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:a1fce6215b404d0107dc435c7f3458d7c3acc4f927ad177af43b18c9cadc1bb1_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:b7139adf92aec389c86c3d2911773520abe984a6902cf92f1d7a124480f60823_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:23a36e4ba3a8c26585c28a0fc1a947a2f35092fdc92631c9e242928556143374_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:749d9a8434d2c5a4251d59701a3a57ece72b2fe8f3a450c6e3161905cbbd4ce3_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:7cc111b0928dd598abfe6f4db5c021e056e7fa1270a3953168924f5194f00db5_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:3f1a81fdc28c7254be59a8a3630f4c36c05f655bab886627393823ffa9ad2cf6_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:76bb02283a7740fbc2f25fd95e0f0b30118a585296a62bcc745872ecdd93ba1e_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:f561d39b3e7249000f22471454d04323d529217842e293d0bc10af30acaa7ad8_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-operator-bundle@sha256:88c8992a0850de9983c13c3a8e5b5cb2ed1779e31e86c0c7195ab0d38fc2727d_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:6444d97d9ed0d5e07c8df5a9ae55cb431250c5432cec6e90ecaae0fbe00be6d5_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:989d85eee44074af63c6aea0f80a11c86338a32eed0db930feec87c7d08d5135_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:e5f8312c65a081ae6433e9d8ed6e81682f5883781f4c757585559800b19fcb94_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-operator-bundle@sha256:6fda7c65e256b5ca27a3e0b99d5289fd3eb67cc738787f659ee449e79e01e56c_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:411a7dc6932d910e53aeb09320d25325ff4228930ae198cfe67d21404fa0e3ed_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:a3a23a88514f9f9117f2dceb99c7686b2056ebf3b7dd3c82efa34f5855e549e8_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:dba9c39a48e4f4a93db4daa1d596a08fc60c8c55c6b7889a7b69be241c7cd119_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:31ee1ebcb1276a491a5fee1b86aacbd1ebc0c07bdd4c9b536ce95c948995b6d0_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:87a757926b3934d21632b830511ca077d9fdb12417fa8886fad85c10143a6842_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:d9b8605f7d19097c5f0a91d678cc2f102af892878871880023fc41721b276ef7_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:15aef84c7916059dbddcdb5abadf9bd17ce282d4ab1e85c7b9473a025fc1d7ae_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:5b6bd22611e78f26389183e0e3cc6f860eda122720909a3644f6edc7eae4e8da_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:c014b38a59a73f425c8ebd764148bad4956f24eda4670c42fd67826546df01be_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:4afc627224c584844325fac536c2e8f0b510fa4ff84b9b05bdafe2d8505f4eac_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:b64462859b9229e261a14035b65ab702bd301fcba043254796c9bf28205e6d79_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:f659b70ed9b1ecb132337b75e6b3891f3e0452be4bf39e3cff517a51d6520f7a_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:70d1eeac2c53a0c77fdcf1ae305c12786227aa6e7f4f1f3ab4365a119111f1ea_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:a1fce6215b404d0107dc435c7f3458d7c3acc4f927ad177af43b18c9cadc1bb1_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:b7139adf92aec389c86c3d2911773520abe984a6902cf92f1d7a124480f60823_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:23a36e4ba3a8c26585c28a0fc1a947a2f35092fdc92631c9e242928556143374_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:749d9a8434d2c5a4251d59701a3a57ece72b2fe8f3a450c6e3161905cbbd4ce3_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:7cc111b0928dd598abfe6f4db5c021e056e7fa1270a3953168924f5194f00db5_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:3f1a81fdc28c7254be59a8a3630f4c36c05f655bab886627393823ffa9ad2cf6_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:76bb02283a7740fbc2f25fd95e0f0b30118a585296a62bcc745872ecdd93ba1e_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:f561d39b3e7249000f22471454d04323d529217842e293d0bc10af30acaa7ad8_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "log4j-core: remote code execution via JDBC Appender"
}
]
}
RHSA-2022_0485
Vulnerability from csaf_redhat - Published: 2022-02-16 15:04 - Updated: 2024-11-24 21:29Summary
Red Hat Security Advisory: OpenShift Container Platform 4.8.31 security update
Notes
Topic
Red Hat OpenShift Container Platform release 4.8.31 is now available with
updates to packages and images that fix several bugs and add enhancements.
This release includes a security update for Red Hat OpenShift Container Platform 4.8.
Red Hat Product Security has rated this update as having a security impact
of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
gives a detailed severity rating, is available for each vulnerability from
the CVE link(s) in the References section.
Details
Red Hat OpenShift Container Platform is Red Hat's cloud computing
Kubernetes application platform solution designed for on-premise or private
cloud deployments.
This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.8.31. See the following advisory for the container images for this release:
https://access.redhat.com/errata/RHBA-2022:0484
Security Fix(es):
* log4j-core: remote code execution via JDBC Appender (CVE-2021-44832)
For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.
All OpenShift Container Platform 4.8 users are advised to upgrade to these updated packages and images when they are available in the appropriate release channel. To check for available updates, use the OpenShift Console or the CLI oc command. Instructions for upgrading a cluster are available at https://docs.openshift.com/container-platform/4.8/updating/updating-cluster-cli.html
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Red Hat OpenShift Container Platform release 4.8.31 is now available with\nupdates to packages and images that fix several bugs and add enhancements.\n\nThis release includes a security update for Red Hat OpenShift Container Platform 4.8.\n\nRed Hat Product Security has rated this update as having a security impact\nof Moderate. A Common Vulnerability Scoring System (CVSS) base score, which\ngives a detailed severity rating, is available for each vulnerability from\nthe CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat OpenShift Container Platform is Red Hat\u0027s cloud computing\nKubernetes application platform solution designed for on-premise or private\ncloud deployments.\n\nThis advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.8.31. See the following advisory for the container images for this release:\n\nhttps://access.redhat.com/errata/RHBA-2022:0484\n\nSecurity Fix(es):\n\n* log4j-core: remote code execution via JDBC Appender (CVE-2021-44832)\n\nFor more details about the security issue(s), including the impact, a CVSS\nscore, acknowledgments, and other related information, refer to the CVE\npage(s) listed in the References section.\n\nAll OpenShift Container Platform 4.8 users are advised to upgrade to these updated packages and images when they are available in the appropriate release channel. To check for available updates, use the OpenShift Console or the CLI oc command. Instructions for upgrading a cluster are available at https://docs.openshift.com/container-platform/4.8/updating/updating-cluster-cli.html",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2022:0485",
"url": "https://access.redhat.com/errata/RHSA-2022:0485"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "2035951",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2035951"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2022/rhsa-2022_0485.json"
}
],
"title": "Red Hat Security Advisory: OpenShift Container Platform 4.8.31 security update",
"tracking": {
"current_release_date": "2024-11-24T21:29:52+00:00",
"generator": {
"date": "2024-11-24T21:29:52+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.1"
}
},
"id": "RHSA-2022:0485",
"initial_release_date": "2022-02-16T15:04:02+00:00",
"revision_history": [
{
"date": "2022-02-16T15:04:02+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2022-02-16T15:04:03+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-24T21:29:52+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat OpenShift Container Platform 4.8",
"product": {
"name": "Red Hat OpenShift Container Platform 4.8",
"product_id": "8Base-RHOSE-4.8",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift:4.8::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenShift Enterprise"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift4/ose-descheduler@sha256:c646e3a5e81cff6f9e5fd0d590acff2a8ae1c0a36cb7bc5210f6285d8dc06817_amd64",
"product": {
"name": "openshift4/ose-descheduler@sha256:c646e3a5e81cff6f9e5fd0d590acff2a8ae1c0a36cb7bc5210f6285d8dc06817_amd64",
"product_id": "openshift4/ose-descheduler@sha256:c646e3a5e81cff6f9e5fd0d590acff2a8ae1c0a36cb7bc5210f6285d8dc06817_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-descheduler@sha256:c646e3a5e81cff6f9e5fd0d590acff2a8ae1c0a36cb7bc5210f6285d8dc06817?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-descheduler\u0026tag=v4.8.0-202201261123.p0.g37691a4.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-node-problem-detector-rhel8@sha256:3fddde918aae7343b55fb4bdd8273d8a928030d95465cb4c699d92958761a7a1_amd64",
"product": {
"name": "openshift4/ose-node-problem-detector-rhel8@sha256:3fddde918aae7343b55fb4bdd8273d8a928030d95465cb4c699d92958761a7a1_amd64",
"product_id": "openshift4/ose-node-problem-detector-rhel8@sha256:3fddde918aae7343b55fb4bdd8273d8a928030d95465cb4c699d92958761a7a1_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-node-problem-detector-rhel8@sha256:3fddde918aae7343b55fb4bdd8273d8a928030d95465cb4c699d92958761a7a1?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-node-problem-detector-rhel8\u0026tag=v4.8.0-202201261123.p0.g8e44437.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-cluster-nfd-operator@sha256:3e804e2a87f3d4466ec45163ec1b8a7f5f8621a8dafba7359639319def652df7_amd64",
"product": {
"name": "openshift4/ose-cluster-nfd-operator@sha256:3e804e2a87f3d4466ec45163ec1b8a7f5f8621a8dafba7359639319def652df7_amd64",
"product_id": "openshift4/ose-cluster-nfd-operator@sha256:3e804e2a87f3d4466ec45163ec1b8a7f5f8621a8dafba7359639319def652df7_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-cluster-nfd-operator@sha256:3e804e2a87f3d4466ec45163ec1b8a7f5f8621a8dafba7359639319def652df7?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-cluster-nfd-operator\u0026tag=v4.8.0-202201261123.p0.gb9eec62.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-ghostunnel@sha256:d24324d2a5f5db35706160389fd0504529847b610b67c946426dd2d5c580333c_amd64",
"product": {
"name": "openshift4/ose-ghostunnel@sha256:d24324d2a5f5db35706160389fd0504529847b610b67c946426dd2d5c580333c_amd64",
"product_id": "openshift4/ose-ghostunnel@sha256:d24324d2a5f5db35706160389fd0504529847b610b67c946426dd2d5c580333c_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-ghostunnel@sha256:d24324d2a5f5db35706160389fd0504529847b610b67c946426dd2d5c580333c?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-ghostunnel\u0026tag=v4.8.0-202201261123.p0.g3f61070.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-metering-hadoop@sha256:3a6ae11db1f9f60674295b5b9feebbc19e1c8318390a00dd1314f56adace118c_amd64",
"product": {
"name": "openshift4/ose-metering-hadoop@sha256:3a6ae11db1f9f60674295b5b9feebbc19e1c8318390a00dd1314f56adace118c_amd64",
"product_id": "openshift4/ose-metering-hadoop@sha256:3a6ae11db1f9f60674295b5b9feebbc19e1c8318390a00dd1314f56adace118c_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-metering-hadoop@sha256:3a6ae11db1f9f60674295b5b9feebbc19e1c8318390a00dd1314f56adace118c?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-metering-hadoop\u0026tag=v4.8.0-202201271626.p0.gebd9cb4.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-metering-hive@sha256:5431d1a3f9f479600db352feee682ce8e31d9b1d62f7c06e7fe0138a1aca7044_amd64",
"product": {
"name": "openshift4/ose-metering-hive@sha256:5431d1a3f9f479600db352feee682ce8e31d9b1d62f7c06e7fe0138a1aca7044_amd64",
"product_id": "openshift4/ose-metering-hive@sha256:5431d1a3f9f479600db352feee682ce8e31d9b1d62f7c06e7fe0138a1aca7044_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-metering-hive@sha256:5431d1a3f9f479600db352feee682ce8e31d9b1d62f7c06e7fe0138a1aca7044?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-metering-hive\u0026tag=v4.8.0-202201271626.p0.g8fb24af.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-sriov-infiniband-cni@sha256:e316ddfe57eb0f75f1d05f6b449f7f2746b345155729e037012d9081bcdfe11a_amd64",
"product": {
"name": "openshift4/ose-sriov-infiniband-cni@sha256:e316ddfe57eb0f75f1d05f6b449f7f2746b345155729e037012d9081bcdfe11a_amd64",
"product_id": "openshift4/ose-sriov-infiniband-cni@sha256:e316ddfe57eb0f75f1d05f6b449f7f2746b345155729e037012d9081bcdfe11a_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-sriov-infiniband-cni@sha256:e316ddfe57eb0f75f1d05f6b449f7f2746b345155729e037012d9081bcdfe11a?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-sriov-infiniband-cni\u0026tag=v4.8.0-202201261123.p0.g9edcb7c.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-local-storage-diskmaker@sha256:75bc3a0ac9201a825d2aaa1a8af28db620c40e95e25b5e1b6b3e00e507bccdcc_amd64",
"product": {
"name": "openshift4/ose-local-storage-diskmaker@sha256:75bc3a0ac9201a825d2aaa1a8af28db620c40e95e25b5e1b6b3e00e507bccdcc_amd64",
"product_id": "openshift4/ose-local-storage-diskmaker@sha256:75bc3a0ac9201a825d2aaa1a8af28db620c40e95e25b5e1b6b3e00e507bccdcc_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-local-storage-diskmaker@sha256:75bc3a0ac9201a825d2aaa1a8af28db620c40e95e25b5e1b6b3e00e507bccdcc?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-local-storage-diskmaker\u0026tag=v4.8.0-202202070834.p0.g7887ed0.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-local-storage-operator@sha256:8bf7c9546ffbab5678776abe5a25460f3ffdc166ffbfb65f4a674bac26e0dfae_amd64",
"product": {
"name": "openshift4/ose-local-storage-operator@sha256:8bf7c9546ffbab5678776abe5a25460f3ffdc166ffbfb65f4a674bac26e0dfae_amd64",
"product_id": "openshift4/ose-local-storage-operator@sha256:8bf7c9546ffbab5678776abe5a25460f3ffdc166ffbfb65f4a674bac26e0dfae_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-local-storage-operator@sha256:8bf7c9546ffbab5678776abe5a25460f3ffdc166ffbfb65f4a674bac26e0dfae?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-local-storage-operator\u0026tag=v4.8.0-202202070834.p0.g7887ed0.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-local-storage-static-provisioner@sha256:bcff1893ff84874958f43dd84a22f56f7648dfda34236f4ad87e2a964cf33cd9_amd64",
"product": {
"name": "openshift4/ose-local-storage-static-provisioner@sha256:bcff1893ff84874958f43dd84a22f56f7648dfda34236f4ad87e2a964cf33cd9_amd64",
"product_id": "openshift4/ose-local-storage-static-provisioner@sha256:bcff1893ff84874958f43dd84a22f56f7648dfda34236f4ad87e2a964cf33cd9_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-local-storage-static-provisioner@sha256:bcff1893ff84874958f43dd84a22f56f7648dfda34236f4ad87e2a964cf33cd9?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-local-storage-static-provisioner\u0026tag=v4.8.0-202201261123.p0.ga829a11.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-node-feature-discovery@sha256:d66763784469579e744a627d49d9e125f0d6c69ac3542336fd28c73180af98bb_amd64",
"product": {
"name": "openshift4/ose-node-feature-discovery@sha256:d66763784469579e744a627d49d9e125f0d6c69ac3542336fd28c73180af98bb_amd64",
"product_id": "openshift4/ose-node-feature-discovery@sha256:d66763784469579e744a627d49d9e125f0d6c69ac3542336fd28c73180af98bb_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-node-feature-discovery@sha256:d66763784469579e744a627d49d9e125f0d6c69ac3542336fd28c73180af98bb?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-node-feature-discovery\u0026tag=v4.8.0-202201261123.p0.ga531700.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-ansible-operator@sha256:317b636846f5a4da94b8a44eb87b9d34721da8b819debdcfecb726b8d74537c4_amd64",
"product": {
"name": "openshift4/ose-ansible-operator@sha256:317b636846f5a4da94b8a44eb87b9d34721da8b819debdcfecb726b8d74537c4_amd64",
"product_id": "openshift4/ose-ansible-operator@sha256:317b636846f5a4da94b8a44eb87b9d34721da8b819debdcfecb726b8d74537c4_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-ansible-operator@sha256:317b636846f5a4da94b8a44eb87b9d34721da8b819debdcfecb726b8d74537c4?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-ansible-operator\u0026tag=v4.8.0-202201261123.p0.gb35596f.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-cluster-capacity@sha256:a8b224b9187b51c7b6251488f84bc86ec5e54bad0515c1516d6f535a2ad5a6d7_amd64",
"product": {
"name": "openshift4/ose-cluster-capacity@sha256:a8b224b9187b51c7b6251488f84bc86ec5e54bad0515c1516d6f535a2ad5a6d7_amd64",
"product_id": "openshift4/ose-cluster-capacity@sha256:a8b224b9187b51c7b6251488f84bc86ec5e54bad0515c1516d6f535a2ad5a6d7_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-cluster-capacity@sha256:a8b224b9187b51c7b6251488f84bc86ec5e54bad0515c1516d6f535a2ad5a6d7?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-cluster-capacity\u0026tag=v4.8.0-202201261123.p0.g44c178f.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-egress-dns-proxy@sha256:7e578789946a853c299254cc9092f815c59333551fc7bcdf0cec4ee8bd0975f7_amd64",
"product": {
"name": "openshift4/ose-egress-dns-proxy@sha256:7e578789946a853c299254cc9092f815c59333551fc7bcdf0cec4ee8bd0975f7_amd64",
"product_id": "openshift4/ose-egress-dns-proxy@sha256:7e578789946a853c299254cc9092f815c59333551fc7bcdf0cec4ee8bd0975f7_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-egress-dns-proxy@sha256:7e578789946a853c299254cc9092f815c59333551fc7bcdf0cec4ee8bd0975f7?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-egress-dns-proxy\u0026tag=v4.8.0-202201261123.p0.gad38e11.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-egress-router@sha256:9c5ea6554b499063a4056685d22bc4b8e553bacbacd8f5b6c6c70029b7c691c2_amd64",
"product": {
"name": "openshift4/ose-egress-router@sha256:9c5ea6554b499063a4056685d22bc4b8e553bacbacd8f5b6c6c70029b7c691c2_amd64",
"product_id": "openshift4/ose-egress-router@sha256:9c5ea6554b499063a4056685d22bc4b8e553bacbacd8f5b6c6c70029b7c691c2_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-egress-router@sha256:9c5ea6554b499063a4056685d22bc4b8e553bacbacd8f5b6c6c70029b7c691c2?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-egress-router\u0026tag=v4.8.0-202201261123.p0.gad38e11.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-helm-operator@sha256:df4243dbedfc6b134f48d8e839c859a55070dd816fcebf64da40f1ff86d1a6e8_amd64",
"product": {
"name": "openshift4/ose-helm-operator@sha256:df4243dbedfc6b134f48d8e839c859a55070dd816fcebf64da40f1ff86d1a6e8_amd64",
"product_id": "openshift4/ose-helm-operator@sha256:df4243dbedfc6b134f48d8e839c859a55070dd816fcebf64da40f1ff86d1a6e8_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-helm-operator@sha256:df4243dbedfc6b134f48d8e839c859a55070dd816fcebf64da40f1ff86d1a6e8?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-helm-operator\u0026tag=v4.8.0-202201261123.p0.gb35596f.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-operator-sdk-rhel8@sha256:7f191475c9dd43d6b40efd4b565bf677af22b1b654e0f5d8829b4831abc715d5_amd64",
"product": {
"name": "openshift4/ose-operator-sdk-rhel8@sha256:7f191475c9dd43d6b40efd4b565bf677af22b1b654e0f5d8829b4831abc715d5_amd64",
"product_id": "openshift4/ose-operator-sdk-rhel8@sha256:7f191475c9dd43d6b40efd4b565bf677af22b1b654e0f5d8829b4831abc715d5_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-operator-sdk-rhel8@sha256:7f191475c9dd43d6b40efd4b565bf677af22b1b654e0f5d8829b4831abc715d5?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-operator-sdk-rhel8\u0026tag=v4.8.0-202201261123.p0.gb35596f.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-service-idler-rhel8@sha256:dbc79719030b91a0879a1646a677fe7858f8e6552c496cfd5025430e6672d3c3_amd64",
"product": {
"name": "openshift4/ose-service-idler-rhel8@sha256:dbc79719030b91a0879a1646a677fe7858f8e6552c496cfd5025430e6672d3c3_amd64",
"product_id": "openshift4/ose-service-idler-rhel8@sha256:dbc79719030b91a0879a1646a677fe7858f8e6552c496cfd5025430e6672d3c3_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-service-idler-rhel8@sha256:dbc79719030b91a0879a1646a677fe7858f8e6552c496cfd5025430e6672d3c3?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-service-idler-rhel8\u0026tag=v4.8.0-202201261123.p0.g39cfc66.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-kubernetes-nmstate-handler-rhel8@sha256:13d228ad69d3d76bd7af3eab87c2122016c29aca7930d83b7b084726ea62b3b6_amd64",
"product": {
"name": "openshift4/ose-kubernetes-nmstate-handler-rhel8@sha256:13d228ad69d3d76bd7af3eab87c2122016c29aca7930d83b7b084726ea62b3b6_amd64",
"product_id": "openshift4/ose-kubernetes-nmstate-handler-rhel8@sha256:13d228ad69d3d76bd7af3eab87c2122016c29aca7930d83b7b084726ea62b3b6_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-kubernetes-nmstate-handler-rhel8@sha256:13d228ad69d3d76bd7af3eab87c2122016c29aca7930d83b7b084726ea62b3b6?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-kubernetes-nmstate-handler-rhel8\u0026tag=v4.8.0-202201261123.p0.g458be7e.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-cluster-kube-descheduler-operator@sha256:24380dc5d13f84e5b3d35bcf6e183ab697a8b9f997c4808027dbe396a075e389_amd64",
"product": {
"name": "openshift4/ose-cluster-kube-descheduler-operator@sha256:24380dc5d13f84e5b3d35bcf6e183ab697a8b9f997c4808027dbe396a075e389_amd64",
"product_id": "openshift4/ose-cluster-kube-descheduler-operator@sha256:24380dc5d13f84e5b3d35bcf6e183ab697a8b9f997c4808027dbe396a075e389_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-cluster-kube-descheduler-operator@sha256:24380dc5d13f84e5b3d35bcf6e183ab697a8b9f997c4808027dbe396a075e389?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-cluster-kube-descheduler-operator\u0026tag=v4.8.0-202201261123.p0.g1af4c42.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:24380dc5d13f84e5b3d35bcf6e183ab697a8b9f997c4808027dbe396a075e389_amd64",
"product": {
"name": "openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:24380dc5d13f84e5b3d35bcf6e183ab697a8b9f997c4808027dbe396a075e389_amd64",
"product_id": "openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:24380dc5d13f84e5b3d35bcf6e183ab697a8b9f997c4808027dbe396a075e389_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-cluster-kube-descheduler-rhel8-operator@sha256:24380dc5d13f84e5b3d35bcf6e183ab697a8b9f997c4808027dbe396a075e389?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-cluster-kube-descheduler-rhel8-operator\u0026tag=v4.8.0-202201261123.p0.g1af4c42.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-clusterresourceoverride-rhel8@sha256:7f80896dc1acc9d9af477d753e7fafe3d828e5b35fb123fda05c272c93efaae4_amd64",
"product": {
"name": "openshift4/ose-clusterresourceoverride-rhel8@sha256:7f80896dc1acc9d9af477d753e7fafe3d828e5b35fb123fda05c272c93efaae4_amd64",
"product_id": "openshift4/ose-clusterresourceoverride-rhel8@sha256:7f80896dc1acc9d9af477d753e7fafe3d828e5b35fb123fda05c272c93efaae4_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-clusterresourceoverride-rhel8@sha256:7f80896dc1acc9d9af477d753e7fafe3d828e5b35fb123fda05c272c93efaae4?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-clusterresourceoverride-rhel8\u0026tag=v4.8.0-202201261123.p0.g2a9f548.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:f426e6f2bbd416978f1bc731e061eb908cd34736180e92a6d76cbcc00d494ea0_amd64",
"product": {
"name": "openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:f426e6f2bbd416978f1bc731e061eb908cd34736180e92a6d76cbcc00d494ea0_amd64",
"product_id": "openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:f426e6f2bbd416978f1bc731e061eb908cd34736180e92a6d76cbcc00d494ea0_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-clusterresourceoverride-rhel8-operator@sha256:f426e6f2bbd416978f1bc731e061eb908cd34736180e92a6d76cbcc00d494ea0?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-clusterresourceoverride-rhel8-operator\u0026tag=v4.8.0-202201261123.p0.gfcdcef8.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-egress-http-proxy@sha256:26f61e722fc9110448b6c851d8c9e0e49c8d31ee6bbc678ea27767fe8351ad5b_amd64",
"product": {
"name": "openshift4/ose-egress-http-proxy@sha256:26f61e722fc9110448b6c851d8c9e0e49c8d31ee6bbc678ea27767fe8351ad5b_amd64",
"product_id": "openshift4/ose-egress-http-proxy@sha256:26f61e722fc9110448b6c851d8c9e0e49c8d31ee6bbc678ea27767fe8351ad5b_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-egress-http-proxy@sha256:26f61e722fc9110448b6c851d8c9e0e49c8d31ee6bbc678ea27767fe8351ad5b?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-egress-http-proxy\u0026tag=v4.8.0-202201261123.p0.gad38e11.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/kubernetes-nmstate-rhel8-operator@sha256:bf92e1a223de2fe51d8e702f7bcd924e83378b99a249e76f1f8db7167a34e155_amd64",
"product": {
"name": "openshift4/kubernetes-nmstate-rhel8-operator@sha256:bf92e1a223de2fe51d8e702f7bcd924e83378b99a249e76f1f8db7167a34e155_amd64",
"product_id": "openshift4/kubernetes-nmstate-rhel8-operator@sha256:bf92e1a223de2fe51d8e702f7bcd924e83378b99a249e76f1f8db7167a34e155_amd64",
"product_identification_helper": {
"purl": "pkg:oci/kubernetes-nmstate-rhel8-operator@sha256:bf92e1a223de2fe51d8e702f7bcd924e83378b99a249e76f1f8db7167a34e155?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/kubernetes-nmstate-rhel8-operator\u0026tag=v4.8.0-202201261123.p0.g458be7e.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-ptp@sha256:3265800679156b9f4efebfe7f3d887ff804fa5eff6a33fcf4fdec96510a7d0a4_amd64",
"product": {
"name": "openshift4/ose-ptp@sha256:3265800679156b9f4efebfe7f3d887ff804fa5eff6a33fcf4fdec96510a7d0a4_amd64",
"product_id": "openshift4/ose-ptp@sha256:3265800679156b9f4efebfe7f3d887ff804fa5eff6a33fcf4fdec96510a7d0a4_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-ptp@sha256:3265800679156b9f4efebfe7f3d887ff804fa5eff6a33fcf4fdec96510a7d0a4?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-ptp\u0026tag=v4.8.0-202201261123.p0.g2ae5850.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-local-storage-mustgather-rhel8@sha256:06a330662e9a8f5aeae9ae9f85db9f25d8b96821f86437a9198ef626979b9b23_amd64",
"product": {
"name": "openshift4/ose-local-storage-mustgather-rhel8@sha256:06a330662e9a8f5aeae9ae9f85db9f25d8b96821f86437a9198ef626979b9b23_amd64",
"product_id": "openshift4/ose-local-storage-mustgather-rhel8@sha256:06a330662e9a8f5aeae9ae9f85db9f25d8b96821f86437a9198ef626979b9b23_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-local-storage-mustgather-rhel8@sha256:06a330662e9a8f5aeae9ae9f85db9f25d8b96821f86437a9198ef626979b9b23?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-local-storage-mustgather-rhel8\u0026tag=v4.8.0-202202071729.p0.g7887ed0.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-metering-ansible-operator@sha256:7576005fb1ee5c89807a5c74c17a6beebdde06f39950d421354c8827e38dad37_amd64",
"product": {
"name": "openshift4/ose-metering-ansible-operator@sha256:7576005fb1ee5c89807a5c74c17a6beebdde06f39950d421354c8827e38dad37_amd64",
"product_id": "openshift4/ose-metering-ansible-operator@sha256:7576005fb1ee5c89807a5c74c17a6beebdde06f39950d421354c8827e38dad37_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-metering-ansible-operator@sha256:7576005fb1ee5c89807a5c74c17a6beebdde06f39950d421354c8827e38dad37?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-metering-ansible-operator\u0026tag=v4.8.0-202202071729.p0.g0d7ecfb.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-metering-helm-container-rhel8@sha256:982bc5a04515bf30e88eff06b742ee4b0720d26b2039aef229e89ea52bc4322a_amd64",
"product": {
"name": "openshift4/ose-metering-helm-container-rhel8@sha256:982bc5a04515bf30e88eff06b742ee4b0720d26b2039aef229e89ea52bc4322a_amd64",
"product_id": "openshift4/ose-metering-helm-container-rhel8@sha256:982bc5a04515bf30e88eff06b742ee4b0720d26b2039aef229e89ea52bc4322a_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-metering-helm-container-rhel8@sha256:982bc5a04515bf30e88eff06b742ee4b0720d26b2039aef229e89ea52bc4322a?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-metering-helm-container-rhel8\u0026tag=v4.8.0-202201261123.p0.g8aaede2.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-metering-reporting-operator@sha256:5bcd150f1b2752413a16deb287e08250e357ce220216df626ad5a9086c16ce6e_amd64",
"product": {
"name": "openshift4/ose-metering-reporting-operator@sha256:5bcd150f1b2752413a16deb287e08250e357ce220216df626ad5a9086c16ce6e_amd64",
"product_id": "openshift4/ose-metering-reporting-operator@sha256:5bcd150f1b2752413a16deb287e08250e357ce220216df626ad5a9086c16ce6e_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-metering-reporting-operator@sha256:5bcd150f1b2752413a16deb287e08250e357ce220216df626ad5a9086c16ce6e?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-metering-reporting-operator\u0026tag=v4.8.0-202201261123.p0.g0d7ecfb.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-ptp-operator@sha256:bb73adc511485987f4b20db03ef164ea82c28bf1fb3cf5c50ecaa3b8bd5e268f_amd64",
"product": {
"name": "openshift4/ose-ptp-operator@sha256:bb73adc511485987f4b20db03ef164ea82c28bf1fb3cf5c50ecaa3b8bd5e268f_amd64",
"product_id": "openshift4/ose-ptp-operator@sha256:bb73adc511485987f4b20db03ef164ea82c28bf1fb3cf5c50ecaa3b8bd5e268f_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-ptp-operator@sha256:bb73adc511485987f4b20db03ef164ea82c28bf1fb3cf5c50ecaa3b8bd5e268f?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-ptp-operator\u0026tag=v4.8.0-202201261123.p0.gd71faa4.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:5ff00e93833c3d916988979303e7bc0fe21b1da50ecbfbbf4d0545ef45b535ab_amd64",
"product": {
"name": "openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:5ff00e93833c3d916988979303e7bc0fe21b1da50ecbfbbf4d0545ef45b535ab_amd64",
"product_id": "openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:5ff00e93833c3d916988979303e7bc0fe21b1da50ecbfbbf4d0545ef45b535ab_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-vertical-pod-autoscaler-rhel8@sha256:5ff00e93833c3d916988979303e7bc0fe21b1da50ecbfbbf4d0545ef45b535ab?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-vertical-pod-autoscaler-rhel8\u0026tag=v4.8.0-202201261123.p0.g7bbde4c.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:8894179aee32aea7d875499179bfc1783a1d81e052ee47499cb3b34ae7d4d18b_amd64",
"product": {
"name": "openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:8894179aee32aea7d875499179bfc1783a1d81e052ee47499cb3b34ae7d4d18b_amd64",
"product_id": "openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:8894179aee32aea7d875499179bfc1783a1d81e052ee47499cb3b34ae7d4d18b_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-vertical-pod-autoscaler-rhel8-operator@sha256:8894179aee32aea7d875499179bfc1783a1d81e052ee47499cb3b34ae7d4d18b?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-vertical-pod-autoscaler-rhel8-operator\u0026tag=v4.8.0-202201261123.p0.gef8ad45.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-metering-presto@sha256:cd1d23fd5dff2a78fba377fbb3b1c63d922877af09f17e1c1f898eeaa4891c03_amd64",
"product": {
"name": "openshift4/ose-metering-presto@sha256:cd1d23fd5dff2a78fba377fbb3b1c63d922877af09f17e1c1f898eeaa4891c03_amd64",
"product_id": "openshift4/ose-metering-presto@sha256:cd1d23fd5dff2a78fba377fbb3b1c63d922877af09f17e1c1f898eeaa4891c03_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-metering-presto@sha256:cd1d23fd5dff2a78fba377fbb3b1c63d922877af09f17e1c1f898eeaa4891c03?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-metering-presto\u0026tag=v4.8.0-202201271626.p0.gf1abc62.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ptp-must-gather-rhel8@sha256:7e7c5e847bec122955563c7c2ed9de3d798155ea77ad13c528fdc173b817e811_amd64",
"product": {
"name": "openshift4/ptp-must-gather-rhel8@sha256:7e7c5e847bec122955563c7c2ed9de3d798155ea77ad13c528fdc173b817e811_amd64",
"product_id": "openshift4/ptp-must-gather-rhel8@sha256:7e7c5e847bec122955563c7c2ed9de3d798155ea77ad13c528fdc173b817e811_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ptp-must-gather-rhel8@sha256:7e7c5e847bec122955563c7c2ed9de3d798155ea77ad13c528fdc173b817e811?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ptp-must-gather-rhel8\u0026tag=v4.8.0-202201261123.p0.gd71faa4.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-sriov-cni@sha256:128e08b126309830bece2d61b1095318a44fdb6437a1264a98922b92a9b56339_amd64",
"product": {
"name": "openshift4/ose-sriov-cni@sha256:128e08b126309830bece2d61b1095318a44fdb6437a1264a98922b92a9b56339_amd64",
"product_id": "openshift4/ose-sriov-cni@sha256:128e08b126309830bece2d61b1095318a44fdb6437a1264a98922b92a9b56339_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-sriov-cni@sha256:128e08b126309830bece2d61b1095318a44fdb6437a1264a98922b92a9b56339?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-sriov-cni\u0026tag=v4.8.0-202201261123.p0.gcc1edca.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-sriov-dp-admission-controller@sha256:3740692124ba1131c412665eb689db7d1fc90bc96df32905efa4c81295834a1d_amd64",
"product": {
"name": "openshift4/ose-sriov-dp-admission-controller@sha256:3740692124ba1131c412665eb689db7d1fc90bc96df32905efa4c81295834a1d_amd64",
"product_id": "openshift4/ose-sriov-dp-admission-controller@sha256:3740692124ba1131c412665eb689db7d1fc90bc96df32905efa4c81295834a1d_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-sriov-dp-admission-controller@sha256:3740692124ba1131c412665eb689db7d1fc90bc96df32905efa4c81295834a1d?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-sriov-dp-admission-controller\u0026tag=v4.8.0-202201261123.p0.gd34636e.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-sriov-network-config-daemon@sha256:e2210baeb0be9422275445e978f4f2ca2813476f0fdc39b239b9edb4add588a0_amd64",
"product": {
"name": "openshift4/ose-sriov-network-config-daemon@sha256:e2210baeb0be9422275445e978f4f2ca2813476f0fdc39b239b9edb4add588a0_amd64",
"product_id": "openshift4/ose-sriov-network-config-daemon@sha256:e2210baeb0be9422275445e978f4f2ca2813476f0fdc39b239b9edb4add588a0_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-sriov-network-config-daemon@sha256:e2210baeb0be9422275445e978f4f2ca2813476f0fdc39b239b9edb4add588a0?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-sriov-network-config-daemon\u0026tag=v4.8.0-202201261123.p0.g6ad9128.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-sriov-network-device-plugin@sha256:7165575c0b49cf25bdafbb7390199d2a957322147fadfdce1401afc10dfcb37d_amd64",
"product": {
"name": "openshift4/ose-sriov-network-device-plugin@sha256:7165575c0b49cf25bdafbb7390199d2a957322147fadfdce1401afc10dfcb37d_amd64",
"product_id": "openshift4/ose-sriov-network-device-plugin@sha256:7165575c0b49cf25bdafbb7390199d2a957322147fadfdce1401afc10dfcb37d_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-sriov-network-device-plugin@sha256:7165575c0b49cf25bdafbb7390199d2a957322147fadfdce1401afc10dfcb37d?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-sriov-network-device-plugin\u0026tag=v4.8.0-202201261123.p0.g83bc63d.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-sriov-operator-must-gather@sha256:e8dc9605891487bf743f20225f2bff4add607946d9b97da24f06bc0a3a5c4b6d_amd64",
"product": {
"name": "openshift4/ose-sriov-operator-must-gather@sha256:e8dc9605891487bf743f20225f2bff4add607946d9b97da24f06bc0a3a5c4b6d_amd64",
"product_id": "openshift4/ose-sriov-operator-must-gather@sha256:e8dc9605891487bf743f20225f2bff4add607946d9b97da24f06bc0a3a5c4b6d_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-sriov-operator-must-gather@sha256:e8dc9605891487bf743f20225f2bff4add607946d9b97da24f06bc0a3a5c4b6d?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-sriov-operator-must-gather\u0026tag=v4.8.0-202201261123.p0.g6ad9128.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-sriov-network-operator@sha256:53bd17fd25accba8ed846c3906bfc140851c43cab9e599103a6df559d89b8323_amd64",
"product": {
"name": "openshift4/ose-sriov-network-operator@sha256:53bd17fd25accba8ed846c3906bfc140851c43cab9e599103a6df559d89b8323_amd64",
"product_id": "openshift4/ose-sriov-network-operator@sha256:53bd17fd25accba8ed846c3906bfc140851c43cab9e599103a6df559d89b8323_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-sriov-network-operator@sha256:53bd17fd25accba8ed846c3906bfc140851c43cab9e599103a6df559d89b8323?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-sriov-network-operator\u0026tag=v4.8.0-202201261123.p0.g6ad9128.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-sriov-network-webhook@sha256:e86bcdbfd6ac7e6cfb846d5a639a32f87f5500230044a8c299c28cfce1850f54_amd64",
"product": {
"name": "openshift4/ose-sriov-network-webhook@sha256:e86bcdbfd6ac7e6cfb846d5a639a32f87f5500230044a8c299c28cfce1850f54_amd64",
"product_id": "openshift4/ose-sriov-network-webhook@sha256:e86bcdbfd6ac7e6cfb846d5a639a32f87f5500230044a8c299c28cfce1850f54_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-sriov-network-webhook@sha256:e86bcdbfd6ac7e6cfb846d5a639a32f87f5500230044a8c299c28cfce1850f54?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-sriov-network-webhook\u0026tag=v4.8.0-202201261123.p0.g6ad9128.assembly.stream"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift4/ose-descheduler@sha256:b5ad38974bb046acc284d81615f89be45cc88ee94dd202715a84048ff666de39_ppc64le",
"product": {
"name": "openshift4/ose-descheduler@sha256:b5ad38974bb046acc284d81615f89be45cc88ee94dd202715a84048ff666de39_ppc64le",
"product_id": "openshift4/ose-descheduler@sha256:b5ad38974bb046acc284d81615f89be45cc88ee94dd202715a84048ff666de39_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-descheduler@sha256:b5ad38974bb046acc284d81615f89be45cc88ee94dd202715a84048ff666de39?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-descheduler\u0026tag=v4.8.0-202201261123.p0.g37691a4.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-node-problem-detector-rhel8@sha256:05c5fff8726da0dbd9270314bf227eda559969e5abcbabd25078fa7e4f1e99eb_ppc64le",
"product": {
"name": "openshift4/ose-node-problem-detector-rhel8@sha256:05c5fff8726da0dbd9270314bf227eda559969e5abcbabd25078fa7e4f1e99eb_ppc64le",
"product_id": "openshift4/ose-node-problem-detector-rhel8@sha256:05c5fff8726da0dbd9270314bf227eda559969e5abcbabd25078fa7e4f1e99eb_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-node-problem-detector-rhel8@sha256:05c5fff8726da0dbd9270314bf227eda559969e5abcbabd25078fa7e4f1e99eb?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-node-problem-detector-rhel8\u0026tag=v4.8.0-202201261123.p0.g8e44437.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-cluster-nfd-operator@sha256:69325720dac7c66e759da3a932d6d11694b446809a2acd705bcd010662f119ac_ppc64le",
"product": {
"name": "openshift4/ose-cluster-nfd-operator@sha256:69325720dac7c66e759da3a932d6d11694b446809a2acd705bcd010662f119ac_ppc64le",
"product_id": "openshift4/ose-cluster-nfd-operator@sha256:69325720dac7c66e759da3a932d6d11694b446809a2acd705bcd010662f119ac_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-cluster-nfd-operator@sha256:69325720dac7c66e759da3a932d6d11694b446809a2acd705bcd010662f119ac?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-cluster-nfd-operator\u0026tag=v4.8.0-202201261123.p0.gb9eec62.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-sriov-infiniband-cni@sha256:d3a01146298d996f4d5cc8114cb31c38fc332bbaa6056dbbc0c06580033df02f_ppc64le",
"product": {
"name": "openshift4/ose-sriov-infiniband-cni@sha256:d3a01146298d996f4d5cc8114cb31c38fc332bbaa6056dbbc0c06580033df02f_ppc64le",
"product_id": "openshift4/ose-sriov-infiniband-cni@sha256:d3a01146298d996f4d5cc8114cb31c38fc332bbaa6056dbbc0c06580033df02f_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-sriov-infiniband-cni@sha256:d3a01146298d996f4d5cc8114cb31c38fc332bbaa6056dbbc0c06580033df02f?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-sriov-infiniband-cni\u0026tag=v4.8.0-202201261123.p0.g9edcb7c.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-local-storage-diskmaker@sha256:5e7b1da76d30b757db38feef9ac254d1e36b04fe8d6ffab13ba147d0cff88974_ppc64le",
"product": {
"name": "openshift4/ose-local-storage-diskmaker@sha256:5e7b1da76d30b757db38feef9ac254d1e36b04fe8d6ffab13ba147d0cff88974_ppc64le",
"product_id": "openshift4/ose-local-storage-diskmaker@sha256:5e7b1da76d30b757db38feef9ac254d1e36b04fe8d6ffab13ba147d0cff88974_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-local-storage-diskmaker@sha256:5e7b1da76d30b757db38feef9ac254d1e36b04fe8d6ffab13ba147d0cff88974?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-local-storage-diskmaker\u0026tag=v4.8.0-202202070834.p0.g7887ed0.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-local-storage-operator@sha256:1867e7f843577448af26b84cdfb7489b295c5db3eb0faa1eac334b491bf96848_ppc64le",
"product": {
"name": "openshift4/ose-local-storage-operator@sha256:1867e7f843577448af26b84cdfb7489b295c5db3eb0faa1eac334b491bf96848_ppc64le",
"product_id": "openshift4/ose-local-storage-operator@sha256:1867e7f843577448af26b84cdfb7489b295c5db3eb0faa1eac334b491bf96848_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-local-storage-operator@sha256:1867e7f843577448af26b84cdfb7489b295c5db3eb0faa1eac334b491bf96848?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-local-storage-operator\u0026tag=v4.8.0-202202070834.p0.g7887ed0.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-local-storage-static-provisioner@sha256:030c266a9d55bd63d837fae36a1550a2607e684e8ccfd78fb229b2a028d8897f_ppc64le",
"product": {
"name": "openshift4/ose-local-storage-static-provisioner@sha256:030c266a9d55bd63d837fae36a1550a2607e684e8ccfd78fb229b2a028d8897f_ppc64le",
"product_id": "openshift4/ose-local-storage-static-provisioner@sha256:030c266a9d55bd63d837fae36a1550a2607e684e8ccfd78fb229b2a028d8897f_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-local-storage-static-provisioner@sha256:030c266a9d55bd63d837fae36a1550a2607e684e8ccfd78fb229b2a028d8897f?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-local-storage-static-provisioner\u0026tag=v4.8.0-202201261123.p0.ga829a11.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-node-feature-discovery@sha256:6db511807c1e544de32eb9baba909766c53eac4a721852420c6aabc8de4b8684_ppc64le",
"product": {
"name": "openshift4/ose-node-feature-discovery@sha256:6db511807c1e544de32eb9baba909766c53eac4a721852420c6aabc8de4b8684_ppc64le",
"product_id": "openshift4/ose-node-feature-discovery@sha256:6db511807c1e544de32eb9baba909766c53eac4a721852420c6aabc8de4b8684_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-node-feature-discovery@sha256:6db511807c1e544de32eb9baba909766c53eac4a721852420c6aabc8de4b8684?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-node-feature-discovery\u0026tag=v4.8.0-202201261123.p0.ga531700.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-ansible-operator@sha256:16268bec56efd542c49bdd5ce8934d7edfe81ee2e11f716bfba09afda1096ccd_ppc64le",
"product": {
"name": "openshift4/ose-ansible-operator@sha256:16268bec56efd542c49bdd5ce8934d7edfe81ee2e11f716bfba09afda1096ccd_ppc64le",
"product_id": "openshift4/ose-ansible-operator@sha256:16268bec56efd542c49bdd5ce8934d7edfe81ee2e11f716bfba09afda1096ccd_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-ansible-operator@sha256:16268bec56efd542c49bdd5ce8934d7edfe81ee2e11f716bfba09afda1096ccd?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-ansible-operator\u0026tag=v4.8.0-202201261123.p0.gb35596f.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-cluster-capacity@sha256:29eb94fd8e5cf6bd471ed30b0cd1d7f647588c14c93a148f8f332cd21ee94542_ppc64le",
"product": {
"name": "openshift4/ose-cluster-capacity@sha256:29eb94fd8e5cf6bd471ed30b0cd1d7f647588c14c93a148f8f332cd21ee94542_ppc64le",
"product_id": "openshift4/ose-cluster-capacity@sha256:29eb94fd8e5cf6bd471ed30b0cd1d7f647588c14c93a148f8f332cd21ee94542_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-cluster-capacity@sha256:29eb94fd8e5cf6bd471ed30b0cd1d7f647588c14c93a148f8f332cd21ee94542?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-cluster-capacity\u0026tag=v4.8.0-202201261123.p0.g44c178f.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-egress-dns-proxy@sha256:45e93e144f0401c1b18a98864544e8e57439a5aae0937796a52cfbb5b5657620_ppc64le",
"product": {
"name": "openshift4/ose-egress-dns-proxy@sha256:45e93e144f0401c1b18a98864544e8e57439a5aae0937796a52cfbb5b5657620_ppc64le",
"product_id": "openshift4/ose-egress-dns-proxy@sha256:45e93e144f0401c1b18a98864544e8e57439a5aae0937796a52cfbb5b5657620_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-egress-dns-proxy@sha256:45e93e144f0401c1b18a98864544e8e57439a5aae0937796a52cfbb5b5657620?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-egress-dns-proxy\u0026tag=v4.8.0-202201261123.p0.gad38e11.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-egress-router@sha256:4b3083b15eb27c5f3359498c3d76eab277f55264b1d1f50a560176e2cf471bde_ppc64le",
"product": {
"name": "openshift4/ose-egress-router@sha256:4b3083b15eb27c5f3359498c3d76eab277f55264b1d1f50a560176e2cf471bde_ppc64le",
"product_id": "openshift4/ose-egress-router@sha256:4b3083b15eb27c5f3359498c3d76eab277f55264b1d1f50a560176e2cf471bde_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-egress-router@sha256:4b3083b15eb27c5f3359498c3d76eab277f55264b1d1f50a560176e2cf471bde?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-egress-router\u0026tag=v4.8.0-202201261123.p0.gad38e11.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-helm-operator@sha256:2da0cd361bc6553072e88c8360dcf6d892ca6c3d34c98bdfa611105559373e98_ppc64le",
"product": {
"name": "openshift4/ose-helm-operator@sha256:2da0cd361bc6553072e88c8360dcf6d892ca6c3d34c98bdfa611105559373e98_ppc64le",
"product_id": "openshift4/ose-helm-operator@sha256:2da0cd361bc6553072e88c8360dcf6d892ca6c3d34c98bdfa611105559373e98_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-helm-operator@sha256:2da0cd361bc6553072e88c8360dcf6d892ca6c3d34c98bdfa611105559373e98?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-helm-operator\u0026tag=v4.8.0-202201261123.p0.gb35596f.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-operator-sdk-rhel8@sha256:16080cfd97370db5530d0e58f87bfc2c9c784c2536ce3adc6a159f7ab9575ac9_ppc64le",
"product": {
"name": "openshift4/ose-operator-sdk-rhel8@sha256:16080cfd97370db5530d0e58f87bfc2c9c784c2536ce3adc6a159f7ab9575ac9_ppc64le",
"product_id": "openshift4/ose-operator-sdk-rhel8@sha256:16080cfd97370db5530d0e58f87bfc2c9c784c2536ce3adc6a159f7ab9575ac9_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-operator-sdk-rhel8@sha256:16080cfd97370db5530d0e58f87bfc2c9c784c2536ce3adc6a159f7ab9575ac9?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-operator-sdk-rhel8\u0026tag=v4.8.0-202201261123.p0.gb35596f.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-service-idler-rhel8@sha256:748ff477aab34a52314b3a25c8bc7af0b79938e33c5b0b03d63c2be288884556_ppc64le",
"product": {
"name": "openshift4/ose-service-idler-rhel8@sha256:748ff477aab34a52314b3a25c8bc7af0b79938e33c5b0b03d63c2be288884556_ppc64le",
"product_id": "openshift4/ose-service-idler-rhel8@sha256:748ff477aab34a52314b3a25c8bc7af0b79938e33c5b0b03d63c2be288884556_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-service-idler-rhel8@sha256:748ff477aab34a52314b3a25c8bc7af0b79938e33c5b0b03d63c2be288884556?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-service-idler-rhel8\u0026tag=v4.8.0-202201261123.p0.g39cfc66.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-kubernetes-nmstate-handler-rhel8@sha256:6df1c3e3f99b59c1dcc1ba4bc50aef9638ec28eeb4a358316b6b5c5eb9ce1c1a_ppc64le",
"product": {
"name": "openshift4/ose-kubernetes-nmstate-handler-rhel8@sha256:6df1c3e3f99b59c1dcc1ba4bc50aef9638ec28eeb4a358316b6b5c5eb9ce1c1a_ppc64le",
"product_id": "openshift4/ose-kubernetes-nmstate-handler-rhel8@sha256:6df1c3e3f99b59c1dcc1ba4bc50aef9638ec28eeb4a358316b6b5c5eb9ce1c1a_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-kubernetes-nmstate-handler-rhel8@sha256:6df1c3e3f99b59c1dcc1ba4bc50aef9638ec28eeb4a358316b6b5c5eb9ce1c1a?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-kubernetes-nmstate-handler-rhel8\u0026tag=v4.8.0-202201261123.p0.g458be7e.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-cluster-kube-descheduler-operator@sha256:7de02a3794875b503787352cc1ba1774ca2bc48e717668323b135f2b4d03bab2_ppc64le",
"product": {
"name": "openshift4/ose-cluster-kube-descheduler-operator@sha256:7de02a3794875b503787352cc1ba1774ca2bc48e717668323b135f2b4d03bab2_ppc64le",
"product_id": "openshift4/ose-cluster-kube-descheduler-operator@sha256:7de02a3794875b503787352cc1ba1774ca2bc48e717668323b135f2b4d03bab2_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-cluster-kube-descheduler-operator@sha256:7de02a3794875b503787352cc1ba1774ca2bc48e717668323b135f2b4d03bab2?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-cluster-kube-descheduler-operator\u0026tag=v4.8.0-202201261123.p0.g1af4c42.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:7de02a3794875b503787352cc1ba1774ca2bc48e717668323b135f2b4d03bab2_ppc64le",
"product": {
"name": "openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:7de02a3794875b503787352cc1ba1774ca2bc48e717668323b135f2b4d03bab2_ppc64le",
"product_id": "openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:7de02a3794875b503787352cc1ba1774ca2bc48e717668323b135f2b4d03bab2_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-cluster-kube-descheduler-rhel8-operator@sha256:7de02a3794875b503787352cc1ba1774ca2bc48e717668323b135f2b4d03bab2?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-cluster-kube-descheduler-rhel8-operator\u0026tag=v4.8.0-202201261123.p0.g1af4c42.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-clusterresourceoverride-rhel8@sha256:4361d04e51268ebc0048167a60b69b789b9e4158e819979a2996fc2a79a0183e_ppc64le",
"product": {
"name": "openshift4/ose-clusterresourceoverride-rhel8@sha256:4361d04e51268ebc0048167a60b69b789b9e4158e819979a2996fc2a79a0183e_ppc64le",
"product_id": "openshift4/ose-clusterresourceoverride-rhel8@sha256:4361d04e51268ebc0048167a60b69b789b9e4158e819979a2996fc2a79a0183e_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-clusterresourceoverride-rhel8@sha256:4361d04e51268ebc0048167a60b69b789b9e4158e819979a2996fc2a79a0183e?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-clusterresourceoverride-rhel8\u0026tag=v4.8.0-202201261123.p0.g2a9f548.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:e78a6496a8fe3bf67a1575cab28d8f9829ff2c9506cec53dc28cd08f1382641a_ppc64le",
"product": {
"name": "openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:e78a6496a8fe3bf67a1575cab28d8f9829ff2c9506cec53dc28cd08f1382641a_ppc64le",
"product_id": "openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:e78a6496a8fe3bf67a1575cab28d8f9829ff2c9506cec53dc28cd08f1382641a_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-clusterresourceoverride-rhel8-operator@sha256:e78a6496a8fe3bf67a1575cab28d8f9829ff2c9506cec53dc28cd08f1382641a?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-clusterresourceoverride-rhel8-operator\u0026tag=v4.8.0-202201261123.p0.gfcdcef8.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-egress-http-proxy@sha256:cef6c19c4b400e88a5231b626970ca205af002ae004f0e40c2bb5b3281abb44b_ppc64le",
"product": {
"name": "openshift4/ose-egress-http-proxy@sha256:cef6c19c4b400e88a5231b626970ca205af002ae004f0e40c2bb5b3281abb44b_ppc64le",
"product_id": "openshift4/ose-egress-http-proxy@sha256:cef6c19c4b400e88a5231b626970ca205af002ae004f0e40c2bb5b3281abb44b_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-egress-http-proxy@sha256:cef6c19c4b400e88a5231b626970ca205af002ae004f0e40c2bb5b3281abb44b?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-egress-http-proxy\u0026tag=v4.8.0-202201261123.p0.gad38e11.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/kubernetes-nmstate-rhel8-operator@sha256:04af6b907f56fe1255345a4d5dd23908e6fe51b63da2d86812f0301f97b8abe8_ppc64le",
"product": {
"name": "openshift4/kubernetes-nmstate-rhel8-operator@sha256:04af6b907f56fe1255345a4d5dd23908e6fe51b63da2d86812f0301f97b8abe8_ppc64le",
"product_id": "openshift4/kubernetes-nmstate-rhel8-operator@sha256:04af6b907f56fe1255345a4d5dd23908e6fe51b63da2d86812f0301f97b8abe8_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/kubernetes-nmstate-rhel8-operator@sha256:04af6b907f56fe1255345a4d5dd23908e6fe51b63da2d86812f0301f97b8abe8?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/kubernetes-nmstate-rhel8-operator\u0026tag=v4.8.0-202201261123.p0.g458be7e.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-ptp@sha256:b72f280d30c133785e64681fbc8c9464c1d495815d066947a8904b6a1eac7554_ppc64le",
"product": {
"name": "openshift4/ose-ptp@sha256:b72f280d30c133785e64681fbc8c9464c1d495815d066947a8904b6a1eac7554_ppc64le",
"product_id": "openshift4/ose-ptp@sha256:b72f280d30c133785e64681fbc8c9464c1d495815d066947a8904b6a1eac7554_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-ptp@sha256:b72f280d30c133785e64681fbc8c9464c1d495815d066947a8904b6a1eac7554?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-ptp\u0026tag=v4.8.0-202201261123.p0.g2ae5850.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-local-storage-mustgather-rhel8@sha256:b83bc8b9652ca1d2ff55733ba68f8eaca1542e5318b6860935d12244b240a3f2_ppc64le",
"product": {
"name": "openshift4/ose-local-storage-mustgather-rhel8@sha256:b83bc8b9652ca1d2ff55733ba68f8eaca1542e5318b6860935d12244b240a3f2_ppc64le",
"product_id": "openshift4/ose-local-storage-mustgather-rhel8@sha256:b83bc8b9652ca1d2ff55733ba68f8eaca1542e5318b6860935d12244b240a3f2_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-local-storage-mustgather-rhel8@sha256:b83bc8b9652ca1d2ff55733ba68f8eaca1542e5318b6860935d12244b240a3f2?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-local-storage-mustgather-rhel8\u0026tag=v4.8.0-202202071729.p0.g7887ed0.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-metering-helm-container-rhel8@sha256:687162ae42b470a8fcfa409380f335265fe608bac5d3bc9511046cf4640f5017_ppc64le",
"product": {
"name": "openshift4/ose-metering-helm-container-rhel8@sha256:687162ae42b470a8fcfa409380f335265fe608bac5d3bc9511046cf4640f5017_ppc64le",
"product_id": "openshift4/ose-metering-helm-container-rhel8@sha256:687162ae42b470a8fcfa409380f335265fe608bac5d3bc9511046cf4640f5017_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-metering-helm-container-rhel8@sha256:687162ae42b470a8fcfa409380f335265fe608bac5d3bc9511046cf4640f5017?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-metering-helm-container-rhel8\u0026tag=v4.8.0-202201261123.p0.g8aaede2.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-ptp-operator@sha256:4217ce881595e87ceab2fa0cf973b0fc991e0ebf73f6d5b267aaaecc3a03ad88_ppc64le",
"product": {
"name": "openshift4/ose-ptp-operator@sha256:4217ce881595e87ceab2fa0cf973b0fc991e0ebf73f6d5b267aaaecc3a03ad88_ppc64le",
"product_id": "openshift4/ose-ptp-operator@sha256:4217ce881595e87ceab2fa0cf973b0fc991e0ebf73f6d5b267aaaecc3a03ad88_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-ptp-operator@sha256:4217ce881595e87ceab2fa0cf973b0fc991e0ebf73f6d5b267aaaecc3a03ad88?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-ptp-operator\u0026tag=v4.8.0-202201261123.p0.gd71faa4.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:a2ec2c2c86e2dbc1471758f25942d74489bf011bcc905d4e27edb38f57835ac3_ppc64le",
"product": {
"name": "openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:a2ec2c2c86e2dbc1471758f25942d74489bf011bcc905d4e27edb38f57835ac3_ppc64le",
"product_id": "openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:a2ec2c2c86e2dbc1471758f25942d74489bf011bcc905d4e27edb38f57835ac3_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-vertical-pod-autoscaler-rhel8@sha256:a2ec2c2c86e2dbc1471758f25942d74489bf011bcc905d4e27edb38f57835ac3?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-vertical-pod-autoscaler-rhel8\u0026tag=v4.8.0-202201261123.p0.g7bbde4c.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:9e1d1bf31fa04b05b46e04cb564361ae8387fa06da5ec019a475a11ef7ff9358_ppc64le",
"product": {
"name": "openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:9e1d1bf31fa04b05b46e04cb564361ae8387fa06da5ec019a475a11ef7ff9358_ppc64le",
"product_id": "openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:9e1d1bf31fa04b05b46e04cb564361ae8387fa06da5ec019a475a11ef7ff9358_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-vertical-pod-autoscaler-rhel8-operator@sha256:9e1d1bf31fa04b05b46e04cb564361ae8387fa06da5ec019a475a11ef7ff9358?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-vertical-pod-autoscaler-rhel8-operator\u0026tag=v4.8.0-202201261123.p0.gef8ad45.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ptp-must-gather-rhel8@sha256:94572c353a049edb1ebc935a73a15e78ef399b9f15f3bb9b8bf376f1b37dff87_ppc64le",
"product": {
"name": "openshift4/ptp-must-gather-rhel8@sha256:94572c353a049edb1ebc935a73a15e78ef399b9f15f3bb9b8bf376f1b37dff87_ppc64le",
"product_id": "openshift4/ptp-must-gather-rhel8@sha256:94572c353a049edb1ebc935a73a15e78ef399b9f15f3bb9b8bf376f1b37dff87_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ptp-must-gather-rhel8@sha256:94572c353a049edb1ebc935a73a15e78ef399b9f15f3bb9b8bf376f1b37dff87?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ptp-must-gather-rhel8\u0026tag=v4.8.0-202201261123.p0.gd71faa4.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-sriov-cni@sha256:4ead46ef89a7fc3c96a27426f1594f9403abe2d149f1a06f4e8c23a1435793a0_ppc64le",
"product": {
"name": "openshift4/ose-sriov-cni@sha256:4ead46ef89a7fc3c96a27426f1594f9403abe2d149f1a06f4e8c23a1435793a0_ppc64le",
"product_id": "openshift4/ose-sriov-cni@sha256:4ead46ef89a7fc3c96a27426f1594f9403abe2d149f1a06f4e8c23a1435793a0_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-sriov-cni@sha256:4ead46ef89a7fc3c96a27426f1594f9403abe2d149f1a06f4e8c23a1435793a0?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-sriov-cni\u0026tag=v4.8.0-202201261123.p0.gcc1edca.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-sriov-dp-admission-controller@sha256:92fdeb3673145a77ff34decadc8a406cd05ce83afbbc848821717d2bc127f4db_ppc64le",
"product": {
"name": "openshift4/ose-sriov-dp-admission-controller@sha256:92fdeb3673145a77ff34decadc8a406cd05ce83afbbc848821717d2bc127f4db_ppc64le",
"product_id": "openshift4/ose-sriov-dp-admission-controller@sha256:92fdeb3673145a77ff34decadc8a406cd05ce83afbbc848821717d2bc127f4db_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-sriov-dp-admission-controller@sha256:92fdeb3673145a77ff34decadc8a406cd05ce83afbbc848821717d2bc127f4db?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-sriov-dp-admission-controller\u0026tag=v4.8.0-202201261123.p0.gd34636e.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-sriov-network-config-daemon@sha256:5d684abc03e26dd161328261d5c4c05f18afb91b92bb2e9e3934f371f7ae5e9c_ppc64le",
"product": {
"name": "openshift4/ose-sriov-network-config-daemon@sha256:5d684abc03e26dd161328261d5c4c05f18afb91b92bb2e9e3934f371f7ae5e9c_ppc64le",
"product_id": "openshift4/ose-sriov-network-config-daemon@sha256:5d684abc03e26dd161328261d5c4c05f18afb91b92bb2e9e3934f371f7ae5e9c_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-sriov-network-config-daemon@sha256:5d684abc03e26dd161328261d5c4c05f18afb91b92bb2e9e3934f371f7ae5e9c?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-sriov-network-config-daemon\u0026tag=v4.8.0-202201261123.p0.g6ad9128.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-sriov-network-device-plugin@sha256:f54ddc9b51cc0878cb4771c8b55bee97ed02b003395f19ef9500c91cceccf134_ppc64le",
"product": {
"name": "openshift4/ose-sriov-network-device-plugin@sha256:f54ddc9b51cc0878cb4771c8b55bee97ed02b003395f19ef9500c91cceccf134_ppc64le",
"product_id": "openshift4/ose-sriov-network-device-plugin@sha256:f54ddc9b51cc0878cb4771c8b55bee97ed02b003395f19ef9500c91cceccf134_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-sriov-network-device-plugin@sha256:f54ddc9b51cc0878cb4771c8b55bee97ed02b003395f19ef9500c91cceccf134?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-sriov-network-device-plugin\u0026tag=v4.8.0-202201261123.p0.g83bc63d.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-sriov-operator-must-gather@sha256:92b3d9d0f17b66c8856e795745282d0cc856cd2c8bf66dfa3beb9b0675fa5e1d_ppc64le",
"product": {
"name": "openshift4/ose-sriov-operator-must-gather@sha256:92b3d9d0f17b66c8856e795745282d0cc856cd2c8bf66dfa3beb9b0675fa5e1d_ppc64le",
"product_id": "openshift4/ose-sriov-operator-must-gather@sha256:92b3d9d0f17b66c8856e795745282d0cc856cd2c8bf66dfa3beb9b0675fa5e1d_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-sriov-operator-must-gather@sha256:92b3d9d0f17b66c8856e795745282d0cc856cd2c8bf66dfa3beb9b0675fa5e1d?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-sriov-operator-must-gather\u0026tag=v4.8.0-202201261123.p0.g6ad9128.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-sriov-network-operator@sha256:66ad156d2d59b0d47cedc94b9118e6e1107325ab5ba44375613f892d64d09956_ppc64le",
"product": {
"name": "openshift4/ose-sriov-network-operator@sha256:66ad156d2d59b0d47cedc94b9118e6e1107325ab5ba44375613f892d64d09956_ppc64le",
"product_id": "openshift4/ose-sriov-network-operator@sha256:66ad156d2d59b0d47cedc94b9118e6e1107325ab5ba44375613f892d64d09956_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-sriov-network-operator@sha256:66ad156d2d59b0d47cedc94b9118e6e1107325ab5ba44375613f892d64d09956?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-sriov-network-operator\u0026tag=v4.8.0-202201261123.p0.g6ad9128.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-sriov-network-webhook@sha256:3e648c0a96ae8024e5443782eb2afe8e3a2c716ee9dd20263fe3cad2d4c293dd_ppc64le",
"product": {
"name": "openshift4/ose-sriov-network-webhook@sha256:3e648c0a96ae8024e5443782eb2afe8e3a2c716ee9dd20263fe3cad2d4c293dd_ppc64le",
"product_id": "openshift4/ose-sriov-network-webhook@sha256:3e648c0a96ae8024e5443782eb2afe8e3a2c716ee9dd20263fe3cad2d4c293dd_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-sriov-network-webhook@sha256:3e648c0a96ae8024e5443782eb2afe8e3a2c716ee9dd20263fe3cad2d4c293dd?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-sriov-network-webhook\u0026tag=v4.8.0-202201261123.p0.g6ad9128.assembly.stream"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift4/ose-descheduler@sha256:4f9de0b544a418c728d7921b031268687b315273256b1b964de87602b552f559_s390x",
"product": {
"name": "openshift4/ose-descheduler@sha256:4f9de0b544a418c728d7921b031268687b315273256b1b964de87602b552f559_s390x",
"product_id": "openshift4/ose-descheduler@sha256:4f9de0b544a418c728d7921b031268687b315273256b1b964de87602b552f559_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-descheduler@sha256:4f9de0b544a418c728d7921b031268687b315273256b1b964de87602b552f559?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-descheduler\u0026tag=v4.8.0-202201261123.p0.g37691a4.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-node-problem-detector-rhel8@sha256:5244cc96a46219c5ba7c1c52fd52c5c8a70d6534567caa47f01ed7fbc9a8e4e8_s390x",
"product": {
"name": "openshift4/ose-node-problem-detector-rhel8@sha256:5244cc96a46219c5ba7c1c52fd52c5c8a70d6534567caa47f01ed7fbc9a8e4e8_s390x",
"product_id": "openshift4/ose-node-problem-detector-rhel8@sha256:5244cc96a46219c5ba7c1c52fd52c5c8a70d6534567caa47f01ed7fbc9a8e4e8_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-node-problem-detector-rhel8@sha256:5244cc96a46219c5ba7c1c52fd52c5c8a70d6534567caa47f01ed7fbc9a8e4e8?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-node-problem-detector-rhel8\u0026tag=v4.8.0-202201261123.p0.g8e44437.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-cluster-nfd-operator@sha256:050f5694076ad7712ea486db9c3a6da60f14a6bcdefb93f09ae5a5d0d2350216_s390x",
"product": {
"name": "openshift4/ose-cluster-nfd-operator@sha256:050f5694076ad7712ea486db9c3a6da60f14a6bcdefb93f09ae5a5d0d2350216_s390x",
"product_id": "openshift4/ose-cluster-nfd-operator@sha256:050f5694076ad7712ea486db9c3a6da60f14a6bcdefb93f09ae5a5d0d2350216_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-cluster-nfd-operator@sha256:050f5694076ad7712ea486db9c3a6da60f14a6bcdefb93f09ae5a5d0d2350216?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-cluster-nfd-operator\u0026tag=v4.8.0-202201261123.p0.gb9eec62.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-sriov-infiniband-cni@sha256:4419994e773ba864245ad4763cecd5383e1782cf81f53977580ed5c70581a2a1_s390x",
"product": {
"name": "openshift4/ose-sriov-infiniband-cni@sha256:4419994e773ba864245ad4763cecd5383e1782cf81f53977580ed5c70581a2a1_s390x",
"product_id": "openshift4/ose-sriov-infiniband-cni@sha256:4419994e773ba864245ad4763cecd5383e1782cf81f53977580ed5c70581a2a1_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-sriov-infiniband-cni@sha256:4419994e773ba864245ad4763cecd5383e1782cf81f53977580ed5c70581a2a1?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-sriov-infiniband-cni\u0026tag=v4.8.0-202201261123.p0.g9edcb7c.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-local-storage-diskmaker@sha256:4fb057e9824cccd554b9295e8c1b4cfc16ffb3eecc2211fa1e1a312f7a79c949_s390x",
"product": {
"name": "openshift4/ose-local-storage-diskmaker@sha256:4fb057e9824cccd554b9295e8c1b4cfc16ffb3eecc2211fa1e1a312f7a79c949_s390x",
"product_id": "openshift4/ose-local-storage-diskmaker@sha256:4fb057e9824cccd554b9295e8c1b4cfc16ffb3eecc2211fa1e1a312f7a79c949_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-local-storage-diskmaker@sha256:4fb057e9824cccd554b9295e8c1b4cfc16ffb3eecc2211fa1e1a312f7a79c949?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-local-storage-diskmaker\u0026tag=v4.8.0-202202070834.p0.g7887ed0.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-local-storage-operator@sha256:b0ca8c3ea4511b5255ef9638f01fefaa6f2e93400a0409360c81d26e8ef8f493_s390x",
"product": {
"name": "openshift4/ose-local-storage-operator@sha256:b0ca8c3ea4511b5255ef9638f01fefaa6f2e93400a0409360c81d26e8ef8f493_s390x",
"product_id": "openshift4/ose-local-storage-operator@sha256:b0ca8c3ea4511b5255ef9638f01fefaa6f2e93400a0409360c81d26e8ef8f493_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-local-storage-operator@sha256:b0ca8c3ea4511b5255ef9638f01fefaa6f2e93400a0409360c81d26e8ef8f493?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-local-storage-operator\u0026tag=v4.8.0-202202070834.p0.g7887ed0.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-local-storage-static-provisioner@sha256:2365ccb37a8f91f4ce8c0681e304f98f9468ccd3e7e9cb6bfe7e7179cdad9998_s390x",
"product": {
"name": "openshift4/ose-local-storage-static-provisioner@sha256:2365ccb37a8f91f4ce8c0681e304f98f9468ccd3e7e9cb6bfe7e7179cdad9998_s390x",
"product_id": "openshift4/ose-local-storage-static-provisioner@sha256:2365ccb37a8f91f4ce8c0681e304f98f9468ccd3e7e9cb6bfe7e7179cdad9998_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-local-storage-static-provisioner@sha256:2365ccb37a8f91f4ce8c0681e304f98f9468ccd3e7e9cb6bfe7e7179cdad9998?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-local-storage-static-provisioner\u0026tag=v4.8.0-202201261123.p0.ga829a11.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-node-feature-discovery@sha256:a2c9410fb28d810e26166c6d07af2885e4ac88ec73d95bf152da6e26e00f8086_s390x",
"product": {
"name": "openshift4/ose-node-feature-discovery@sha256:a2c9410fb28d810e26166c6d07af2885e4ac88ec73d95bf152da6e26e00f8086_s390x",
"product_id": "openshift4/ose-node-feature-discovery@sha256:a2c9410fb28d810e26166c6d07af2885e4ac88ec73d95bf152da6e26e00f8086_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-node-feature-discovery@sha256:a2c9410fb28d810e26166c6d07af2885e4ac88ec73d95bf152da6e26e00f8086?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-node-feature-discovery\u0026tag=v4.8.0-202201261123.p0.ga531700.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-ansible-operator@sha256:678e89a0851566628a99981a5e395fc2a88936e5f1552a7f205e0c4dc4f34e58_s390x",
"product": {
"name": "openshift4/ose-ansible-operator@sha256:678e89a0851566628a99981a5e395fc2a88936e5f1552a7f205e0c4dc4f34e58_s390x",
"product_id": "openshift4/ose-ansible-operator@sha256:678e89a0851566628a99981a5e395fc2a88936e5f1552a7f205e0c4dc4f34e58_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-ansible-operator@sha256:678e89a0851566628a99981a5e395fc2a88936e5f1552a7f205e0c4dc4f34e58?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-ansible-operator\u0026tag=v4.8.0-202201261123.p0.gb35596f.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-cluster-capacity@sha256:91d7fad60dbc99ea4b1393d9f47de64d145dd3302b199edb7922efbc3a223c40_s390x",
"product": {
"name": "openshift4/ose-cluster-capacity@sha256:91d7fad60dbc99ea4b1393d9f47de64d145dd3302b199edb7922efbc3a223c40_s390x",
"product_id": "openshift4/ose-cluster-capacity@sha256:91d7fad60dbc99ea4b1393d9f47de64d145dd3302b199edb7922efbc3a223c40_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-cluster-capacity@sha256:91d7fad60dbc99ea4b1393d9f47de64d145dd3302b199edb7922efbc3a223c40?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-cluster-capacity\u0026tag=v4.8.0-202201261123.p0.g44c178f.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-egress-dns-proxy@sha256:fa2b319dade615c79b26363fa35ff7519b890ceca1a316ba7b4a13ac2dfe3392_s390x",
"product": {
"name": "openshift4/ose-egress-dns-proxy@sha256:fa2b319dade615c79b26363fa35ff7519b890ceca1a316ba7b4a13ac2dfe3392_s390x",
"product_id": "openshift4/ose-egress-dns-proxy@sha256:fa2b319dade615c79b26363fa35ff7519b890ceca1a316ba7b4a13ac2dfe3392_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-egress-dns-proxy@sha256:fa2b319dade615c79b26363fa35ff7519b890ceca1a316ba7b4a13ac2dfe3392?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-egress-dns-proxy\u0026tag=v4.8.0-202201261123.p0.gad38e11.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-egress-router@sha256:c8948bfb7437e445a58323c456979829d738f69d192b308af112793a44ece6be_s390x",
"product": {
"name": "openshift4/ose-egress-router@sha256:c8948bfb7437e445a58323c456979829d738f69d192b308af112793a44ece6be_s390x",
"product_id": "openshift4/ose-egress-router@sha256:c8948bfb7437e445a58323c456979829d738f69d192b308af112793a44ece6be_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-egress-router@sha256:c8948bfb7437e445a58323c456979829d738f69d192b308af112793a44ece6be?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-egress-router\u0026tag=v4.8.0-202201261123.p0.gad38e11.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-helm-operator@sha256:aded3473d75a263d10d7f4f3db50366a00b1c592608c187f35e43dcf33d4cc92_s390x",
"product": {
"name": "openshift4/ose-helm-operator@sha256:aded3473d75a263d10d7f4f3db50366a00b1c592608c187f35e43dcf33d4cc92_s390x",
"product_id": "openshift4/ose-helm-operator@sha256:aded3473d75a263d10d7f4f3db50366a00b1c592608c187f35e43dcf33d4cc92_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-helm-operator@sha256:aded3473d75a263d10d7f4f3db50366a00b1c592608c187f35e43dcf33d4cc92?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-helm-operator\u0026tag=v4.8.0-202201261123.p0.gb35596f.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-operator-sdk-rhel8@sha256:7cb3e37cdab015a525dd1e7e9830c50d290ab64d939755aa733182fde5822282_s390x",
"product": {
"name": "openshift4/ose-operator-sdk-rhel8@sha256:7cb3e37cdab015a525dd1e7e9830c50d290ab64d939755aa733182fde5822282_s390x",
"product_id": "openshift4/ose-operator-sdk-rhel8@sha256:7cb3e37cdab015a525dd1e7e9830c50d290ab64d939755aa733182fde5822282_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-operator-sdk-rhel8@sha256:7cb3e37cdab015a525dd1e7e9830c50d290ab64d939755aa733182fde5822282?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-operator-sdk-rhel8\u0026tag=v4.8.0-202201261123.p0.gb35596f.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-service-idler-rhel8@sha256:7655843623686ef2110b391115053ec888b3bfba3e93f7fa015a4ddf59a2c6e1_s390x",
"product": {
"name": "openshift4/ose-service-idler-rhel8@sha256:7655843623686ef2110b391115053ec888b3bfba3e93f7fa015a4ddf59a2c6e1_s390x",
"product_id": "openshift4/ose-service-idler-rhel8@sha256:7655843623686ef2110b391115053ec888b3bfba3e93f7fa015a4ddf59a2c6e1_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-service-idler-rhel8@sha256:7655843623686ef2110b391115053ec888b3bfba3e93f7fa015a4ddf59a2c6e1?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-service-idler-rhel8\u0026tag=v4.8.0-202201261123.p0.g39cfc66.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-kubernetes-nmstate-handler-rhel8@sha256:3a1ede2d5f064cdc9c3dcae93122e30fe6acb8962905ea739484840c028767eb_s390x",
"product": {
"name": "openshift4/ose-kubernetes-nmstate-handler-rhel8@sha256:3a1ede2d5f064cdc9c3dcae93122e30fe6acb8962905ea739484840c028767eb_s390x",
"product_id": "openshift4/ose-kubernetes-nmstate-handler-rhel8@sha256:3a1ede2d5f064cdc9c3dcae93122e30fe6acb8962905ea739484840c028767eb_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-kubernetes-nmstate-handler-rhel8@sha256:3a1ede2d5f064cdc9c3dcae93122e30fe6acb8962905ea739484840c028767eb?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-kubernetes-nmstate-handler-rhel8\u0026tag=v4.8.0-202201261123.p0.g458be7e.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-cluster-kube-descheduler-operator@sha256:4210a5b83b7a6dce2e8b5e9c74b2c2858b4441c7e7046dc1bc47d13bade5b344_s390x",
"product": {
"name": "openshift4/ose-cluster-kube-descheduler-operator@sha256:4210a5b83b7a6dce2e8b5e9c74b2c2858b4441c7e7046dc1bc47d13bade5b344_s390x",
"product_id": "openshift4/ose-cluster-kube-descheduler-operator@sha256:4210a5b83b7a6dce2e8b5e9c74b2c2858b4441c7e7046dc1bc47d13bade5b344_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-cluster-kube-descheduler-operator@sha256:4210a5b83b7a6dce2e8b5e9c74b2c2858b4441c7e7046dc1bc47d13bade5b344?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-cluster-kube-descheduler-operator\u0026tag=v4.8.0-202201261123.p0.g1af4c42.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:4210a5b83b7a6dce2e8b5e9c74b2c2858b4441c7e7046dc1bc47d13bade5b344_s390x",
"product": {
"name": "openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:4210a5b83b7a6dce2e8b5e9c74b2c2858b4441c7e7046dc1bc47d13bade5b344_s390x",
"product_id": "openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:4210a5b83b7a6dce2e8b5e9c74b2c2858b4441c7e7046dc1bc47d13bade5b344_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-cluster-kube-descheduler-rhel8-operator@sha256:4210a5b83b7a6dce2e8b5e9c74b2c2858b4441c7e7046dc1bc47d13bade5b344?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-cluster-kube-descheduler-rhel8-operator\u0026tag=v4.8.0-202201261123.p0.g1af4c42.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-clusterresourceoverride-rhel8@sha256:862a2025b5f3a3e7569fe6fcdb08d008318daf7b7818dbff9bc571d053360ab1_s390x",
"product": {
"name": "openshift4/ose-clusterresourceoverride-rhel8@sha256:862a2025b5f3a3e7569fe6fcdb08d008318daf7b7818dbff9bc571d053360ab1_s390x",
"product_id": "openshift4/ose-clusterresourceoverride-rhel8@sha256:862a2025b5f3a3e7569fe6fcdb08d008318daf7b7818dbff9bc571d053360ab1_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-clusterresourceoverride-rhel8@sha256:862a2025b5f3a3e7569fe6fcdb08d008318daf7b7818dbff9bc571d053360ab1?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-clusterresourceoverride-rhel8\u0026tag=v4.8.0-202201261123.p0.g2a9f548.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:a2b533899da262cc3dcdec64b353b4373c692c65795d092735110ffe14b1f405_s390x",
"product": {
"name": "openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:a2b533899da262cc3dcdec64b353b4373c692c65795d092735110ffe14b1f405_s390x",
"product_id": "openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:a2b533899da262cc3dcdec64b353b4373c692c65795d092735110ffe14b1f405_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-clusterresourceoverride-rhel8-operator@sha256:a2b533899da262cc3dcdec64b353b4373c692c65795d092735110ffe14b1f405?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-clusterresourceoverride-rhel8-operator\u0026tag=v4.8.0-202201261123.p0.gfcdcef8.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-egress-http-proxy@sha256:39a831a45748dfd91a1d20f68481fbc82bd3fefa4cb5ff87aab478770582de2f_s390x",
"product": {
"name": "openshift4/ose-egress-http-proxy@sha256:39a831a45748dfd91a1d20f68481fbc82bd3fefa4cb5ff87aab478770582de2f_s390x",
"product_id": "openshift4/ose-egress-http-proxy@sha256:39a831a45748dfd91a1d20f68481fbc82bd3fefa4cb5ff87aab478770582de2f_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-egress-http-proxy@sha256:39a831a45748dfd91a1d20f68481fbc82bd3fefa4cb5ff87aab478770582de2f?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-egress-http-proxy\u0026tag=v4.8.0-202201261123.p0.gad38e11.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/kubernetes-nmstate-rhel8-operator@sha256:401efb6b2a736bc00475df75c05178f2b5a01a917e416b166ba77b084984bbb0_s390x",
"product": {
"name": "openshift4/kubernetes-nmstate-rhel8-operator@sha256:401efb6b2a736bc00475df75c05178f2b5a01a917e416b166ba77b084984bbb0_s390x",
"product_id": "openshift4/kubernetes-nmstate-rhel8-operator@sha256:401efb6b2a736bc00475df75c05178f2b5a01a917e416b166ba77b084984bbb0_s390x",
"product_identification_helper": {
"purl": "pkg:oci/kubernetes-nmstate-rhel8-operator@sha256:401efb6b2a736bc00475df75c05178f2b5a01a917e416b166ba77b084984bbb0?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/kubernetes-nmstate-rhel8-operator\u0026tag=v4.8.0-202201261123.p0.g458be7e.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-ptp@sha256:50f1a02f7ddd5e78a607a2d87e1a1d87e6d40dbab914c81a4b7c926446ae7c3f_s390x",
"product": {
"name": "openshift4/ose-ptp@sha256:50f1a02f7ddd5e78a607a2d87e1a1d87e6d40dbab914c81a4b7c926446ae7c3f_s390x",
"product_id": "openshift4/ose-ptp@sha256:50f1a02f7ddd5e78a607a2d87e1a1d87e6d40dbab914c81a4b7c926446ae7c3f_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-ptp@sha256:50f1a02f7ddd5e78a607a2d87e1a1d87e6d40dbab914c81a4b7c926446ae7c3f?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-ptp\u0026tag=v4.8.0-202201261123.p0.g2ae5850.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-local-storage-mustgather-rhel8@sha256:7aa0f9ceaa8663081cf19d8a2c689d6356d467ce5ccfb1a6140101f5a47973b6_s390x",
"product": {
"name": "openshift4/ose-local-storage-mustgather-rhel8@sha256:7aa0f9ceaa8663081cf19d8a2c689d6356d467ce5ccfb1a6140101f5a47973b6_s390x",
"product_id": "openshift4/ose-local-storage-mustgather-rhel8@sha256:7aa0f9ceaa8663081cf19d8a2c689d6356d467ce5ccfb1a6140101f5a47973b6_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-local-storage-mustgather-rhel8@sha256:7aa0f9ceaa8663081cf19d8a2c689d6356d467ce5ccfb1a6140101f5a47973b6?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-local-storage-mustgather-rhel8\u0026tag=v4.8.0-202202071729.p0.g7887ed0.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-metering-helm-container-rhel8@sha256:604d7a9033dd87cb30f0e9b35275432e0a6c7637e3cdf54c4710759e4f40ed18_s390x",
"product": {
"name": "openshift4/ose-metering-helm-container-rhel8@sha256:604d7a9033dd87cb30f0e9b35275432e0a6c7637e3cdf54c4710759e4f40ed18_s390x",
"product_id": "openshift4/ose-metering-helm-container-rhel8@sha256:604d7a9033dd87cb30f0e9b35275432e0a6c7637e3cdf54c4710759e4f40ed18_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-metering-helm-container-rhel8@sha256:604d7a9033dd87cb30f0e9b35275432e0a6c7637e3cdf54c4710759e4f40ed18?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-metering-helm-container-rhel8\u0026tag=v4.8.0-202201261123.p0.g8aaede2.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-ptp-operator@sha256:d2e84963c0a4b8c4837c600dcd45a4ec85582dcb277cc5a342772cfaf37a02d6_s390x",
"product": {
"name": "openshift4/ose-ptp-operator@sha256:d2e84963c0a4b8c4837c600dcd45a4ec85582dcb277cc5a342772cfaf37a02d6_s390x",
"product_id": "openshift4/ose-ptp-operator@sha256:d2e84963c0a4b8c4837c600dcd45a4ec85582dcb277cc5a342772cfaf37a02d6_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-ptp-operator@sha256:d2e84963c0a4b8c4837c600dcd45a4ec85582dcb277cc5a342772cfaf37a02d6?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-ptp-operator\u0026tag=v4.8.0-202201261123.p0.gd71faa4.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:818f036319edf0d327b3d7b8c474e62181b645091bd78039f8af6bc9d06ec3c2_s390x",
"product": {
"name": "openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:818f036319edf0d327b3d7b8c474e62181b645091bd78039f8af6bc9d06ec3c2_s390x",
"product_id": "openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:818f036319edf0d327b3d7b8c474e62181b645091bd78039f8af6bc9d06ec3c2_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-vertical-pod-autoscaler-rhel8@sha256:818f036319edf0d327b3d7b8c474e62181b645091bd78039f8af6bc9d06ec3c2?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-vertical-pod-autoscaler-rhel8\u0026tag=v4.8.0-202201261123.p0.g7bbde4c.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:c1b1addb2f2a7c84de8e0c50e6015921bc5f8f19c6c3defe090fc643e2a59fc4_s390x",
"product": {
"name": "openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:c1b1addb2f2a7c84de8e0c50e6015921bc5f8f19c6c3defe090fc643e2a59fc4_s390x",
"product_id": "openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:c1b1addb2f2a7c84de8e0c50e6015921bc5f8f19c6c3defe090fc643e2a59fc4_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-vertical-pod-autoscaler-rhel8-operator@sha256:c1b1addb2f2a7c84de8e0c50e6015921bc5f8f19c6c3defe090fc643e2a59fc4?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-vertical-pod-autoscaler-rhel8-operator\u0026tag=v4.8.0-202201261123.p0.gef8ad45.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ptp-must-gather-rhel8@sha256:16135e26bab08312237920621dfdda19de439cafa3496336a5bb036ba6aab810_s390x",
"product": {
"name": "openshift4/ptp-must-gather-rhel8@sha256:16135e26bab08312237920621dfdda19de439cafa3496336a5bb036ba6aab810_s390x",
"product_id": "openshift4/ptp-must-gather-rhel8@sha256:16135e26bab08312237920621dfdda19de439cafa3496336a5bb036ba6aab810_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ptp-must-gather-rhel8@sha256:16135e26bab08312237920621dfdda19de439cafa3496336a5bb036ba6aab810?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ptp-must-gather-rhel8\u0026tag=v4.8.0-202201261123.p0.gd71faa4.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-sriov-cni@sha256:de25d1ab45eec3791e0429c14cd159c2cf0e06f60538eea58a3884ba8ec0c437_s390x",
"product": {
"name": "openshift4/ose-sriov-cni@sha256:de25d1ab45eec3791e0429c14cd159c2cf0e06f60538eea58a3884ba8ec0c437_s390x",
"product_id": "openshift4/ose-sriov-cni@sha256:de25d1ab45eec3791e0429c14cd159c2cf0e06f60538eea58a3884ba8ec0c437_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-sriov-cni@sha256:de25d1ab45eec3791e0429c14cd159c2cf0e06f60538eea58a3884ba8ec0c437?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-sriov-cni\u0026tag=v4.8.0-202201261123.p0.gcc1edca.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-sriov-dp-admission-controller@sha256:035ee520fd3303409a8a622fbfdc092495705533e687afd5a507269ff2888672_s390x",
"product": {
"name": "openshift4/ose-sriov-dp-admission-controller@sha256:035ee520fd3303409a8a622fbfdc092495705533e687afd5a507269ff2888672_s390x",
"product_id": "openshift4/ose-sriov-dp-admission-controller@sha256:035ee520fd3303409a8a622fbfdc092495705533e687afd5a507269ff2888672_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-sriov-dp-admission-controller@sha256:035ee520fd3303409a8a622fbfdc092495705533e687afd5a507269ff2888672?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-sriov-dp-admission-controller\u0026tag=v4.8.0-202201261123.p0.gd34636e.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-sriov-network-config-daemon@sha256:edee9914747f7b1a871dfbf8e0ada436fd853f9cb8b4f25bd6a3ae8f2d8b0851_s390x",
"product": {
"name": "openshift4/ose-sriov-network-config-daemon@sha256:edee9914747f7b1a871dfbf8e0ada436fd853f9cb8b4f25bd6a3ae8f2d8b0851_s390x",
"product_id": "openshift4/ose-sriov-network-config-daemon@sha256:edee9914747f7b1a871dfbf8e0ada436fd853f9cb8b4f25bd6a3ae8f2d8b0851_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-sriov-network-config-daemon@sha256:edee9914747f7b1a871dfbf8e0ada436fd853f9cb8b4f25bd6a3ae8f2d8b0851?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-sriov-network-config-daemon\u0026tag=v4.8.0-202201261123.p0.g6ad9128.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-sriov-network-device-plugin@sha256:d5567efab982e51026761e1cb5a120f2eed54033550cbac5c4b78620b5a775ce_s390x",
"product": {
"name": "openshift4/ose-sriov-network-device-plugin@sha256:d5567efab982e51026761e1cb5a120f2eed54033550cbac5c4b78620b5a775ce_s390x",
"product_id": "openshift4/ose-sriov-network-device-plugin@sha256:d5567efab982e51026761e1cb5a120f2eed54033550cbac5c4b78620b5a775ce_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-sriov-network-device-plugin@sha256:d5567efab982e51026761e1cb5a120f2eed54033550cbac5c4b78620b5a775ce?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-sriov-network-device-plugin\u0026tag=v4.8.0-202201261123.p0.g83bc63d.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-sriov-operator-must-gather@sha256:baa3b6da137bc048f57d656f938c71d26e8240f4a5a7d99dab584a1662d19188_s390x",
"product": {
"name": "openshift4/ose-sriov-operator-must-gather@sha256:baa3b6da137bc048f57d656f938c71d26e8240f4a5a7d99dab584a1662d19188_s390x",
"product_id": "openshift4/ose-sriov-operator-must-gather@sha256:baa3b6da137bc048f57d656f938c71d26e8240f4a5a7d99dab584a1662d19188_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-sriov-operator-must-gather@sha256:baa3b6da137bc048f57d656f938c71d26e8240f4a5a7d99dab584a1662d19188?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-sriov-operator-must-gather\u0026tag=v4.8.0-202201261123.p0.g6ad9128.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-sriov-network-operator@sha256:34af2eab98fe5ead527de11fd495642f49e955e17064cc8cf1674b13b362efac_s390x",
"product": {
"name": "openshift4/ose-sriov-network-operator@sha256:34af2eab98fe5ead527de11fd495642f49e955e17064cc8cf1674b13b362efac_s390x",
"product_id": "openshift4/ose-sriov-network-operator@sha256:34af2eab98fe5ead527de11fd495642f49e955e17064cc8cf1674b13b362efac_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-sriov-network-operator@sha256:34af2eab98fe5ead527de11fd495642f49e955e17064cc8cf1674b13b362efac?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-sriov-network-operator\u0026tag=v4.8.0-202201261123.p0.g6ad9128.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-sriov-network-webhook@sha256:59dead9be2c8e873496653be6570c8aeffb1a9b420ba00200aae3506f1a1798e_s390x",
"product": {
"name": "openshift4/ose-sriov-network-webhook@sha256:59dead9be2c8e873496653be6570c8aeffb1a9b420ba00200aae3506f1a1798e_s390x",
"product_id": "openshift4/ose-sriov-network-webhook@sha256:59dead9be2c8e873496653be6570c8aeffb1a9b420ba00200aae3506f1a1798e_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-sriov-network-webhook@sha256:59dead9be2c8e873496653be6570c8aeffb1a9b420ba00200aae3506f1a1798e?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-sriov-network-webhook\u0026tag=v4.8.0-202201261123.p0.g6ad9128.assembly.stream"
}
}
}
],
"category": "architecture",
"name": "s390x"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/kubernetes-nmstate-rhel8-operator@sha256:04af6b907f56fe1255345a4d5dd23908e6fe51b63da2d86812f0301f97b8abe8_ppc64le as a component of Red Hat OpenShift Container Platform 4.8",
"product_id": "8Base-RHOSE-4.8:openshift4/kubernetes-nmstate-rhel8-operator@sha256:04af6b907f56fe1255345a4d5dd23908e6fe51b63da2d86812f0301f97b8abe8_ppc64le"
},
"product_reference": "openshift4/kubernetes-nmstate-rhel8-operator@sha256:04af6b907f56fe1255345a4d5dd23908e6fe51b63da2d86812f0301f97b8abe8_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/kubernetes-nmstate-rhel8-operator@sha256:401efb6b2a736bc00475df75c05178f2b5a01a917e416b166ba77b084984bbb0_s390x as a component of Red Hat OpenShift Container Platform 4.8",
"product_id": "8Base-RHOSE-4.8:openshift4/kubernetes-nmstate-rhel8-operator@sha256:401efb6b2a736bc00475df75c05178f2b5a01a917e416b166ba77b084984bbb0_s390x"
},
"product_reference": "openshift4/kubernetes-nmstate-rhel8-operator@sha256:401efb6b2a736bc00475df75c05178f2b5a01a917e416b166ba77b084984bbb0_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/kubernetes-nmstate-rhel8-operator@sha256:bf92e1a223de2fe51d8e702f7bcd924e83378b99a249e76f1f8db7167a34e155_amd64 as a component of Red Hat OpenShift Container Platform 4.8",
"product_id": "8Base-RHOSE-4.8:openshift4/kubernetes-nmstate-rhel8-operator@sha256:bf92e1a223de2fe51d8e702f7bcd924e83378b99a249e76f1f8db7167a34e155_amd64"
},
"product_reference": "openshift4/kubernetes-nmstate-rhel8-operator@sha256:bf92e1a223de2fe51d8e702f7bcd924e83378b99a249e76f1f8db7167a34e155_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-ansible-operator@sha256:16268bec56efd542c49bdd5ce8934d7edfe81ee2e11f716bfba09afda1096ccd_ppc64le as a component of Red Hat OpenShift Container Platform 4.8",
"product_id": "8Base-RHOSE-4.8:openshift4/ose-ansible-operator@sha256:16268bec56efd542c49bdd5ce8934d7edfe81ee2e11f716bfba09afda1096ccd_ppc64le"
},
"product_reference": "openshift4/ose-ansible-operator@sha256:16268bec56efd542c49bdd5ce8934d7edfe81ee2e11f716bfba09afda1096ccd_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-ansible-operator@sha256:317b636846f5a4da94b8a44eb87b9d34721da8b819debdcfecb726b8d74537c4_amd64 as a component of Red Hat OpenShift Container Platform 4.8",
"product_id": "8Base-RHOSE-4.8:openshift4/ose-ansible-operator@sha256:317b636846f5a4da94b8a44eb87b9d34721da8b819debdcfecb726b8d74537c4_amd64"
},
"product_reference": "openshift4/ose-ansible-operator@sha256:317b636846f5a4da94b8a44eb87b9d34721da8b819debdcfecb726b8d74537c4_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-ansible-operator@sha256:678e89a0851566628a99981a5e395fc2a88936e5f1552a7f205e0c4dc4f34e58_s390x as a component of Red Hat OpenShift Container Platform 4.8",
"product_id": "8Base-RHOSE-4.8:openshift4/ose-ansible-operator@sha256:678e89a0851566628a99981a5e395fc2a88936e5f1552a7f205e0c4dc4f34e58_s390x"
},
"product_reference": "openshift4/ose-ansible-operator@sha256:678e89a0851566628a99981a5e395fc2a88936e5f1552a7f205e0c4dc4f34e58_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cluster-capacity@sha256:29eb94fd8e5cf6bd471ed30b0cd1d7f647588c14c93a148f8f332cd21ee94542_ppc64le as a component of Red Hat OpenShift Container Platform 4.8",
"product_id": "8Base-RHOSE-4.8:openshift4/ose-cluster-capacity@sha256:29eb94fd8e5cf6bd471ed30b0cd1d7f647588c14c93a148f8f332cd21ee94542_ppc64le"
},
"product_reference": "openshift4/ose-cluster-capacity@sha256:29eb94fd8e5cf6bd471ed30b0cd1d7f647588c14c93a148f8f332cd21ee94542_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cluster-capacity@sha256:91d7fad60dbc99ea4b1393d9f47de64d145dd3302b199edb7922efbc3a223c40_s390x as a component of Red Hat OpenShift Container Platform 4.8",
"product_id": "8Base-RHOSE-4.8:openshift4/ose-cluster-capacity@sha256:91d7fad60dbc99ea4b1393d9f47de64d145dd3302b199edb7922efbc3a223c40_s390x"
},
"product_reference": "openshift4/ose-cluster-capacity@sha256:91d7fad60dbc99ea4b1393d9f47de64d145dd3302b199edb7922efbc3a223c40_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cluster-capacity@sha256:a8b224b9187b51c7b6251488f84bc86ec5e54bad0515c1516d6f535a2ad5a6d7_amd64 as a component of Red Hat OpenShift Container Platform 4.8",
"product_id": "8Base-RHOSE-4.8:openshift4/ose-cluster-capacity@sha256:a8b224b9187b51c7b6251488f84bc86ec5e54bad0515c1516d6f535a2ad5a6d7_amd64"
},
"product_reference": "openshift4/ose-cluster-capacity@sha256:a8b224b9187b51c7b6251488f84bc86ec5e54bad0515c1516d6f535a2ad5a6d7_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cluster-kube-descheduler-operator@sha256:24380dc5d13f84e5b3d35bcf6e183ab697a8b9f997c4808027dbe396a075e389_amd64 as a component of Red Hat OpenShift Container Platform 4.8",
"product_id": "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-descheduler-operator@sha256:24380dc5d13f84e5b3d35bcf6e183ab697a8b9f997c4808027dbe396a075e389_amd64"
},
"product_reference": "openshift4/ose-cluster-kube-descheduler-operator@sha256:24380dc5d13f84e5b3d35bcf6e183ab697a8b9f997c4808027dbe396a075e389_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cluster-kube-descheduler-operator@sha256:4210a5b83b7a6dce2e8b5e9c74b2c2858b4441c7e7046dc1bc47d13bade5b344_s390x as a component of Red Hat OpenShift Container Platform 4.8",
"product_id": "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-descheduler-operator@sha256:4210a5b83b7a6dce2e8b5e9c74b2c2858b4441c7e7046dc1bc47d13bade5b344_s390x"
},
"product_reference": "openshift4/ose-cluster-kube-descheduler-operator@sha256:4210a5b83b7a6dce2e8b5e9c74b2c2858b4441c7e7046dc1bc47d13bade5b344_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cluster-kube-descheduler-operator@sha256:7de02a3794875b503787352cc1ba1774ca2bc48e717668323b135f2b4d03bab2_ppc64le as a component of Red Hat OpenShift Container Platform 4.8",
"product_id": "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-descheduler-operator@sha256:7de02a3794875b503787352cc1ba1774ca2bc48e717668323b135f2b4d03bab2_ppc64le"
},
"product_reference": "openshift4/ose-cluster-kube-descheduler-operator@sha256:7de02a3794875b503787352cc1ba1774ca2bc48e717668323b135f2b4d03bab2_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:24380dc5d13f84e5b3d35bcf6e183ab697a8b9f997c4808027dbe396a075e389_amd64 as a component of Red Hat OpenShift Container Platform 4.8",
"product_id": "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:24380dc5d13f84e5b3d35bcf6e183ab697a8b9f997c4808027dbe396a075e389_amd64"
},
"product_reference": "openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:24380dc5d13f84e5b3d35bcf6e183ab697a8b9f997c4808027dbe396a075e389_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:4210a5b83b7a6dce2e8b5e9c74b2c2858b4441c7e7046dc1bc47d13bade5b344_s390x as a component of Red Hat OpenShift Container Platform 4.8",
"product_id": "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:4210a5b83b7a6dce2e8b5e9c74b2c2858b4441c7e7046dc1bc47d13bade5b344_s390x"
},
"product_reference": "openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:4210a5b83b7a6dce2e8b5e9c74b2c2858b4441c7e7046dc1bc47d13bade5b344_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:7de02a3794875b503787352cc1ba1774ca2bc48e717668323b135f2b4d03bab2_ppc64le as a component of Red Hat OpenShift Container Platform 4.8",
"product_id": "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:7de02a3794875b503787352cc1ba1774ca2bc48e717668323b135f2b4d03bab2_ppc64le"
},
"product_reference": "openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:7de02a3794875b503787352cc1ba1774ca2bc48e717668323b135f2b4d03bab2_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cluster-nfd-operator@sha256:050f5694076ad7712ea486db9c3a6da60f14a6bcdefb93f09ae5a5d0d2350216_s390x as a component of Red Hat OpenShift Container Platform 4.8",
"product_id": "8Base-RHOSE-4.8:openshift4/ose-cluster-nfd-operator@sha256:050f5694076ad7712ea486db9c3a6da60f14a6bcdefb93f09ae5a5d0d2350216_s390x"
},
"product_reference": "openshift4/ose-cluster-nfd-operator@sha256:050f5694076ad7712ea486db9c3a6da60f14a6bcdefb93f09ae5a5d0d2350216_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cluster-nfd-operator@sha256:3e804e2a87f3d4466ec45163ec1b8a7f5f8621a8dafba7359639319def652df7_amd64 as a component of Red Hat OpenShift Container Platform 4.8",
"product_id": "8Base-RHOSE-4.8:openshift4/ose-cluster-nfd-operator@sha256:3e804e2a87f3d4466ec45163ec1b8a7f5f8621a8dafba7359639319def652df7_amd64"
},
"product_reference": "openshift4/ose-cluster-nfd-operator@sha256:3e804e2a87f3d4466ec45163ec1b8a7f5f8621a8dafba7359639319def652df7_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cluster-nfd-operator@sha256:69325720dac7c66e759da3a932d6d11694b446809a2acd705bcd010662f119ac_ppc64le as a component of Red Hat OpenShift Container Platform 4.8",
"product_id": "8Base-RHOSE-4.8:openshift4/ose-cluster-nfd-operator@sha256:69325720dac7c66e759da3a932d6d11694b446809a2acd705bcd010662f119ac_ppc64le"
},
"product_reference": "openshift4/ose-cluster-nfd-operator@sha256:69325720dac7c66e759da3a932d6d11694b446809a2acd705bcd010662f119ac_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:a2b533899da262cc3dcdec64b353b4373c692c65795d092735110ffe14b1f405_s390x as a component of Red Hat OpenShift Container Platform 4.8",
"product_id": "8Base-RHOSE-4.8:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:a2b533899da262cc3dcdec64b353b4373c692c65795d092735110ffe14b1f405_s390x"
},
"product_reference": "openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:a2b533899da262cc3dcdec64b353b4373c692c65795d092735110ffe14b1f405_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:e78a6496a8fe3bf67a1575cab28d8f9829ff2c9506cec53dc28cd08f1382641a_ppc64le as a component of Red Hat OpenShift Container Platform 4.8",
"product_id": "8Base-RHOSE-4.8:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:e78a6496a8fe3bf67a1575cab28d8f9829ff2c9506cec53dc28cd08f1382641a_ppc64le"
},
"product_reference": "openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:e78a6496a8fe3bf67a1575cab28d8f9829ff2c9506cec53dc28cd08f1382641a_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:f426e6f2bbd416978f1bc731e061eb908cd34736180e92a6d76cbcc00d494ea0_amd64 as a component of Red Hat OpenShift Container Platform 4.8",
"product_id": "8Base-RHOSE-4.8:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:f426e6f2bbd416978f1bc731e061eb908cd34736180e92a6d76cbcc00d494ea0_amd64"
},
"product_reference": "openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:f426e6f2bbd416978f1bc731e061eb908cd34736180e92a6d76cbcc00d494ea0_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-clusterresourceoverride-rhel8@sha256:4361d04e51268ebc0048167a60b69b789b9e4158e819979a2996fc2a79a0183e_ppc64le as a component of Red Hat OpenShift Container Platform 4.8",
"product_id": "8Base-RHOSE-4.8:openshift4/ose-clusterresourceoverride-rhel8@sha256:4361d04e51268ebc0048167a60b69b789b9e4158e819979a2996fc2a79a0183e_ppc64le"
},
"product_reference": "openshift4/ose-clusterresourceoverride-rhel8@sha256:4361d04e51268ebc0048167a60b69b789b9e4158e819979a2996fc2a79a0183e_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-clusterresourceoverride-rhel8@sha256:7f80896dc1acc9d9af477d753e7fafe3d828e5b35fb123fda05c272c93efaae4_amd64 as a component of Red Hat OpenShift Container Platform 4.8",
"product_id": "8Base-RHOSE-4.8:openshift4/ose-clusterresourceoverride-rhel8@sha256:7f80896dc1acc9d9af477d753e7fafe3d828e5b35fb123fda05c272c93efaae4_amd64"
},
"product_reference": "openshift4/ose-clusterresourceoverride-rhel8@sha256:7f80896dc1acc9d9af477d753e7fafe3d828e5b35fb123fda05c272c93efaae4_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-clusterresourceoverride-rhel8@sha256:862a2025b5f3a3e7569fe6fcdb08d008318daf7b7818dbff9bc571d053360ab1_s390x as a component of Red Hat OpenShift Container Platform 4.8",
"product_id": "8Base-RHOSE-4.8:openshift4/ose-clusterresourceoverride-rhel8@sha256:862a2025b5f3a3e7569fe6fcdb08d008318daf7b7818dbff9bc571d053360ab1_s390x"
},
"product_reference": "openshift4/ose-clusterresourceoverride-rhel8@sha256:862a2025b5f3a3e7569fe6fcdb08d008318daf7b7818dbff9bc571d053360ab1_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-descheduler@sha256:4f9de0b544a418c728d7921b031268687b315273256b1b964de87602b552f559_s390x as a component of Red Hat OpenShift Container Platform 4.8",
"product_id": "8Base-RHOSE-4.8:openshift4/ose-descheduler@sha256:4f9de0b544a418c728d7921b031268687b315273256b1b964de87602b552f559_s390x"
},
"product_reference": "openshift4/ose-descheduler@sha256:4f9de0b544a418c728d7921b031268687b315273256b1b964de87602b552f559_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-descheduler@sha256:b5ad38974bb046acc284d81615f89be45cc88ee94dd202715a84048ff666de39_ppc64le as a component of Red Hat OpenShift Container Platform 4.8",
"product_id": "8Base-RHOSE-4.8:openshift4/ose-descheduler@sha256:b5ad38974bb046acc284d81615f89be45cc88ee94dd202715a84048ff666de39_ppc64le"
},
"product_reference": "openshift4/ose-descheduler@sha256:b5ad38974bb046acc284d81615f89be45cc88ee94dd202715a84048ff666de39_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-descheduler@sha256:c646e3a5e81cff6f9e5fd0d590acff2a8ae1c0a36cb7bc5210f6285d8dc06817_amd64 as a component of Red Hat OpenShift Container Platform 4.8",
"product_id": "8Base-RHOSE-4.8:openshift4/ose-descheduler@sha256:c646e3a5e81cff6f9e5fd0d590acff2a8ae1c0a36cb7bc5210f6285d8dc06817_amd64"
},
"product_reference": "openshift4/ose-descheduler@sha256:c646e3a5e81cff6f9e5fd0d590acff2a8ae1c0a36cb7bc5210f6285d8dc06817_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-egress-dns-proxy@sha256:45e93e144f0401c1b18a98864544e8e57439a5aae0937796a52cfbb5b5657620_ppc64le as a component of Red Hat OpenShift Container Platform 4.8",
"product_id": "8Base-RHOSE-4.8:openshift4/ose-egress-dns-proxy@sha256:45e93e144f0401c1b18a98864544e8e57439a5aae0937796a52cfbb5b5657620_ppc64le"
},
"product_reference": "openshift4/ose-egress-dns-proxy@sha256:45e93e144f0401c1b18a98864544e8e57439a5aae0937796a52cfbb5b5657620_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-egress-dns-proxy@sha256:7e578789946a853c299254cc9092f815c59333551fc7bcdf0cec4ee8bd0975f7_amd64 as a component of Red Hat OpenShift Container Platform 4.8",
"product_id": "8Base-RHOSE-4.8:openshift4/ose-egress-dns-proxy@sha256:7e578789946a853c299254cc9092f815c59333551fc7bcdf0cec4ee8bd0975f7_amd64"
},
"product_reference": "openshift4/ose-egress-dns-proxy@sha256:7e578789946a853c299254cc9092f815c59333551fc7bcdf0cec4ee8bd0975f7_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-egress-dns-proxy@sha256:fa2b319dade615c79b26363fa35ff7519b890ceca1a316ba7b4a13ac2dfe3392_s390x as a component of Red Hat OpenShift Container Platform 4.8",
"product_id": "8Base-RHOSE-4.8:openshift4/ose-egress-dns-proxy@sha256:fa2b319dade615c79b26363fa35ff7519b890ceca1a316ba7b4a13ac2dfe3392_s390x"
},
"product_reference": "openshift4/ose-egress-dns-proxy@sha256:fa2b319dade615c79b26363fa35ff7519b890ceca1a316ba7b4a13ac2dfe3392_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-egress-http-proxy@sha256:26f61e722fc9110448b6c851d8c9e0e49c8d31ee6bbc678ea27767fe8351ad5b_amd64 as a component of Red Hat OpenShift Container Platform 4.8",
"product_id": "8Base-RHOSE-4.8:openshift4/ose-egress-http-proxy@sha256:26f61e722fc9110448b6c851d8c9e0e49c8d31ee6bbc678ea27767fe8351ad5b_amd64"
},
"product_reference": "openshift4/ose-egress-http-proxy@sha256:26f61e722fc9110448b6c851d8c9e0e49c8d31ee6bbc678ea27767fe8351ad5b_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-egress-http-proxy@sha256:39a831a45748dfd91a1d20f68481fbc82bd3fefa4cb5ff87aab478770582de2f_s390x as a component of Red Hat OpenShift Container Platform 4.8",
"product_id": "8Base-RHOSE-4.8:openshift4/ose-egress-http-proxy@sha256:39a831a45748dfd91a1d20f68481fbc82bd3fefa4cb5ff87aab478770582de2f_s390x"
},
"product_reference": "openshift4/ose-egress-http-proxy@sha256:39a831a45748dfd91a1d20f68481fbc82bd3fefa4cb5ff87aab478770582de2f_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-egress-http-proxy@sha256:cef6c19c4b400e88a5231b626970ca205af002ae004f0e40c2bb5b3281abb44b_ppc64le as a component of Red Hat OpenShift Container Platform 4.8",
"product_id": "8Base-RHOSE-4.8:openshift4/ose-egress-http-proxy@sha256:cef6c19c4b400e88a5231b626970ca205af002ae004f0e40c2bb5b3281abb44b_ppc64le"
},
"product_reference": "openshift4/ose-egress-http-proxy@sha256:cef6c19c4b400e88a5231b626970ca205af002ae004f0e40c2bb5b3281abb44b_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-egress-router@sha256:4b3083b15eb27c5f3359498c3d76eab277f55264b1d1f50a560176e2cf471bde_ppc64le as a component of Red Hat OpenShift Container Platform 4.8",
"product_id": "8Base-RHOSE-4.8:openshift4/ose-egress-router@sha256:4b3083b15eb27c5f3359498c3d76eab277f55264b1d1f50a560176e2cf471bde_ppc64le"
},
"product_reference": "openshift4/ose-egress-router@sha256:4b3083b15eb27c5f3359498c3d76eab277f55264b1d1f50a560176e2cf471bde_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-egress-router@sha256:9c5ea6554b499063a4056685d22bc4b8e553bacbacd8f5b6c6c70029b7c691c2_amd64 as a component of Red Hat OpenShift Container Platform 4.8",
"product_id": "8Base-RHOSE-4.8:openshift4/ose-egress-router@sha256:9c5ea6554b499063a4056685d22bc4b8e553bacbacd8f5b6c6c70029b7c691c2_amd64"
},
"product_reference": "openshift4/ose-egress-router@sha256:9c5ea6554b499063a4056685d22bc4b8e553bacbacd8f5b6c6c70029b7c691c2_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-egress-router@sha256:c8948bfb7437e445a58323c456979829d738f69d192b308af112793a44ece6be_s390x as a component of Red Hat OpenShift Container Platform 4.8",
"product_id": "8Base-RHOSE-4.8:openshift4/ose-egress-router@sha256:c8948bfb7437e445a58323c456979829d738f69d192b308af112793a44ece6be_s390x"
},
"product_reference": "openshift4/ose-egress-router@sha256:c8948bfb7437e445a58323c456979829d738f69d192b308af112793a44ece6be_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-ghostunnel@sha256:d24324d2a5f5db35706160389fd0504529847b610b67c946426dd2d5c580333c_amd64 as a component of Red Hat OpenShift Container Platform 4.8",
"product_id": "8Base-RHOSE-4.8:openshift4/ose-ghostunnel@sha256:d24324d2a5f5db35706160389fd0504529847b610b67c946426dd2d5c580333c_amd64"
},
"product_reference": "openshift4/ose-ghostunnel@sha256:d24324d2a5f5db35706160389fd0504529847b610b67c946426dd2d5c580333c_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-helm-operator@sha256:2da0cd361bc6553072e88c8360dcf6d892ca6c3d34c98bdfa611105559373e98_ppc64le as a component of Red Hat OpenShift Container Platform 4.8",
"product_id": "8Base-RHOSE-4.8:openshift4/ose-helm-operator@sha256:2da0cd361bc6553072e88c8360dcf6d892ca6c3d34c98bdfa611105559373e98_ppc64le"
},
"product_reference": "openshift4/ose-helm-operator@sha256:2da0cd361bc6553072e88c8360dcf6d892ca6c3d34c98bdfa611105559373e98_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-helm-operator@sha256:aded3473d75a263d10d7f4f3db50366a00b1c592608c187f35e43dcf33d4cc92_s390x as a component of Red Hat OpenShift Container Platform 4.8",
"product_id": "8Base-RHOSE-4.8:openshift4/ose-helm-operator@sha256:aded3473d75a263d10d7f4f3db50366a00b1c592608c187f35e43dcf33d4cc92_s390x"
},
"product_reference": "openshift4/ose-helm-operator@sha256:aded3473d75a263d10d7f4f3db50366a00b1c592608c187f35e43dcf33d4cc92_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-helm-operator@sha256:df4243dbedfc6b134f48d8e839c859a55070dd816fcebf64da40f1ff86d1a6e8_amd64 as a component of Red Hat OpenShift Container Platform 4.8",
"product_id": "8Base-RHOSE-4.8:openshift4/ose-helm-operator@sha256:df4243dbedfc6b134f48d8e839c859a55070dd816fcebf64da40f1ff86d1a6e8_amd64"
},
"product_reference": "openshift4/ose-helm-operator@sha256:df4243dbedfc6b134f48d8e839c859a55070dd816fcebf64da40f1ff86d1a6e8_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-kubernetes-nmstate-handler-rhel8@sha256:13d228ad69d3d76bd7af3eab87c2122016c29aca7930d83b7b084726ea62b3b6_amd64 as a component of Red Hat OpenShift Container Platform 4.8",
"product_id": "8Base-RHOSE-4.8:openshift4/ose-kubernetes-nmstate-handler-rhel8@sha256:13d228ad69d3d76bd7af3eab87c2122016c29aca7930d83b7b084726ea62b3b6_amd64"
},
"product_reference": "openshift4/ose-kubernetes-nmstate-handler-rhel8@sha256:13d228ad69d3d76bd7af3eab87c2122016c29aca7930d83b7b084726ea62b3b6_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-kubernetes-nmstate-handler-rhel8@sha256:3a1ede2d5f064cdc9c3dcae93122e30fe6acb8962905ea739484840c028767eb_s390x as a component of Red Hat OpenShift Container Platform 4.8",
"product_id": "8Base-RHOSE-4.8:openshift4/ose-kubernetes-nmstate-handler-rhel8@sha256:3a1ede2d5f064cdc9c3dcae93122e30fe6acb8962905ea739484840c028767eb_s390x"
},
"product_reference": "openshift4/ose-kubernetes-nmstate-handler-rhel8@sha256:3a1ede2d5f064cdc9c3dcae93122e30fe6acb8962905ea739484840c028767eb_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-kubernetes-nmstate-handler-rhel8@sha256:6df1c3e3f99b59c1dcc1ba4bc50aef9638ec28eeb4a358316b6b5c5eb9ce1c1a_ppc64le as a component of Red Hat OpenShift Container Platform 4.8",
"product_id": "8Base-RHOSE-4.8:openshift4/ose-kubernetes-nmstate-handler-rhel8@sha256:6df1c3e3f99b59c1dcc1ba4bc50aef9638ec28eeb4a358316b6b5c5eb9ce1c1a_ppc64le"
},
"product_reference": "openshift4/ose-kubernetes-nmstate-handler-rhel8@sha256:6df1c3e3f99b59c1dcc1ba4bc50aef9638ec28eeb4a358316b6b5c5eb9ce1c1a_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-local-storage-diskmaker@sha256:4fb057e9824cccd554b9295e8c1b4cfc16ffb3eecc2211fa1e1a312f7a79c949_s390x as a component of Red Hat OpenShift Container Platform 4.8",
"product_id": "8Base-RHOSE-4.8:openshift4/ose-local-storage-diskmaker@sha256:4fb057e9824cccd554b9295e8c1b4cfc16ffb3eecc2211fa1e1a312f7a79c949_s390x"
},
"product_reference": "openshift4/ose-local-storage-diskmaker@sha256:4fb057e9824cccd554b9295e8c1b4cfc16ffb3eecc2211fa1e1a312f7a79c949_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-local-storage-diskmaker@sha256:5e7b1da76d30b757db38feef9ac254d1e36b04fe8d6ffab13ba147d0cff88974_ppc64le as a component of Red Hat OpenShift Container Platform 4.8",
"product_id": "8Base-RHOSE-4.8:openshift4/ose-local-storage-diskmaker@sha256:5e7b1da76d30b757db38feef9ac254d1e36b04fe8d6ffab13ba147d0cff88974_ppc64le"
},
"product_reference": "openshift4/ose-local-storage-diskmaker@sha256:5e7b1da76d30b757db38feef9ac254d1e36b04fe8d6ffab13ba147d0cff88974_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-local-storage-diskmaker@sha256:75bc3a0ac9201a825d2aaa1a8af28db620c40e95e25b5e1b6b3e00e507bccdcc_amd64 as a component of Red Hat OpenShift Container Platform 4.8",
"product_id": "8Base-RHOSE-4.8:openshift4/ose-local-storage-diskmaker@sha256:75bc3a0ac9201a825d2aaa1a8af28db620c40e95e25b5e1b6b3e00e507bccdcc_amd64"
},
"product_reference": "openshift4/ose-local-storage-diskmaker@sha256:75bc3a0ac9201a825d2aaa1a8af28db620c40e95e25b5e1b6b3e00e507bccdcc_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-local-storage-mustgather-rhel8@sha256:06a330662e9a8f5aeae9ae9f85db9f25d8b96821f86437a9198ef626979b9b23_amd64 as a component of Red Hat OpenShift Container Platform 4.8",
"product_id": "8Base-RHOSE-4.8:openshift4/ose-local-storage-mustgather-rhel8@sha256:06a330662e9a8f5aeae9ae9f85db9f25d8b96821f86437a9198ef626979b9b23_amd64"
},
"product_reference": "openshift4/ose-local-storage-mustgather-rhel8@sha256:06a330662e9a8f5aeae9ae9f85db9f25d8b96821f86437a9198ef626979b9b23_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-local-storage-mustgather-rhel8@sha256:7aa0f9ceaa8663081cf19d8a2c689d6356d467ce5ccfb1a6140101f5a47973b6_s390x as a component of Red Hat OpenShift Container Platform 4.8",
"product_id": "8Base-RHOSE-4.8:openshift4/ose-local-storage-mustgather-rhel8@sha256:7aa0f9ceaa8663081cf19d8a2c689d6356d467ce5ccfb1a6140101f5a47973b6_s390x"
},
"product_reference": "openshift4/ose-local-storage-mustgather-rhel8@sha256:7aa0f9ceaa8663081cf19d8a2c689d6356d467ce5ccfb1a6140101f5a47973b6_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-local-storage-mustgather-rhel8@sha256:b83bc8b9652ca1d2ff55733ba68f8eaca1542e5318b6860935d12244b240a3f2_ppc64le as a component of Red Hat OpenShift Container Platform 4.8",
"product_id": "8Base-RHOSE-4.8:openshift4/ose-local-storage-mustgather-rhel8@sha256:b83bc8b9652ca1d2ff55733ba68f8eaca1542e5318b6860935d12244b240a3f2_ppc64le"
},
"product_reference": "openshift4/ose-local-storage-mustgather-rhel8@sha256:b83bc8b9652ca1d2ff55733ba68f8eaca1542e5318b6860935d12244b240a3f2_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-local-storage-operator@sha256:1867e7f843577448af26b84cdfb7489b295c5db3eb0faa1eac334b491bf96848_ppc64le as a component of Red Hat OpenShift Container Platform 4.8",
"product_id": "8Base-RHOSE-4.8:openshift4/ose-local-storage-operator@sha256:1867e7f843577448af26b84cdfb7489b295c5db3eb0faa1eac334b491bf96848_ppc64le"
},
"product_reference": "openshift4/ose-local-storage-operator@sha256:1867e7f843577448af26b84cdfb7489b295c5db3eb0faa1eac334b491bf96848_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-local-storage-operator@sha256:8bf7c9546ffbab5678776abe5a25460f3ffdc166ffbfb65f4a674bac26e0dfae_amd64 as a component of Red Hat OpenShift Container Platform 4.8",
"product_id": "8Base-RHOSE-4.8:openshift4/ose-local-storage-operator@sha256:8bf7c9546ffbab5678776abe5a25460f3ffdc166ffbfb65f4a674bac26e0dfae_amd64"
},
"product_reference": "openshift4/ose-local-storage-operator@sha256:8bf7c9546ffbab5678776abe5a25460f3ffdc166ffbfb65f4a674bac26e0dfae_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-local-storage-operator@sha256:b0ca8c3ea4511b5255ef9638f01fefaa6f2e93400a0409360c81d26e8ef8f493_s390x as a component of Red Hat OpenShift Container Platform 4.8",
"product_id": "8Base-RHOSE-4.8:openshift4/ose-local-storage-operator@sha256:b0ca8c3ea4511b5255ef9638f01fefaa6f2e93400a0409360c81d26e8ef8f493_s390x"
},
"product_reference": "openshift4/ose-local-storage-operator@sha256:b0ca8c3ea4511b5255ef9638f01fefaa6f2e93400a0409360c81d26e8ef8f493_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-local-storage-static-provisioner@sha256:030c266a9d55bd63d837fae36a1550a2607e684e8ccfd78fb229b2a028d8897f_ppc64le as a component of Red Hat OpenShift Container Platform 4.8",
"product_id": "8Base-RHOSE-4.8:openshift4/ose-local-storage-static-provisioner@sha256:030c266a9d55bd63d837fae36a1550a2607e684e8ccfd78fb229b2a028d8897f_ppc64le"
},
"product_reference": "openshift4/ose-local-storage-static-provisioner@sha256:030c266a9d55bd63d837fae36a1550a2607e684e8ccfd78fb229b2a028d8897f_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-local-storage-static-provisioner@sha256:2365ccb37a8f91f4ce8c0681e304f98f9468ccd3e7e9cb6bfe7e7179cdad9998_s390x as a component of Red Hat OpenShift Container Platform 4.8",
"product_id": "8Base-RHOSE-4.8:openshift4/ose-local-storage-static-provisioner@sha256:2365ccb37a8f91f4ce8c0681e304f98f9468ccd3e7e9cb6bfe7e7179cdad9998_s390x"
},
"product_reference": "openshift4/ose-local-storage-static-provisioner@sha256:2365ccb37a8f91f4ce8c0681e304f98f9468ccd3e7e9cb6bfe7e7179cdad9998_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-local-storage-static-provisioner@sha256:bcff1893ff84874958f43dd84a22f56f7648dfda34236f4ad87e2a964cf33cd9_amd64 as a component of Red Hat OpenShift Container Platform 4.8",
"product_id": "8Base-RHOSE-4.8:openshift4/ose-local-storage-static-provisioner@sha256:bcff1893ff84874958f43dd84a22f56f7648dfda34236f4ad87e2a964cf33cd9_amd64"
},
"product_reference": "openshift4/ose-local-storage-static-provisioner@sha256:bcff1893ff84874958f43dd84a22f56f7648dfda34236f4ad87e2a964cf33cd9_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-metering-ansible-operator@sha256:7576005fb1ee5c89807a5c74c17a6beebdde06f39950d421354c8827e38dad37_amd64 as a component of Red Hat OpenShift Container Platform 4.8",
"product_id": "8Base-RHOSE-4.8:openshift4/ose-metering-ansible-operator@sha256:7576005fb1ee5c89807a5c74c17a6beebdde06f39950d421354c8827e38dad37_amd64"
},
"product_reference": "openshift4/ose-metering-ansible-operator@sha256:7576005fb1ee5c89807a5c74c17a6beebdde06f39950d421354c8827e38dad37_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-metering-hadoop@sha256:3a6ae11db1f9f60674295b5b9feebbc19e1c8318390a00dd1314f56adace118c_amd64 as a component of Red Hat OpenShift Container Platform 4.8",
"product_id": "8Base-RHOSE-4.8:openshift4/ose-metering-hadoop@sha256:3a6ae11db1f9f60674295b5b9feebbc19e1c8318390a00dd1314f56adace118c_amd64"
},
"product_reference": "openshift4/ose-metering-hadoop@sha256:3a6ae11db1f9f60674295b5b9feebbc19e1c8318390a00dd1314f56adace118c_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-metering-helm-container-rhel8@sha256:604d7a9033dd87cb30f0e9b35275432e0a6c7637e3cdf54c4710759e4f40ed18_s390x as a component of Red Hat OpenShift Container Platform 4.8",
"product_id": "8Base-RHOSE-4.8:openshift4/ose-metering-helm-container-rhel8@sha256:604d7a9033dd87cb30f0e9b35275432e0a6c7637e3cdf54c4710759e4f40ed18_s390x"
},
"product_reference": "openshift4/ose-metering-helm-container-rhel8@sha256:604d7a9033dd87cb30f0e9b35275432e0a6c7637e3cdf54c4710759e4f40ed18_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-metering-helm-container-rhel8@sha256:687162ae42b470a8fcfa409380f335265fe608bac5d3bc9511046cf4640f5017_ppc64le as a component of Red Hat OpenShift Container Platform 4.8",
"product_id": "8Base-RHOSE-4.8:openshift4/ose-metering-helm-container-rhel8@sha256:687162ae42b470a8fcfa409380f335265fe608bac5d3bc9511046cf4640f5017_ppc64le"
},
"product_reference": "openshift4/ose-metering-helm-container-rhel8@sha256:687162ae42b470a8fcfa409380f335265fe608bac5d3bc9511046cf4640f5017_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-metering-helm-container-rhel8@sha256:982bc5a04515bf30e88eff06b742ee4b0720d26b2039aef229e89ea52bc4322a_amd64 as a component of Red Hat OpenShift Container Platform 4.8",
"product_id": "8Base-RHOSE-4.8:openshift4/ose-metering-helm-container-rhel8@sha256:982bc5a04515bf30e88eff06b742ee4b0720d26b2039aef229e89ea52bc4322a_amd64"
},
"product_reference": "openshift4/ose-metering-helm-container-rhel8@sha256:982bc5a04515bf30e88eff06b742ee4b0720d26b2039aef229e89ea52bc4322a_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-metering-hive@sha256:5431d1a3f9f479600db352feee682ce8e31d9b1d62f7c06e7fe0138a1aca7044_amd64 as a component of Red Hat OpenShift Container Platform 4.8",
"product_id": "8Base-RHOSE-4.8:openshift4/ose-metering-hive@sha256:5431d1a3f9f479600db352feee682ce8e31d9b1d62f7c06e7fe0138a1aca7044_amd64"
},
"product_reference": "openshift4/ose-metering-hive@sha256:5431d1a3f9f479600db352feee682ce8e31d9b1d62f7c06e7fe0138a1aca7044_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-metering-presto@sha256:cd1d23fd5dff2a78fba377fbb3b1c63d922877af09f17e1c1f898eeaa4891c03_amd64 as a component of Red Hat OpenShift Container Platform 4.8",
"product_id": "8Base-RHOSE-4.8:openshift4/ose-metering-presto@sha256:cd1d23fd5dff2a78fba377fbb3b1c63d922877af09f17e1c1f898eeaa4891c03_amd64"
},
"product_reference": "openshift4/ose-metering-presto@sha256:cd1d23fd5dff2a78fba377fbb3b1c63d922877af09f17e1c1f898eeaa4891c03_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-metering-reporting-operator@sha256:5bcd150f1b2752413a16deb287e08250e357ce220216df626ad5a9086c16ce6e_amd64 as a component of Red Hat OpenShift Container Platform 4.8",
"product_id": "8Base-RHOSE-4.8:openshift4/ose-metering-reporting-operator@sha256:5bcd150f1b2752413a16deb287e08250e357ce220216df626ad5a9086c16ce6e_amd64"
},
"product_reference": "openshift4/ose-metering-reporting-operator@sha256:5bcd150f1b2752413a16deb287e08250e357ce220216df626ad5a9086c16ce6e_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-node-feature-discovery@sha256:6db511807c1e544de32eb9baba909766c53eac4a721852420c6aabc8de4b8684_ppc64le as a component of Red Hat OpenShift Container Platform 4.8",
"product_id": "8Base-RHOSE-4.8:openshift4/ose-node-feature-discovery@sha256:6db511807c1e544de32eb9baba909766c53eac4a721852420c6aabc8de4b8684_ppc64le"
},
"product_reference": "openshift4/ose-node-feature-discovery@sha256:6db511807c1e544de32eb9baba909766c53eac4a721852420c6aabc8de4b8684_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-node-feature-discovery@sha256:a2c9410fb28d810e26166c6d07af2885e4ac88ec73d95bf152da6e26e00f8086_s390x as a component of Red Hat OpenShift Container Platform 4.8",
"product_id": "8Base-RHOSE-4.8:openshift4/ose-node-feature-discovery@sha256:a2c9410fb28d810e26166c6d07af2885e4ac88ec73d95bf152da6e26e00f8086_s390x"
},
"product_reference": "openshift4/ose-node-feature-discovery@sha256:a2c9410fb28d810e26166c6d07af2885e4ac88ec73d95bf152da6e26e00f8086_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-node-feature-discovery@sha256:d66763784469579e744a627d49d9e125f0d6c69ac3542336fd28c73180af98bb_amd64 as a component of Red Hat OpenShift Container Platform 4.8",
"product_id": "8Base-RHOSE-4.8:openshift4/ose-node-feature-discovery@sha256:d66763784469579e744a627d49d9e125f0d6c69ac3542336fd28c73180af98bb_amd64"
},
"product_reference": "openshift4/ose-node-feature-discovery@sha256:d66763784469579e744a627d49d9e125f0d6c69ac3542336fd28c73180af98bb_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-node-problem-detector-rhel8@sha256:05c5fff8726da0dbd9270314bf227eda559969e5abcbabd25078fa7e4f1e99eb_ppc64le as a component of Red Hat OpenShift Container Platform 4.8",
"product_id": "8Base-RHOSE-4.8:openshift4/ose-node-problem-detector-rhel8@sha256:05c5fff8726da0dbd9270314bf227eda559969e5abcbabd25078fa7e4f1e99eb_ppc64le"
},
"product_reference": "openshift4/ose-node-problem-detector-rhel8@sha256:05c5fff8726da0dbd9270314bf227eda559969e5abcbabd25078fa7e4f1e99eb_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-node-problem-detector-rhel8@sha256:3fddde918aae7343b55fb4bdd8273d8a928030d95465cb4c699d92958761a7a1_amd64 as a component of Red Hat OpenShift Container Platform 4.8",
"product_id": "8Base-RHOSE-4.8:openshift4/ose-node-problem-detector-rhel8@sha256:3fddde918aae7343b55fb4bdd8273d8a928030d95465cb4c699d92958761a7a1_amd64"
},
"product_reference": "openshift4/ose-node-problem-detector-rhel8@sha256:3fddde918aae7343b55fb4bdd8273d8a928030d95465cb4c699d92958761a7a1_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-node-problem-detector-rhel8@sha256:5244cc96a46219c5ba7c1c52fd52c5c8a70d6534567caa47f01ed7fbc9a8e4e8_s390x as a component of Red Hat OpenShift Container Platform 4.8",
"product_id": "8Base-RHOSE-4.8:openshift4/ose-node-problem-detector-rhel8@sha256:5244cc96a46219c5ba7c1c52fd52c5c8a70d6534567caa47f01ed7fbc9a8e4e8_s390x"
},
"product_reference": "openshift4/ose-node-problem-detector-rhel8@sha256:5244cc96a46219c5ba7c1c52fd52c5c8a70d6534567caa47f01ed7fbc9a8e4e8_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-operator-sdk-rhel8@sha256:16080cfd97370db5530d0e58f87bfc2c9c784c2536ce3adc6a159f7ab9575ac9_ppc64le as a component of Red Hat OpenShift Container Platform 4.8",
"product_id": "8Base-RHOSE-4.8:openshift4/ose-operator-sdk-rhel8@sha256:16080cfd97370db5530d0e58f87bfc2c9c784c2536ce3adc6a159f7ab9575ac9_ppc64le"
},
"product_reference": "openshift4/ose-operator-sdk-rhel8@sha256:16080cfd97370db5530d0e58f87bfc2c9c784c2536ce3adc6a159f7ab9575ac9_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-operator-sdk-rhel8@sha256:7cb3e37cdab015a525dd1e7e9830c50d290ab64d939755aa733182fde5822282_s390x as a component of Red Hat OpenShift Container Platform 4.8",
"product_id": "8Base-RHOSE-4.8:openshift4/ose-operator-sdk-rhel8@sha256:7cb3e37cdab015a525dd1e7e9830c50d290ab64d939755aa733182fde5822282_s390x"
},
"product_reference": "openshift4/ose-operator-sdk-rhel8@sha256:7cb3e37cdab015a525dd1e7e9830c50d290ab64d939755aa733182fde5822282_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-operator-sdk-rhel8@sha256:7f191475c9dd43d6b40efd4b565bf677af22b1b654e0f5d8829b4831abc715d5_amd64 as a component of Red Hat OpenShift Container Platform 4.8",
"product_id": "8Base-RHOSE-4.8:openshift4/ose-operator-sdk-rhel8@sha256:7f191475c9dd43d6b40efd4b565bf677af22b1b654e0f5d8829b4831abc715d5_amd64"
},
"product_reference": "openshift4/ose-operator-sdk-rhel8@sha256:7f191475c9dd43d6b40efd4b565bf677af22b1b654e0f5d8829b4831abc715d5_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-ptp-operator@sha256:4217ce881595e87ceab2fa0cf973b0fc991e0ebf73f6d5b267aaaecc3a03ad88_ppc64le as a component of Red Hat OpenShift Container Platform 4.8",
"product_id": "8Base-RHOSE-4.8:openshift4/ose-ptp-operator@sha256:4217ce881595e87ceab2fa0cf973b0fc991e0ebf73f6d5b267aaaecc3a03ad88_ppc64le"
},
"product_reference": "openshift4/ose-ptp-operator@sha256:4217ce881595e87ceab2fa0cf973b0fc991e0ebf73f6d5b267aaaecc3a03ad88_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-ptp-operator@sha256:bb73adc511485987f4b20db03ef164ea82c28bf1fb3cf5c50ecaa3b8bd5e268f_amd64 as a component of Red Hat OpenShift Container Platform 4.8",
"product_id": "8Base-RHOSE-4.8:openshift4/ose-ptp-operator@sha256:bb73adc511485987f4b20db03ef164ea82c28bf1fb3cf5c50ecaa3b8bd5e268f_amd64"
},
"product_reference": "openshift4/ose-ptp-operator@sha256:bb73adc511485987f4b20db03ef164ea82c28bf1fb3cf5c50ecaa3b8bd5e268f_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-ptp-operator@sha256:d2e84963c0a4b8c4837c600dcd45a4ec85582dcb277cc5a342772cfaf37a02d6_s390x as a component of Red Hat OpenShift Container Platform 4.8",
"product_id": "8Base-RHOSE-4.8:openshift4/ose-ptp-operator@sha256:d2e84963c0a4b8c4837c600dcd45a4ec85582dcb277cc5a342772cfaf37a02d6_s390x"
},
"product_reference": "openshift4/ose-ptp-operator@sha256:d2e84963c0a4b8c4837c600dcd45a4ec85582dcb277cc5a342772cfaf37a02d6_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-ptp@sha256:3265800679156b9f4efebfe7f3d887ff804fa5eff6a33fcf4fdec96510a7d0a4_amd64 as a component of Red Hat OpenShift Container Platform 4.8",
"product_id": "8Base-RHOSE-4.8:openshift4/ose-ptp@sha256:3265800679156b9f4efebfe7f3d887ff804fa5eff6a33fcf4fdec96510a7d0a4_amd64"
},
"product_reference": "openshift4/ose-ptp@sha256:3265800679156b9f4efebfe7f3d887ff804fa5eff6a33fcf4fdec96510a7d0a4_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-ptp@sha256:50f1a02f7ddd5e78a607a2d87e1a1d87e6d40dbab914c81a4b7c926446ae7c3f_s390x as a component of Red Hat OpenShift Container Platform 4.8",
"product_id": "8Base-RHOSE-4.8:openshift4/ose-ptp@sha256:50f1a02f7ddd5e78a607a2d87e1a1d87e6d40dbab914c81a4b7c926446ae7c3f_s390x"
},
"product_reference": "openshift4/ose-ptp@sha256:50f1a02f7ddd5e78a607a2d87e1a1d87e6d40dbab914c81a4b7c926446ae7c3f_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-ptp@sha256:b72f280d30c133785e64681fbc8c9464c1d495815d066947a8904b6a1eac7554_ppc64le as a component of Red Hat OpenShift Container Platform 4.8",
"product_id": "8Base-RHOSE-4.8:openshift4/ose-ptp@sha256:b72f280d30c133785e64681fbc8c9464c1d495815d066947a8904b6a1eac7554_ppc64le"
},
"product_reference": "openshift4/ose-ptp@sha256:b72f280d30c133785e64681fbc8c9464c1d495815d066947a8904b6a1eac7554_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-service-idler-rhel8@sha256:748ff477aab34a52314b3a25c8bc7af0b79938e33c5b0b03d63c2be288884556_ppc64le as a component of Red Hat OpenShift Container Platform 4.8",
"product_id": "8Base-RHOSE-4.8:openshift4/ose-service-idler-rhel8@sha256:748ff477aab34a52314b3a25c8bc7af0b79938e33c5b0b03d63c2be288884556_ppc64le"
},
"product_reference": "openshift4/ose-service-idler-rhel8@sha256:748ff477aab34a52314b3a25c8bc7af0b79938e33c5b0b03d63c2be288884556_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-service-idler-rhel8@sha256:7655843623686ef2110b391115053ec888b3bfba3e93f7fa015a4ddf59a2c6e1_s390x as a component of Red Hat OpenShift Container Platform 4.8",
"product_id": "8Base-RHOSE-4.8:openshift4/ose-service-idler-rhel8@sha256:7655843623686ef2110b391115053ec888b3bfba3e93f7fa015a4ddf59a2c6e1_s390x"
},
"product_reference": "openshift4/ose-service-idler-rhel8@sha256:7655843623686ef2110b391115053ec888b3bfba3e93f7fa015a4ddf59a2c6e1_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-service-idler-rhel8@sha256:dbc79719030b91a0879a1646a677fe7858f8e6552c496cfd5025430e6672d3c3_amd64 as a component of Red Hat OpenShift Container Platform 4.8",
"product_id": "8Base-RHOSE-4.8:openshift4/ose-service-idler-rhel8@sha256:dbc79719030b91a0879a1646a677fe7858f8e6552c496cfd5025430e6672d3c3_amd64"
},
"product_reference": "openshift4/ose-service-idler-rhel8@sha256:dbc79719030b91a0879a1646a677fe7858f8e6552c496cfd5025430e6672d3c3_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-sriov-cni@sha256:128e08b126309830bece2d61b1095318a44fdb6437a1264a98922b92a9b56339_amd64 as a component of Red Hat OpenShift Container Platform 4.8",
"product_id": "8Base-RHOSE-4.8:openshift4/ose-sriov-cni@sha256:128e08b126309830bece2d61b1095318a44fdb6437a1264a98922b92a9b56339_amd64"
},
"product_reference": "openshift4/ose-sriov-cni@sha256:128e08b126309830bece2d61b1095318a44fdb6437a1264a98922b92a9b56339_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-sriov-cni@sha256:4ead46ef89a7fc3c96a27426f1594f9403abe2d149f1a06f4e8c23a1435793a0_ppc64le as a component of Red Hat OpenShift Container Platform 4.8",
"product_id": "8Base-RHOSE-4.8:openshift4/ose-sriov-cni@sha256:4ead46ef89a7fc3c96a27426f1594f9403abe2d149f1a06f4e8c23a1435793a0_ppc64le"
},
"product_reference": "openshift4/ose-sriov-cni@sha256:4ead46ef89a7fc3c96a27426f1594f9403abe2d149f1a06f4e8c23a1435793a0_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-sriov-cni@sha256:de25d1ab45eec3791e0429c14cd159c2cf0e06f60538eea58a3884ba8ec0c437_s390x as a component of Red Hat OpenShift Container Platform 4.8",
"product_id": "8Base-RHOSE-4.8:openshift4/ose-sriov-cni@sha256:de25d1ab45eec3791e0429c14cd159c2cf0e06f60538eea58a3884ba8ec0c437_s390x"
},
"product_reference": "openshift4/ose-sriov-cni@sha256:de25d1ab45eec3791e0429c14cd159c2cf0e06f60538eea58a3884ba8ec0c437_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-sriov-dp-admission-controller@sha256:035ee520fd3303409a8a622fbfdc092495705533e687afd5a507269ff2888672_s390x as a component of Red Hat OpenShift Container Platform 4.8",
"product_id": "8Base-RHOSE-4.8:openshift4/ose-sriov-dp-admission-controller@sha256:035ee520fd3303409a8a622fbfdc092495705533e687afd5a507269ff2888672_s390x"
},
"product_reference": "openshift4/ose-sriov-dp-admission-controller@sha256:035ee520fd3303409a8a622fbfdc092495705533e687afd5a507269ff2888672_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-sriov-dp-admission-controller@sha256:3740692124ba1131c412665eb689db7d1fc90bc96df32905efa4c81295834a1d_amd64 as a component of Red Hat OpenShift Container Platform 4.8",
"product_id": "8Base-RHOSE-4.8:openshift4/ose-sriov-dp-admission-controller@sha256:3740692124ba1131c412665eb689db7d1fc90bc96df32905efa4c81295834a1d_amd64"
},
"product_reference": "openshift4/ose-sriov-dp-admission-controller@sha256:3740692124ba1131c412665eb689db7d1fc90bc96df32905efa4c81295834a1d_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-sriov-dp-admission-controller@sha256:92fdeb3673145a77ff34decadc8a406cd05ce83afbbc848821717d2bc127f4db_ppc64le as a component of Red Hat OpenShift Container Platform 4.8",
"product_id": "8Base-RHOSE-4.8:openshift4/ose-sriov-dp-admission-controller@sha256:92fdeb3673145a77ff34decadc8a406cd05ce83afbbc848821717d2bc127f4db_ppc64le"
},
"product_reference": "openshift4/ose-sriov-dp-admission-controller@sha256:92fdeb3673145a77ff34decadc8a406cd05ce83afbbc848821717d2bc127f4db_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-sriov-infiniband-cni@sha256:4419994e773ba864245ad4763cecd5383e1782cf81f53977580ed5c70581a2a1_s390x as a component of Red Hat OpenShift Container Platform 4.8",
"product_id": "8Base-RHOSE-4.8:openshift4/ose-sriov-infiniband-cni@sha256:4419994e773ba864245ad4763cecd5383e1782cf81f53977580ed5c70581a2a1_s390x"
},
"product_reference": "openshift4/ose-sriov-infiniband-cni@sha256:4419994e773ba864245ad4763cecd5383e1782cf81f53977580ed5c70581a2a1_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-sriov-infiniband-cni@sha256:d3a01146298d996f4d5cc8114cb31c38fc332bbaa6056dbbc0c06580033df02f_ppc64le as a component of Red Hat OpenShift Container Platform 4.8",
"product_id": "8Base-RHOSE-4.8:openshift4/ose-sriov-infiniband-cni@sha256:d3a01146298d996f4d5cc8114cb31c38fc332bbaa6056dbbc0c06580033df02f_ppc64le"
},
"product_reference": "openshift4/ose-sriov-infiniband-cni@sha256:d3a01146298d996f4d5cc8114cb31c38fc332bbaa6056dbbc0c06580033df02f_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-sriov-infiniband-cni@sha256:e316ddfe57eb0f75f1d05f6b449f7f2746b345155729e037012d9081bcdfe11a_amd64 as a component of Red Hat OpenShift Container Platform 4.8",
"product_id": "8Base-RHOSE-4.8:openshift4/ose-sriov-infiniband-cni@sha256:e316ddfe57eb0f75f1d05f6b449f7f2746b345155729e037012d9081bcdfe11a_amd64"
},
"product_reference": "openshift4/ose-sriov-infiniband-cni@sha256:e316ddfe57eb0f75f1d05f6b449f7f2746b345155729e037012d9081bcdfe11a_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-sriov-network-config-daemon@sha256:5d684abc03e26dd161328261d5c4c05f18afb91b92bb2e9e3934f371f7ae5e9c_ppc64le as a component of Red Hat OpenShift Container Platform 4.8",
"product_id": "8Base-RHOSE-4.8:openshift4/ose-sriov-network-config-daemon@sha256:5d684abc03e26dd161328261d5c4c05f18afb91b92bb2e9e3934f371f7ae5e9c_ppc64le"
},
"product_reference": "openshift4/ose-sriov-network-config-daemon@sha256:5d684abc03e26dd161328261d5c4c05f18afb91b92bb2e9e3934f371f7ae5e9c_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-sriov-network-config-daemon@sha256:e2210baeb0be9422275445e978f4f2ca2813476f0fdc39b239b9edb4add588a0_amd64 as a component of Red Hat OpenShift Container Platform 4.8",
"product_id": "8Base-RHOSE-4.8:openshift4/ose-sriov-network-config-daemon@sha256:e2210baeb0be9422275445e978f4f2ca2813476f0fdc39b239b9edb4add588a0_amd64"
},
"product_reference": "openshift4/ose-sriov-network-config-daemon@sha256:e2210baeb0be9422275445e978f4f2ca2813476f0fdc39b239b9edb4add588a0_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-sriov-network-config-daemon@sha256:edee9914747f7b1a871dfbf8e0ada436fd853f9cb8b4f25bd6a3ae8f2d8b0851_s390x as a component of Red Hat OpenShift Container Platform 4.8",
"product_id": "8Base-RHOSE-4.8:openshift4/ose-sriov-network-config-daemon@sha256:edee9914747f7b1a871dfbf8e0ada436fd853f9cb8b4f25bd6a3ae8f2d8b0851_s390x"
},
"product_reference": "openshift4/ose-sriov-network-config-daemon@sha256:edee9914747f7b1a871dfbf8e0ada436fd853f9cb8b4f25bd6a3ae8f2d8b0851_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-sriov-network-device-plugin@sha256:7165575c0b49cf25bdafbb7390199d2a957322147fadfdce1401afc10dfcb37d_amd64 as a component of Red Hat OpenShift Container Platform 4.8",
"product_id": "8Base-RHOSE-4.8:openshift4/ose-sriov-network-device-plugin@sha256:7165575c0b49cf25bdafbb7390199d2a957322147fadfdce1401afc10dfcb37d_amd64"
},
"product_reference": "openshift4/ose-sriov-network-device-plugin@sha256:7165575c0b49cf25bdafbb7390199d2a957322147fadfdce1401afc10dfcb37d_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-sriov-network-device-plugin@sha256:d5567efab982e51026761e1cb5a120f2eed54033550cbac5c4b78620b5a775ce_s390x as a component of Red Hat OpenShift Container Platform 4.8",
"product_id": "8Base-RHOSE-4.8:openshift4/ose-sriov-network-device-plugin@sha256:d5567efab982e51026761e1cb5a120f2eed54033550cbac5c4b78620b5a775ce_s390x"
},
"product_reference": "openshift4/ose-sriov-network-device-plugin@sha256:d5567efab982e51026761e1cb5a120f2eed54033550cbac5c4b78620b5a775ce_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-sriov-network-device-plugin@sha256:f54ddc9b51cc0878cb4771c8b55bee97ed02b003395f19ef9500c91cceccf134_ppc64le as a component of Red Hat OpenShift Container Platform 4.8",
"product_id": "8Base-RHOSE-4.8:openshift4/ose-sriov-network-device-plugin@sha256:f54ddc9b51cc0878cb4771c8b55bee97ed02b003395f19ef9500c91cceccf134_ppc64le"
},
"product_reference": "openshift4/ose-sriov-network-device-plugin@sha256:f54ddc9b51cc0878cb4771c8b55bee97ed02b003395f19ef9500c91cceccf134_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-sriov-network-operator@sha256:34af2eab98fe5ead527de11fd495642f49e955e17064cc8cf1674b13b362efac_s390x as a component of Red Hat OpenShift Container Platform 4.8",
"product_id": "8Base-RHOSE-4.8:openshift4/ose-sriov-network-operator@sha256:34af2eab98fe5ead527de11fd495642f49e955e17064cc8cf1674b13b362efac_s390x"
},
"product_reference": "openshift4/ose-sriov-network-operator@sha256:34af2eab98fe5ead527de11fd495642f49e955e17064cc8cf1674b13b362efac_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-sriov-network-operator@sha256:53bd17fd25accba8ed846c3906bfc140851c43cab9e599103a6df559d89b8323_amd64 as a component of Red Hat OpenShift Container Platform 4.8",
"product_id": "8Base-RHOSE-4.8:openshift4/ose-sriov-network-operator@sha256:53bd17fd25accba8ed846c3906bfc140851c43cab9e599103a6df559d89b8323_amd64"
},
"product_reference": "openshift4/ose-sriov-network-operator@sha256:53bd17fd25accba8ed846c3906bfc140851c43cab9e599103a6df559d89b8323_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-sriov-network-operator@sha256:66ad156d2d59b0d47cedc94b9118e6e1107325ab5ba44375613f892d64d09956_ppc64le as a component of Red Hat OpenShift Container Platform 4.8",
"product_id": "8Base-RHOSE-4.8:openshift4/ose-sriov-network-operator@sha256:66ad156d2d59b0d47cedc94b9118e6e1107325ab5ba44375613f892d64d09956_ppc64le"
},
"product_reference": "openshift4/ose-sriov-network-operator@sha256:66ad156d2d59b0d47cedc94b9118e6e1107325ab5ba44375613f892d64d09956_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-sriov-network-webhook@sha256:3e648c0a96ae8024e5443782eb2afe8e3a2c716ee9dd20263fe3cad2d4c293dd_ppc64le as a component of Red Hat OpenShift Container Platform 4.8",
"product_id": "8Base-RHOSE-4.8:openshift4/ose-sriov-network-webhook@sha256:3e648c0a96ae8024e5443782eb2afe8e3a2c716ee9dd20263fe3cad2d4c293dd_ppc64le"
},
"product_reference": "openshift4/ose-sriov-network-webhook@sha256:3e648c0a96ae8024e5443782eb2afe8e3a2c716ee9dd20263fe3cad2d4c293dd_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-sriov-network-webhook@sha256:59dead9be2c8e873496653be6570c8aeffb1a9b420ba00200aae3506f1a1798e_s390x as a component of Red Hat OpenShift Container Platform 4.8",
"product_id": "8Base-RHOSE-4.8:openshift4/ose-sriov-network-webhook@sha256:59dead9be2c8e873496653be6570c8aeffb1a9b420ba00200aae3506f1a1798e_s390x"
},
"product_reference": "openshift4/ose-sriov-network-webhook@sha256:59dead9be2c8e873496653be6570c8aeffb1a9b420ba00200aae3506f1a1798e_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-sriov-network-webhook@sha256:e86bcdbfd6ac7e6cfb846d5a639a32f87f5500230044a8c299c28cfce1850f54_amd64 as a component of Red Hat OpenShift Container Platform 4.8",
"product_id": "8Base-RHOSE-4.8:openshift4/ose-sriov-network-webhook@sha256:e86bcdbfd6ac7e6cfb846d5a639a32f87f5500230044a8c299c28cfce1850f54_amd64"
},
"product_reference": "openshift4/ose-sriov-network-webhook@sha256:e86bcdbfd6ac7e6cfb846d5a639a32f87f5500230044a8c299c28cfce1850f54_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-sriov-operator-must-gather@sha256:92b3d9d0f17b66c8856e795745282d0cc856cd2c8bf66dfa3beb9b0675fa5e1d_ppc64le as a component of Red Hat OpenShift Container Platform 4.8",
"product_id": "8Base-RHOSE-4.8:openshift4/ose-sriov-operator-must-gather@sha256:92b3d9d0f17b66c8856e795745282d0cc856cd2c8bf66dfa3beb9b0675fa5e1d_ppc64le"
},
"product_reference": "openshift4/ose-sriov-operator-must-gather@sha256:92b3d9d0f17b66c8856e795745282d0cc856cd2c8bf66dfa3beb9b0675fa5e1d_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-sriov-operator-must-gather@sha256:baa3b6da137bc048f57d656f938c71d26e8240f4a5a7d99dab584a1662d19188_s390x as a component of Red Hat OpenShift Container Platform 4.8",
"product_id": "8Base-RHOSE-4.8:openshift4/ose-sriov-operator-must-gather@sha256:baa3b6da137bc048f57d656f938c71d26e8240f4a5a7d99dab584a1662d19188_s390x"
},
"product_reference": "openshift4/ose-sriov-operator-must-gather@sha256:baa3b6da137bc048f57d656f938c71d26e8240f4a5a7d99dab584a1662d19188_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-sriov-operator-must-gather@sha256:e8dc9605891487bf743f20225f2bff4add607946d9b97da24f06bc0a3a5c4b6d_amd64 as a component of Red Hat OpenShift Container Platform 4.8",
"product_id": "8Base-RHOSE-4.8:openshift4/ose-sriov-operator-must-gather@sha256:e8dc9605891487bf743f20225f2bff4add607946d9b97da24f06bc0a3a5c4b6d_amd64"
},
"product_reference": "openshift4/ose-sriov-operator-must-gather@sha256:e8dc9605891487bf743f20225f2bff4add607946d9b97da24f06bc0a3a5c4b6d_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:8894179aee32aea7d875499179bfc1783a1d81e052ee47499cb3b34ae7d4d18b_amd64 as a component of Red Hat OpenShift Container Platform 4.8",
"product_id": "8Base-RHOSE-4.8:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:8894179aee32aea7d875499179bfc1783a1d81e052ee47499cb3b34ae7d4d18b_amd64"
},
"product_reference": "openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:8894179aee32aea7d875499179bfc1783a1d81e052ee47499cb3b34ae7d4d18b_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:9e1d1bf31fa04b05b46e04cb564361ae8387fa06da5ec019a475a11ef7ff9358_ppc64le as a component of Red Hat OpenShift Container Platform 4.8",
"product_id": "8Base-RHOSE-4.8:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:9e1d1bf31fa04b05b46e04cb564361ae8387fa06da5ec019a475a11ef7ff9358_ppc64le"
},
"product_reference": "openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:9e1d1bf31fa04b05b46e04cb564361ae8387fa06da5ec019a475a11ef7ff9358_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:c1b1addb2f2a7c84de8e0c50e6015921bc5f8f19c6c3defe090fc643e2a59fc4_s390x as a component of Red Hat OpenShift Container Platform 4.8",
"product_id": "8Base-RHOSE-4.8:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:c1b1addb2f2a7c84de8e0c50e6015921bc5f8f19c6c3defe090fc643e2a59fc4_s390x"
},
"product_reference": "openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:c1b1addb2f2a7c84de8e0c50e6015921bc5f8f19c6c3defe090fc643e2a59fc4_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:5ff00e93833c3d916988979303e7bc0fe21b1da50ecbfbbf4d0545ef45b535ab_amd64 as a component of Red Hat OpenShift Container Platform 4.8",
"product_id": "8Base-RHOSE-4.8:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:5ff00e93833c3d916988979303e7bc0fe21b1da50ecbfbbf4d0545ef45b535ab_amd64"
},
"product_reference": "openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:5ff00e93833c3d916988979303e7bc0fe21b1da50ecbfbbf4d0545ef45b535ab_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:818f036319edf0d327b3d7b8c474e62181b645091bd78039f8af6bc9d06ec3c2_s390x as a component of Red Hat OpenShift Container Platform 4.8",
"product_id": "8Base-RHOSE-4.8:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:818f036319edf0d327b3d7b8c474e62181b645091bd78039f8af6bc9d06ec3c2_s390x"
},
"product_reference": "openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:818f036319edf0d327b3d7b8c474e62181b645091bd78039f8af6bc9d06ec3c2_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:a2ec2c2c86e2dbc1471758f25942d74489bf011bcc905d4e27edb38f57835ac3_ppc64le as a component of Red Hat OpenShift Container Platform 4.8",
"product_id": "8Base-RHOSE-4.8:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:a2ec2c2c86e2dbc1471758f25942d74489bf011bcc905d4e27edb38f57835ac3_ppc64le"
},
"product_reference": "openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:a2ec2c2c86e2dbc1471758f25942d74489bf011bcc905d4e27edb38f57835ac3_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ptp-must-gather-rhel8@sha256:16135e26bab08312237920621dfdda19de439cafa3496336a5bb036ba6aab810_s390x as a component of Red Hat OpenShift Container Platform 4.8",
"product_id": "8Base-RHOSE-4.8:openshift4/ptp-must-gather-rhel8@sha256:16135e26bab08312237920621dfdda19de439cafa3496336a5bb036ba6aab810_s390x"
},
"product_reference": "openshift4/ptp-must-gather-rhel8@sha256:16135e26bab08312237920621dfdda19de439cafa3496336a5bb036ba6aab810_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ptp-must-gather-rhel8@sha256:7e7c5e847bec122955563c7c2ed9de3d798155ea77ad13c528fdc173b817e811_amd64 as a component of Red Hat OpenShift Container Platform 4.8",
"product_id": "8Base-RHOSE-4.8:openshift4/ptp-must-gather-rhel8@sha256:7e7c5e847bec122955563c7c2ed9de3d798155ea77ad13c528fdc173b817e811_amd64"
},
"product_reference": "openshift4/ptp-must-gather-rhel8@sha256:7e7c5e847bec122955563c7c2ed9de3d798155ea77ad13c528fdc173b817e811_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ptp-must-gather-rhel8@sha256:94572c353a049edb1ebc935a73a15e78ef399b9f15f3bb9b8bf376f1b37dff87_ppc64le as a component of Red Hat OpenShift Container Platform 4.8",
"product_id": "8Base-RHOSE-4.8:openshift4/ptp-must-gather-rhel8@sha256:94572c353a049edb1ebc935a73a15e78ef399b9f15f3bb9b8bf376f1b37dff87_ppc64le"
},
"product_reference": "openshift4/ptp-must-gather-rhel8@sha256:94572c353a049edb1ebc935a73a15e78ef399b9f15f3bb9b8bf376f1b37dff87_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.8"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-44832",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2021-12-28T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHOSE-4.8:openshift4/kubernetes-nmstate-rhel8-operator@sha256:04af6b907f56fe1255345a4d5dd23908e6fe51b63da2d86812f0301f97b8abe8_ppc64le",
"8Base-RHOSE-4.8:openshift4/kubernetes-nmstate-rhel8-operator@sha256:401efb6b2a736bc00475df75c05178f2b5a01a917e416b166ba77b084984bbb0_s390x",
"8Base-RHOSE-4.8:openshift4/kubernetes-nmstate-rhel8-operator@sha256:bf92e1a223de2fe51d8e702f7bcd924e83378b99a249e76f1f8db7167a34e155_amd64",
"8Base-RHOSE-4.8:openshift4/ose-ansible-operator@sha256:16268bec56efd542c49bdd5ce8934d7edfe81ee2e11f716bfba09afda1096ccd_ppc64le",
"8Base-RHOSE-4.8:openshift4/ose-ansible-operator@sha256:317b636846f5a4da94b8a44eb87b9d34721da8b819debdcfecb726b8d74537c4_amd64",
"8Base-RHOSE-4.8:openshift4/ose-ansible-operator@sha256:678e89a0851566628a99981a5e395fc2a88936e5f1552a7f205e0c4dc4f34e58_s390x",
"8Base-RHOSE-4.8:openshift4/ose-cluster-capacity@sha256:29eb94fd8e5cf6bd471ed30b0cd1d7f647588c14c93a148f8f332cd21ee94542_ppc64le",
"8Base-RHOSE-4.8:openshift4/ose-cluster-capacity@sha256:91d7fad60dbc99ea4b1393d9f47de64d145dd3302b199edb7922efbc3a223c40_s390x",
"8Base-RHOSE-4.8:openshift4/ose-cluster-capacity@sha256:a8b224b9187b51c7b6251488f84bc86ec5e54bad0515c1516d6f535a2ad5a6d7_amd64",
"8Base-RHOSE-4.8:openshift4/ose-cluster-kube-descheduler-operator@sha256:24380dc5d13f84e5b3d35bcf6e183ab697a8b9f997c4808027dbe396a075e389_amd64",
"8Base-RHOSE-4.8:openshift4/ose-cluster-kube-descheduler-operator@sha256:4210a5b83b7a6dce2e8b5e9c74b2c2858b4441c7e7046dc1bc47d13bade5b344_s390x",
"8Base-RHOSE-4.8:openshift4/ose-cluster-kube-descheduler-operator@sha256:7de02a3794875b503787352cc1ba1774ca2bc48e717668323b135f2b4d03bab2_ppc64le",
"8Base-RHOSE-4.8:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:24380dc5d13f84e5b3d35bcf6e183ab697a8b9f997c4808027dbe396a075e389_amd64",
"8Base-RHOSE-4.8:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:4210a5b83b7a6dce2e8b5e9c74b2c2858b4441c7e7046dc1bc47d13bade5b344_s390x",
"8Base-RHOSE-4.8:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:7de02a3794875b503787352cc1ba1774ca2bc48e717668323b135f2b4d03bab2_ppc64le",
"8Base-RHOSE-4.8:openshift4/ose-cluster-nfd-operator@sha256:050f5694076ad7712ea486db9c3a6da60f14a6bcdefb93f09ae5a5d0d2350216_s390x",
"8Base-RHOSE-4.8:openshift4/ose-cluster-nfd-operator@sha256:3e804e2a87f3d4466ec45163ec1b8a7f5f8621a8dafba7359639319def652df7_amd64",
"8Base-RHOSE-4.8:openshift4/ose-cluster-nfd-operator@sha256:69325720dac7c66e759da3a932d6d11694b446809a2acd705bcd010662f119ac_ppc64le",
"8Base-RHOSE-4.8:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:a2b533899da262cc3dcdec64b353b4373c692c65795d092735110ffe14b1f405_s390x",
"8Base-RHOSE-4.8:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:e78a6496a8fe3bf67a1575cab28d8f9829ff2c9506cec53dc28cd08f1382641a_ppc64le",
"8Base-RHOSE-4.8:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:f426e6f2bbd416978f1bc731e061eb908cd34736180e92a6d76cbcc00d494ea0_amd64",
"8Base-RHOSE-4.8:openshift4/ose-clusterresourceoverride-rhel8@sha256:4361d04e51268ebc0048167a60b69b789b9e4158e819979a2996fc2a79a0183e_ppc64le",
"8Base-RHOSE-4.8:openshift4/ose-clusterresourceoverride-rhel8@sha256:7f80896dc1acc9d9af477d753e7fafe3d828e5b35fb123fda05c272c93efaae4_amd64",
"8Base-RHOSE-4.8:openshift4/ose-clusterresourceoverride-rhel8@sha256:862a2025b5f3a3e7569fe6fcdb08d008318daf7b7818dbff9bc571d053360ab1_s390x",
"8Base-RHOSE-4.8:openshift4/ose-descheduler@sha256:4f9de0b544a418c728d7921b031268687b315273256b1b964de87602b552f559_s390x",
"8Base-RHOSE-4.8:openshift4/ose-descheduler@sha256:b5ad38974bb046acc284d81615f89be45cc88ee94dd202715a84048ff666de39_ppc64le",
"8Base-RHOSE-4.8:openshift4/ose-descheduler@sha256:c646e3a5e81cff6f9e5fd0d590acff2a8ae1c0a36cb7bc5210f6285d8dc06817_amd64",
"8Base-RHOSE-4.8:openshift4/ose-egress-dns-proxy@sha256:45e93e144f0401c1b18a98864544e8e57439a5aae0937796a52cfbb5b5657620_ppc64le",
"8Base-RHOSE-4.8:openshift4/ose-egress-dns-proxy@sha256:7e578789946a853c299254cc9092f815c59333551fc7bcdf0cec4ee8bd0975f7_amd64",
"8Base-RHOSE-4.8:openshift4/ose-egress-dns-proxy@sha256:fa2b319dade615c79b26363fa35ff7519b890ceca1a316ba7b4a13ac2dfe3392_s390x",
"8Base-RHOSE-4.8:openshift4/ose-egress-http-proxy@sha256:26f61e722fc9110448b6c851d8c9e0e49c8d31ee6bbc678ea27767fe8351ad5b_amd64",
"8Base-RHOSE-4.8:openshift4/ose-egress-http-proxy@sha256:39a831a45748dfd91a1d20f68481fbc82bd3fefa4cb5ff87aab478770582de2f_s390x",
"8Base-RHOSE-4.8:openshift4/ose-egress-http-proxy@sha256:cef6c19c4b400e88a5231b626970ca205af002ae004f0e40c2bb5b3281abb44b_ppc64le",
"8Base-RHOSE-4.8:openshift4/ose-egress-router@sha256:4b3083b15eb27c5f3359498c3d76eab277f55264b1d1f50a560176e2cf471bde_ppc64le",
"8Base-RHOSE-4.8:openshift4/ose-egress-router@sha256:9c5ea6554b499063a4056685d22bc4b8e553bacbacd8f5b6c6c70029b7c691c2_amd64",
"8Base-RHOSE-4.8:openshift4/ose-egress-router@sha256:c8948bfb7437e445a58323c456979829d738f69d192b308af112793a44ece6be_s390x",
"8Base-RHOSE-4.8:openshift4/ose-ghostunnel@sha256:d24324d2a5f5db35706160389fd0504529847b610b67c946426dd2d5c580333c_amd64",
"8Base-RHOSE-4.8:openshift4/ose-helm-operator@sha256:2da0cd361bc6553072e88c8360dcf6d892ca6c3d34c98bdfa611105559373e98_ppc64le",
"8Base-RHOSE-4.8:openshift4/ose-helm-operator@sha256:aded3473d75a263d10d7f4f3db50366a00b1c592608c187f35e43dcf33d4cc92_s390x",
"8Base-RHOSE-4.8:openshift4/ose-helm-operator@sha256:df4243dbedfc6b134f48d8e839c859a55070dd816fcebf64da40f1ff86d1a6e8_amd64",
"8Base-RHOSE-4.8:openshift4/ose-kubernetes-nmstate-handler-rhel8@sha256:13d228ad69d3d76bd7af3eab87c2122016c29aca7930d83b7b084726ea62b3b6_amd64",
"8Base-RHOSE-4.8:openshift4/ose-kubernetes-nmstate-handler-rhel8@sha256:3a1ede2d5f064cdc9c3dcae93122e30fe6acb8962905ea739484840c028767eb_s390x",
"8Base-RHOSE-4.8:openshift4/ose-kubernetes-nmstate-handler-rhel8@sha256:6df1c3e3f99b59c1dcc1ba4bc50aef9638ec28eeb4a358316b6b5c5eb9ce1c1a_ppc64le",
"8Base-RHOSE-4.8:openshift4/ose-local-storage-diskmaker@sha256:4fb057e9824cccd554b9295e8c1b4cfc16ffb3eecc2211fa1e1a312f7a79c949_s390x",
"8Base-RHOSE-4.8:openshift4/ose-local-storage-diskmaker@sha256:5e7b1da76d30b757db38feef9ac254d1e36b04fe8d6ffab13ba147d0cff88974_ppc64le",
"8Base-RHOSE-4.8:openshift4/ose-local-storage-diskmaker@sha256:75bc3a0ac9201a825d2aaa1a8af28db620c40e95e25b5e1b6b3e00e507bccdcc_amd64",
"8Base-RHOSE-4.8:openshift4/ose-local-storage-mustgather-rhel8@sha256:06a330662e9a8f5aeae9ae9f85db9f25d8b96821f86437a9198ef626979b9b23_amd64",
"8Base-RHOSE-4.8:openshift4/ose-local-storage-mustgather-rhel8@sha256:7aa0f9ceaa8663081cf19d8a2c689d6356d467ce5ccfb1a6140101f5a47973b6_s390x",
"8Base-RHOSE-4.8:openshift4/ose-local-storage-mustgather-rhel8@sha256:b83bc8b9652ca1d2ff55733ba68f8eaca1542e5318b6860935d12244b240a3f2_ppc64le",
"8Base-RHOSE-4.8:openshift4/ose-local-storage-operator@sha256:1867e7f843577448af26b84cdfb7489b295c5db3eb0faa1eac334b491bf96848_ppc64le",
"8Base-RHOSE-4.8:openshift4/ose-local-storage-operator@sha256:8bf7c9546ffbab5678776abe5a25460f3ffdc166ffbfb65f4a674bac26e0dfae_amd64",
"8Base-RHOSE-4.8:openshift4/ose-local-storage-operator@sha256:b0ca8c3ea4511b5255ef9638f01fefaa6f2e93400a0409360c81d26e8ef8f493_s390x",
"8Base-RHOSE-4.8:openshift4/ose-local-storage-static-provisioner@sha256:030c266a9d55bd63d837fae36a1550a2607e684e8ccfd78fb229b2a028d8897f_ppc64le",
"8Base-RHOSE-4.8:openshift4/ose-local-storage-static-provisioner@sha256:2365ccb37a8f91f4ce8c0681e304f98f9468ccd3e7e9cb6bfe7e7179cdad9998_s390x",
"8Base-RHOSE-4.8:openshift4/ose-local-storage-static-provisioner@sha256:bcff1893ff84874958f43dd84a22f56f7648dfda34236f4ad87e2a964cf33cd9_amd64",
"8Base-RHOSE-4.8:openshift4/ose-metering-ansible-operator@sha256:7576005fb1ee5c89807a5c74c17a6beebdde06f39950d421354c8827e38dad37_amd64",
"8Base-RHOSE-4.8:openshift4/ose-metering-hadoop@sha256:3a6ae11db1f9f60674295b5b9feebbc19e1c8318390a00dd1314f56adace118c_amd64",
"8Base-RHOSE-4.8:openshift4/ose-metering-helm-container-rhel8@sha256:604d7a9033dd87cb30f0e9b35275432e0a6c7637e3cdf54c4710759e4f40ed18_s390x",
"8Base-RHOSE-4.8:openshift4/ose-metering-helm-container-rhel8@sha256:687162ae42b470a8fcfa409380f335265fe608bac5d3bc9511046cf4640f5017_ppc64le",
"8Base-RHOSE-4.8:openshift4/ose-metering-helm-container-rhel8@sha256:982bc5a04515bf30e88eff06b742ee4b0720d26b2039aef229e89ea52bc4322a_amd64",
"8Base-RHOSE-4.8:openshift4/ose-metering-reporting-operator@sha256:5bcd150f1b2752413a16deb287e08250e357ce220216df626ad5a9086c16ce6e_amd64",
"8Base-RHOSE-4.8:openshift4/ose-node-feature-discovery@sha256:6db511807c1e544de32eb9baba909766c53eac4a721852420c6aabc8de4b8684_ppc64le",
"8Base-RHOSE-4.8:openshift4/ose-node-feature-discovery@sha256:a2c9410fb28d810e26166c6d07af2885e4ac88ec73d95bf152da6e26e00f8086_s390x",
"8Base-RHOSE-4.8:openshift4/ose-node-feature-discovery@sha256:d66763784469579e744a627d49d9e125f0d6c69ac3542336fd28c73180af98bb_amd64",
"8Base-RHOSE-4.8:openshift4/ose-node-problem-detector-rhel8@sha256:05c5fff8726da0dbd9270314bf227eda559969e5abcbabd25078fa7e4f1e99eb_ppc64le",
"8Base-RHOSE-4.8:openshift4/ose-node-problem-detector-rhel8@sha256:3fddde918aae7343b55fb4bdd8273d8a928030d95465cb4c699d92958761a7a1_amd64",
"8Base-RHOSE-4.8:openshift4/ose-node-problem-detector-rhel8@sha256:5244cc96a46219c5ba7c1c52fd52c5c8a70d6534567caa47f01ed7fbc9a8e4e8_s390x",
"8Base-RHOSE-4.8:openshift4/ose-operator-sdk-rhel8@sha256:16080cfd97370db5530d0e58f87bfc2c9c784c2536ce3adc6a159f7ab9575ac9_ppc64le",
"8Base-RHOSE-4.8:openshift4/ose-operator-sdk-rhel8@sha256:7cb3e37cdab015a525dd1e7e9830c50d290ab64d939755aa733182fde5822282_s390x",
"8Base-RHOSE-4.8:openshift4/ose-operator-sdk-rhel8@sha256:7f191475c9dd43d6b40efd4b565bf677af22b1b654e0f5d8829b4831abc715d5_amd64",
"8Base-RHOSE-4.8:openshift4/ose-ptp-operator@sha256:4217ce881595e87ceab2fa0cf973b0fc991e0ebf73f6d5b267aaaecc3a03ad88_ppc64le",
"8Base-RHOSE-4.8:openshift4/ose-ptp-operator@sha256:bb73adc511485987f4b20db03ef164ea82c28bf1fb3cf5c50ecaa3b8bd5e268f_amd64",
"8Base-RHOSE-4.8:openshift4/ose-ptp-operator@sha256:d2e84963c0a4b8c4837c600dcd45a4ec85582dcb277cc5a342772cfaf37a02d6_s390x",
"8Base-RHOSE-4.8:openshift4/ose-ptp@sha256:3265800679156b9f4efebfe7f3d887ff804fa5eff6a33fcf4fdec96510a7d0a4_amd64",
"8Base-RHOSE-4.8:openshift4/ose-ptp@sha256:50f1a02f7ddd5e78a607a2d87e1a1d87e6d40dbab914c81a4b7c926446ae7c3f_s390x",
"8Base-RHOSE-4.8:openshift4/ose-ptp@sha256:b72f280d30c133785e64681fbc8c9464c1d495815d066947a8904b6a1eac7554_ppc64le",
"8Base-RHOSE-4.8:openshift4/ose-service-idler-rhel8@sha256:748ff477aab34a52314b3a25c8bc7af0b79938e33c5b0b03d63c2be288884556_ppc64le",
"8Base-RHOSE-4.8:openshift4/ose-service-idler-rhel8@sha256:7655843623686ef2110b391115053ec888b3bfba3e93f7fa015a4ddf59a2c6e1_s390x",
"8Base-RHOSE-4.8:openshift4/ose-service-idler-rhel8@sha256:dbc79719030b91a0879a1646a677fe7858f8e6552c496cfd5025430e6672d3c3_amd64",
"8Base-RHOSE-4.8:openshift4/ose-sriov-cni@sha256:128e08b126309830bece2d61b1095318a44fdb6437a1264a98922b92a9b56339_amd64",
"8Base-RHOSE-4.8:openshift4/ose-sriov-cni@sha256:4ead46ef89a7fc3c96a27426f1594f9403abe2d149f1a06f4e8c23a1435793a0_ppc64le",
"8Base-RHOSE-4.8:openshift4/ose-sriov-cni@sha256:de25d1ab45eec3791e0429c14cd159c2cf0e06f60538eea58a3884ba8ec0c437_s390x",
"8Base-RHOSE-4.8:openshift4/ose-sriov-dp-admission-controller@sha256:035ee520fd3303409a8a622fbfdc092495705533e687afd5a507269ff2888672_s390x",
"8Base-RHOSE-4.8:openshift4/ose-sriov-dp-admission-controller@sha256:3740692124ba1131c412665eb689db7d1fc90bc96df32905efa4c81295834a1d_amd64",
"8Base-RHOSE-4.8:openshift4/ose-sriov-dp-admission-controller@sha256:92fdeb3673145a77ff34decadc8a406cd05ce83afbbc848821717d2bc127f4db_ppc64le",
"8Base-RHOSE-4.8:openshift4/ose-sriov-infiniband-cni@sha256:4419994e773ba864245ad4763cecd5383e1782cf81f53977580ed5c70581a2a1_s390x",
"8Base-RHOSE-4.8:openshift4/ose-sriov-infiniband-cni@sha256:d3a01146298d996f4d5cc8114cb31c38fc332bbaa6056dbbc0c06580033df02f_ppc64le",
"8Base-RHOSE-4.8:openshift4/ose-sriov-infiniband-cni@sha256:e316ddfe57eb0f75f1d05f6b449f7f2746b345155729e037012d9081bcdfe11a_amd64",
"8Base-RHOSE-4.8:openshift4/ose-sriov-network-config-daemon@sha256:5d684abc03e26dd161328261d5c4c05f18afb91b92bb2e9e3934f371f7ae5e9c_ppc64le",
"8Base-RHOSE-4.8:openshift4/ose-sriov-network-config-daemon@sha256:e2210baeb0be9422275445e978f4f2ca2813476f0fdc39b239b9edb4add588a0_amd64",
"8Base-RHOSE-4.8:openshift4/ose-sriov-network-config-daemon@sha256:edee9914747f7b1a871dfbf8e0ada436fd853f9cb8b4f25bd6a3ae8f2d8b0851_s390x",
"8Base-RHOSE-4.8:openshift4/ose-sriov-network-device-plugin@sha256:7165575c0b49cf25bdafbb7390199d2a957322147fadfdce1401afc10dfcb37d_amd64",
"8Base-RHOSE-4.8:openshift4/ose-sriov-network-device-plugin@sha256:d5567efab982e51026761e1cb5a120f2eed54033550cbac5c4b78620b5a775ce_s390x",
"8Base-RHOSE-4.8:openshift4/ose-sriov-network-device-plugin@sha256:f54ddc9b51cc0878cb4771c8b55bee97ed02b003395f19ef9500c91cceccf134_ppc64le",
"8Base-RHOSE-4.8:openshift4/ose-sriov-network-operator@sha256:34af2eab98fe5ead527de11fd495642f49e955e17064cc8cf1674b13b362efac_s390x",
"8Base-RHOSE-4.8:openshift4/ose-sriov-network-operator@sha256:53bd17fd25accba8ed846c3906bfc140851c43cab9e599103a6df559d89b8323_amd64",
"8Base-RHOSE-4.8:openshift4/ose-sriov-network-operator@sha256:66ad156d2d59b0d47cedc94b9118e6e1107325ab5ba44375613f892d64d09956_ppc64le",
"8Base-RHOSE-4.8:openshift4/ose-sriov-network-webhook@sha256:3e648c0a96ae8024e5443782eb2afe8e3a2c716ee9dd20263fe3cad2d4c293dd_ppc64le",
"8Base-RHOSE-4.8:openshift4/ose-sriov-network-webhook@sha256:59dead9be2c8e873496653be6570c8aeffb1a9b420ba00200aae3506f1a1798e_s390x",
"8Base-RHOSE-4.8:openshift4/ose-sriov-network-webhook@sha256:e86bcdbfd6ac7e6cfb846d5a639a32f87f5500230044a8c299c28cfce1850f54_amd64",
"8Base-RHOSE-4.8:openshift4/ose-sriov-operator-must-gather@sha256:92b3d9d0f17b66c8856e795745282d0cc856cd2c8bf66dfa3beb9b0675fa5e1d_ppc64le",
"8Base-RHOSE-4.8:openshift4/ose-sriov-operator-must-gather@sha256:baa3b6da137bc048f57d656f938c71d26e8240f4a5a7d99dab584a1662d19188_s390x",
"8Base-RHOSE-4.8:openshift4/ose-sriov-operator-must-gather@sha256:e8dc9605891487bf743f20225f2bff4add607946d9b97da24f06bc0a3a5c4b6d_amd64",
"8Base-RHOSE-4.8:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:8894179aee32aea7d875499179bfc1783a1d81e052ee47499cb3b34ae7d4d18b_amd64",
"8Base-RHOSE-4.8:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:9e1d1bf31fa04b05b46e04cb564361ae8387fa06da5ec019a475a11ef7ff9358_ppc64le",
"8Base-RHOSE-4.8:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:c1b1addb2f2a7c84de8e0c50e6015921bc5f8f19c6c3defe090fc643e2a59fc4_s390x",
"8Base-RHOSE-4.8:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:5ff00e93833c3d916988979303e7bc0fe21b1da50ecbfbbf4d0545ef45b535ab_amd64",
"8Base-RHOSE-4.8:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:818f036319edf0d327b3d7b8c474e62181b645091bd78039f8af6bc9d06ec3c2_s390x",
"8Base-RHOSE-4.8:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:a2ec2c2c86e2dbc1471758f25942d74489bf011bcc905d4e27edb38f57835ac3_ppc64le",
"8Base-RHOSE-4.8:openshift4/ptp-must-gather-rhel8@sha256:16135e26bab08312237920621dfdda19de439cafa3496336a5bb036ba6aab810_s390x",
"8Base-RHOSE-4.8:openshift4/ptp-must-gather-rhel8@sha256:7e7c5e847bec122955563c7c2ed9de3d798155ea77ad13c528fdc173b817e811_amd64",
"8Base-RHOSE-4.8:openshift4/ptp-must-gather-rhel8@sha256:94572c353a049edb1ebc935a73a15e78ef399b9f15f3bb9b8bf376f1b37dff87_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2035951"
}
],
"notes": [
{
"category": "description",
"text": "Apache Log4j2 versions 2.0-beta7 through 2.17.0 (excluding security fix releases 2.3.2 and 2.12.4) are vulnerable to a remote code execution (RCE) attack where an attacker with permission to modify the logging configuration file can construct a malicious configuration using a JDBC Appender with a data source referencing a JNDI URI which can execute remote code. This issue is fixed by limiting JNDI data source names to the java protocol in Log4j2 versions 2.17.1, 2.12.4, and 2.3.2.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "log4j-core: remote code execution via JDBC Appender",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Log4j 1.x is not impacted by this vulnerability. Therefore versions of log4j shipped with Red Hat Enterprise Linux are NOT affected by this flaw.\n\nFor Elasticsearch, as shipped in OpenShift Container Platform and OpenShift Logging, access to the log4j2.properties configuration is limited only to the cluster administrators and exploitation requires cluster logging changes, what reduced the impact of this vulnerability significantly [0].\n\n[0] https://discuss.elastic.co/t/apache-log4j2-remote-code-execution-rce-vulnerability-cve-2021-44228-esa-2021-31/291476#update-jan-6-5",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-4.8:openshift4/ose-metering-hive@sha256:5431d1a3f9f479600db352feee682ce8e31d9b1d62f7c06e7fe0138a1aca7044_amd64",
"8Base-RHOSE-4.8:openshift4/ose-metering-presto@sha256:cd1d23fd5dff2a78fba377fbb3b1c63d922877af09f17e1c1f898eeaa4891c03_amd64"
],
"known_not_affected": [
"8Base-RHOSE-4.8:openshift4/kubernetes-nmstate-rhel8-operator@sha256:04af6b907f56fe1255345a4d5dd23908e6fe51b63da2d86812f0301f97b8abe8_ppc64le",
"8Base-RHOSE-4.8:openshift4/kubernetes-nmstate-rhel8-operator@sha256:401efb6b2a736bc00475df75c05178f2b5a01a917e416b166ba77b084984bbb0_s390x",
"8Base-RHOSE-4.8:openshift4/kubernetes-nmstate-rhel8-operator@sha256:bf92e1a223de2fe51d8e702f7bcd924e83378b99a249e76f1f8db7167a34e155_amd64",
"8Base-RHOSE-4.8:openshift4/ose-ansible-operator@sha256:16268bec56efd542c49bdd5ce8934d7edfe81ee2e11f716bfba09afda1096ccd_ppc64le",
"8Base-RHOSE-4.8:openshift4/ose-ansible-operator@sha256:317b636846f5a4da94b8a44eb87b9d34721da8b819debdcfecb726b8d74537c4_amd64",
"8Base-RHOSE-4.8:openshift4/ose-ansible-operator@sha256:678e89a0851566628a99981a5e395fc2a88936e5f1552a7f205e0c4dc4f34e58_s390x",
"8Base-RHOSE-4.8:openshift4/ose-cluster-capacity@sha256:29eb94fd8e5cf6bd471ed30b0cd1d7f647588c14c93a148f8f332cd21ee94542_ppc64le",
"8Base-RHOSE-4.8:openshift4/ose-cluster-capacity@sha256:91d7fad60dbc99ea4b1393d9f47de64d145dd3302b199edb7922efbc3a223c40_s390x",
"8Base-RHOSE-4.8:openshift4/ose-cluster-capacity@sha256:a8b224b9187b51c7b6251488f84bc86ec5e54bad0515c1516d6f535a2ad5a6d7_amd64",
"8Base-RHOSE-4.8:openshift4/ose-cluster-kube-descheduler-operator@sha256:24380dc5d13f84e5b3d35bcf6e183ab697a8b9f997c4808027dbe396a075e389_amd64",
"8Base-RHOSE-4.8:openshift4/ose-cluster-kube-descheduler-operator@sha256:4210a5b83b7a6dce2e8b5e9c74b2c2858b4441c7e7046dc1bc47d13bade5b344_s390x",
"8Base-RHOSE-4.8:openshift4/ose-cluster-kube-descheduler-operator@sha256:7de02a3794875b503787352cc1ba1774ca2bc48e717668323b135f2b4d03bab2_ppc64le",
"8Base-RHOSE-4.8:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:24380dc5d13f84e5b3d35bcf6e183ab697a8b9f997c4808027dbe396a075e389_amd64",
"8Base-RHOSE-4.8:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:4210a5b83b7a6dce2e8b5e9c74b2c2858b4441c7e7046dc1bc47d13bade5b344_s390x",
"8Base-RHOSE-4.8:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:7de02a3794875b503787352cc1ba1774ca2bc48e717668323b135f2b4d03bab2_ppc64le",
"8Base-RHOSE-4.8:openshift4/ose-cluster-nfd-operator@sha256:050f5694076ad7712ea486db9c3a6da60f14a6bcdefb93f09ae5a5d0d2350216_s390x",
"8Base-RHOSE-4.8:openshift4/ose-cluster-nfd-operator@sha256:3e804e2a87f3d4466ec45163ec1b8a7f5f8621a8dafba7359639319def652df7_amd64",
"8Base-RHOSE-4.8:openshift4/ose-cluster-nfd-operator@sha256:69325720dac7c66e759da3a932d6d11694b446809a2acd705bcd010662f119ac_ppc64le",
"8Base-RHOSE-4.8:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:a2b533899da262cc3dcdec64b353b4373c692c65795d092735110ffe14b1f405_s390x",
"8Base-RHOSE-4.8:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:e78a6496a8fe3bf67a1575cab28d8f9829ff2c9506cec53dc28cd08f1382641a_ppc64le",
"8Base-RHOSE-4.8:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:f426e6f2bbd416978f1bc731e061eb908cd34736180e92a6d76cbcc00d494ea0_amd64",
"8Base-RHOSE-4.8:openshift4/ose-clusterresourceoverride-rhel8@sha256:4361d04e51268ebc0048167a60b69b789b9e4158e819979a2996fc2a79a0183e_ppc64le",
"8Base-RHOSE-4.8:openshift4/ose-clusterresourceoverride-rhel8@sha256:7f80896dc1acc9d9af477d753e7fafe3d828e5b35fb123fda05c272c93efaae4_amd64",
"8Base-RHOSE-4.8:openshift4/ose-clusterresourceoverride-rhel8@sha256:862a2025b5f3a3e7569fe6fcdb08d008318daf7b7818dbff9bc571d053360ab1_s390x",
"8Base-RHOSE-4.8:openshift4/ose-descheduler@sha256:4f9de0b544a418c728d7921b031268687b315273256b1b964de87602b552f559_s390x",
"8Base-RHOSE-4.8:openshift4/ose-descheduler@sha256:b5ad38974bb046acc284d81615f89be45cc88ee94dd202715a84048ff666de39_ppc64le",
"8Base-RHOSE-4.8:openshift4/ose-descheduler@sha256:c646e3a5e81cff6f9e5fd0d590acff2a8ae1c0a36cb7bc5210f6285d8dc06817_amd64",
"8Base-RHOSE-4.8:openshift4/ose-egress-dns-proxy@sha256:45e93e144f0401c1b18a98864544e8e57439a5aae0937796a52cfbb5b5657620_ppc64le",
"8Base-RHOSE-4.8:openshift4/ose-egress-dns-proxy@sha256:7e578789946a853c299254cc9092f815c59333551fc7bcdf0cec4ee8bd0975f7_amd64",
"8Base-RHOSE-4.8:openshift4/ose-egress-dns-proxy@sha256:fa2b319dade615c79b26363fa35ff7519b890ceca1a316ba7b4a13ac2dfe3392_s390x",
"8Base-RHOSE-4.8:openshift4/ose-egress-http-proxy@sha256:26f61e722fc9110448b6c851d8c9e0e49c8d31ee6bbc678ea27767fe8351ad5b_amd64",
"8Base-RHOSE-4.8:openshift4/ose-egress-http-proxy@sha256:39a831a45748dfd91a1d20f68481fbc82bd3fefa4cb5ff87aab478770582de2f_s390x",
"8Base-RHOSE-4.8:openshift4/ose-egress-http-proxy@sha256:cef6c19c4b400e88a5231b626970ca205af002ae004f0e40c2bb5b3281abb44b_ppc64le",
"8Base-RHOSE-4.8:openshift4/ose-egress-router@sha256:4b3083b15eb27c5f3359498c3d76eab277f55264b1d1f50a560176e2cf471bde_ppc64le",
"8Base-RHOSE-4.8:openshift4/ose-egress-router@sha256:9c5ea6554b499063a4056685d22bc4b8e553bacbacd8f5b6c6c70029b7c691c2_amd64",
"8Base-RHOSE-4.8:openshift4/ose-egress-router@sha256:c8948bfb7437e445a58323c456979829d738f69d192b308af112793a44ece6be_s390x",
"8Base-RHOSE-4.8:openshift4/ose-ghostunnel@sha256:d24324d2a5f5db35706160389fd0504529847b610b67c946426dd2d5c580333c_amd64",
"8Base-RHOSE-4.8:openshift4/ose-helm-operator@sha256:2da0cd361bc6553072e88c8360dcf6d892ca6c3d34c98bdfa611105559373e98_ppc64le",
"8Base-RHOSE-4.8:openshift4/ose-helm-operator@sha256:aded3473d75a263d10d7f4f3db50366a00b1c592608c187f35e43dcf33d4cc92_s390x",
"8Base-RHOSE-4.8:openshift4/ose-helm-operator@sha256:df4243dbedfc6b134f48d8e839c859a55070dd816fcebf64da40f1ff86d1a6e8_amd64",
"8Base-RHOSE-4.8:openshift4/ose-kubernetes-nmstate-handler-rhel8@sha256:13d228ad69d3d76bd7af3eab87c2122016c29aca7930d83b7b084726ea62b3b6_amd64",
"8Base-RHOSE-4.8:openshift4/ose-kubernetes-nmstate-handler-rhel8@sha256:3a1ede2d5f064cdc9c3dcae93122e30fe6acb8962905ea739484840c028767eb_s390x",
"8Base-RHOSE-4.8:openshift4/ose-kubernetes-nmstate-handler-rhel8@sha256:6df1c3e3f99b59c1dcc1ba4bc50aef9638ec28eeb4a358316b6b5c5eb9ce1c1a_ppc64le",
"8Base-RHOSE-4.8:openshift4/ose-local-storage-diskmaker@sha256:4fb057e9824cccd554b9295e8c1b4cfc16ffb3eecc2211fa1e1a312f7a79c949_s390x",
"8Base-RHOSE-4.8:openshift4/ose-local-storage-diskmaker@sha256:5e7b1da76d30b757db38feef9ac254d1e36b04fe8d6ffab13ba147d0cff88974_ppc64le",
"8Base-RHOSE-4.8:openshift4/ose-local-storage-diskmaker@sha256:75bc3a0ac9201a825d2aaa1a8af28db620c40e95e25b5e1b6b3e00e507bccdcc_amd64",
"8Base-RHOSE-4.8:openshift4/ose-local-storage-mustgather-rhel8@sha256:06a330662e9a8f5aeae9ae9f85db9f25d8b96821f86437a9198ef626979b9b23_amd64",
"8Base-RHOSE-4.8:openshift4/ose-local-storage-mustgather-rhel8@sha256:7aa0f9ceaa8663081cf19d8a2c689d6356d467ce5ccfb1a6140101f5a47973b6_s390x",
"8Base-RHOSE-4.8:openshift4/ose-local-storage-mustgather-rhel8@sha256:b83bc8b9652ca1d2ff55733ba68f8eaca1542e5318b6860935d12244b240a3f2_ppc64le",
"8Base-RHOSE-4.8:openshift4/ose-local-storage-operator@sha256:1867e7f843577448af26b84cdfb7489b295c5db3eb0faa1eac334b491bf96848_ppc64le",
"8Base-RHOSE-4.8:openshift4/ose-local-storage-operator@sha256:8bf7c9546ffbab5678776abe5a25460f3ffdc166ffbfb65f4a674bac26e0dfae_amd64",
"8Base-RHOSE-4.8:openshift4/ose-local-storage-operator@sha256:b0ca8c3ea4511b5255ef9638f01fefaa6f2e93400a0409360c81d26e8ef8f493_s390x",
"8Base-RHOSE-4.8:openshift4/ose-local-storage-static-provisioner@sha256:030c266a9d55bd63d837fae36a1550a2607e684e8ccfd78fb229b2a028d8897f_ppc64le",
"8Base-RHOSE-4.8:openshift4/ose-local-storage-static-provisioner@sha256:2365ccb37a8f91f4ce8c0681e304f98f9468ccd3e7e9cb6bfe7e7179cdad9998_s390x",
"8Base-RHOSE-4.8:openshift4/ose-local-storage-static-provisioner@sha256:bcff1893ff84874958f43dd84a22f56f7648dfda34236f4ad87e2a964cf33cd9_amd64",
"8Base-RHOSE-4.8:openshift4/ose-metering-ansible-operator@sha256:7576005fb1ee5c89807a5c74c17a6beebdde06f39950d421354c8827e38dad37_amd64",
"8Base-RHOSE-4.8:openshift4/ose-metering-hadoop@sha256:3a6ae11db1f9f60674295b5b9feebbc19e1c8318390a00dd1314f56adace118c_amd64",
"8Base-RHOSE-4.8:openshift4/ose-metering-helm-container-rhel8@sha256:604d7a9033dd87cb30f0e9b35275432e0a6c7637e3cdf54c4710759e4f40ed18_s390x",
"8Base-RHOSE-4.8:openshift4/ose-metering-helm-container-rhel8@sha256:687162ae42b470a8fcfa409380f335265fe608bac5d3bc9511046cf4640f5017_ppc64le",
"8Base-RHOSE-4.8:openshift4/ose-metering-helm-container-rhel8@sha256:982bc5a04515bf30e88eff06b742ee4b0720d26b2039aef229e89ea52bc4322a_amd64",
"8Base-RHOSE-4.8:openshift4/ose-metering-reporting-operator@sha256:5bcd150f1b2752413a16deb287e08250e357ce220216df626ad5a9086c16ce6e_amd64",
"8Base-RHOSE-4.8:openshift4/ose-node-feature-discovery@sha256:6db511807c1e544de32eb9baba909766c53eac4a721852420c6aabc8de4b8684_ppc64le",
"8Base-RHOSE-4.8:openshift4/ose-node-feature-discovery@sha256:a2c9410fb28d810e26166c6d07af2885e4ac88ec73d95bf152da6e26e00f8086_s390x",
"8Base-RHOSE-4.8:openshift4/ose-node-feature-discovery@sha256:d66763784469579e744a627d49d9e125f0d6c69ac3542336fd28c73180af98bb_amd64",
"8Base-RHOSE-4.8:openshift4/ose-node-problem-detector-rhel8@sha256:05c5fff8726da0dbd9270314bf227eda559969e5abcbabd25078fa7e4f1e99eb_ppc64le",
"8Base-RHOSE-4.8:openshift4/ose-node-problem-detector-rhel8@sha256:3fddde918aae7343b55fb4bdd8273d8a928030d95465cb4c699d92958761a7a1_amd64",
"8Base-RHOSE-4.8:openshift4/ose-node-problem-detector-rhel8@sha256:5244cc96a46219c5ba7c1c52fd52c5c8a70d6534567caa47f01ed7fbc9a8e4e8_s390x",
"8Base-RHOSE-4.8:openshift4/ose-operator-sdk-rhel8@sha256:16080cfd97370db5530d0e58f87bfc2c9c784c2536ce3adc6a159f7ab9575ac9_ppc64le",
"8Base-RHOSE-4.8:openshift4/ose-operator-sdk-rhel8@sha256:7cb3e37cdab015a525dd1e7e9830c50d290ab64d939755aa733182fde5822282_s390x",
"8Base-RHOSE-4.8:openshift4/ose-operator-sdk-rhel8@sha256:7f191475c9dd43d6b40efd4b565bf677af22b1b654e0f5d8829b4831abc715d5_amd64",
"8Base-RHOSE-4.8:openshift4/ose-ptp-operator@sha256:4217ce881595e87ceab2fa0cf973b0fc991e0ebf73f6d5b267aaaecc3a03ad88_ppc64le",
"8Base-RHOSE-4.8:openshift4/ose-ptp-operator@sha256:bb73adc511485987f4b20db03ef164ea82c28bf1fb3cf5c50ecaa3b8bd5e268f_amd64",
"8Base-RHOSE-4.8:openshift4/ose-ptp-operator@sha256:d2e84963c0a4b8c4837c600dcd45a4ec85582dcb277cc5a342772cfaf37a02d6_s390x",
"8Base-RHOSE-4.8:openshift4/ose-ptp@sha256:3265800679156b9f4efebfe7f3d887ff804fa5eff6a33fcf4fdec96510a7d0a4_amd64",
"8Base-RHOSE-4.8:openshift4/ose-ptp@sha256:50f1a02f7ddd5e78a607a2d87e1a1d87e6d40dbab914c81a4b7c926446ae7c3f_s390x",
"8Base-RHOSE-4.8:openshift4/ose-ptp@sha256:b72f280d30c133785e64681fbc8c9464c1d495815d066947a8904b6a1eac7554_ppc64le",
"8Base-RHOSE-4.8:openshift4/ose-service-idler-rhel8@sha256:748ff477aab34a52314b3a25c8bc7af0b79938e33c5b0b03d63c2be288884556_ppc64le",
"8Base-RHOSE-4.8:openshift4/ose-service-idler-rhel8@sha256:7655843623686ef2110b391115053ec888b3bfba3e93f7fa015a4ddf59a2c6e1_s390x",
"8Base-RHOSE-4.8:openshift4/ose-service-idler-rhel8@sha256:dbc79719030b91a0879a1646a677fe7858f8e6552c496cfd5025430e6672d3c3_amd64",
"8Base-RHOSE-4.8:openshift4/ose-sriov-cni@sha256:128e08b126309830bece2d61b1095318a44fdb6437a1264a98922b92a9b56339_amd64",
"8Base-RHOSE-4.8:openshift4/ose-sriov-cni@sha256:4ead46ef89a7fc3c96a27426f1594f9403abe2d149f1a06f4e8c23a1435793a0_ppc64le",
"8Base-RHOSE-4.8:openshift4/ose-sriov-cni@sha256:de25d1ab45eec3791e0429c14cd159c2cf0e06f60538eea58a3884ba8ec0c437_s390x",
"8Base-RHOSE-4.8:openshift4/ose-sriov-dp-admission-controller@sha256:035ee520fd3303409a8a622fbfdc092495705533e687afd5a507269ff2888672_s390x",
"8Base-RHOSE-4.8:openshift4/ose-sriov-dp-admission-controller@sha256:3740692124ba1131c412665eb689db7d1fc90bc96df32905efa4c81295834a1d_amd64",
"8Base-RHOSE-4.8:openshift4/ose-sriov-dp-admission-controller@sha256:92fdeb3673145a77ff34decadc8a406cd05ce83afbbc848821717d2bc127f4db_ppc64le",
"8Base-RHOSE-4.8:openshift4/ose-sriov-infiniband-cni@sha256:4419994e773ba864245ad4763cecd5383e1782cf81f53977580ed5c70581a2a1_s390x",
"8Base-RHOSE-4.8:openshift4/ose-sriov-infiniband-cni@sha256:d3a01146298d996f4d5cc8114cb31c38fc332bbaa6056dbbc0c06580033df02f_ppc64le",
"8Base-RHOSE-4.8:openshift4/ose-sriov-infiniband-cni@sha256:e316ddfe57eb0f75f1d05f6b449f7f2746b345155729e037012d9081bcdfe11a_amd64",
"8Base-RHOSE-4.8:openshift4/ose-sriov-network-config-daemon@sha256:5d684abc03e26dd161328261d5c4c05f18afb91b92bb2e9e3934f371f7ae5e9c_ppc64le",
"8Base-RHOSE-4.8:openshift4/ose-sriov-network-config-daemon@sha256:e2210baeb0be9422275445e978f4f2ca2813476f0fdc39b239b9edb4add588a0_amd64",
"8Base-RHOSE-4.8:openshift4/ose-sriov-network-config-daemon@sha256:edee9914747f7b1a871dfbf8e0ada436fd853f9cb8b4f25bd6a3ae8f2d8b0851_s390x",
"8Base-RHOSE-4.8:openshift4/ose-sriov-network-device-plugin@sha256:7165575c0b49cf25bdafbb7390199d2a957322147fadfdce1401afc10dfcb37d_amd64",
"8Base-RHOSE-4.8:openshift4/ose-sriov-network-device-plugin@sha256:d5567efab982e51026761e1cb5a120f2eed54033550cbac5c4b78620b5a775ce_s390x",
"8Base-RHOSE-4.8:openshift4/ose-sriov-network-device-plugin@sha256:f54ddc9b51cc0878cb4771c8b55bee97ed02b003395f19ef9500c91cceccf134_ppc64le",
"8Base-RHOSE-4.8:openshift4/ose-sriov-network-operator@sha256:34af2eab98fe5ead527de11fd495642f49e955e17064cc8cf1674b13b362efac_s390x",
"8Base-RHOSE-4.8:openshift4/ose-sriov-network-operator@sha256:53bd17fd25accba8ed846c3906bfc140851c43cab9e599103a6df559d89b8323_amd64",
"8Base-RHOSE-4.8:openshift4/ose-sriov-network-operator@sha256:66ad156d2d59b0d47cedc94b9118e6e1107325ab5ba44375613f892d64d09956_ppc64le",
"8Base-RHOSE-4.8:openshift4/ose-sriov-network-webhook@sha256:3e648c0a96ae8024e5443782eb2afe8e3a2c716ee9dd20263fe3cad2d4c293dd_ppc64le",
"8Base-RHOSE-4.8:openshift4/ose-sriov-network-webhook@sha256:59dead9be2c8e873496653be6570c8aeffb1a9b420ba00200aae3506f1a1798e_s390x",
"8Base-RHOSE-4.8:openshift4/ose-sriov-network-webhook@sha256:e86bcdbfd6ac7e6cfb846d5a639a32f87f5500230044a8c299c28cfce1850f54_amd64",
"8Base-RHOSE-4.8:openshift4/ose-sriov-operator-must-gather@sha256:92b3d9d0f17b66c8856e795745282d0cc856cd2c8bf66dfa3beb9b0675fa5e1d_ppc64le",
"8Base-RHOSE-4.8:openshift4/ose-sriov-operator-must-gather@sha256:baa3b6da137bc048f57d656f938c71d26e8240f4a5a7d99dab584a1662d19188_s390x",
"8Base-RHOSE-4.8:openshift4/ose-sriov-operator-must-gather@sha256:e8dc9605891487bf743f20225f2bff4add607946d9b97da24f06bc0a3a5c4b6d_amd64",
"8Base-RHOSE-4.8:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:8894179aee32aea7d875499179bfc1783a1d81e052ee47499cb3b34ae7d4d18b_amd64",
"8Base-RHOSE-4.8:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:9e1d1bf31fa04b05b46e04cb564361ae8387fa06da5ec019a475a11ef7ff9358_ppc64le",
"8Base-RHOSE-4.8:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:c1b1addb2f2a7c84de8e0c50e6015921bc5f8f19c6c3defe090fc643e2a59fc4_s390x",
"8Base-RHOSE-4.8:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:5ff00e93833c3d916988979303e7bc0fe21b1da50ecbfbbf4d0545ef45b535ab_amd64",
"8Base-RHOSE-4.8:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:818f036319edf0d327b3d7b8c474e62181b645091bd78039f8af6bc9d06ec3c2_s390x",
"8Base-RHOSE-4.8:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:a2ec2c2c86e2dbc1471758f25942d74489bf011bcc905d4e27edb38f57835ac3_ppc64le",
"8Base-RHOSE-4.8:openshift4/ptp-must-gather-rhel8@sha256:16135e26bab08312237920621dfdda19de439cafa3496336a5bb036ba6aab810_s390x",
"8Base-RHOSE-4.8:openshift4/ptp-must-gather-rhel8@sha256:7e7c5e847bec122955563c7c2ed9de3d798155ea77ad13c528fdc173b817e811_amd64",
"8Base-RHOSE-4.8:openshift4/ptp-must-gather-rhel8@sha256:94572c353a049edb1ebc935a73a15e78ef399b9f15f3bb9b8bf376f1b37dff87_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-44832"
},
{
"category": "external",
"summary": "RHBZ#2035951",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2035951"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-44832",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44832"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-44832",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-44832"
},
{
"category": "external",
"summary": "https://issues.apache.org/jira/browse/LOG4J2-3293",
"url": "https://issues.apache.org/jira/browse/LOG4J2-3293"
}
],
"release_date": "2021-12-28T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-02-16T15:04:02+00:00",
"details": "For OpenShift Container Platform 4.8 see the following documentation, which\nwill be updated shortly for this release, for important instructions on how\nto upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.8/release_notes/ocp-4-8-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.8/updating/updating-cluster-cli.html",
"product_ids": [
"8Base-RHOSE-4.8:openshift4/ose-metering-hive@sha256:5431d1a3f9f479600db352feee682ce8e31d9b1d62f7c06e7fe0138a1aca7044_amd64",
"8Base-RHOSE-4.8:openshift4/ose-metering-presto@sha256:cd1d23fd5dff2a78fba377fbb3b1c63d922877af09f17e1c1f898eeaa4891c03_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:0485"
},
{
"category": "workaround",
"details": "As per upstream:\n- In prior releases confirm that if the JDBC Appender is being used it is not configured to use any protocol other than Java.\n- Note that only the log4j-core JAR file is impacted by this vulnerability. Applications using only the log4j-api JAR file without the log4j-core JAR file are not impacted by this vulnerability.",
"product_ids": [
"8Base-RHOSE-4.8:openshift4/kubernetes-nmstate-rhel8-operator@sha256:04af6b907f56fe1255345a4d5dd23908e6fe51b63da2d86812f0301f97b8abe8_ppc64le",
"8Base-RHOSE-4.8:openshift4/kubernetes-nmstate-rhel8-operator@sha256:401efb6b2a736bc00475df75c05178f2b5a01a917e416b166ba77b084984bbb0_s390x",
"8Base-RHOSE-4.8:openshift4/kubernetes-nmstate-rhel8-operator@sha256:bf92e1a223de2fe51d8e702f7bcd924e83378b99a249e76f1f8db7167a34e155_amd64",
"8Base-RHOSE-4.8:openshift4/ose-ansible-operator@sha256:16268bec56efd542c49bdd5ce8934d7edfe81ee2e11f716bfba09afda1096ccd_ppc64le",
"8Base-RHOSE-4.8:openshift4/ose-ansible-operator@sha256:317b636846f5a4da94b8a44eb87b9d34721da8b819debdcfecb726b8d74537c4_amd64",
"8Base-RHOSE-4.8:openshift4/ose-ansible-operator@sha256:678e89a0851566628a99981a5e395fc2a88936e5f1552a7f205e0c4dc4f34e58_s390x",
"8Base-RHOSE-4.8:openshift4/ose-cluster-capacity@sha256:29eb94fd8e5cf6bd471ed30b0cd1d7f647588c14c93a148f8f332cd21ee94542_ppc64le",
"8Base-RHOSE-4.8:openshift4/ose-cluster-capacity@sha256:91d7fad60dbc99ea4b1393d9f47de64d145dd3302b199edb7922efbc3a223c40_s390x",
"8Base-RHOSE-4.8:openshift4/ose-cluster-capacity@sha256:a8b224b9187b51c7b6251488f84bc86ec5e54bad0515c1516d6f535a2ad5a6d7_amd64",
"8Base-RHOSE-4.8:openshift4/ose-cluster-kube-descheduler-operator@sha256:24380dc5d13f84e5b3d35bcf6e183ab697a8b9f997c4808027dbe396a075e389_amd64",
"8Base-RHOSE-4.8:openshift4/ose-cluster-kube-descheduler-operator@sha256:4210a5b83b7a6dce2e8b5e9c74b2c2858b4441c7e7046dc1bc47d13bade5b344_s390x",
"8Base-RHOSE-4.8:openshift4/ose-cluster-kube-descheduler-operator@sha256:7de02a3794875b503787352cc1ba1774ca2bc48e717668323b135f2b4d03bab2_ppc64le",
"8Base-RHOSE-4.8:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:24380dc5d13f84e5b3d35bcf6e183ab697a8b9f997c4808027dbe396a075e389_amd64",
"8Base-RHOSE-4.8:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:4210a5b83b7a6dce2e8b5e9c74b2c2858b4441c7e7046dc1bc47d13bade5b344_s390x",
"8Base-RHOSE-4.8:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:7de02a3794875b503787352cc1ba1774ca2bc48e717668323b135f2b4d03bab2_ppc64le",
"8Base-RHOSE-4.8:openshift4/ose-cluster-nfd-operator@sha256:050f5694076ad7712ea486db9c3a6da60f14a6bcdefb93f09ae5a5d0d2350216_s390x",
"8Base-RHOSE-4.8:openshift4/ose-cluster-nfd-operator@sha256:3e804e2a87f3d4466ec45163ec1b8a7f5f8621a8dafba7359639319def652df7_amd64",
"8Base-RHOSE-4.8:openshift4/ose-cluster-nfd-operator@sha256:69325720dac7c66e759da3a932d6d11694b446809a2acd705bcd010662f119ac_ppc64le",
"8Base-RHOSE-4.8:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:a2b533899da262cc3dcdec64b353b4373c692c65795d092735110ffe14b1f405_s390x",
"8Base-RHOSE-4.8:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:e78a6496a8fe3bf67a1575cab28d8f9829ff2c9506cec53dc28cd08f1382641a_ppc64le",
"8Base-RHOSE-4.8:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:f426e6f2bbd416978f1bc731e061eb908cd34736180e92a6d76cbcc00d494ea0_amd64",
"8Base-RHOSE-4.8:openshift4/ose-clusterresourceoverride-rhel8@sha256:4361d04e51268ebc0048167a60b69b789b9e4158e819979a2996fc2a79a0183e_ppc64le",
"8Base-RHOSE-4.8:openshift4/ose-clusterresourceoverride-rhel8@sha256:7f80896dc1acc9d9af477d753e7fafe3d828e5b35fb123fda05c272c93efaae4_amd64",
"8Base-RHOSE-4.8:openshift4/ose-clusterresourceoverride-rhel8@sha256:862a2025b5f3a3e7569fe6fcdb08d008318daf7b7818dbff9bc571d053360ab1_s390x",
"8Base-RHOSE-4.8:openshift4/ose-descheduler@sha256:4f9de0b544a418c728d7921b031268687b315273256b1b964de87602b552f559_s390x",
"8Base-RHOSE-4.8:openshift4/ose-descheduler@sha256:b5ad38974bb046acc284d81615f89be45cc88ee94dd202715a84048ff666de39_ppc64le",
"8Base-RHOSE-4.8:openshift4/ose-descheduler@sha256:c646e3a5e81cff6f9e5fd0d590acff2a8ae1c0a36cb7bc5210f6285d8dc06817_amd64",
"8Base-RHOSE-4.8:openshift4/ose-egress-dns-proxy@sha256:45e93e144f0401c1b18a98864544e8e57439a5aae0937796a52cfbb5b5657620_ppc64le",
"8Base-RHOSE-4.8:openshift4/ose-egress-dns-proxy@sha256:7e578789946a853c299254cc9092f815c59333551fc7bcdf0cec4ee8bd0975f7_amd64",
"8Base-RHOSE-4.8:openshift4/ose-egress-dns-proxy@sha256:fa2b319dade615c79b26363fa35ff7519b890ceca1a316ba7b4a13ac2dfe3392_s390x",
"8Base-RHOSE-4.8:openshift4/ose-egress-http-proxy@sha256:26f61e722fc9110448b6c851d8c9e0e49c8d31ee6bbc678ea27767fe8351ad5b_amd64",
"8Base-RHOSE-4.8:openshift4/ose-egress-http-proxy@sha256:39a831a45748dfd91a1d20f68481fbc82bd3fefa4cb5ff87aab478770582de2f_s390x",
"8Base-RHOSE-4.8:openshift4/ose-egress-http-proxy@sha256:cef6c19c4b400e88a5231b626970ca205af002ae004f0e40c2bb5b3281abb44b_ppc64le",
"8Base-RHOSE-4.8:openshift4/ose-egress-router@sha256:4b3083b15eb27c5f3359498c3d76eab277f55264b1d1f50a560176e2cf471bde_ppc64le",
"8Base-RHOSE-4.8:openshift4/ose-egress-router@sha256:9c5ea6554b499063a4056685d22bc4b8e553bacbacd8f5b6c6c70029b7c691c2_amd64",
"8Base-RHOSE-4.8:openshift4/ose-egress-router@sha256:c8948bfb7437e445a58323c456979829d738f69d192b308af112793a44ece6be_s390x",
"8Base-RHOSE-4.8:openshift4/ose-ghostunnel@sha256:d24324d2a5f5db35706160389fd0504529847b610b67c946426dd2d5c580333c_amd64",
"8Base-RHOSE-4.8:openshift4/ose-helm-operator@sha256:2da0cd361bc6553072e88c8360dcf6d892ca6c3d34c98bdfa611105559373e98_ppc64le",
"8Base-RHOSE-4.8:openshift4/ose-helm-operator@sha256:aded3473d75a263d10d7f4f3db50366a00b1c592608c187f35e43dcf33d4cc92_s390x",
"8Base-RHOSE-4.8:openshift4/ose-helm-operator@sha256:df4243dbedfc6b134f48d8e839c859a55070dd816fcebf64da40f1ff86d1a6e8_amd64",
"8Base-RHOSE-4.8:openshift4/ose-kubernetes-nmstate-handler-rhel8@sha256:13d228ad69d3d76bd7af3eab87c2122016c29aca7930d83b7b084726ea62b3b6_amd64",
"8Base-RHOSE-4.8:openshift4/ose-kubernetes-nmstate-handler-rhel8@sha256:3a1ede2d5f064cdc9c3dcae93122e30fe6acb8962905ea739484840c028767eb_s390x",
"8Base-RHOSE-4.8:openshift4/ose-kubernetes-nmstate-handler-rhel8@sha256:6df1c3e3f99b59c1dcc1ba4bc50aef9638ec28eeb4a358316b6b5c5eb9ce1c1a_ppc64le",
"8Base-RHOSE-4.8:openshift4/ose-local-storage-diskmaker@sha256:4fb057e9824cccd554b9295e8c1b4cfc16ffb3eecc2211fa1e1a312f7a79c949_s390x",
"8Base-RHOSE-4.8:openshift4/ose-local-storage-diskmaker@sha256:5e7b1da76d30b757db38feef9ac254d1e36b04fe8d6ffab13ba147d0cff88974_ppc64le",
"8Base-RHOSE-4.8:openshift4/ose-local-storage-diskmaker@sha256:75bc3a0ac9201a825d2aaa1a8af28db620c40e95e25b5e1b6b3e00e507bccdcc_amd64",
"8Base-RHOSE-4.8:openshift4/ose-local-storage-mustgather-rhel8@sha256:06a330662e9a8f5aeae9ae9f85db9f25d8b96821f86437a9198ef626979b9b23_amd64",
"8Base-RHOSE-4.8:openshift4/ose-local-storage-mustgather-rhel8@sha256:7aa0f9ceaa8663081cf19d8a2c689d6356d467ce5ccfb1a6140101f5a47973b6_s390x",
"8Base-RHOSE-4.8:openshift4/ose-local-storage-mustgather-rhel8@sha256:b83bc8b9652ca1d2ff55733ba68f8eaca1542e5318b6860935d12244b240a3f2_ppc64le",
"8Base-RHOSE-4.8:openshift4/ose-local-storage-operator@sha256:1867e7f843577448af26b84cdfb7489b295c5db3eb0faa1eac334b491bf96848_ppc64le",
"8Base-RHOSE-4.8:openshift4/ose-local-storage-operator@sha256:8bf7c9546ffbab5678776abe5a25460f3ffdc166ffbfb65f4a674bac26e0dfae_amd64",
"8Base-RHOSE-4.8:openshift4/ose-local-storage-operator@sha256:b0ca8c3ea4511b5255ef9638f01fefaa6f2e93400a0409360c81d26e8ef8f493_s390x",
"8Base-RHOSE-4.8:openshift4/ose-local-storage-static-provisioner@sha256:030c266a9d55bd63d837fae36a1550a2607e684e8ccfd78fb229b2a028d8897f_ppc64le",
"8Base-RHOSE-4.8:openshift4/ose-local-storage-static-provisioner@sha256:2365ccb37a8f91f4ce8c0681e304f98f9468ccd3e7e9cb6bfe7e7179cdad9998_s390x",
"8Base-RHOSE-4.8:openshift4/ose-local-storage-static-provisioner@sha256:bcff1893ff84874958f43dd84a22f56f7648dfda34236f4ad87e2a964cf33cd9_amd64",
"8Base-RHOSE-4.8:openshift4/ose-metering-ansible-operator@sha256:7576005fb1ee5c89807a5c74c17a6beebdde06f39950d421354c8827e38dad37_amd64",
"8Base-RHOSE-4.8:openshift4/ose-metering-hadoop@sha256:3a6ae11db1f9f60674295b5b9feebbc19e1c8318390a00dd1314f56adace118c_amd64",
"8Base-RHOSE-4.8:openshift4/ose-metering-helm-container-rhel8@sha256:604d7a9033dd87cb30f0e9b35275432e0a6c7637e3cdf54c4710759e4f40ed18_s390x",
"8Base-RHOSE-4.8:openshift4/ose-metering-helm-container-rhel8@sha256:687162ae42b470a8fcfa409380f335265fe608bac5d3bc9511046cf4640f5017_ppc64le",
"8Base-RHOSE-4.8:openshift4/ose-metering-helm-container-rhel8@sha256:982bc5a04515bf30e88eff06b742ee4b0720d26b2039aef229e89ea52bc4322a_amd64",
"8Base-RHOSE-4.8:openshift4/ose-metering-hive@sha256:5431d1a3f9f479600db352feee682ce8e31d9b1d62f7c06e7fe0138a1aca7044_amd64",
"8Base-RHOSE-4.8:openshift4/ose-metering-presto@sha256:cd1d23fd5dff2a78fba377fbb3b1c63d922877af09f17e1c1f898eeaa4891c03_amd64",
"8Base-RHOSE-4.8:openshift4/ose-metering-reporting-operator@sha256:5bcd150f1b2752413a16deb287e08250e357ce220216df626ad5a9086c16ce6e_amd64",
"8Base-RHOSE-4.8:openshift4/ose-node-feature-discovery@sha256:6db511807c1e544de32eb9baba909766c53eac4a721852420c6aabc8de4b8684_ppc64le",
"8Base-RHOSE-4.8:openshift4/ose-node-feature-discovery@sha256:a2c9410fb28d810e26166c6d07af2885e4ac88ec73d95bf152da6e26e00f8086_s390x",
"8Base-RHOSE-4.8:openshift4/ose-node-feature-discovery@sha256:d66763784469579e744a627d49d9e125f0d6c69ac3542336fd28c73180af98bb_amd64",
"8Base-RHOSE-4.8:openshift4/ose-node-problem-detector-rhel8@sha256:05c5fff8726da0dbd9270314bf227eda559969e5abcbabd25078fa7e4f1e99eb_ppc64le",
"8Base-RHOSE-4.8:openshift4/ose-node-problem-detector-rhel8@sha256:3fddde918aae7343b55fb4bdd8273d8a928030d95465cb4c699d92958761a7a1_amd64",
"8Base-RHOSE-4.8:openshift4/ose-node-problem-detector-rhel8@sha256:5244cc96a46219c5ba7c1c52fd52c5c8a70d6534567caa47f01ed7fbc9a8e4e8_s390x",
"8Base-RHOSE-4.8:openshift4/ose-operator-sdk-rhel8@sha256:16080cfd97370db5530d0e58f87bfc2c9c784c2536ce3adc6a159f7ab9575ac9_ppc64le",
"8Base-RHOSE-4.8:openshift4/ose-operator-sdk-rhel8@sha256:7cb3e37cdab015a525dd1e7e9830c50d290ab64d939755aa733182fde5822282_s390x",
"8Base-RHOSE-4.8:openshift4/ose-operator-sdk-rhel8@sha256:7f191475c9dd43d6b40efd4b565bf677af22b1b654e0f5d8829b4831abc715d5_amd64",
"8Base-RHOSE-4.8:openshift4/ose-ptp-operator@sha256:4217ce881595e87ceab2fa0cf973b0fc991e0ebf73f6d5b267aaaecc3a03ad88_ppc64le",
"8Base-RHOSE-4.8:openshift4/ose-ptp-operator@sha256:bb73adc511485987f4b20db03ef164ea82c28bf1fb3cf5c50ecaa3b8bd5e268f_amd64",
"8Base-RHOSE-4.8:openshift4/ose-ptp-operator@sha256:d2e84963c0a4b8c4837c600dcd45a4ec85582dcb277cc5a342772cfaf37a02d6_s390x",
"8Base-RHOSE-4.8:openshift4/ose-ptp@sha256:3265800679156b9f4efebfe7f3d887ff804fa5eff6a33fcf4fdec96510a7d0a4_amd64",
"8Base-RHOSE-4.8:openshift4/ose-ptp@sha256:50f1a02f7ddd5e78a607a2d87e1a1d87e6d40dbab914c81a4b7c926446ae7c3f_s390x",
"8Base-RHOSE-4.8:openshift4/ose-ptp@sha256:b72f280d30c133785e64681fbc8c9464c1d495815d066947a8904b6a1eac7554_ppc64le",
"8Base-RHOSE-4.8:openshift4/ose-service-idler-rhel8@sha256:748ff477aab34a52314b3a25c8bc7af0b79938e33c5b0b03d63c2be288884556_ppc64le",
"8Base-RHOSE-4.8:openshift4/ose-service-idler-rhel8@sha256:7655843623686ef2110b391115053ec888b3bfba3e93f7fa015a4ddf59a2c6e1_s390x",
"8Base-RHOSE-4.8:openshift4/ose-service-idler-rhel8@sha256:dbc79719030b91a0879a1646a677fe7858f8e6552c496cfd5025430e6672d3c3_amd64",
"8Base-RHOSE-4.8:openshift4/ose-sriov-cni@sha256:128e08b126309830bece2d61b1095318a44fdb6437a1264a98922b92a9b56339_amd64",
"8Base-RHOSE-4.8:openshift4/ose-sriov-cni@sha256:4ead46ef89a7fc3c96a27426f1594f9403abe2d149f1a06f4e8c23a1435793a0_ppc64le",
"8Base-RHOSE-4.8:openshift4/ose-sriov-cni@sha256:de25d1ab45eec3791e0429c14cd159c2cf0e06f60538eea58a3884ba8ec0c437_s390x",
"8Base-RHOSE-4.8:openshift4/ose-sriov-dp-admission-controller@sha256:035ee520fd3303409a8a622fbfdc092495705533e687afd5a507269ff2888672_s390x",
"8Base-RHOSE-4.8:openshift4/ose-sriov-dp-admission-controller@sha256:3740692124ba1131c412665eb689db7d1fc90bc96df32905efa4c81295834a1d_amd64",
"8Base-RHOSE-4.8:openshift4/ose-sriov-dp-admission-controller@sha256:92fdeb3673145a77ff34decadc8a406cd05ce83afbbc848821717d2bc127f4db_ppc64le",
"8Base-RHOSE-4.8:openshift4/ose-sriov-infiniband-cni@sha256:4419994e773ba864245ad4763cecd5383e1782cf81f53977580ed5c70581a2a1_s390x",
"8Base-RHOSE-4.8:openshift4/ose-sriov-infiniband-cni@sha256:d3a01146298d996f4d5cc8114cb31c38fc332bbaa6056dbbc0c06580033df02f_ppc64le",
"8Base-RHOSE-4.8:openshift4/ose-sriov-infiniband-cni@sha256:e316ddfe57eb0f75f1d05f6b449f7f2746b345155729e037012d9081bcdfe11a_amd64",
"8Base-RHOSE-4.8:openshift4/ose-sriov-network-config-daemon@sha256:5d684abc03e26dd161328261d5c4c05f18afb91b92bb2e9e3934f371f7ae5e9c_ppc64le",
"8Base-RHOSE-4.8:openshift4/ose-sriov-network-config-daemon@sha256:e2210baeb0be9422275445e978f4f2ca2813476f0fdc39b239b9edb4add588a0_amd64",
"8Base-RHOSE-4.8:openshift4/ose-sriov-network-config-daemon@sha256:edee9914747f7b1a871dfbf8e0ada436fd853f9cb8b4f25bd6a3ae8f2d8b0851_s390x",
"8Base-RHOSE-4.8:openshift4/ose-sriov-network-device-plugin@sha256:7165575c0b49cf25bdafbb7390199d2a957322147fadfdce1401afc10dfcb37d_amd64",
"8Base-RHOSE-4.8:openshift4/ose-sriov-network-device-plugin@sha256:d5567efab982e51026761e1cb5a120f2eed54033550cbac5c4b78620b5a775ce_s390x",
"8Base-RHOSE-4.8:openshift4/ose-sriov-network-device-plugin@sha256:f54ddc9b51cc0878cb4771c8b55bee97ed02b003395f19ef9500c91cceccf134_ppc64le",
"8Base-RHOSE-4.8:openshift4/ose-sriov-network-operator@sha256:34af2eab98fe5ead527de11fd495642f49e955e17064cc8cf1674b13b362efac_s390x",
"8Base-RHOSE-4.8:openshift4/ose-sriov-network-operator@sha256:53bd17fd25accba8ed846c3906bfc140851c43cab9e599103a6df559d89b8323_amd64",
"8Base-RHOSE-4.8:openshift4/ose-sriov-network-operator@sha256:66ad156d2d59b0d47cedc94b9118e6e1107325ab5ba44375613f892d64d09956_ppc64le",
"8Base-RHOSE-4.8:openshift4/ose-sriov-network-webhook@sha256:3e648c0a96ae8024e5443782eb2afe8e3a2c716ee9dd20263fe3cad2d4c293dd_ppc64le",
"8Base-RHOSE-4.8:openshift4/ose-sriov-network-webhook@sha256:59dead9be2c8e873496653be6570c8aeffb1a9b420ba00200aae3506f1a1798e_s390x",
"8Base-RHOSE-4.8:openshift4/ose-sriov-network-webhook@sha256:e86bcdbfd6ac7e6cfb846d5a639a32f87f5500230044a8c299c28cfce1850f54_amd64",
"8Base-RHOSE-4.8:openshift4/ose-sriov-operator-must-gather@sha256:92b3d9d0f17b66c8856e795745282d0cc856cd2c8bf66dfa3beb9b0675fa5e1d_ppc64le",
"8Base-RHOSE-4.8:openshift4/ose-sriov-operator-must-gather@sha256:baa3b6da137bc048f57d656f938c71d26e8240f4a5a7d99dab584a1662d19188_s390x",
"8Base-RHOSE-4.8:openshift4/ose-sriov-operator-must-gather@sha256:e8dc9605891487bf743f20225f2bff4add607946d9b97da24f06bc0a3a5c4b6d_amd64",
"8Base-RHOSE-4.8:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:8894179aee32aea7d875499179bfc1783a1d81e052ee47499cb3b34ae7d4d18b_amd64",
"8Base-RHOSE-4.8:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:9e1d1bf31fa04b05b46e04cb564361ae8387fa06da5ec019a475a11ef7ff9358_ppc64le",
"8Base-RHOSE-4.8:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:c1b1addb2f2a7c84de8e0c50e6015921bc5f8f19c6c3defe090fc643e2a59fc4_s390x",
"8Base-RHOSE-4.8:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:5ff00e93833c3d916988979303e7bc0fe21b1da50ecbfbbf4d0545ef45b535ab_amd64",
"8Base-RHOSE-4.8:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:818f036319edf0d327b3d7b8c474e62181b645091bd78039f8af6bc9d06ec3c2_s390x",
"8Base-RHOSE-4.8:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:a2ec2c2c86e2dbc1471758f25942d74489bf011bcc905d4e27edb38f57835ac3_ppc64le",
"8Base-RHOSE-4.8:openshift4/ptp-must-gather-rhel8@sha256:16135e26bab08312237920621dfdda19de439cafa3496336a5bb036ba6aab810_s390x",
"8Base-RHOSE-4.8:openshift4/ptp-must-gather-rhel8@sha256:7e7c5e847bec122955563c7c2ed9de3d798155ea77ad13c528fdc173b817e811_amd64",
"8Base-RHOSE-4.8:openshift4/ptp-must-gather-rhel8@sha256:94572c353a049edb1ebc935a73a15e78ef399b9f15f3bb9b8bf376f1b37dff87_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-RHOSE-4.8:openshift4/ose-metering-hive@sha256:5431d1a3f9f479600db352feee682ce8e31d9b1d62f7c06e7fe0138a1aca7044_amd64",
"8Base-RHOSE-4.8:openshift4/ose-metering-presto@sha256:cd1d23fd5dff2a78fba377fbb3b1c63d922877af09f17e1c1f898eeaa4891c03_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "log4j-core: remote code execution via JDBC Appender"
}
]
}
RHSA-2022:0181
Vulnerability from csaf_redhat - Published: 2022-01-27 08:24 - Updated: 2025-11-21 18:27Summary
Red Hat Security Advisory: OpenShift Container Platform 4.6.54 extras and security update
Notes
Topic
Red Hat OpenShift Container Platform release 4.6.54 is now available with updates to packages and images that fix several bugs.
This release includes a security update for Red Hat OpenShift Container Platform 4.6.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments.
This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.6.54. See the following advisory for the container images for this release:
https://access.redhat.com/errata/RHBA-2022:0180
Security Fix(es):
* log4j-core: remote code execution via JDBC Appender (CVE-2021-44832)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
All OpenShift Container Platform 4.6 users are advised to upgrade to these updated packages and images when they are available in the appropriate release channel. To check for available updates, use the OpenShift Console or the CLI oc command. Instructions for upgrading a cluster are available at https://docs.openshift.com/container-platform/4.6/updating/updating-cluster-between-minor.html#understanding-upgrade-channels_updating-cluster-between-minor
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Red Hat OpenShift Container Platform release 4.6.54 is now available with updates to packages and images that fix several bugs.\n\nThis release includes a security update for Red Hat OpenShift Container Platform 4.6.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat OpenShift Container Platform is Red Hat\u0027s cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments.\n\nThis advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.6.54. See the following advisory for the container images for this release:\n\nhttps://access.redhat.com/errata/RHBA-2022:0180\n\nSecurity Fix(es):\n\n* log4j-core: remote code execution via JDBC Appender (CVE-2021-44832)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAll OpenShift Container Platform 4.6 users are advised to upgrade to these updated packages and images when they are available in the appropriate release channel. To check for available updates, use the OpenShift Console or the CLI oc command. Instructions for upgrading a cluster are available at https://docs.openshift.com/container-platform/4.6/updating/updating-cluster-between-minor.html#understanding-upgrade-channels_updating-cluster-between-minor",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2022:0181",
"url": "https://access.redhat.com/errata/RHSA-2022:0181"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "1985826",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1985826"
},
{
"category": "external",
"summary": "2034412",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2034412"
},
{
"category": "external",
"summary": "2035951",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2035951"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2022/rhsa-2022_0181.json"
}
],
"title": "Red Hat Security Advisory: OpenShift Container Platform 4.6.54 extras and security update",
"tracking": {
"current_release_date": "2025-11-21T18:27:57+00:00",
"generator": {
"date": "2025-11-21T18:27:57+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.12"
}
},
"id": "RHSA-2022:0181",
"initial_release_date": "2022-01-27T08:24:22+00:00",
"revision_history": [
{
"date": "2022-01-27T08:24:22+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2022-01-27T08:24:22+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-11-21T18:27:57+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat OpenShift Container Platform 4.6",
"product": {
"name": "Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift:4.6::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenShift Enterprise"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift4/ose-descheduler@sha256:e1f0421a3d7c05e9d89336b1a5d992aa794a707b45a7f19c24ba6fbf731fc030_ppc64le",
"product": {
"name": "openshift4/ose-descheduler@sha256:e1f0421a3d7c05e9d89336b1a5d992aa794a707b45a7f19c24ba6fbf731fc030_ppc64le",
"product_id": "openshift4/ose-descheduler@sha256:e1f0421a3d7c05e9d89336b1a5d992aa794a707b45a7f19c24ba6fbf731fc030_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-descheduler@sha256:e1f0421a3d7c05e9d89336b1a5d992aa794a707b45a7f19c24ba6fbf731fc030?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-descheduler\u0026tag=v4.6.0-202201111633.p0.g4c0ed6d.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-node-problem-detector-rhel8@sha256:25f3e6e8ec060df5cd6ad82035cf6f7c973890829c95ef5a006af292882c5f17_ppc64le",
"product": {
"name": "openshift4/ose-node-problem-detector-rhel8@sha256:25f3e6e8ec060df5cd6ad82035cf6f7c973890829c95ef5a006af292882c5f17_ppc64le",
"product_id": "openshift4/ose-node-problem-detector-rhel8@sha256:25f3e6e8ec060df5cd6ad82035cf6f7c973890829c95ef5a006af292882c5f17_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-node-problem-detector-rhel8@sha256:25f3e6e8ec060df5cd6ad82035cf6f7c973890829c95ef5a006af292882c5f17?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-node-problem-detector-rhel8\u0026tag=v4.6.0-202201111633.p0.gb392f6d.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-cluster-logging-operator@sha256:35b7c99ee5ef1e05c31713148ca45795d11fb8cec14f5b73a5082edde1a420dd_ppc64le",
"product": {
"name": "openshift4/ose-cluster-logging-operator@sha256:35b7c99ee5ef1e05c31713148ca45795d11fb8cec14f5b73a5082edde1a420dd_ppc64le",
"product_id": "openshift4/ose-cluster-logging-operator@sha256:35b7c99ee5ef1e05c31713148ca45795d11fb8cec14f5b73a5082edde1a420dd_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-cluster-logging-operator@sha256:35b7c99ee5ef1e05c31713148ca45795d11fb8cec14f5b73a5082edde1a420dd?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-cluster-logging-operator\u0026tag=v4.6.0-202201181437.p0.g7f7eccc.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-cluster-nfd-operator@sha256:837499b03eb6d86f40c9376d7f58ca99736fb028b9171215c9c11b3b7c9e1ea5_ppc64le",
"product": {
"name": "openshift4/ose-cluster-nfd-operator@sha256:837499b03eb6d86f40c9376d7f58ca99736fb028b9171215c9c11b3b7c9e1ea5_ppc64le",
"product_id": "openshift4/ose-cluster-nfd-operator@sha256:837499b03eb6d86f40c9376d7f58ca99736fb028b9171215c9c11b3b7c9e1ea5_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-cluster-nfd-operator@sha256:837499b03eb6d86f40c9376d7f58ca99736fb028b9171215c9c11b3b7c9e1ea5?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-cluster-nfd-operator\u0026tag=v4.6.0-202201111633.p0.g791e21e.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-elasticsearch-operator@sha256:dad1e81945e33a88a10af0ba300ff838b9556b07856bb44625a1b5e06be59b5f_ppc64le",
"product": {
"name": "openshift4/ose-elasticsearch-operator@sha256:dad1e81945e33a88a10af0ba300ff838b9556b07856bb44625a1b5e06be59b5f_ppc64le",
"product_id": "openshift4/ose-elasticsearch-operator@sha256:dad1e81945e33a88a10af0ba300ff838b9556b07856bb44625a1b5e06be59b5f_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-elasticsearch-operator@sha256:dad1e81945e33a88a10af0ba300ff838b9556b07856bb44625a1b5e06be59b5f?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-elasticsearch-operator\u0026tag=v4.6.0-202201181437.p0.gd421c69.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-sriov-infiniband-cni@sha256:44b6e854ecd47519615b68965464e94b31e9a44a698df0574f858cf6f9f47b8c_ppc64le",
"product": {
"name": "openshift4/ose-sriov-infiniband-cni@sha256:44b6e854ecd47519615b68965464e94b31e9a44a698df0574f858cf6f9f47b8c_ppc64le",
"product_id": "openshift4/ose-sriov-infiniband-cni@sha256:44b6e854ecd47519615b68965464e94b31e9a44a698df0574f858cf6f9f47b8c_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-sriov-infiniband-cni@sha256:44b6e854ecd47519615b68965464e94b31e9a44a698df0574f858cf6f9f47b8c?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-sriov-infiniband-cni\u0026tag=v4.6.0-202201111633.p0.g8082d6e.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-local-storage-diskmaker@sha256:5c917f6e16f53c787ab98ded89e6de10172ebbbc427ddd7b39274f6849fda279_ppc64le",
"product": {
"name": "openshift4/ose-local-storage-diskmaker@sha256:5c917f6e16f53c787ab98ded89e6de10172ebbbc427ddd7b39274f6849fda279_ppc64le",
"product_id": "openshift4/ose-local-storage-diskmaker@sha256:5c917f6e16f53c787ab98ded89e6de10172ebbbc427ddd7b39274f6849fda279_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-local-storage-diskmaker@sha256:5c917f6e16f53c787ab98ded89e6de10172ebbbc427ddd7b39274f6849fda279?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-local-storage-diskmaker\u0026tag=v4.6.0-202201111633.p0.gfa3468d.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-local-storage-operator@sha256:79d85a7a26cb26e7636c3e0057394739e5e7e553c460ea83130a75a1e047e139_ppc64le",
"product": {
"name": "openshift4/ose-local-storage-operator@sha256:79d85a7a26cb26e7636c3e0057394739e5e7e553c460ea83130a75a1e047e139_ppc64le",
"product_id": "openshift4/ose-local-storage-operator@sha256:79d85a7a26cb26e7636c3e0057394739e5e7e553c460ea83130a75a1e047e139_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-local-storage-operator@sha256:79d85a7a26cb26e7636c3e0057394739e5e7e553c460ea83130a75a1e047e139?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-local-storage-operator\u0026tag=v4.6.0-202201111633.p0.gfa3468d.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-local-storage-static-provisioner@sha256:a112dd127655109b81ae6f9fa5d7458642c517a84a6fabb2ff76f19cf4b73cff_ppc64le",
"product": {
"name": "openshift4/ose-local-storage-static-provisioner@sha256:a112dd127655109b81ae6f9fa5d7458642c517a84a6fabb2ff76f19cf4b73cff_ppc64le",
"product_id": "openshift4/ose-local-storage-static-provisioner@sha256:a112dd127655109b81ae6f9fa5d7458642c517a84a6fabb2ff76f19cf4b73cff_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-local-storage-static-provisioner@sha256:a112dd127655109b81ae6f9fa5d7458642c517a84a6fabb2ff76f19cf4b73cff?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-local-storage-static-provisioner\u0026tag=v4.6.0-202201111633.p0.g9ee7458.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-logging-curator5@sha256:f291f5cf001e32843171cced32c9266b3801cf8838d44fd150f7064c8edd15bc_ppc64le",
"product": {
"name": "openshift4/ose-logging-curator5@sha256:f291f5cf001e32843171cced32c9266b3801cf8838d44fd150f7064c8edd15bc_ppc64le",
"product_id": "openshift4/ose-logging-curator5@sha256:f291f5cf001e32843171cced32c9266b3801cf8838d44fd150f7064c8edd15bc_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-logging-curator5@sha256:f291f5cf001e32843171cced32c9266b3801cf8838d44fd150f7064c8edd15bc?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-logging-curator5\u0026tag=v4.6.0-202201181437.p0.g181b827.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-logging-elasticsearch6@sha256:494cca490e8be47a3dd458f04791a11f80fca0255534fe926b5654e62d02950b_ppc64le",
"product": {
"name": "openshift4/ose-logging-elasticsearch6@sha256:494cca490e8be47a3dd458f04791a11f80fca0255534fe926b5654e62d02950b_ppc64le",
"product_id": "openshift4/ose-logging-elasticsearch6@sha256:494cca490e8be47a3dd458f04791a11f80fca0255534fe926b5654e62d02950b_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-logging-elasticsearch6@sha256:494cca490e8be47a3dd458f04791a11f80fca0255534fe926b5654e62d02950b?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-logging-elasticsearch6\u0026tag=v4.6.0-202201181437.p0.g181b827.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-logging-eventrouter@sha256:0a4d48dd5651c1fd6038d6f1780c5bf012a6fad3dbb5442cb2331bac22ef30e6_ppc64le",
"product": {
"name": "openshift4/ose-logging-eventrouter@sha256:0a4d48dd5651c1fd6038d6f1780c5bf012a6fad3dbb5442cb2331bac22ef30e6_ppc64le",
"product_id": "openshift4/ose-logging-eventrouter@sha256:0a4d48dd5651c1fd6038d6f1780c5bf012a6fad3dbb5442cb2331bac22ef30e6_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-logging-eventrouter@sha256:0a4d48dd5651c1fd6038d6f1780c5bf012a6fad3dbb5442cb2331bac22ef30e6?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-logging-eventrouter\u0026tag=v4.6.0-202201111633.p0.g131cfe6.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-logging-fluentd@sha256:81b925ab3a62be690462b3b04d2dc837bac84650fb57f4adce339d69493cde44_ppc64le",
"product": {
"name": "openshift4/ose-logging-fluentd@sha256:81b925ab3a62be690462b3b04d2dc837bac84650fb57f4adce339d69493cde44_ppc64le",
"product_id": "openshift4/ose-logging-fluentd@sha256:81b925ab3a62be690462b3b04d2dc837bac84650fb57f4adce339d69493cde44_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-logging-fluentd@sha256:81b925ab3a62be690462b3b04d2dc837bac84650fb57f4adce339d69493cde44?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-logging-fluentd\u0026tag=v4.6.0-202201181437.p0.g181b827.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-logging-kibana6@sha256:96126e249c57434c3641c8bfdee4ffd009c5fc20cfa1ef2763ab33fbdca68d3b_ppc64le",
"product": {
"name": "openshift4/ose-logging-kibana6@sha256:96126e249c57434c3641c8bfdee4ffd009c5fc20cfa1ef2763ab33fbdca68d3b_ppc64le",
"product_id": "openshift4/ose-logging-kibana6@sha256:96126e249c57434c3641c8bfdee4ffd009c5fc20cfa1ef2763ab33fbdca68d3b_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-logging-kibana6@sha256:96126e249c57434c3641c8bfdee4ffd009c5fc20cfa1ef2763ab33fbdca68d3b?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-logging-kibana6\u0026tag=v4.6.0-202201181437.p0.g181b827.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-node-feature-discovery@sha256:bd3a05f7433b159efc5dd4aa12afffa6e9121ae612a93722425ddcef6fbaf9d3_ppc64le",
"product": {
"name": "openshift4/ose-node-feature-discovery@sha256:bd3a05f7433b159efc5dd4aa12afffa6e9121ae612a93722425ddcef6fbaf9d3_ppc64le",
"product_id": "openshift4/ose-node-feature-discovery@sha256:bd3a05f7433b159efc5dd4aa12afffa6e9121ae612a93722425ddcef6fbaf9d3_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-node-feature-discovery@sha256:bd3a05f7433b159efc5dd4aa12afffa6e9121ae612a93722425ddcef6fbaf9d3?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-node-feature-discovery\u0026tag=v4.6.0-202201111633.p0.ge75e467.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-ansible-operator@sha256:9851086ac084c5187482604b55b216009af51174b51b0a4ecaa22ae6965bdfac_ppc64le",
"product": {
"name": "openshift4/ose-ansible-operator@sha256:9851086ac084c5187482604b55b216009af51174b51b0a4ecaa22ae6965bdfac_ppc64le",
"product_id": "openshift4/ose-ansible-operator@sha256:9851086ac084c5187482604b55b216009af51174b51b0a4ecaa22ae6965bdfac_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-ansible-operator@sha256:9851086ac084c5187482604b55b216009af51174b51b0a4ecaa22ae6965bdfac?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-ansible-operator\u0026tag=v4.6.0-202201111855.p0.gf65b49e.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-cluster-capacity@sha256:538543b6ea1186ba46340e2fc0752dc397bc2bde989fa356427aa991ef52b23f_ppc64le",
"product": {
"name": "openshift4/ose-cluster-capacity@sha256:538543b6ea1186ba46340e2fc0752dc397bc2bde989fa356427aa991ef52b23f_ppc64le",
"product_id": "openshift4/ose-cluster-capacity@sha256:538543b6ea1186ba46340e2fc0752dc397bc2bde989fa356427aa991ef52b23f_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-cluster-capacity@sha256:538543b6ea1186ba46340e2fc0752dc397bc2bde989fa356427aa991ef52b23f?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-cluster-capacity\u0026tag=v4.6.0-202201111633.p0.g44065a4.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-egress-dns-proxy@sha256:27f0d36b1d6e0b9f746d4645444311c80ce0b3bf2a7a1f40619e6abf5ebacdac_ppc64le",
"product": {
"name": "openshift4/ose-egress-dns-proxy@sha256:27f0d36b1d6e0b9f746d4645444311c80ce0b3bf2a7a1f40619e6abf5ebacdac_ppc64le",
"product_id": "openshift4/ose-egress-dns-proxy@sha256:27f0d36b1d6e0b9f746d4645444311c80ce0b3bf2a7a1f40619e6abf5ebacdac_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-egress-dns-proxy@sha256:27f0d36b1d6e0b9f746d4645444311c80ce0b3bf2a7a1f40619e6abf5ebacdac?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-egress-dns-proxy\u0026tag=v4.6.0-202201120855.p0.g618b71d.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-egress-router@sha256:b793400ba4ca8347fed2769021f45589e96394d7f3f1b67d08e3787484193a8d_ppc64le",
"product": {
"name": "openshift4/ose-egress-router@sha256:b793400ba4ca8347fed2769021f45589e96394d7f3f1b67d08e3787484193a8d_ppc64le",
"product_id": "openshift4/ose-egress-router@sha256:b793400ba4ca8347fed2769021f45589e96394d7f3f1b67d08e3787484193a8d_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-egress-router@sha256:b793400ba4ca8347fed2769021f45589e96394d7f3f1b67d08e3787484193a8d?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-egress-router\u0026tag=v4.6.0-202201111633.p0.g618b71d.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-helm-operator@sha256:8123030facf3f2e1150a988fb48c04edb8bf8725fd1385fb5d6e00209a90aafc_ppc64le",
"product": {
"name": "openshift4/ose-helm-operator@sha256:8123030facf3f2e1150a988fb48c04edb8bf8725fd1385fb5d6e00209a90aafc_ppc64le",
"product_id": "openshift4/ose-helm-operator@sha256:8123030facf3f2e1150a988fb48c04edb8bf8725fd1385fb5d6e00209a90aafc_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-helm-operator@sha256:8123030facf3f2e1150a988fb48c04edb8bf8725fd1385fb5d6e00209a90aafc?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-helm-operator\u0026tag=v4.6.0-202201111633.p0.gf65b49e.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-service-idler-rhel8@sha256:b3ddfec490c5c285d373ea2eeea18361bdebbc377593157be592f8c903ab93e3_ppc64le",
"product": {
"name": "openshift4/ose-service-idler-rhel8@sha256:b3ddfec490c5c285d373ea2eeea18361bdebbc377593157be592f8c903ab93e3_ppc64le",
"product_id": "openshift4/ose-service-idler-rhel8@sha256:b3ddfec490c5c285d373ea2eeea18361bdebbc377593157be592f8c903ab93e3_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-service-idler-rhel8@sha256:b3ddfec490c5c285d373ea2eeea18361bdebbc377593157be592f8c903ab93e3?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-service-idler-rhel8\u0026tag=v4.6.0-202201111633.p0.g39cfc66.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-cluster-kube-descheduler-operator@sha256:b10e9335ffcb0c66cc733c493e7e90c81ecdc62fe74cb628260553141dd0e768_ppc64le",
"product": {
"name": "openshift4/ose-cluster-kube-descheduler-operator@sha256:b10e9335ffcb0c66cc733c493e7e90c81ecdc62fe74cb628260553141dd0e768_ppc64le",
"product_id": "openshift4/ose-cluster-kube-descheduler-operator@sha256:b10e9335ffcb0c66cc733c493e7e90c81ecdc62fe74cb628260553141dd0e768_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-cluster-kube-descheduler-operator@sha256:b10e9335ffcb0c66cc733c493e7e90c81ecdc62fe74cb628260553141dd0e768?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-cluster-kube-descheduler-operator\u0026tag=v4.6.0-202201111855.p0.gbd1f995.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:b10e9335ffcb0c66cc733c493e7e90c81ecdc62fe74cb628260553141dd0e768_ppc64le",
"product": {
"name": "openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:b10e9335ffcb0c66cc733c493e7e90c81ecdc62fe74cb628260553141dd0e768_ppc64le",
"product_id": "openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:b10e9335ffcb0c66cc733c493e7e90c81ecdc62fe74cb628260553141dd0e768_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-cluster-kube-descheduler-rhel8-operator@sha256:b10e9335ffcb0c66cc733c493e7e90c81ecdc62fe74cb628260553141dd0e768?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-cluster-kube-descheduler-rhel8-operator\u0026tag=v4.6.0-202201111855.p0.gbd1f995.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-clusterresourceoverride-rhel8@sha256:67a5e7a3e155fee5aea31f5ff6191071f2dafdb3cf5f8f107fee7f749bac70b3_ppc64le",
"product": {
"name": "openshift4/ose-clusterresourceoverride-rhel8@sha256:67a5e7a3e155fee5aea31f5ff6191071f2dafdb3cf5f8f107fee7f749bac70b3_ppc64le",
"product_id": "openshift4/ose-clusterresourceoverride-rhel8@sha256:67a5e7a3e155fee5aea31f5ff6191071f2dafdb3cf5f8f107fee7f749bac70b3_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-clusterresourceoverride-rhel8@sha256:67a5e7a3e155fee5aea31f5ff6191071f2dafdb3cf5f8f107fee7f749bac70b3?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-clusterresourceoverride-rhel8\u0026tag=v4.6.0-202201111633.p0.gfabfa8b.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:9be5d1bd86525b465f4e21734fb64cf33d06a558628abe51355818eec90d6c5b_ppc64le",
"product": {
"name": "openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:9be5d1bd86525b465f4e21734fb64cf33d06a558628abe51355818eec90d6c5b_ppc64le",
"product_id": "openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:9be5d1bd86525b465f4e21734fb64cf33d06a558628abe51355818eec90d6c5b_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-clusterresourceoverride-rhel8-operator@sha256:9be5d1bd86525b465f4e21734fb64cf33d06a558628abe51355818eec90d6c5b?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-clusterresourceoverride-rhel8-operator\u0026tag=v4.6.0-202201111633.p0.g9c75ad0.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-egress-http-proxy@sha256:1995f9ac67fec2ed8872a89fe7bf7bb72d9a25d50dc3f6060ae6cb7ca0b1cc50_ppc64le",
"product": {
"name": "openshift4/ose-egress-http-proxy@sha256:1995f9ac67fec2ed8872a89fe7bf7bb72d9a25d50dc3f6060ae6cb7ca0b1cc50_ppc64le",
"product_id": "openshift4/ose-egress-http-proxy@sha256:1995f9ac67fec2ed8872a89fe7bf7bb72d9a25d50dc3f6060ae6cb7ca0b1cc50_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-egress-http-proxy@sha256:1995f9ac67fec2ed8872a89fe7bf7bb72d9a25d50dc3f6060ae6cb7ca0b1cc50?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-egress-http-proxy\u0026tag=v4.6.0-202201111633.p0.g618b71d.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-elasticsearch-proxy@sha256:ec79fffde7369e36a548c594e0cab8fd2aec68f4bfb870c966873de953c82e28_ppc64le",
"product": {
"name": "openshift4/ose-elasticsearch-proxy@sha256:ec79fffde7369e36a548c594e0cab8fd2aec68f4bfb870c966873de953c82e28_ppc64le",
"product_id": "openshift4/ose-elasticsearch-proxy@sha256:ec79fffde7369e36a548c594e0cab8fd2aec68f4bfb870c966873de953c82e28_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-elasticsearch-proxy@sha256:ec79fffde7369e36a548c594e0cab8fd2aec68f4bfb870c966873de953c82e28?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-elasticsearch-proxy\u0026tag=v4.6.0-202201111633.p0.g12d80b2.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:f616d7ce6a927e4d07db54915e10c23052054883092b54cba31263fa2deeb143_ppc64le",
"product": {
"name": "openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:f616d7ce6a927e4d07db54915e10c23052054883092b54cba31263fa2deeb143_ppc64le",
"product_id": "openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:f616d7ce6a927e4d07db54915e10c23052054883092b54cba31263fa2deeb143_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-jenkins-agent-nodejs-10-rhel8@sha256:f616d7ce6a927e4d07db54915e10c23052054883092b54cba31263fa2deeb143?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-jenkins-agent-nodejs-10-rhel8\u0026tag=v4.6.0-202201111855.p0.g3c3794f.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-ptp@sha256:78251c9f29301cf945e7cd21059e26a4efa81f387351343391da8851fd47ad55_ppc64le",
"product": {
"name": "openshift4/ose-ptp@sha256:78251c9f29301cf945e7cd21059e26a4efa81f387351343391da8851fd47ad55_ppc64le",
"product_id": "openshift4/ose-ptp@sha256:78251c9f29301cf945e7cd21059e26a4efa81f387351343391da8851fd47ad55_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-ptp@sha256:78251c9f29301cf945e7cd21059e26a4efa81f387351343391da8851fd47ad55?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-ptp\u0026tag=v4.6.0-202201111633.p0.g8f5a67a.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-metering-helm-container-rhel8@sha256:8280180d103a31b2e8594b2eb3711c205a956b2443624f6244488c86f0cab328_ppc64le",
"product": {
"name": "openshift4/ose-metering-helm-container-rhel8@sha256:8280180d103a31b2e8594b2eb3711c205a956b2443624f6244488c86f0cab328_ppc64le",
"product_id": "openshift4/ose-metering-helm-container-rhel8@sha256:8280180d103a31b2e8594b2eb3711c205a956b2443624f6244488c86f0cab328_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-metering-helm-container-rhel8@sha256:8280180d103a31b2e8594b2eb3711c205a956b2443624f6244488c86f0cab328?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-metering-helm-container-rhel8\u0026tag=v4.6.0-202201111633.p0.gcc06fc6.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-ptp-operator@sha256:3b88fd834e952da56657207ef1c29d5cb05b0a71a68cdd6c6af00ab846166e47_ppc64le",
"product": {
"name": "openshift4/ose-ptp-operator@sha256:3b88fd834e952da56657207ef1c29d5cb05b0a71a68cdd6c6af00ab846166e47_ppc64le",
"product_id": "openshift4/ose-ptp-operator@sha256:3b88fd834e952da56657207ef1c29d5cb05b0a71a68cdd6c6af00ab846166e47_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-ptp-operator@sha256:3b88fd834e952da56657207ef1c29d5cb05b0a71a68cdd6c6af00ab846166e47?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-ptp-operator\u0026tag=v4.6.0-202201111855.p0.g97081b3.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:0d541b24cd4e5f6fda0c0f6a652a600ce5b7107076dc0572a3da6b5d166220f7_ppc64le",
"product": {
"name": "openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:0d541b24cd4e5f6fda0c0f6a652a600ce5b7107076dc0572a3da6b5d166220f7_ppc64le",
"product_id": "openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:0d541b24cd4e5f6fda0c0f6a652a600ce5b7107076dc0572a3da6b5d166220f7_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-vertical-pod-autoscaler-rhel8@sha256:0d541b24cd4e5f6fda0c0f6a652a600ce5b7107076dc0572a3da6b5d166220f7?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-vertical-pod-autoscaler-rhel8\u0026tag=v4.6.0-202201111855.p0.ga19224c.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:b4a504d3d1fc1d1a8a2284edbf787dc3fc4279389c8f7a4f537da0f9d84f49de_ppc64le",
"product": {
"name": "openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:b4a504d3d1fc1d1a8a2284edbf787dc3fc4279389c8f7a4f537da0f9d84f49de_ppc64le",
"product_id": "openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:b4a504d3d1fc1d1a8a2284edbf787dc3fc4279389c8f7a4f537da0f9d84f49de_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-vertical-pod-autoscaler-rhel8-operator@sha256:b4a504d3d1fc1d1a8a2284edbf787dc3fc4279389c8f7a4f537da0f9d84f49de?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-vertical-pod-autoscaler-rhel8-operator\u0026tag=v4.6.0-202201111855.p0.gddfb5bf.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-sriov-cni@sha256:4a6d5d05e952393f41912f0b07e57ed2c6f1be49bd1bf6be2ad8dabffc9bf5a1_ppc64le",
"product": {
"name": "openshift4/ose-sriov-cni@sha256:4a6d5d05e952393f41912f0b07e57ed2c6f1be49bd1bf6be2ad8dabffc9bf5a1_ppc64le",
"product_id": "openshift4/ose-sriov-cni@sha256:4a6d5d05e952393f41912f0b07e57ed2c6f1be49bd1bf6be2ad8dabffc9bf5a1_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-sriov-cni@sha256:4a6d5d05e952393f41912f0b07e57ed2c6f1be49bd1bf6be2ad8dabffc9bf5a1?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-sriov-cni\u0026tag=v4.6.0-202201111633.p0.gd209fd9.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-sriov-dp-admission-controller@sha256:277aef8937aa7892c1bf281de09177c46af5717d0107ca3a249cd43c4d9d60b2_ppc64le",
"product": {
"name": "openshift4/ose-sriov-dp-admission-controller@sha256:277aef8937aa7892c1bf281de09177c46af5717d0107ca3a249cd43c4d9d60b2_ppc64le",
"product_id": "openshift4/ose-sriov-dp-admission-controller@sha256:277aef8937aa7892c1bf281de09177c46af5717d0107ca3a249cd43c4d9d60b2_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-sriov-dp-admission-controller@sha256:277aef8937aa7892c1bf281de09177c46af5717d0107ca3a249cd43c4d9d60b2?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-sriov-dp-admission-controller\u0026tag=v4.6.0-202201111633.p0.g907f1f6.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-sriov-network-config-daemon@sha256:a81cd86608af1bf295b247df68549ca62a980d6063f87fe6855f52ef69f9d933_ppc64le",
"product": {
"name": "openshift4/ose-sriov-network-config-daemon@sha256:a81cd86608af1bf295b247df68549ca62a980d6063f87fe6855f52ef69f9d933_ppc64le",
"product_id": "openshift4/ose-sriov-network-config-daemon@sha256:a81cd86608af1bf295b247df68549ca62a980d6063f87fe6855f52ef69f9d933_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-sriov-network-config-daemon@sha256:a81cd86608af1bf295b247df68549ca62a980d6063f87fe6855f52ef69f9d933?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-sriov-network-config-daemon\u0026tag=v4.6.0-202201111855.p0.g67dd835.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-sriov-network-device-plugin@sha256:5203b4e517f0255d2e530f61c7dfa21784987074540eb83845e52d6a66d8e875_ppc64le",
"product": {
"name": "openshift4/ose-sriov-network-device-plugin@sha256:5203b4e517f0255d2e530f61c7dfa21784987074540eb83845e52d6a66d8e875_ppc64le",
"product_id": "openshift4/ose-sriov-network-device-plugin@sha256:5203b4e517f0255d2e530f61c7dfa21784987074540eb83845e52d6a66d8e875_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-sriov-network-device-plugin@sha256:5203b4e517f0255d2e530f61c7dfa21784987074540eb83845e52d6a66d8e875?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-sriov-network-device-plugin\u0026tag=v4.6.0-202201111633.p0.g62be5ad.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-sriov-operator-must-gather@sha256:4297f0d0f045f58a11353fad6c9de6baaa31a6cb7903ad51f6b01bee4b9703f0_ppc64le",
"product": {
"name": "openshift4/ose-sriov-operator-must-gather@sha256:4297f0d0f045f58a11353fad6c9de6baaa31a6cb7903ad51f6b01bee4b9703f0_ppc64le",
"product_id": "openshift4/ose-sriov-operator-must-gather@sha256:4297f0d0f045f58a11353fad6c9de6baaa31a6cb7903ad51f6b01bee4b9703f0_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-sriov-operator-must-gather@sha256:4297f0d0f045f58a11353fad6c9de6baaa31a6cb7903ad51f6b01bee4b9703f0?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-sriov-operator-must-gather\u0026tag=v4.6.0-202201111855.p0.g67dd835.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-sriov-network-operator@sha256:185cba65f61575ba943dd5cb2726a0ac9f46a2f7a70d215f20b5364236c9670d_ppc64le",
"product": {
"name": "openshift4/ose-sriov-network-operator@sha256:185cba65f61575ba943dd5cb2726a0ac9f46a2f7a70d215f20b5364236c9670d_ppc64le",
"product_id": "openshift4/ose-sriov-network-operator@sha256:185cba65f61575ba943dd5cb2726a0ac9f46a2f7a70d215f20b5364236c9670d_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-sriov-network-operator@sha256:185cba65f61575ba943dd5cb2726a0ac9f46a2f7a70d215f20b5364236c9670d?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-sriov-network-operator\u0026tag=v4.6.0-202201111855.p0.g67dd835.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-sriov-network-webhook@sha256:290d63c1f882428084ed263cb9bf6fa6be0ef839ac0b864248dab92cee6790a7_ppc64le",
"product": {
"name": "openshift4/ose-sriov-network-webhook@sha256:290d63c1f882428084ed263cb9bf6fa6be0ef839ac0b864248dab92cee6790a7_ppc64le",
"product_id": "openshift4/ose-sriov-network-webhook@sha256:290d63c1f882428084ed263cb9bf6fa6be0ef839ac0b864248dab92cee6790a7_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-sriov-network-webhook@sha256:290d63c1f882428084ed263cb9bf6fa6be0ef839ac0b864248dab92cee6790a7?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-sriov-network-webhook\u0026tag=v4.6.0-202201111855.p0.g67dd835.assembly.stream"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift4/ose-descheduler@sha256:13b72f06cf0587747fb189781a85a79e9d3245e9add207afba714b85659ccf51_amd64",
"product": {
"name": "openshift4/ose-descheduler@sha256:13b72f06cf0587747fb189781a85a79e9d3245e9add207afba714b85659ccf51_amd64",
"product_id": "openshift4/ose-descheduler@sha256:13b72f06cf0587747fb189781a85a79e9d3245e9add207afba714b85659ccf51_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-descheduler@sha256:13b72f06cf0587747fb189781a85a79e9d3245e9add207afba714b85659ccf51?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-descheduler\u0026tag=v4.6.0-202201111633.p0.g4c0ed6d.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-node-problem-detector-rhel8@sha256:edd9b7d3df9f5f741c0d83607eabd20c0666960825dc21018813aee95fa0216a_amd64",
"product": {
"name": "openshift4/ose-node-problem-detector-rhel8@sha256:edd9b7d3df9f5f741c0d83607eabd20c0666960825dc21018813aee95fa0216a_amd64",
"product_id": "openshift4/ose-node-problem-detector-rhel8@sha256:edd9b7d3df9f5f741c0d83607eabd20c0666960825dc21018813aee95fa0216a_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-node-problem-detector-rhel8@sha256:edd9b7d3df9f5f741c0d83607eabd20c0666960825dc21018813aee95fa0216a?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-node-problem-detector-rhel8\u0026tag=v4.6.0-202201111633.p0.gb392f6d.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-cluster-logging-operator@sha256:2f8c778281b547d7f8a6926b4527651f1b93cbc836b4f567251b436406ae531d_amd64",
"product": {
"name": "openshift4/ose-cluster-logging-operator@sha256:2f8c778281b547d7f8a6926b4527651f1b93cbc836b4f567251b436406ae531d_amd64",
"product_id": "openshift4/ose-cluster-logging-operator@sha256:2f8c778281b547d7f8a6926b4527651f1b93cbc836b4f567251b436406ae531d_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-cluster-logging-operator@sha256:2f8c778281b547d7f8a6926b4527651f1b93cbc836b4f567251b436406ae531d?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-cluster-logging-operator\u0026tag=v4.6.0-202201181437.p0.g7f7eccc.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-cluster-nfd-operator@sha256:60e1a506e61226b57744b5023b8683745b602b32570c844631c5516e277cea4d_amd64",
"product": {
"name": "openshift4/ose-cluster-nfd-operator@sha256:60e1a506e61226b57744b5023b8683745b602b32570c844631c5516e277cea4d_amd64",
"product_id": "openshift4/ose-cluster-nfd-operator@sha256:60e1a506e61226b57744b5023b8683745b602b32570c844631c5516e277cea4d_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-cluster-nfd-operator@sha256:60e1a506e61226b57744b5023b8683745b602b32570c844631c5516e277cea4d?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-cluster-nfd-operator\u0026tag=v4.6.0-202201111633.p0.g791e21e.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-elasticsearch-operator@sha256:babd8e4facbdf98988147f9ca14aed822b9661dfd07667c03cd5c2b3cd779c61_amd64",
"product": {
"name": "openshift4/ose-elasticsearch-operator@sha256:babd8e4facbdf98988147f9ca14aed822b9661dfd07667c03cd5c2b3cd779c61_amd64",
"product_id": "openshift4/ose-elasticsearch-operator@sha256:babd8e4facbdf98988147f9ca14aed822b9661dfd07667c03cd5c2b3cd779c61_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-elasticsearch-operator@sha256:babd8e4facbdf98988147f9ca14aed822b9661dfd07667c03cd5c2b3cd779c61?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-elasticsearch-operator\u0026tag=v4.6.0-202201181437.p0.gd421c69.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-ghostunnel@sha256:cf92e54db3dad23fa8df46847b1da1330d925bd0a6b3ac266eed31baae6c86a9_amd64",
"product": {
"name": "openshift4/ose-ghostunnel@sha256:cf92e54db3dad23fa8df46847b1da1330d925bd0a6b3ac266eed31baae6c86a9_amd64",
"product_id": "openshift4/ose-ghostunnel@sha256:cf92e54db3dad23fa8df46847b1da1330d925bd0a6b3ac266eed31baae6c86a9_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-ghostunnel@sha256:cf92e54db3dad23fa8df46847b1da1330d925bd0a6b3ac266eed31baae6c86a9?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-ghostunnel\u0026tag=v4.6.0-202201111633.p0.gd5ea7b7.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-metering-hadoop@sha256:7c5a754163f73dbd38557b80f9c0b0286877774350177744ea6b199b0d62784f_amd64",
"product": {
"name": "openshift4/ose-metering-hadoop@sha256:7c5a754163f73dbd38557b80f9c0b0286877774350177744ea6b199b0d62784f_amd64",
"product_id": "openshift4/ose-metering-hadoop@sha256:7c5a754163f73dbd38557b80f9c0b0286877774350177744ea6b199b0d62784f_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-metering-hadoop@sha256:7c5a754163f73dbd38557b80f9c0b0286877774350177744ea6b199b0d62784f?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-metering-hadoop\u0026tag=v4.6.0-202201111633.p0.gf381145.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-metering-hive@sha256:b7e2a84f2e134b4316a8db9edebacd9bd8bb2a7daa7bf000da1d8802c45a2b12_amd64",
"product": {
"name": "openshift4/ose-metering-hive@sha256:b7e2a84f2e134b4316a8db9edebacd9bd8bb2a7daa7bf000da1d8802c45a2b12_amd64",
"product_id": "openshift4/ose-metering-hive@sha256:b7e2a84f2e134b4316a8db9edebacd9bd8bb2a7daa7bf000da1d8802c45a2b12_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-metering-hive@sha256:b7e2a84f2e134b4316a8db9edebacd9bd8bb2a7daa7bf000da1d8802c45a2b12?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-metering-hive\u0026tag=v4.6.0-202201111633.p0.gf139e12.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-sriov-infiniband-cni@sha256:fc1db84a3523bdddfd54725ecd4f75ae2271f4e97d649009ca8f9ae94a25cc1a_amd64",
"product": {
"name": "openshift4/ose-sriov-infiniband-cni@sha256:fc1db84a3523bdddfd54725ecd4f75ae2271f4e97d649009ca8f9ae94a25cc1a_amd64",
"product_id": "openshift4/ose-sriov-infiniband-cni@sha256:fc1db84a3523bdddfd54725ecd4f75ae2271f4e97d649009ca8f9ae94a25cc1a_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-sriov-infiniband-cni@sha256:fc1db84a3523bdddfd54725ecd4f75ae2271f4e97d649009ca8f9ae94a25cc1a?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-sriov-infiniband-cni\u0026tag=v4.6.0-202201111633.p0.g8082d6e.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-local-storage-diskmaker@sha256:f0803d7e103a6386db864d892b06a8506e1e8427f5439ade0b2b576cd57f39e1_amd64",
"product": {
"name": "openshift4/ose-local-storage-diskmaker@sha256:f0803d7e103a6386db864d892b06a8506e1e8427f5439ade0b2b576cd57f39e1_amd64",
"product_id": "openshift4/ose-local-storage-diskmaker@sha256:f0803d7e103a6386db864d892b06a8506e1e8427f5439ade0b2b576cd57f39e1_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-local-storage-diskmaker@sha256:f0803d7e103a6386db864d892b06a8506e1e8427f5439ade0b2b576cd57f39e1?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-local-storage-diskmaker\u0026tag=v4.6.0-202201111633.p0.gfa3468d.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-local-storage-operator@sha256:7ce40d96b827a92da571e809f563072c8dbcfeb4dd105e5e80c774ad7dd75424_amd64",
"product": {
"name": "openshift4/ose-local-storage-operator@sha256:7ce40d96b827a92da571e809f563072c8dbcfeb4dd105e5e80c774ad7dd75424_amd64",
"product_id": "openshift4/ose-local-storage-operator@sha256:7ce40d96b827a92da571e809f563072c8dbcfeb4dd105e5e80c774ad7dd75424_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-local-storage-operator@sha256:7ce40d96b827a92da571e809f563072c8dbcfeb4dd105e5e80c774ad7dd75424?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-local-storage-operator\u0026tag=v4.6.0-202201111633.p0.gfa3468d.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-local-storage-static-provisioner@sha256:88f085beb4edf3cdc7e03e08ec0bf896fd17fd5e8629891e1359b500ddee3d40_amd64",
"product": {
"name": "openshift4/ose-local-storage-static-provisioner@sha256:88f085beb4edf3cdc7e03e08ec0bf896fd17fd5e8629891e1359b500ddee3d40_amd64",
"product_id": "openshift4/ose-local-storage-static-provisioner@sha256:88f085beb4edf3cdc7e03e08ec0bf896fd17fd5e8629891e1359b500ddee3d40_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-local-storage-static-provisioner@sha256:88f085beb4edf3cdc7e03e08ec0bf896fd17fd5e8629891e1359b500ddee3d40?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-local-storage-static-provisioner\u0026tag=v4.6.0-202201111633.p0.g9ee7458.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-logging-curator5@sha256:ef9ca522e2e42d28263fe567dfd1455872a13b779d009f569f86a9806f7727b5_amd64",
"product": {
"name": "openshift4/ose-logging-curator5@sha256:ef9ca522e2e42d28263fe567dfd1455872a13b779d009f569f86a9806f7727b5_amd64",
"product_id": "openshift4/ose-logging-curator5@sha256:ef9ca522e2e42d28263fe567dfd1455872a13b779d009f569f86a9806f7727b5_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-logging-curator5@sha256:ef9ca522e2e42d28263fe567dfd1455872a13b779d009f569f86a9806f7727b5?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-logging-curator5\u0026tag=v4.6.0-202201181437.p0.g181b827.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-logging-elasticsearch6@sha256:08069eb8d8084532872995971c4613487efe93e338fb091db122b9bf48228927_amd64",
"product": {
"name": "openshift4/ose-logging-elasticsearch6@sha256:08069eb8d8084532872995971c4613487efe93e338fb091db122b9bf48228927_amd64",
"product_id": "openshift4/ose-logging-elasticsearch6@sha256:08069eb8d8084532872995971c4613487efe93e338fb091db122b9bf48228927_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-logging-elasticsearch6@sha256:08069eb8d8084532872995971c4613487efe93e338fb091db122b9bf48228927?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-logging-elasticsearch6\u0026tag=v4.6.0-202201181437.p0.g181b827.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-logging-eventrouter@sha256:d174e013bab68f62d077d3994b3419e02bb48f7df30b7ba9416f3531898faa0f_amd64",
"product": {
"name": "openshift4/ose-logging-eventrouter@sha256:d174e013bab68f62d077d3994b3419e02bb48f7df30b7ba9416f3531898faa0f_amd64",
"product_id": "openshift4/ose-logging-eventrouter@sha256:d174e013bab68f62d077d3994b3419e02bb48f7df30b7ba9416f3531898faa0f_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-logging-eventrouter@sha256:d174e013bab68f62d077d3994b3419e02bb48f7df30b7ba9416f3531898faa0f?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-logging-eventrouter\u0026tag=v4.6.0-202201111633.p0.g131cfe6.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-logging-fluentd@sha256:a8cfdeddcc6a910f5cb320afa136544575c6c8a957270973ce0fd09c090cada6_amd64",
"product": {
"name": "openshift4/ose-logging-fluentd@sha256:a8cfdeddcc6a910f5cb320afa136544575c6c8a957270973ce0fd09c090cada6_amd64",
"product_id": "openshift4/ose-logging-fluentd@sha256:a8cfdeddcc6a910f5cb320afa136544575c6c8a957270973ce0fd09c090cada6_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-logging-fluentd@sha256:a8cfdeddcc6a910f5cb320afa136544575c6c8a957270973ce0fd09c090cada6?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-logging-fluentd\u0026tag=v4.6.0-202201181437.p0.g181b827.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-logging-kibana6@sha256:713c0cf0011d8b9b965fce87c21c1822ec3e6b30a12d523cfae899e3df538376_amd64",
"product": {
"name": "openshift4/ose-logging-kibana6@sha256:713c0cf0011d8b9b965fce87c21c1822ec3e6b30a12d523cfae899e3df538376_amd64",
"product_id": "openshift4/ose-logging-kibana6@sha256:713c0cf0011d8b9b965fce87c21c1822ec3e6b30a12d523cfae899e3df538376_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-logging-kibana6@sha256:713c0cf0011d8b9b965fce87c21c1822ec3e6b30a12d523cfae899e3df538376?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-logging-kibana6\u0026tag=v4.6.0-202201181437.p0.g181b827.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-node-feature-discovery@sha256:949915f8d3fa7b0d99e8b01fdf6cc6a28c16942a6978fa7cbb604467a5b9bd04_amd64",
"product": {
"name": "openshift4/ose-node-feature-discovery@sha256:949915f8d3fa7b0d99e8b01fdf6cc6a28c16942a6978fa7cbb604467a5b9bd04_amd64",
"product_id": "openshift4/ose-node-feature-discovery@sha256:949915f8d3fa7b0d99e8b01fdf6cc6a28c16942a6978fa7cbb604467a5b9bd04_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-node-feature-discovery@sha256:949915f8d3fa7b0d99e8b01fdf6cc6a28c16942a6978fa7cbb604467a5b9bd04?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-node-feature-discovery\u0026tag=v4.6.0-202201111633.p0.ge75e467.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-ansible-operator@sha256:6e7666c52fca236c7708df93a64720b1bc94d9997c5cca300fb78a5301a811d3_amd64",
"product": {
"name": "openshift4/ose-ansible-operator@sha256:6e7666c52fca236c7708df93a64720b1bc94d9997c5cca300fb78a5301a811d3_amd64",
"product_id": "openshift4/ose-ansible-operator@sha256:6e7666c52fca236c7708df93a64720b1bc94d9997c5cca300fb78a5301a811d3_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-ansible-operator@sha256:6e7666c52fca236c7708df93a64720b1bc94d9997c5cca300fb78a5301a811d3?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-ansible-operator\u0026tag=v4.6.0-202201111855.p0.gf65b49e.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-cluster-capacity@sha256:552025bcda355dc99917e2a454b11df197c7033ec3468752db7f4f55385c0009_amd64",
"product": {
"name": "openshift4/ose-cluster-capacity@sha256:552025bcda355dc99917e2a454b11df197c7033ec3468752db7f4f55385c0009_amd64",
"product_id": "openshift4/ose-cluster-capacity@sha256:552025bcda355dc99917e2a454b11df197c7033ec3468752db7f4f55385c0009_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-cluster-capacity@sha256:552025bcda355dc99917e2a454b11df197c7033ec3468752db7f4f55385c0009?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-cluster-capacity\u0026tag=v4.6.0-202201111633.p0.g44065a4.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-egress-dns-proxy@sha256:06a4ed599ae7598453ea474092c8515b2bead4631d5fc22848f19100b3d8d34a_amd64",
"product": {
"name": "openshift4/ose-egress-dns-proxy@sha256:06a4ed599ae7598453ea474092c8515b2bead4631d5fc22848f19100b3d8d34a_amd64",
"product_id": "openshift4/ose-egress-dns-proxy@sha256:06a4ed599ae7598453ea474092c8515b2bead4631d5fc22848f19100b3d8d34a_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-egress-dns-proxy@sha256:06a4ed599ae7598453ea474092c8515b2bead4631d5fc22848f19100b3d8d34a?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-egress-dns-proxy\u0026tag=v4.6.0-202201120855.p0.g618b71d.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-egress-router@sha256:abc06cbf734379c3460d401eae44981d01f2489d85ba128d6c25ad4e9cc4ac5a_amd64",
"product": {
"name": "openshift4/ose-egress-router@sha256:abc06cbf734379c3460d401eae44981d01f2489d85ba128d6c25ad4e9cc4ac5a_amd64",
"product_id": "openshift4/ose-egress-router@sha256:abc06cbf734379c3460d401eae44981d01f2489d85ba128d6c25ad4e9cc4ac5a_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-egress-router@sha256:abc06cbf734379c3460d401eae44981d01f2489d85ba128d6c25ad4e9cc4ac5a?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-egress-router\u0026tag=v4.6.0-202201111633.p0.g618b71d.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-helm-operator@sha256:0c87dc49ed5f7fe9b495fc4ce9c04533a3cb30bcf35776730fb23d68fb7d935c_amd64",
"product": {
"name": "openshift4/ose-helm-operator@sha256:0c87dc49ed5f7fe9b495fc4ce9c04533a3cb30bcf35776730fb23d68fb7d935c_amd64",
"product_id": "openshift4/ose-helm-operator@sha256:0c87dc49ed5f7fe9b495fc4ce9c04533a3cb30bcf35776730fb23d68fb7d935c_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-helm-operator@sha256:0c87dc49ed5f7fe9b495fc4ce9c04533a3cb30bcf35776730fb23d68fb7d935c?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-helm-operator\u0026tag=v4.6.0-202201111633.p0.gf65b49e.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-service-idler-rhel8@sha256:e223fe4e6a2e1de6d0faa3c3b1164e914bdb9315f679416d3aecffd4f8544f06_amd64",
"product": {
"name": "openshift4/ose-service-idler-rhel8@sha256:e223fe4e6a2e1de6d0faa3c3b1164e914bdb9315f679416d3aecffd4f8544f06_amd64",
"product_id": "openshift4/ose-service-idler-rhel8@sha256:e223fe4e6a2e1de6d0faa3c3b1164e914bdb9315f679416d3aecffd4f8544f06_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-service-idler-rhel8@sha256:e223fe4e6a2e1de6d0faa3c3b1164e914bdb9315f679416d3aecffd4f8544f06?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-service-idler-rhel8\u0026tag=v4.6.0-202201111633.p0.g39cfc66.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-cluster-kube-descheduler-operator@sha256:3487912c66a6b61677be483ad0d48d404933d4f2c855a962b0038adefda820ac_amd64",
"product": {
"name": "openshift4/ose-cluster-kube-descheduler-operator@sha256:3487912c66a6b61677be483ad0d48d404933d4f2c855a962b0038adefda820ac_amd64",
"product_id": "openshift4/ose-cluster-kube-descheduler-operator@sha256:3487912c66a6b61677be483ad0d48d404933d4f2c855a962b0038adefda820ac_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-cluster-kube-descheduler-operator@sha256:3487912c66a6b61677be483ad0d48d404933d4f2c855a962b0038adefda820ac?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-cluster-kube-descheduler-operator\u0026tag=v4.6.0-202201111855.p0.gbd1f995.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:3487912c66a6b61677be483ad0d48d404933d4f2c855a962b0038adefda820ac_amd64",
"product": {
"name": "openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:3487912c66a6b61677be483ad0d48d404933d4f2c855a962b0038adefda820ac_amd64",
"product_id": "openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:3487912c66a6b61677be483ad0d48d404933d4f2c855a962b0038adefda820ac_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-cluster-kube-descheduler-rhel8-operator@sha256:3487912c66a6b61677be483ad0d48d404933d4f2c855a962b0038adefda820ac?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-cluster-kube-descheduler-rhel8-operator\u0026tag=v4.6.0-202201111855.p0.gbd1f995.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-clusterresourceoverride-rhel8@sha256:135edfa97d1e2c97e4d71e91f22cf412df20b1a2f985f9dace339ff6419b0afe_amd64",
"product": {
"name": "openshift4/ose-clusterresourceoverride-rhel8@sha256:135edfa97d1e2c97e4d71e91f22cf412df20b1a2f985f9dace339ff6419b0afe_amd64",
"product_id": "openshift4/ose-clusterresourceoverride-rhel8@sha256:135edfa97d1e2c97e4d71e91f22cf412df20b1a2f985f9dace339ff6419b0afe_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-clusterresourceoverride-rhel8@sha256:135edfa97d1e2c97e4d71e91f22cf412df20b1a2f985f9dace339ff6419b0afe?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-clusterresourceoverride-rhel8\u0026tag=v4.6.0-202201111633.p0.gfabfa8b.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:f5a0bbf1cdee2baeeeef4a68f9c2778b3e32803aa39d3a5225ab14c5a834abda_amd64",
"product": {
"name": "openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:f5a0bbf1cdee2baeeeef4a68f9c2778b3e32803aa39d3a5225ab14c5a834abda_amd64",
"product_id": "openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:f5a0bbf1cdee2baeeeef4a68f9c2778b3e32803aa39d3a5225ab14c5a834abda_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-clusterresourceoverride-rhel8-operator@sha256:f5a0bbf1cdee2baeeeef4a68f9c2778b3e32803aa39d3a5225ab14c5a834abda?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-clusterresourceoverride-rhel8-operator\u0026tag=v4.6.0-202201111633.p0.g9c75ad0.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-egress-http-proxy@sha256:989062e17028afc452b6049eeb2b49988dbca1857b5be4c0ebc0d540ef4a9f0c_amd64",
"product": {
"name": "openshift4/ose-egress-http-proxy@sha256:989062e17028afc452b6049eeb2b49988dbca1857b5be4c0ebc0d540ef4a9f0c_amd64",
"product_id": "openshift4/ose-egress-http-proxy@sha256:989062e17028afc452b6049eeb2b49988dbca1857b5be4c0ebc0d540ef4a9f0c_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-egress-http-proxy@sha256:989062e17028afc452b6049eeb2b49988dbca1857b5be4c0ebc0d540ef4a9f0c?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-egress-http-proxy\u0026tag=v4.6.0-202201111633.p0.g618b71d.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-elasticsearch-proxy@sha256:6f38aaca7153b53dd766acef9a056816c358a389629930fb6704cd136457f1fd_amd64",
"product": {
"name": "openshift4/ose-elasticsearch-proxy@sha256:6f38aaca7153b53dd766acef9a056816c358a389629930fb6704cd136457f1fd_amd64",
"product_id": "openshift4/ose-elasticsearch-proxy@sha256:6f38aaca7153b53dd766acef9a056816c358a389629930fb6704cd136457f1fd_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-elasticsearch-proxy@sha256:6f38aaca7153b53dd766acef9a056816c358a389629930fb6704cd136457f1fd?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-elasticsearch-proxy\u0026tag=v4.6.0-202201111633.p0.g12d80b2.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:53e4efe77d61d5c975e0d2bda0a5721624fa9b9bbe845b879320745dc5808146_amd64",
"product": {
"name": "openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:53e4efe77d61d5c975e0d2bda0a5721624fa9b9bbe845b879320745dc5808146_amd64",
"product_id": "openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:53e4efe77d61d5c975e0d2bda0a5721624fa9b9bbe845b879320745dc5808146_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-jenkins-agent-nodejs-10-rhel8@sha256:53e4efe77d61d5c975e0d2bda0a5721624fa9b9bbe845b879320745dc5808146?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-jenkins-agent-nodejs-10-rhel8\u0026tag=v4.6.0-202201111855.p0.g3c3794f.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-ptp@sha256:ba082241f9cc57f8b35a979d7b9096bdad4c9f6dd4cdecde0e4d6eba7645d9e2_amd64",
"product": {
"name": "openshift4/ose-ptp@sha256:ba082241f9cc57f8b35a979d7b9096bdad4c9f6dd4cdecde0e4d6eba7645d9e2_amd64",
"product_id": "openshift4/ose-ptp@sha256:ba082241f9cc57f8b35a979d7b9096bdad4c9f6dd4cdecde0e4d6eba7645d9e2_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-ptp@sha256:ba082241f9cc57f8b35a979d7b9096bdad4c9f6dd4cdecde0e4d6eba7645d9e2?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-ptp\u0026tag=v4.6.0-202201111633.p0.g8f5a67a.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-metering-ansible-operator@sha256:f976ae1318691de3da7f208bea500c745796ab9f8de712c1801268a2f431f23f_amd64",
"product": {
"name": "openshift4/ose-metering-ansible-operator@sha256:f976ae1318691de3da7f208bea500c745796ab9f8de712c1801268a2f431f23f_amd64",
"product_id": "openshift4/ose-metering-ansible-operator@sha256:f976ae1318691de3da7f208bea500c745796ab9f8de712c1801268a2f431f23f_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-metering-ansible-operator@sha256:f976ae1318691de3da7f208bea500c745796ab9f8de712c1801268a2f431f23f?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-metering-ansible-operator\u0026tag=v4.6.0-202201111855.p0.gd74112d.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-metering-helm-container-rhel8@sha256:d5a0cbbe425d23a642743748f74d4432e53ab2e30d7af633d470e7bda82a18af_amd64",
"product": {
"name": "openshift4/ose-metering-helm-container-rhel8@sha256:d5a0cbbe425d23a642743748f74d4432e53ab2e30d7af633d470e7bda82a18af_amd64",
"product_id": "openshift4/ose-metering-helm-container-rhel8@sha256:d5a0cbbe425d23a642743748f74d4432e53ab2e30d7af633d470e7bda82a18af_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-metering-helm-container-rhel8@sha256:d5a0cbbe425d23a642743748f74d4432e53ab2e30d7af633d470e7bda82a18af?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-metering-helm-container-rhel8\u0026tag=v4.6.0-202201111633.p0.gcc06fc6.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-metering-reporting-operator@sha256:677d94835e2141a208294a4c241c8ed214a6d9c5c21c03c88c7ccf19b461d3b5_amd64",
"product": {
"name": "openshift4/ose-metering-reporting-operator@sha256:677d94835e2141a208294a4c241c8ed214a6d9c5c21c03c88c7ccf19b461d3b5_amd64",
"product_id": "openshift4/ose-metering-reporting-operator@sha256:677d94835e2141a208294a4c241c8ed214a6d9c5c21c03c88c7ccf19b461d3b5_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-metering-reporting-operator@sha256:677d94835e2141a208294a4c241c8ed214a6d9c5c21c03c88c7ccf19b461d3b5?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-metering-reporting-operator\u0026tag=v4.6.0-202201111633.p0.gd74112d.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-ptp-operator@sha256:c7fec4fe430865ff8668e960cba75cb8f5c1ea448131dbc786a977ad9b988279_amd64",
"product": {
"name": "openshift4/ose-ptp-operator@sha256:c7fec4fe430865ff8668e960cba75cb8f5c1ea448131dbc786a977ad9b988279_amd64",
"product_id": "openshift4/ose-ptp-operator@sha256:c7fec4fe430865ff8668e960cba75cb8f5c1ea448131dbc786a977ad9b988279_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-ptp-operator@sha256:c7fec4fe430865ff8668e960cba75cb8f5c1ea448131dbc786a977ad9b988279?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-ptp-operator\u0026tag=v4.6.0-202201111855.p0.g97081b3.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:065ab5c72fef744a40955cc745bef43af5853ea6a92adb9282f871cfeb50ddd4_amd64",
"product": {
"name": "openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:065ab5c72fef744a40955cc745bef43af5853ea6a92adb9282f871cfeb50ddd4_amd64",
"product_id": "openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:065ab5c72fef744a40955cc745bef43af5853ea6a92adb9282f871cfeb50ddd4_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-vertical-pod-autoscaler-rhel8@sha256:065ab5c72fef744a40955cc745bef43af5853ea6a92adb9282f871cfeb50ddd4?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-vertical-pod-autoscaler-rhel8\u0026tag=v4.6.0-202201111855.p0.ga19224c.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:ea78f087daa0036569c99345c064af69d9970b6721682f435dd5e3b424ef8892_amd64",
"product": {
"name": "openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:ea78f087daa0036569c99345c064af69d9970b6721682f435dd5e3b424ef8892_amd64",
"product_id": "openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:ea78f087daa0036569c99345c064af69d9970b6721682f435dd5e3b424ef8892_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-vertical-pod-autoscaler-rhel8-operator@sha256:ea78f087daa0036569c99345c064af69d9970b6721682f435dd5e3b424ef8892?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-vertical-pod-autoscaler-rhel8-operator\u0026tag=v4.6.0-202201111855.p0.gddfb5bf.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-metering-presto@sha256:84e9cbd74084dd42bd340ff837a9fb3de1f62babcb55c4a3a684c0b9881db385_amd64",
"product": {
"name": "openshift4/ose-metering-presto@sha256:84e9cbd74084dd42bd340ff837a9fb3de1f62babcb55c4a3a684c0b9881db385_amd64",
"product_id": "openshift4/ose-metering-presto@sha256:84e9cbd74084dd42bd340ff837a9fb3de1f62babcb55c4a3a684c0b9881db385_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-metering-presto@sha256:84e9cbd74084dd42bd340ff837a9fb3de1f62babcb55c4a3a684c0b9881db385?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-metering-presto\u0026tag=v4.6.0-202201111633.p0.g190688a.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-sriov-cni@sha256:c1ee961c1df9a16a2764d252cd3ee00ccba8faa5286352c0eff96e0a06daeb85_amd64",
"product": {
"name": "openshift4/ose-sriov-cni@sha256:c1ee961c1df9a16a2764d252cd3ee00ccba8faa5286352c0eff96e0a06daeb85_amd64",
"product_id": "openshift4/ose-sriov-cni@sha256:c1ee961c1df9a16a2764d252cd3ee00ccba8faa5286352c0eff96e0a06daeb85_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-sriov-cni@sha256:c1ee961c1df9a16a2764d252cd3ee00ccba8faa5286352c0eff96e0a06daeb85?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-sriov-cni\u0026tag=v4.6.0-202201111633.p0.gd209fd9.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-sriov-dp-admission-controller@sha256:2971cf58e8005c83acfedbdc25047fc61b2857c080da9964269384b1a580facc_amd64",
"product": {
"name": "openshift4/ose-sriov-dp-admission-controller@sha256:2971cf58e8005c83acfedbdc25047fc61b2857c080da9964269384b1a580facc_amd64",
"product_id": "openshift4/ose-sriov-dp-admission-controller@sha256:2971cf58e8005c83acfedbdc25047fc61b2857c080da9964269384b1a580facc_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-sriov-dp-admission-controller@sha256:2971cf58e8005c83acfedbdc25047fc61b2857c080da9964269384b1a580facc?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-sriov-dp-admission-controller\u0026tag=v4.6.0-202201111633.p0.g907f1f6.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-sriov-network-config-daemon@sha256:17ec16af68906589680c714c3fb858fb83389e9278ca79b8f9ec4ad953821f2c_amd64",
"product": {
"name": "openshift4/ose-sriov-network-config-daemon@sha256:17ec16af68906589680c714c3fb858fb83389e9278ca79b8f9ec4ad953821f2c_amd64",
"product_id": "openshift4/ose-sriov-network-config-daemon@sha256:17ec16af68906589680c714c3fb858fb83389e9278ca79b8f9ec4ad953821f2c_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-sriov-network-config-daemon@sha256:17ec16af68906589680c714c3fb858fb83389e9278ca79b8f9ec4ad953821f2c?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-sriov-network-config-daemon\u0026tag=v4.6.0-202201111855.p0.g67dd835.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-sriov-network-device-plugin@sha256:e1f3573ca92174ca9226d60edbffa24e2f6cd4f8b6affc4381dc92b4f7f9c7c5_amd64",
"product": {
"name": "openshift4/ose-sriov-network-device-plugin@sha256:e1f3573ca92174ca9226d60edbffa24e2f6cd4f8b6affc4381dc92b4f7f9c7c5_amd64",
"product_id": "openshift4/ose-sriov-network-device-plugin@sha256:e1f3573ca92174ca9226d60edbffa24e2f6cd4f8b6affc4381dc92b4f7f9c7c5_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-sriov-network-device-plugin@sha256:e1f3573ca92174ca9226d60edbffa24e2f6cd4f8b6affc4381dc92b4f7f9c7c5?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-sriov-network-device-plugin\u0026tag=v4.6.0-202201111633.p0.g62be5ad.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-sriov-operator-must-gather@sha256:f8683e6e50556395669789acaeb433cf533dc43f77f45dcba49cbd69d3096c1b_amd64",
"product": {
"name": "openshift4/ose-sriov-operator-must-gather@sha256:f8683e6e50556395669789acaeb433cf533dc43f77f45dcba49cbd69d3096c1b_amd64",
"product_id": "openshift4/ose-sriov-operator-must-gather@sha256:f8683e6e50556395669789acaeb433cf533dc43f77f45dcba49cbd69d3096c1b_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-sriov-operator-must-gather@sha256:f8683e6e50556395669789acaeb433cf533dc43f77f45dcba49cbd69d3096c1b?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-sriov-operator-must-gather\u0026tag=v4.6.0-202201111855.p0.g67dd835.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-sriov-network-operator@sha256:49d76edf3ab80e9be59a94ec660d8168812f3455f5f10ff71826bb96969ffcec_amd64",
"product": {
"name": "openshift4/ose-sriov-network-operator@sha256:49d76edf3ab80e9be59a94ec660d8168812f3455f5f10ff71826bb96969ffcec_amd64",
"product_id": "openshift4/ose-sriov-network-operator@sha256:49d76edf3ab80e9be59a94ec660d8168812f3455f5f10ff71826bb96969ffcec_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-sriov-network-operator@sha256:49d76edf3ab80e9be59a94ec660d8168812f3455f5f10ff71826bb96969ffcec?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-sriov-network-operator\u0026tag=v4.6.0-202201111855.p0.g67dd835.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-sriov-network-webhook@sha256:f07c522de4d1858ee086ccad7d5f9c922564b0b67b6677611074f856e4334c4e_amd64",
"product": {
"name": "openshift4/ose-sriov-network-webhook@sha256:f07c522de4d1858ee086ccad7d5f9c922564b0b67b6677611074f856e4334c4e_amd64",
"product_id": "openshift4/ose-sriov-network-webhook@sha256:f07c522de4d1858ee086ccad7d5f9c922564b0b67b6677611074f856e4334c4e_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-sriov-network-webhook@sha256:f07c522de4d1858ee086ccad7d5f9c922564b0b67b6677611074f856e4334c4e?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-sriov-network-webhook\u0026tag=v4.6.0-202201111855.p0.g67dd835.assembly.stream"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift4/ose-descheduler@sha256:e1025d0ff1b498ab133c2c8c952d74a06a26767919af075616ad3e3df7e1aa7b_s390x",
"product": {
"name": "openshift4/ose-descheduler@sha256:e1025d0ff1b498ab133c2c8c952d74a06a26767919af075616ad3e3df7e1aa7b_s390x",
"product_id": "openshift4/ose-descheduler@sha256:e1025d0ff1b498ab133c2c8c952d74a06a26767919af075616ad3e3df7e1aa7b_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-descheduler@sha256:e1025d0ff1b498ab133c2c8c952d74a06a26767919af075616ad3e3df7e1aa7b?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-descheduler\u0026tag=v4.6.0-202201111633.p0.g4c0ed6d.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-node-problem-detector-rhel8@sha256:965ad84e25c85428bc5554dc24c929a294d766616649107cea227848f14605f1_s390x",
"product": {
"name": "openshift4/ose-node-problem-detector-rhel8@sha256:965ad84e25c85428bc5554dc24c929a294d766616649107cea227848f14605f1_s390x",
"product_id": "openshift4/ose-node-problem-detector-rhel8@sha256:965ad84e25c85428bc5554dc24c929a294d766616649107cea227848f14605f1_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-node-problem-detector-rhel8@sha256:965ad84e25c85428bc5554dc24c929a294d766616649107cea227848f14605f1?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-node-problem-detector-rhel8\u0026tag=v4.6.0-202201111633.p0.gb392f6d.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-cluster-logging-operator@sha256:bf1348edada5d722cfdb83a825034eed794534da4297c2cba973ce10d422f3b6_s390x",
"product": {
"name": "openshift4/ose-cluster-logging-operator@sha256:bf1348edada5d722cfdb83a825034eed794534da4297c2cba973ce10d422f3b6_s390x",
"product_id": "openshift4/ose-cluster-logging-operator@sha256:bf1348edada5d722cfdb83a825034eed794534da4297c2cba973ce10d422f3b6_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-cluster-logging-operator@sha256:bf1348edada5d722cfdb83a825034eed794534da4297c2cba973ce10d422f3b6?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-cluster-logging-operator\u0026tag=v4.6.0-202201181437.p0.g7f7eccc.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-cluster-nfd-operator@sha256:2fbdb1983c71d76bdc84593cb94b846afbe7504270ff49cf194d29f46c2a54ce_s390x",
"product": {
"name": "openshift4/ose-cluster-nfd-operator@sha256:2fbdb1983c71d76bdc84593cb94b846afbe7504270ff49cf194d29f46c2a54ce_s390x",
"product_id": "openshift4/ose-cluster-nfd-operator@sha256:2fbdb1983c71d76bdc84593cb94b846afbe7504270ff49cf194d29f46c2a54ce_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-cluster-nfd-operator@sha256:2fbdb1983c71d76bdc84593cb94b846afbe7504270ff49cf194d29f46c2a54ce?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-cluster-nfd-operator\u0026tag=v4.6.0-202201111633.p0.g791e21e.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-elasticsearch-operator@sha256:55068deddcc722093ffbaef460407c0d62b95120489994ad35a3e103ae8bb825_s390x",
"product": {
"name": "openshift4/ose-elasticsearch-operator@sha256:55068deddcc722093ffbaef460407c0d62b95120489994ad35a3e103ae8bb825_s390x",
"product_id": "openshift4/ose-elasticsearch-operator@sha256:55068deddcc722093ffbaef460407c0d62b95120489994ad35a3e103ae8bb825_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-elasticsearch-operator@sha256:55068deddcc722093ffbaef460407c0d62b95120489994ad35a3e103ae8bb825?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-elasticsearch-operator\u0026tag=v4.6.0-202201181437.p0.gd421c69.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-sriov-infiniband-cni@sha256:bd3f71cebd3399a0c610439ef26582deb6e67ca46080fe8e6c3e2b51bb95d118_s390x",
"product": {
"name": "openshift4/ose-sriov-infiniband-cni@sha256:bd3f71cebd3399a0c610439ef26582deb6e67ca46080fe8e6c3e2b51bb95d118_s390x",
"product_id": "openshift4/ose-sriov-infiniband-cni@sha256:bd3f71cebd3399a0c610439ef26582deb6e67ca46080fe8e6c3e2b51bb95d118_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-sriov-infiniband-cni@sha256:bd3f71cebd3399a0c610439ef26582deb6e67ca46080fe8e6c3e2b51bb95d118?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-sriov-infiniband-cni\u0026tag=v4.6.0-202201111633.p0.g8082d6e.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-local-storage-diskmaker@sha256:ff35c8d9cafec29f141be52773cdbfc2b4da2197c54977554662e3c5b06443ba_s390x",
"product": {
"name": "openshift4/ose-local-storage-diskmaker@sha256:ff35c8d9cafec29f141be52773cdbfc2b4da2197c54977554662e3c5b06443ba_s390x",
"product_id": "openshift4/ose-local-storage-diskmaker@sha256:ff35c8d9cafec29f141be52773cdbfc2b4da2197c54977554662e3c5b06443ba_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-local-storage-diskmaker@sha256:ff35c8d9cafec29f141be52773cdbfc2b4da2197c54977554662e3c5b06443ba?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-local-storage-diskmaker\u0026tag=v4.6.0-202201111633.p0.gfa3468d.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-local-storage-operator@sha256:2e791e91cc04924add27dd73651cc783eb0dc134a5d936245ffcdb655fee973f_s390x",
"product": {
"name": "openshift4/ose-local-storage-operator@sha256:2e791e91cc04924add27dd73651cc783eb0dc134a5d936245ffcdb655fee973f_s390x",
"product_id": "openshift4/ose-local-storage-operator@sha256:2e791e91cc04924add27dd73651cc783eb0dc134a5d936245ffcdb655fee973f_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-local-storage-operator@sha256:2e791e91cc04924add27dd73651cc783eb0dc134a5d936245ffcdb655fee973f?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-local-storage-operator\u0026tag=v4.6.0-202201111633.p0.gfa3468d.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-local-storage-static-provisioner@sha256:fce99497254da60d9ea29f8da240b21501f00369272a83229e9afe7cde4b3a9a_s390x",
"product": {
"name": "openshift4/ose-local-storage-static-provisioner@sha256:fce99497254da60d9ea29f8da240b21501f00369272a83229e9afe7cde4b3a9a_s390x",
"product_id": "openshift4/ose-local-storage-static-provisioner@sha256:fce99497254da60d9ea29f8da240b21501f00369272a83229e9afe7cde4b3a9a_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-local-storage-static-provisioner@sha256:fce99497254da60d9ea29f8da240b21501f00369272a83229e9afe7cde4b3a9a?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-local-storage-static-provisioner\u0026tag=v4.6.0-202201111633.p0.g9ee7458.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-logging-curator5@sha256:ad1bc526e85aecd53f0b8563f6461f4e93ae7929f0e124a262781859ecad2b5d_s390x",
"product": {
"name": "openshift4/ose-logging-curator5@sha256:ad1bc526e85aecd53f0b8563f6461f4e93ae7929f0e124a262781859ecad2b5d_s390x",
"product_id": "openshift4/ose-logging-curator5@sha256:ad1bc526e85aecd53f0b8563f6461f4e93ae7929f0e124a262781859ecad2b5d_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-logging-curator5@sha256:ad1bc526e85aecd53f0b8563f6461f4e93ae7929f0e124a262781859ecad2b5d?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-logging-curator5\u0026tag=v4.6.0-202201181437.p0.g181b827.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-logging-elasticsearch6@sha256:43eaa7ac445e648a9a44b6dacb87f96708d67d2bc262ff59980d8929fb20797b_s390x",
"product": {
"name": "openshift4/ose-logging-elasticsearch6@sha256:43eaa7ac445e648a9a44b6dacb87f96708d67d2bc262ff59980d8929fb20797b_s390x",
"product_id": "openshift4/ose-logging-elasticsearch6@sha256:43eaa7ac445e648a9a44b6dacb87f96708d67d2bc262ff59980d8929fb20797b_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-logging-elasticsearch6@sha256:43eaa7ac445e648a9a44b6dacb87f96708d67d2bc262ff59980d8929fb20797b?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-logging-elasticsearch6\u0026tag=v4.6.0-202201181437.p0.g181b827.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-logging-eventrouter@sha256:3ce7b7b2c42de34e85ec322e781da324de0be3642acd1cbe7b51bc584a9266c0_s390x",
"product": {
"name": "openshift4/ose-logging-eventrouter@sha256:3ce7b7b2c42de34e85ec322e781da324de0be3642acd1cbe7b51bc584a9266c0_s390x",
"product_id": "openshift4/ose-logging-eventrouter@sha256:3ce7b7b2c42de34e85ec322e781da324de0be3642acd1cbe7b51bc584a9266c0_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-logging-eventrouter@sha256:3ce7b7b2c42de34e85ec322e781da324de0be3642acd1cbe7b51bc584a9266c0?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-logging-eventrouter\u0026tag=v4.6.0-202201111633.p0.g131cfe6.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-logging-fluentd@sha256:4868be0ee955c03af2def300abc0462f1c9644f9247584e30fdccc2d8780679e_s390x",
"product": {
"name": "openshift4/ose-logging-fluentd@sha256:4868be0ee955c03af2def300abc0462f1c9644f9247584e30fdccc2d8780679e_s390x",
"product_id": "openshift4/ose-logging-fluentd@sha256:4868be0ee955c03af2def300abc0462f1c9644f9247584e30fdccc2d8780679e_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-logging-fluentd@sha256:4868be0ee955c03af2def300abc0462f1c9644f9247584e30fdccc2d8780679e?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-logging-fluentd\u0026tag=v4.6.0-202201181437.p0.g181b827.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-logging-kibana6@sha256:1b4742afd01443ad4b3e06b3fcaee1d5eb111db7a348f8b8a993e6d25da43460_s390x",
"product": {
"name": "openshift4/ose-logging-kibana6@sha256:1b4742afd01443ad4b3e06b3fcaee1d5eb111db7a348f8b8a993e6d25da43460_s390x",
"product_id": "openshift4/ose-logging-kibana6@sha256:1b4742afd01443ad4b3e06b3fcaee1d5eb111db7a348f8b8a993e6d25da43460_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-logging-kibana6@sha256:1b4742afd01443ad4b3e06b3fcaee1d5eb111db7a348f8b8a993e6d25da43460?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-logging-kibana6\u0026tag=v4.6.0-202201181437.p0.g181b827.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-node-feature-discovery@sha256:232d317b3a859141cafea76fce1177284a2a2d58294acef23c7f73214bd5a43f_s390x",
"product": {
"name": "openshift4/ose-node-feature-discovery@sha256:232d317b3a859141cafea76fce1177284a2a2d58294acef23c7f73214bd5a43f_s390x",
"product_id": "openshift4/ose-node-feature-discovery@sha256:232d317b3a859141cafea76fce1177284a2a2d58294acef23c7f73214bd5a43f_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-node-feature-discovery@sha256:232d317b3a859141cafea76fce1177284a2a2d58294acef23c7f73214bd5a43f?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-node-feature-discovery\u0026tag=v4.6.0-202201111633.p0.ge75e467.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-ansible-operator@sha256:0ead3c605631206f123a4c3b4c7b5e1249541d993d75c1a7cbaacae57bd047e7_s390x",
"product": {
"name": "openshift4/ose-ansible-operator@sha256:0ead3c605631206f123a4c3b4c7b5e1249541d993d75c1a7cbaacae57bd047e7_s390x",
"product_id": "openshift4/ose-ansible-operator@sha256:0ead3c605631206f123a4c3b4c7b5e1249541d993d75c1a7cbaacae57bd047e7_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-ansible-operator@sha256:0ead3c605631206f123a4c3b4c7b5e1249541d993d75c1a7cbaacae57bd047e7?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-ansible-operator\u0026tag=v4.6.0-202201111855.p0.gf65b49e.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-cluster-capacity@sha256:914377c29c441b67235d5da849da9d5d2ca0c206eff6092f81cba427359a6a68_s390x",
"product": {
"name": "openshift4/ose-cluster-capacity@sha256:914377c29c441b67235d5da849da9d5d2ca0c206eff6092f81cba427359a6a68_s390x",
"product_id": "openshift4/ose-cluster-capacity@sha256:914377c29c441b67235d5da849da9d5d2ca0c206eff6092f81cba427359a6a68_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-cluster-capacity@sha256:914377c29c441b67235d5da849da9d5d2ca0c206eff6092f81cba427359a6a68?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-cluster-capacity\u0026tag=v4.6.0-202201111633.p0.g44065a4.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-egress-dns-proxy@sha256:12b125762c840f8f556b5338f26543c56358cb2a4e0da718f28c537c17978e92_s390x",
"product": {
"name": "openshift4/ose-egress-dns-proxy@sha256:12b125762c840f8f556b5338f26543c56358cb2a4e0da718f28c537c17978e92_s390x",
"product_id": "openshift4/ose-egress-dns-proxy@sha256:12b125762c840f8f556b5338f26543c56358cb2a4e0da718f28c537c17978e92_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-egress-dns-proxy@sha256:12b125762c840f8f556b5338f26543c56358cb2a4e0da718f28c537c17978e92?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-egress-dns-proxy\u0026tag=v4.6.0-202201120855.p0.g618b71d.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-egress-router@sha256:3fa086ab7418aade16598fdaab31318d6fea99d27b8e8cdc70c91aa14c970720_s390x",
"product": {
"name": "openshift4/ose-egress-router@sha256:3fa086ab7418aade16598fdaab31318d6fea99d27b8e8cdc70c91aa14c970720_s390x",
"product_id": "openshift4/ose-egress-router@sha256:3fa086ab7418aade16598fdaab31318d6fea99d27b8e8cdc70c91aa14c970720_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-egress-router@sha256:3fa086ab7418aade16598fdaab31318d6fea99d27b8e8cdc70c91aa14c970720?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-egress-router\u0026tag=v4.6.0-202201111633.p0.g618b71d.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-helm-operator@sha256:23a05fd7b6dcdeec80089baf3ed23b4d601ac33f05bbf90b518aee0096f2e93a_s390x",
"product": {
"name": "openshift4/ose-helm-operator@sha256:23a05fd7b6dcdeec80089baf3ed23b4d601ac33f05bbf90b518aee0096f2e93a_s390x",
"product_id": "openshift4/ose-helm-operator@sha256:23a05fd7b6dcdeec80089baf3ed23b4d601ac33f05bbf90b518aee0096f2e93a_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-helm-operator@sha256:23a05fd7b6dcdeec80089baf3ed23b4d601ac33f05bbf90b518aee0096f2e93a?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-helm-operator\u0026tag=v4.6.0-202201111633.p0.gf65b49e.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-service-idler-rhel8@sha256:cd5a9bac048f8cad9f2a176101617712daad243e928db57c021c6da52774d953_s390x",
"product": {
"name": "openshift4/ose-service-idler-rhel8@sha256:cd5a9bac048f8cad9f2a176101617712daad243e928db57c021c6da52774d953_s390x",
"product_id": "openshift4/ose-service-idler-rhel8@sha256:cd5a9bac048f8cad9f2a176101617712daad243e928db57c021c6da52774d953_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-service-idler-rhel8@sha256:cd5a9bac048f8cad9f2a176101617712daad243e928db57c021c6da52774d953?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-service-idler-rhel8\u0026tag=v4.6.0-202201111633.p0.g39cfc66.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-cluster-kube-descheduler-operator@sha256:3089ef3143857097229cf2b1098125c3bd889d920cbcd1e90e93870a4536a315_s390x",
"product": {
"name": "openshift4/ose-cluster-kube-descheduler-operator@sha256:3089ef3143857097229cf2b1098125c3bd889d920cbcd1e90e93870a4536a315_s390x",
"product_id": "openshift4/ose-cluster-kube-descheduler-operator@sha256:3089ef3143857097229cf2b1098125c3bd889d920cbcd1e90e93870a4536a315_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-cluster-kube-descheduler-operator@sha256:3089ef3143857097229cf2b1098125c3bd889d920cbcd1e90e93870a4536a315?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-cluster-kube-descheduler-operator\u0026tag=v4.6.0-202201111855.p0.gbd1f995.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:3089ef3143857097229cf2b1098125c3bd889d920cbcd1e90e93870a4536a315_s390x",
"product": {
"name": "openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:3089ef3143857097229cf2b1098125c3bd889d920cbcd1e90e93870a4536a315_s390x",
"product_id": "openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:3089ef3143857097229cf2b1098125c3bd889d920cbcd1e90e93870a4536a315_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-cluster-kube-descheduler-rhel8-operator@sha256:3089ef3143857097229cf2b1098125c3bd889d920cbcd1e90e93870a4536a315?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-cluster-kube-descheduler-rhel8-operator\u0026tag=v4.6.0-202201111855.p0.gbd1f995.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-clusterresourceoverride-rhel8@sha256:af98ba0a7ae3b124c167043e04b1cf494a9a3fb5a8a6870456ee74b769f3505e_s390x",
"product": {
"name": "openshift4/ose-clusterresourceoverride-rhel8@sha256:af98ba0a7ae3b124c167043e04b1cf494a9a3fb5a8a6870456ee74b769f3505e_s390x",
"product_id": "openshift4/ose-clusterresourceoverride-rhel8@sha256:af98ba0a7ae3b124c167043e04b1cf494a9a3fb5a8a6870456ee74b769f3505e_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-clusterresourceoverride-rhel8@sha256:af98ba0a7ae3b124c167043e04b1cf494a9a3fb5a8a6870456ee74b769f3505e?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-clusterresourceoverride-rhel8\u0026tag=v4.6.0-202201111633.p0.gfabfa8b.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:de31cfdda8f79d6d1712df654fb70f9b51ad59526751ee4cdded28b26924f64f_s390x",
"product": {
"name": "openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:de31cfdda8f79d6d1712df654fb70f9b51ad59526751ee4cdded28b26924f64f_s390x",
"product_id": "openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:de31cfdda8f79d6d1712df654fb70f9b51ad59526751ee4cdded28b26924f64f_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-clusterresourceoverride-rhel8-operator@sha256:de31cfdda8f79d6d1712df654fb70f9b51ad59526751ee4cdded28b26924f64f?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-clusterresourceoverride-rhel8-operator\u0026tag=v4.6.0-202201111633.p0.g9c75ad0.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-egress-http-proxy@sha256:55731345ef77fdbf7592fa6c6385674111203be5aaa5d6bb01b86ce12da290f2_s390x",
"product": {
"name": "openshift4/ose-egress-http-proxy@sha256:55731345ef77fdbf7592fa6c6385674111203be5aaa5d6bb01b86ce12da290f2_s390x",
"product_id": "openshift4/ose-egress-http-proxy@sha256:55731345ef77fdbf7592fa6c6385674111203be5aaa5d6bb01b86ce12da290f2_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-egress-http-proxy@sha256:55731345ef77fdbf7592fa6c6385674111203be5aaa5d6bb01b86ce12da290f2?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-egress-http-proxy\u0026tag=v4.6.0-202201111633.p0.g618b71d.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-elasticsearch-proxy@sha256:30b5c49a7818318dca3ee1fabed17881ff1aaf7d85129ca28375754acefa01c1_s390x",
"product": {
"name": "openshift4/ose-elasticsearch-proxy@sha256:30b5c49a7818318dca3ee1fabed17881ff1aaf7d85129ca28375754acefa01c1_s390x",
"product_id": "openshift4/ose-elasticsearch-proxy@sha256:30b5c49a7818318dca3ee1fabed17881ff1aaf7d85129ca28375754acefa01c1_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-elasticsearch-proxy@sha256:30b5c49a7818318dca3ee1fabed17881ff1aaf7d85129ca28375754acefa01c1?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-elasticsearch-proxy\u0026tag=v4.6.0-202201111633.p0.g12d80b2.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:18b19dd12254c5ce801ca4876c517a804dc1135104aada08822b8a1a01dea88b_s390x",
"product": {
"name": "openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:18b19dd12254c5ce801ca4876c517a804dc1135104aada08822b8a1a01dea88b_s390x",
"product_id": "openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:18b19dd12254c5ce801ca4876c517a804dc1135104aada08822b8a1a01dea88b_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-jenkins-agent-nodejs-10-rhel8@sha256:18b19dd12254c5ce801ca4876c517a804dc1135104aada08822b8a1a01dea88b?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-jenkins-agent-nodejs-10-rhel8\u0026tag=v4.6.0-202201111855.p0.g3c3794f.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-ptp@sha256:7ccfbebc93d0f6d2e48d1940fec540bd809ecfb81be7940431466ca950420acd_s390x",
"product": {
"name": "openshift4/ose-ptp@sha256:7ccfbebc93d0f6d2e48d1940fec540bd809ecfb81be7940431466ca950420acd_s390x",
"product_id": "openshift4/ose-ptp@sha256:7ccfbebc93d0f6d2e48d1940fec540bd809ecfb81be7940431466ca950420acd_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-ptp@sha256:7ccfbebc93d0f6d2e48d1940fec540bd809ecfb81be7940431466ca950420acd?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-ptp\u0026tag=v4.6.0-202201111633.p0.g8f5a67a.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-metering-helm-container-rhel8@sha256:3c14ff447fbbccf0c201585598492336cdc9c7abec6be7e80e8df8ce15320ddc_s390x",
"product": {
"name": "openshift4/ose-metering-helm-container-rhel8@sha256:3c14ff447fbbccf0c201585598492336cdc9c7abec6be7e80e8df8ce15320ddc_s390x",
"product_id": "openshift4/ose-metering-helm-container-rhel8@sha256:3c14ff447fbbccf0c201585598492336cdc9c7abec6be7e80e8df8ce15320ddc_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-metering-helm-container-rhel8@sha256:3c14ff447fbbccf0c201585598492336cdc9c7abec6be7e80e8df8ce15320ddc?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-metering-helm-container-rhel8\u0026tag=v4.6.0-202201111633.p0.gcc06fc6.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-ptp-operator@sha256:baf9d876219182ca7f3f684640d361a55e43570446eed059f7061e8ff429f551_s390x",
"product": {
"name": "openshift4/ose-ptp-operator@sha256:baf9d876219182ca7f3f684640d361a55e43570446eed059f7061e8ff429f551_s390x",
"product_id": "openshift4/ose-ptp-operator@sha256:baf9d876219182ca7f3f684640d361a55e43570446eed059f7061e8ff429f551_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-ptp-operator@sha256:baf9d876219182ca7f3f684640d361a55e43570446eed059f7061e8ff429f551?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-ptp-operator\u0026tag=v4.6.0-202201111855.p0.g97081b3.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:a29b643415ccdec3c5d8157253b7273a0808de56f0dfe5329242dfcca8726700_s390x",
"product": {
"name": "openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:a29b643415ccdec3c5d8157253b7273a0808de56f0dfe5329242dfcca8726700_s390x",
"product_id": "openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:a29b643415ccdec3c5d8157253b7273a0808de56f0dfe5329242dfcca8726700_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-vertical-pod-autoscaler-rhel8@sha256:a29b643415ccdec3c5d8157253b7273a0808de56f0dfe5329242dfcca8726700?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-vertical-pod-autoscaler-rhel8\u0026tag=v4.6.0-202201111855.p0.ga19224c.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:271c133e0d283cd7bec61eb7d3201218fced204b1101fafdcd06998fb17f088b_s390x",
"product": {
"name": "openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:271c133e0d283cd7bec61eb7d3201218fced204b1101fafdcd06998fb17f088b_s390x",
"product_id": "openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:271c133e0d283cd7bec61eb7d3201218fced204b1101fafdcd06998fb17f088b_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-vertical-pod-autoscaler-rhel8-operator@sha256:271c133e0d283cd7bec61eb7d3201218fced204b1101fafdcd06998fb17f088b?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-vertical-pod-autoscaler-rhel8-operator\u0026tag=v4.6.0-202201111855.p0.gddfb5bf.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-sriov-cni@sha256:e2161e3b282a02da7abc69b4d001ed19cffa1bee9e8275b5ee28874fcbd81670_s390x",
"product": {
"name": "openshift4/ose-sriov-cni@sha256:e2161e3b282a02da7abc69b4d001ed19cffa1bee9e8275b5ee28874fcbd81670_s390x",
"product_id": "openshift4/ose-sriov-cni@sha256:e2161e3b282a02da7abc69b4d001ed19cffa1bee9e8275b5ee28874fcbd81670_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-sriov-cni@sha256:e2161e3b282a02da7abc69b4d001ed19cffa1bee9e8275b5ee28874fcbd81670?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-sriov-cni\u0026tag=v4.6.0-202201111633.p0.gd209fd9.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-sriov-dp-admission-controller@sha256:9a10666afe36a5cfe9d184cc05e9505208ce48756637309767a9b1206b90c36f_s390x",
"product": {
"name": "openshift4/ose-sriov-dp-admission-controller@sha256:9a10666afe36a5cfe9d184cc05e9505208ce48756637309767a9b1206b90c36f_s390x",
"product_id": "openshift4/ose-sriov-dp-admission-controller@sha256:9a10666afe36a5cfe9d184cc05e9505208ce48756637309767a9b1206b90c36f_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-sriov-dp-admission-controller@sha256:9a10666afe36a5cfe9d184cc05e9505208ce48756637309767a9b1206b90c36f?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-sriov-dp-admission-controller\u0026tag=v4.6.0-202201111633.p0.g907f1f6.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-sriov-network-config-daemon@sha256:ddad2bc791774d3b8b98eec435a9a74bef2ca20a6dfc9b45c3020c03f3c03b73_s390x",
"product": {
"name": "openshift4/ose-sriov-network-config-daemon@sha256:ddad2bc791774d3b8b98eec435a9a74bef2ca20a6dfc9b45c3020c03f3c03b73_s390x",
"product_id": "openshift4/ose-sriov-network-config-daemon@sha256:ddad2bc791774d3b8b98eec435a9a74bef2ca20a6dfc9b45c3020c03f3c03b73_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-sriov-network-config-daemon@sha256:ddad2bc791774d3b8b98eec435a9a74bef2ca20a6dfc9b45c3020c03f3c03b73?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-sriov-network-config-daemon\u0026tag=v4.6.0-202201111855.p0.g67dd835.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-sriov-network-device-plugin@sha256:ce8ac507dc8593513b6e1b72ed497f5cb8699a28fb812290cf74f441ebf360d5_s390x",
"product": {
"name": "openshift4/ose-sriov-network-device-plugin@sha256:ce8ac507dc8593513b6e1b72ed497f5cb8699a28fb812290cf74f441ebf360d5_s390x",
"product_id": "openshift4/ose-sriov-network-device-plugin@sha256:ce8ac507dc8593513b6e1b72ed497f5cb8699a28fb812290cf74f441ebf360d5_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-sriov-network-device-plugin@sha256:ce8ac507dc8593513b6e1b72ed497f5cb8699a28fb812290cf74f441ebf360d5?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-sriov-network-device-plugin\u0026tag=v4.6.0-202201111633.p0.g62be5ad.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-sriov-operator-must-gather@sha256:2a8e8fa7b43091882a5ee187715c7aafff72e361a8a75e0878068fcdb03f8a46_s390x",
"product": {
"name": "openshift4/ose-sriov-operator-must-gather@sha256:2a8e8fa7b43091882a5ee187715c7aafff72e361a8a75e0878068fcdb03f8a46_s390x",
"product_id": "openshift4/ose-sriov-operator-must-gather@sha256:2a8e8fa7b43091882a5ee187715c7aafff72e361a8a75e0878068fcdb03f8a46_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-sriov-operator-must-gather@sha256:2a8e8fa7b43091882a5ee187715c7aafff72e361a8a75e0878068fcdb03f8a46?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-sriov-operator-must-gather\u0026tag=v4.6.0-202201111855.p0.g67dd835.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-sriov-network-operator@sha256:5dd21faf10657adb2e4bfeecdc7b04bfaa29938c19ffe57d88677553b5a1e79f_s390x",
"product": {
"name": "openshift4/ose-sriov-network-operator@sha256:5dd21faf10657adb2e4bfeecdc7b04bfaa29938c19ffe57d88677553b5a1e79f_s390x",
"product_id": "openshift4/ose-sriov-network-operator@sha256:5dd21faf10657adb2e4bfeecdc7b04bfaa29938c19ffe57d88677553b5a1e79f_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-sriov-network-operator@sha256:5dd21faf10657adb2e4bfeecdc7b04bfaa29938c19ffe57d88677553b5a1e79f?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-sriov-network-operator\u0026tag=v4.6.0-202201111855.p0.g67dd835.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-sriov-network-webhook@sha256:caf2e25693bcfd91e9e7f7892e8cab4629ee1c25563f9e8c9904142c3e84cc48_s390x",
"product": {
"name": "openshift4/ose-sriov-network-webhook@sha256:caf2e25693bcfd91e9e7f7892e8cab4629ee1c25563f9e8c9904142c3e84cc48_s390x",
"product_id": "openshift4/ose-sriov-network-webhook@sha256:caf2e25693bcfd91e9e7f7892e8cab4629ee1c25563f9e8c9904142c3e84cc48_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-sriov-network-webhook@sha256:caf2e25693bcfd91e9e7f7892e8cab4629ee1c25563f9e8c9904142c3e84cc48?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-sriov-network-webhook\u0026tag=v4.6.0-202201111855.p0.g67dd835.assembly.stream"
}
}
}
],
"category": "architecture",
"name": "s390x"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-ansible-operator@sha256:0ead3c605631206f123a4c3b4c7b5e1249541d993d75c1a7cbaacae57bd047e7_s390x as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:0ead3c605631206f123a4c3b4c7b5e1249541d993d75c1a7cbaacae57bd047e7_s390x"
},
"product_reference": "openshift4/ose-ansible-operator@sha256:0ead3c605631206f123a4c3b4c7b5e1249541d993d75c1a7cbaacae57bd047e7_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-ansible-operator@sha256:6e7666c52fca236c7708df93a64720b1bc94d9997c5cca300fb78a5301a811d3_amd64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:6e7666c52fca236c7708df93a64720b1bc94d9997c5cca300fb78a5301a811d3_amd64"
},
"product_reference": "openshift4/ose-ansible-operator@sha256:6e7666c52fca236c7708df93a64720b1bc94d9997c5cca300fb78a5301a811d3_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-ansible-operator@sha256:9851086ac084c5187482604b55b216009af51174b51b0a4ecaa22ae6965bdfac_ppc64le as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:9851086ac084c5187482604b55b216009af51174b51b0a4ecaa22ae6965bdfac_ppc64le"
},
"product_reference": "openshift4/ose-ansible-operator@sha256:9851086ac084c5187482604b55b216009af51174b51b0a4ecaa22ae6965bdfac_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cluster-capacity@sha256:538543b6ea1186ba46340e2fc0752dc397bc2bde989fa356427aa991ef52b23f_ppc64le as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:538543b6ea1186ba46340e2fc0752dc397bc2bde989fa356427aa991ef52b23f_ppc64le"
},
"product_reference": "openshift4/ose-cluster-capacity@sha256:538543b6ea1186ba46340e2fc0752dc397bc2bde989fa356427aa991ef52b23f_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cluster-capacity@sha256:552025bcda355dc99917e2a454b11df197c7033ec3468752db7f4f55385c0009_amd64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:552025bcda355dc99917e2a454b11df197c7033ec3468752db7f4f55385c0009_amd64"
},
"product_reference": "openshift4/ose-cluster-capacity@sha256:552025bcda355dc99917e2a454b11df197c7033ec3468752db7f4f55385c0009_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cluster-capacity@sha256:914377c29c441b67235d5da849da9d5d2ca0c206eff6092f81cba427359a6a68_s390x as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:914377c29c441b67235d5da849da9d5d2ca0c206eff6092f81cba427359a6a68_s390x"
},
"product_reference": "openshift4/ose-cluster-capacity@sha256:914377c29c441b67235d5da849da9d5d2ca0c206eff6092f81cba427359a6a68_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cluster-kube-descheduler-operator@sha256:3089ef3143857097229cf2b1098125c3bd889d920cbcd1e90e93870a4536a315_s390x as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:3089ef3143857097229cf2b1098125c3bd889d920cbcd1e90e93870a4536a315_s390x"
},
"product_reference": "openshift4/ose-cluster-kube-descheduler-operator@sha256:3089ef3143857097229cf2b1098125c3bd889d920cbcd1e90e93870a4536a315_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cluster-kube-descheduler-operator@sha256:3487912c66a6b61677be483ad0d48d404933d4f2c855a962b0038adefda820ac_amd64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:3487912c66a6b61677be483ad0d48d404933d4f2c855a962b0038adefda820ac_amd64"
},
"product_reference": "openshift4/ose-cluster-kube-descheduler-operator@sha256:3487912c66a6b61677be483ad0d48d404933d4f2c855a962b0038adefda820ac_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cluster-kube-descheduler-operator@sha256:b10e9335ffcb0c66cc733c493e7e90c81ecdc62fe74cb628260553141dd0e768_ppc64le as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:b10e9335ffcb0c66cc733c493e7e90c81ecdc62fe74cb628260553141dd0e768_ppc64le"
},
"product_reference": "openshift4/ose-cluster-kube-descheduler-operator@sha256:b10e9335ffcb0c66cc733c493e7e90c81ecdc62fe74cb628260553141dd0e768_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:3089ef3143857097229cf2b1098125c3bd889d920cbcd1e90e93870a4536a315_s390x as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:3089ef3143857097229cf2b1098125c3bd889d920cbcd1e90e93870a4536a315_s390x"
},
"product_reference": "openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:3089ef3143857097229cf2b1098125c3bd889d920cbcd1e90e93870a4536a315_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:3487912c66a6b61677be483ad0d48d404933d4f2c855a962b0038adefda820ac_amd64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:3487912c66a6b61677be483ad0d48d404933d4f2c855a962b0038adefda820ac_amd64"
},
"product_reference": "openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:3487912c66a6b61677be483ad0d48d404933d4f2c855a962b0038adefda820ac_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:b10e9335ffcb0c66cc733c493e7e90c81ecdc62fe74cb628260553141dd0e768_ppc64le as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:b10e9335ffcb0c66cc733c493e7e90c81ecdc62fe74cb628260553141dd0e768_ppc64le"
},
"product_reference": "openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:b10e9335ffcb0c66cc733c493e7e90c81ecdc62fe74cb628260553141dd0e768_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cluster-logging-operator@sha256:2f8c778281b547d7f8a6926b4527651f1b93cbc836b4f567251b436406ae531d_amd64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-cluster-logging-operator@sha256:2f8c778281b547d7f8a6926b4527651f1b93cbc836b4f567251b436406ae531d_amd64"
},
"product_reference": "openshift4/ose-cluster-logging-operator@sha256:2f8c778281b547d7f8a6926b4527651f1b93cbc836b4f567251b436406ae531d_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cluster-logging-operator@sha256:35b7c99ee5ef1e05c31713148ca45795d11fb8cec14f5b73a5082edde1a420dd_ppc64le as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-cluster-logging-operator@sha256:35b7c99ee5ef1e05c31713148ca45795d11fb8cec14f5b73a5082edde1a420dd_ppc64le"
},
"product_reference": "openshift4/ose-cluster-logging-operator@sha256:35b7c99ee5ef1e05c31713148ca45795d11fb8cec14f5b73a5082edde1a420dd_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cluster-logging-operator@sha256:bf1348edada5d722cfdb83a825034eed794534da4297c2cba973ce10d422f3b6_s390x as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-cluster-logging-operator@sha256:bf1348edada5d722cfdb83a825034eed794534da4297c2cba973ce10d422f3b6_s390x"
},
"product_reference": "openshift4/ose-cluster-logging-operator@sha256:bf1348edada5d722cfdb83a825034eed794534da4297c2cba973ce10d422f3b6_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cluster-nfd-operator@sha256:2fbdb1983c71d76bdc84593cb94b846afbe7504270ff49cf194d29f46c2a54ce_s390x as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-cluster-nfd-operator@sha256:2fbdb1983c71d76bdc84593cb94b846afbe7504270ff49cf194d29f46c2a54ce_s390x"
},
"product_reference": "openshift4/ose-cluster-nfd-operator@sha256:2fbdb1983c71d76bdc84593cb94b846afbe7504270ff49cf194d29f46c2a54ce_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cluster-nfd-operator@sha256:60e1a506e61226b57744b5023b8683745b602b32570c844631c5516e277cea4d_amd64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-cluster-nfd-operator@sha256:60e1a506e61226b57744b5023b8683745b602b32570c844631c5516e277cea4d_amd64"
},
"product_reference": "openshift4/ose-cluster-nfd-operator@sha256:60e1a506e61226b57744b5023b8683745b602b32570c844631c5516e277cea4d_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cluster-nfd-operator@sha256:837499b03eb6d86f40c9376d7f58ca99736fb028b9171215c9c11b3b7c9e1ea5_ppc64le as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-cluster-nfd-operator@sha256:837499b03eb6d86f40c9376d7f58ca99736fb028b9171215c9c11b3b7c9e1ea5_ppc64le"
},
"product_reference": "openshift4/ose-cluster-nfd-operator@sha256:837499b03eb6d86f40c9376d7f58ca99736fb028b9171215c9c11b3b7c9e1ea5_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:9be5d1bd86525b465f4e21734fb64cf33d06a558628abe51355818eec90d6c5b_ppc64le as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:9be5d1bd86525b465f4e21734fb64cf33d06a558628abe51355818eec90d6c5b_ppc64le"
},
"product_reference": "openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:9be5d1bd86525b465f4e21734fb64cf33d06a558628abe51355818eec90d6c5b_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:de31cfdda8f79d6d1712df654fb70f9b51ad59526751ee4cdded28b26924f64f_s390x as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:de31cfdda8f79d6d1712df654fb70f9b51ad59526751ee4cdded28b26924f64f_s390x"
},
"product_reference": "openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:de31cfdda8f79d6d1712df654fb70f9b51ad59526751ee4cdded28b26924f64f_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:f5a0bbf1cdee2baeeeef4a68f9c2778b3e32803aa39d3a5225ab14c5a834abda_amd64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:f5a0bbf1cdee2baeeeef4a68f9c2778b3e32803aa39d3a5225ab14c5a834abda_amd64"
},
"product_reference": "openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:f5a0bbf1cdee2baeeeef4a68f9c2778b3e32803aa39d3a5225ab14c5a834abda_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-clusterresourceoverride-rhel8@sha256:135edfa97d1e2c97e4d71e91f22cf412df20b1a2f985f9dace339ff6419b0afe_amd64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8@sha256:135edfa97d1e2c97e4d71e91f22cf412df20b1a2f985f9dace339ff6419b0afe_amd64"
},
"product_reference": "openshift4/ose-clusterresourceoverride-rhel8@sha256:135edfa97d1e2c97e4d71e91f22cf412df20b1a2f985f9dace339ff6419b0afe_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-clusterresourceoverride-rhel8@sha256:67a5e7a3e155fee5aea31f5ff6191071f2dafdb3cf5f8f107fee7f749bac70b3_ppc64le as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8@sha256:67a5e7a3e155fee5aea31f5ff6191071f2dafdb3cf5f8f107fee7f749bac70b3_ppc64le"
},
"product_reference": "openshift4/ose-clusterresourceoverride-rhel8@sha256:67a5e7a3e155fee5aea31f5ff6191071f2dafdb3cf5f8f107fee7f749bac70b3_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-clusterresourceoverride-rhel8@sha256:af98ba0a7ae3b124c167043e04b1cf494a9a3fb5a8a6870456ee74b769f3505e_s390x as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8@sha256:af98ba0a7ae3b124c167043e04b1cf494a9a3fb5a8a6870456ee74b769f3505e_s390x"
},
"product_reference": "openshift4/ose-clusterresourceoverride-rhel8@sha256:af98ba0a7ae3b124c167043e04b1cf494a9a3fb5a8a6870456ee74b769f3505e_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-descheduler@sha256:13b72f06cf0587747fb189781a85a79e9d3245e9add207afba714b85659ccf51_amd64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:13b72f06cf0587747fb189781a85a79e9d3245e9add207afba714b85659ccf51_amd64"
},
"product_reference": "openshift4/ose-descheduler@sha256:13b72f06cf0587747fb189781a85a79e9d3245e9add207afba714b85659ccf51_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-descheduler@sha256:e1025d0ff1b498ab133c2c8c952d74a06a26767919af075616ad3e3df7e1aa7b_s390x as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:e1025d0ff1b498ab133c2c8c952d74a06a26767919af075616ad3e3df7e1aa7b_s390x"
},
"product_reference": "openshift4/ose-descheduler@sha256:e1025d0ff1b498ab133c2c8c952d74a06a26767919af075616ad3e3df7e1aa7b_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-descheduler@sha256:e1f0421a3d7c05e9d89336b1a5d992aa794a707b45a7f19c24ba6fbf731fc030_ppc64le as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:e1f0421a3d7c05e9d89336b1a5d992aa794a707b45a7f19c24ba6fbf731fc030_ppc64le"
},
"product_reference": "openshift4/ose-descheduler@sha256:e1f0421a3d7c05e9d89336b1a5d992aa794a707b45a7f19c24ba6fbf731fc030_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-egress-dns-proxy@sha256:06a4ed599ae7598453ea474092c8515b2bead4631d5fc22848f19100b3d8d34a_amd64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-egress-dns-proxy@sha256:06a4ed599ae7598453ea474092c8515b2bead4631d5fc22848f19100b3d8d34a_amd64"
},
"product_reference": "openshift4/ose-egress-dns-proxy@sha256:06a4ed599ae7598453ea474092c8515b2bead4631d5fc22848f19100b3d8d34a_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-egress-dns-proxy@sha256:12b125762c840f8f556b5338f26543c56358cb2a4e0da718f28c537c17978e92_s390x as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-egress-dns-proxy@sha256:12b125762c840f8f556b5338f26543c56358cb2a4e0da718f28c537c17978e92_s390x"
},
"product_reference": "openshift4/ose-egress-dns-proxy@sha256:12b125762c840f8f556b5338f26543c56358cb2a4e0da718f28c537c17978e92_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-egress-dns-proxy@sha256:27f0d36b1d6e0b9f746d4645444311c80ce0b3bf2a7a1f40619e6abf5ebacdac_ppc64le as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-egress-dns-proxy@sha256:27f0d36b1d6e0b9f746d4645444311c80ce0b3bf2a7a1f40619e6abf5ebacdac_ppc64le"
},
"product_reference": "openshift4/ose-egress-dns-proxy@sha256:27f0d36b1d6e0b9f746d4645444311c80ce0b3bf2a7a1f40619e6abf5ebacdac_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-egress-http-proxy@sha256:1995f9ac67fec2ed8872a89fe7bf7bb72d9a25d50dc3f6060ae6cb7ca0b1cc50_ppc64le as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-egress-http-proxy@sha256:1995f9ac67fec2ed8872a89fe7bf7bb72d9a25d50dc3f6060ae6cb7ca0b1cc50_ppc64le"
},
"product_reference": "openshift4/ose-egress-http-proxy@sha256:1995f9ac67fec2ed8872a89fe7bf7bb72d9a25d50dc3f6060ae6cb7ca0b1cc50_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-egress-http-proxy@sha256:55731345ef77fdbf7592fa6c6385674111203be5aaa5d6bb01b86ce12da290f2_s390x as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-egress-http-proxy@sha256:55731345ef77fdbf7592fa6c6385674111203be5aaa5d6bb01b86ce12da290f2_s390x"
},
"product_reference": "openshift4/ose-egress-http-proxy@sha256:55731345ef77fdbf7592fa6c6385674111203be5aaa5d6bb01b86ce12da290f2_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-egress-http-proxy@sha256:989062e17028afc452b6049eeb2b49988dbca1857b5be4c0ebc0d540ef4a9f0c_amd64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-egress-http-proxy@sha256:989062e17028afc452b6049eeb2b49988dbca1857b5be4c0ebc0d540ef4a9f0c_amd64"
},
"product_reference": "openshift4/ose-egress-http-proxy@sha256:989062e17028afc452b6049eeb2b49988dbca1857b5be4c0ebc0d540ef4a9f0c_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-egress-router@sha256:3fa086ab7418aade16598fdaab31318d6fea99d27b8e8cdc70c91aa14c970720_s390x as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-egress-router@sha256:3fa086ab7418aade16598fdaab31318d6fea99d27b8e8cdc70c91aa14c970720_s390x"
},
"product_reference": "openshift4/ose-egress-router@sha256:3fa086ab7418aade16598fdaab31318d6fea99d27b8e8cdc70c91aa14c970720_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-egress-router@sha256:abc06cbf734379c3460d401eae44981d01f2489d85ba128d6c25ad4e9cc4ac5a_amd64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-egress-router@sha256:abc06cbf734379c3460d401eae44981d01f2489d85ba128d6c25ad4e9cc4ac5a_amd64"
},
"product_reference": "openshift4/ose-egress-router@sha256:abc06cbf734379c3460d401eae44981d01f2489d85ba128d6c25ad4e9cc4ac5a_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-egress-router@sha256:b793400ba4ca8347fed2769021f45589e96394d7f3f1b67d08e3787484193a8d_ppc64le as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-egress-router@sha256:b793400ba4ca8347fed2769021f45589e96394d7f3f1b67d08e3787484193a8d_ppc64le"
},
"product_reference": "openshift4/ose-egress-router@sha256:b793400ba4ca8347fed2769021f45589e96394d7f3f1b67d08e3787484193a8d_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-elasticsearch-operator@sha256:55068deddcc722093ffbaef460407c0d62b95120489994ad35a3e103ae8bb825_s390x as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:55068deddcc722093ffbaef460407c0d62b95120489994ad35a3e103ae8bb825_s390x"
},
"product_reference": "openshift4/ose-elasticsearch-operator@sha256:55068deddcc722093ffbaef460407c0d62b95120489994ad35a3e103ae8bb825_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-elasticsearch-operator@sha256:babd8e4facbdf98988147f9ca14aed822b9661dfd07667c03cd5c2b3cd779c61_amd64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:babd8e4facbdf98988147f9ca14aed822b9661dfd07667c03cd5c2b3cd779c61_amd64"
},
"product_reference": "openshift4/ose-elasticsearch-operator@sha256:babd8e4facbdf98988147f9ca14aed822b9661dfd07667c03cd5c2b3cd779c61_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-elasticsearch-operator@sha256:dad1e81945e33a88a10af0ba300ff838b9556b07856bb44625a1b5e06be59b5f_ppc64le as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:dad1e81945e33a88a10af0ba300ff838b9556b07856bb44625a1b5e06be59b5f_ppc64le"
},
"product_reference": "openshift4/ose-elasticsearch-operator@sha256:dad1e81945e33a88a10af0ba300ff838b9556b07856bb44625a1b5e06be59b5f_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-elasticsearch-proxy@sha256:30b5c49a7818318dca3ee1fabed17881ff1aaf7d85129ca28375754acefa01c1_s390x as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-elasticsearch-proxy@sha256:30b5c49a7818318dca3ee1fabed17881ff1aaf7d85129ca28375754acefa01c1_s390x"
},
"product_reference": "openshift4/ose-elasticsearch-proxy@sha256:30b5c49a7818318dca3ee1fabed17881ff1aaf7d85129ca28375754acefa01c1_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-elasticsearch-proxy@sha256:6f38aaca7153b53dd766acef9a056816c358a389629930fb6704cd136457f1fd_amd64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-elasticsearch-proxy@sha256:6f38aaca7153b53dd766acef9a056816c358a389629930fb6704cd136457f1fd_amd64"
},
"product_reference": "openshift4/ose-elasticsearch-proxy@sha256:6f38aaca7153b53dd766acef9a056816c358a389629930fb6704cd136457f1fd_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-elasticsearch-proxy@sha256:ec79fffde7369e36a548c594e0cab8fd2aec68f4bfb870c966873de953c82e28_ppc64le as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-elasticsearch-proxy@sha256:ec79fffde7369e36a548c594e0cab8fd2aec68f4bfb870c966873de953c82e28_ppc64le"
},
"product_reference": "openshift4/ose-elasticsearch-proxy@sha256:ec79fffde7369e36a548c594e0cab8fd2aec68f4bfb870c966873de953c82e28_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-ghostunnel@sha256:cf92e54db3dad23fa8df46847b1da1330d925bd0a6b3ac266eed31baae6c86a9_amd64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-ghostunnel@sha256:cf92e54db3dad23fa8df46847b1da1330d925bd0a6b3ac266eed31baae6c86a9_amd64"
},
"product_reference": "openshift4/ose-ghostunnel@sha256:cf92e54db3dad23fa8df46847b1da1330d925bd0a6b3ac266eed31baae6c86a9_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-helm-operator@sha256:0c87dc49ed5f7fe9b495fc4ce9c04533a3cb30bcf35776730fb23d68fb7d935c_amd64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-helm-operator@sha256:0c87dc49ed5f7fe9b495fc4ce9c04533a3cb30bcf35776730fb23d68fb7d935c_amd64"
},
"product_reference": "openshift4/ose-helm-operator@sha256:0c87dc49ed5f7fe9b495fc4ce9c04533a3cb30bcf35776730fb23d68fb7d935c_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-helm-operator@sha256:23a05fd7b6dcdeec80089baf3ed23b4d601ac33f05bbf90b518aee0096f2e93a_s390x as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-helm-operator@sha256:23a05fd7b6dcdeec80089baf3ed23b4d601ac33f05bbf90b518aee0096f2e93a_s390x"
},
"product_reference": "openshift4/ose-helm-operator@sha256:23a05fd7b6dcdeec80089baf3ed23b4d601ac33f05bbf90b518aee0096f2e93a_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-helm-operator@sha256:8123030facf3f2e1150a988fb48c04edb8bf8725fd1385fb5d6e00209a90aafc_ppc64le as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-helm-operator@sha256:8123030facf3f2e1150a988fb48c04edb8bf8725fd1385fb5d6e00209a90aafc_ppc64le"
},
"product_reference": "openshift4/ose-helm-operator@sha256:8123030facf3f2e1150a988fb48c04edb8bf8725fd1385fb5d6e00209a90aafc_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:18b19dd12254c5ce801ca4876c517a804dc1135104aada08822b8a1a01dea88b_s390x as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:18b19dd12254c5ce801ca4876c517a804dc1135104aada08822b8a1a01dea88b_s390x"
},
"product_reference": "openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:18b19dd12254c5ce801ca4876c517a804dc1135104aada08822b8a1a01dea88b_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:53e4efe77d61d5c975e0d2bda0a5721624fa9b9bbe845b879320745dc5808146_amd64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:53e4efe77d61d5c975e0d2bda0a5721624fa9b9bbe845b879320745dc5808146_amd64"
},
"product_reference": "openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:53e4efe77d61d5c975e0d2bda0a5721624fa9b9bbe845b879320745dc5808146_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:f616d7ce6a927e4d07db54915e10c23052054883092b54cba31263fa2deeb143_ppc64le as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:f616d7ce6a927e4d07db54915e10c23052054883092b54cba31263fa2deeb143_ppc64le"
},
"product_reference": "openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:f616d7ce6a927e4d07db54915e10c23052054883092b54cba31263fa2deeb143_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-local-storage-diskmaker@sha256:5c917f6e16f53c787ab98ded89e6de10172ebbbc427ddd7b39274f6849fda279_ppc64le as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:5c917f6e16f53c787ab98ded89e6de10172ebbbc427ddd7b39274f6849fda279_ppc64le"
},
"product_reference": "openshift4/ose-local-storage-diskmaker@sha256:5c917f6e16f53c787ab98ded89e6de10172ebbbc427ddd7b39274f6849fda279_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-local-storage-diskmaker@sha256:f0803d7e103a6386db864d892b06a8506e1e8427f5439ade0b2b576cd57f39e1_amd64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:f0803d7e103a6386db864d892b06a8506e1e8427f5439ade0b2b576cd57f39e1_amd64"
},
"product_reference": "openshift4/ose-local-storage-diskmaker@sha256:f0803d7e103a6386db864d892b06a8506e1e8427f5439ade0b2b576cd57f39e1_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-local-storage-diskmaker@sha256:ff35c8d9cafec29f141be52773cdbfc2b4da2197c54977554662e3c5b06443ba_s390x as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:ff35c8d9cafec29f141be52773cdbfc2b4da2197c54977554662e3c5b06443ba_s390x"
},
"product_reference": "openshift4/ose-local-storage-diskmaker@sha256:ff35c8d9cafec29f141be52773cdbfc2b4da2197c54977554662e3c5b06443ba_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-local-storage-operator@sha256:2e791e91cc04924add27dd73651cc783eb0dc134a5d936245ffcdb655fee973f_s390x as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-local-storage-operator@sha256:2e791e91cc04924add27dd73651cc783eb0dc134a5d936245ffcdb655fee973f_s390x"
},
"product_reference": "openshift4/ose-local-storage-operator@sha256:2e791e91cc04924add27dd73651cc783eb0dc134a5d936245ffcdb655fee973f_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-local-storage-operator@sha256:79d85a7a26cb26e7636c3e0057394739e5e7e553c460ea83130a75a1e047e139_ppc64le as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-local-storage-operator@sha256:79d85a7a26cb26e7636c3e0057394739e5e7e553c460ea83130a75a1e047e139_ppc64le"
},
"product_reference": "openshift4/ose-local-storage-operator@sha256:79d85a7a26cb26e7636c3e0057394739e5e7e553c460ea83130a75a1e047e139_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-local-storage-operator@sha256:7ce40d96b827a92da571e809f563072c8dbcfeb4dd105e5e80c774ad7dd75424_amd64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-local-storage-operator@sha256:7ce40d96b827a92da571e809f563072c8dbcfeb4dd105e5e80c774ad7dd75424_amd64"
},
"product_reference": "openshift4/ose-local-storage-operator@sha256:7ce40d96b827a92da571e809f563072c8dbcfeb4dd105e5e80c774ad7dd75424_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-local-storage-static-provisioner@sha256:88f085beb4edf3cdc7e03e08ec0bf896fd17fd5e8629891e1359b500ddee3d40_amd64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:88f085beb4edf3cdc7e03e08ec0bf896fd17fd5e8629891e1359b500ddee3d40_amd64"
},
"product_reference": "openshift4/ose-local-storage-static-provisioner@sha256:88f085beb4edf3cdc7e03e08ec0bf896fd17fd5e8629891e1359b500ddee3d40_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-local-storage-static-provisioner@sha256:a112dd127655109b81ae6f9fa5d7458642c517a84a6fabb2ff76f19cf4b73cff_ppc64le as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:a112dd127655109b81ae6f9fa5d7458642c517a84a6fabb2ff76f19cf4b73cff_ppc64le"
},
"product_reference": "openshift4/ose-local-storage-static-provisioner@sha256:a112dd127655109b81ae6f9fa5d7458642c517a84a6fabb2ff76f19cf4b73cff_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-local-storage-static-provisioner@sha256:fce99497254da60d9ea29f8da240b21501f00369272a83229e9afe7cde4b3a9a_s390x as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:fce99497254da60d9ea29f8da240b21501f00369272a83229e9afe7cde4b3a9a_s390x"
},
"product_reference": "openshift4/ose-local-storage-static-provisioner@sha256:fce99497254da60d9ea29f8da240b21501f00369272a83229e9afe7cde4b3a9a_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-logging-curator5@sha256:ad1bc526e85aecd53f0b8563f6461f4e93ae7929f0e124a262781859ecad2b5d_s390x as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-logging-curator5@sha256:ad1bc526e85aecd53f0b8563f6461f4e93ae7929f0e124a262781859ecad2b5d_s390x"
},
"product_reference": "openshift4/ose-logging-curator5@sha256:ad1bc526e85aecd53f0b8563f6461f4e93ae7929f0e124a262781859ecad2b5d_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-logging-curator5@sha256:ef9ca522e2e42d28263fe567dfd1455872a13b779d009f569f86a9806f7727b5_amd64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-logging-curator5@sha256:ef9ca522e2e42d28263fe567dfd1455872a13b779d009f569f86a9806f7727b5_amd64"
},
"product_reference": "openshift4/ose-logging-curator5@sha256:ef9ca522e2e42d28263fe567dfd1455872a13b779d009f569f86a9806f7727b5_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-logging-curator5@sha256:f291f5cf001e32843171cced32c9266b3801cf8838d44fd150f7064c8edd15bc_ppc64le as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-logging-curator5@sha256:f291f5cf001e32843171cced32c9266b3801cf8838d44fd150f7064c8edd15bc_ppc64le"
},
"product_reference": "openshift4/ose-logging-curator5@sha256:f291f5cf001e32843171cced32c9266b3801cf8838d44fd150f7064c8edd15bc_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-logging-elasticsearch6@sha256:08069eb8d8084532872995971c4613487efe93e338fb091db122b9bf48228927_amd64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:08069eb8d8084532872995971c4613487efe93e338fb091db122b9bf48228927_amd64"
},
"product_reference": "openshift4/ose-logging-elasticsearch6@sha256:08069eb8d8084532872995971c4613487efe93e338fb091db122b9bf48228927_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-logging-elasticsearch6@sha256:43eaa7ac445e648a9a44b6dacb87f96708d67d2bc262ff59980d8929fb20797b_s390x as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:43eaa7ac445e648a9a44b6dacb87f96708d67d2bc262ff59980d8929fb20797b_s390x"
},
"product_reference": "openshift4/ose-logging-elasticsearch6@sha256:43eaa7ac445e648a9a44b6dacb87f96708d67d2bc262ff59980d8929fb20797b_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-logging-elasticsearch6@sha256:494cca490e8be47a3dd458f04791a11f80fca0255534fe926b5654e62d02950b_ppc64le as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:494cca490e8be47a3dd458f04791a11f80fca0255534fe926b5654e62d02950b_ppc64le"
},
"product_reference": "openshift4/ose-logging-elasticsearch6@sha256:494cca490e8be47a3dd458f04791a11f80fca0255534fe926b5654e62d02950b_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-logging-eventrouter@sha256:0a4d48dd5651c1fd6038d6f1780c5bf012a6fad3dbb5442cb2331bac22ef30e6_ppc64le as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-logging-eventrouter@sha256:0a4d48dd5651c1fd6038d6f1780c5bf012a6fad3dbb5442cb2331bac22ef30e6_ppc64le"
},
"product_reference": "openshift4/ose-logging-eventrouter@sha256:0a4d48dd5651c1fd6038d6f1780c5bf012a6fad3dbb5442cb2331bac22ef30e6_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-logging-eventrouter@sha256:3ce7b7b2c42de34e85ec322e781da324de0be3642acd1cbe7b51bc584a9266c0_s390x as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-logging-eventrouter@sha256:3ce7b7b2c42de34e85ec322e781da324de0be3642acd1cbe7b51bc584a9266c0_s390x"
},
"product_reference": "openshift4/ose-logging-eventrouter@sha256:3ce7b7b2c42de34e85ec322e781da324de0be3642acd1cbe7b51bc584a9266c0_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-logging-eventrouter@sha256:d174e013bab68f62d077d3994b3419e02bb48f7df30b7ba9416f3531898faa0f_amd64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-logging-eventrouter@sha256:d174e013bab68f62d077d3994b3419e02bb48f7df30b7ba9416f3531898faa0f_amd64"
},
"product_reference": "openshift4/ose-logging-eventrouter@sha256:d174e013bab68f62d077d3994b3419e02bb48f7df30b7ba9416f3531898faa0f_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-logging-fluentd@sha256:4868be0ee955c03af2def300abc0462f1c9644f9247584e30fdccc2d8780679e_s390x as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-logging-fluentd@sha256:4868be0ee955c03af2def300abc0462f1c9644f9247584e30fdccc2d8780679e_s390x"
},
"product_reference": "openshift4/ose-logging-fluentd@sha256:4868be0ee955c03af2def300abc0462f1c9644f9247584e30fdccc2d8780679e_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-logging-fluentd@sha256:81b925ab3a62be690462b3b04d2dc837bac84650fb57f4adce339d69493cde44_ppc64le as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-logging-fluentd@sha256:81b925ab3a62be690462b3b04d2dc837bac84650fb57f4adce339d69493cde44_ppc64le"
},
"product_reference": "openshift4/ose-logging-fluentd@sha256:81b925ab3a62be690462b3b04d2dc837bac84650fb57f4adce339d69493cde44_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-logging-fluentd@sha256:a8cfdeddcc6a910f5cb320afa136544575c6c8a957270973ce0fd09c090cada6_amd64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-logging-fluentd@sha256:a8cfdeddcc6a910f5cb320afa136544575c6c8a957270973ce0fd09c090cada6_amd64"
},
"product_reference": "openshift4/ose-logging-fluentd@sha256:a8cfdeddcc6a910f5cb320afa136544575c6c8a957270973ce0fd09c090cada6_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-logging-kibana6@sha256:1b4742afd01443ad4b3e06b3fcaee1d5eb111db7a348f8b8a993e6d25da43460_s390x as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:1b4742afd01443ad4b3e06b3fcaee1d5eb111db7a348f8b8a993e6d25da43460_s390x"
},
"product_reference": "openshift4/ose-logging-kibana6@sha256:1b4742afd01443ad4b3e06b3fcaee1d5eb111db7a348f8b8a993e6d25da43460_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-logging-kibana6@sha256:713c0cf0011d8b9b965fce87c21c1822ec3e6b30a12d523cfae899e3df538376_amd64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:713c0cf0011d8b9b965fce87c21c1822ec3e6b30a12d523cfae899e3df538376_amd64"
},
"product_reference": "openshift4/ose-logging-kibana6@sha256:713c0cf0011d8b9b965fce87c21c1822ec3e6b30a12d523cfae899e3df538376_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-logging-kibana6@sha256:96126e249c57434c3641c8bfdee4ffd009c5fc20cfa1ef2763ab33fbdca68d3b_ppc64le as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:96126e249c57434c3641c8bfdee4ffd009c5fc20cfa1ef2763ab33fbdca68d3b_ppc64le"
},
"product_reference": "openshift4/ose-logging-kibana6@sha256:96126e249c57434c3641c8bfdee4ffd009c5fc20cfa1ef2763ab33fbdca68d3b_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-metering-ansible-operator@sha256:f976ae1318691de3da7f208bea500c745796ab9f8de712c1801268a2f431f23f_amd64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-metering-ansible-operator@sha256:f976ae1318691de3da7f208bea500c745796ab9f8de712c1801268a2f431f23f_amd64"
},
"product_reference": "openshift4/ose-metering-ansible-operator@sha256:f976ae1318691de3da7f208bea500c745796ab9f8de712c1801268a2f431f23f_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-metering-hadoop@sha256:7c5a754163f73dbd38557b80f9c0b0286877774350177744ea6b199b0d62784f_amd64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-metering-hadoop@sha256:7c5a754163f73dbd38557b80f9c0b0286877774350177744ea6b199b0d62784f_amd64"
},
"product_reference": "openshift4/ose-metering-hadoop@sha256:7c5a754163f73dbd38557b80f9c0b0286877774350177744ea6b199b0d62784f_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-metering-helm-container-rhel8@sha256:3c14ff447fbbccf0c201585598492336cdc9c7abec6be7e80e8df8ce15320ddc_s390x as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-metering-helm-container-rhel8@sha256:3c14ff447fbbccf0c201585598492336cdc9c7abec6be7e80e8df8ce15320ddc_s390x"
},
"product_reference": "openshift4/ose-metering-helm-container-rhel8@sha256:3c14ff447fbbccf0c201585598492336cdc9c7abec6be7e80e8df8ce15320ddc_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-metering-helm-container-rhel8@sha256:8280180d103a31b2e8594b2eb3711c205a956b2443624f6244488c86f0cab328_ppc64le as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-metering-helm-container-rhel8@sha256:8280180d103a31b2e8594b2eb3711c205a956b2443624f6244488c86f0cab328_ppc64le"
},
"product_reference": "openshift4/ose-metering-helm-container-rhel8@sha256:8280180d103a31b2e8594b2eb3711c205a956b2443624f6244488c86f0cab328_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-metering-helm-container-rhel8@sha256:d5a0cbbe425d23a642743748f74d4432e53ab2e30d7af633d470e7bda82a18af_amd64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-metering-helm-container-rhel8@sha256:d5a0cbbe425d23a642743748f74d4432e53ab2e30d7af633d470e7bda82a18af_amd64"
},
"product_reference": "openshift4/ose-metering-helm-container-rhel8@sha256:d5a0cbbe425d23a642743748f74d4432e53ab2e30d7af633d470e7bda82a18af_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-metering-hive@sha256:b7e2a84f2e134b4316a8db9edebacd9bd8bb2a7daa7bf000da1d8802c45a2b12_amd64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-metering-hive@sha256:b7e2a84f2e134b4316a8db9edebacd9bd8bb2a7daa7bf000da1d8802c45a2b12_amd64"
},
"product_reference": "openshift4/ose-metering-hive@sha256:b7e2a84f2e134b4316a8db9edebacd9bd8bb2a7daa7bf000da1d8802c45a2b12_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-metering-presto@sha256:84e9cbd74084dd42bd340ff837a9fb3de1f62babcb55c4a3a684c0b9881db385_amd64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-metering-presto@sha256:84e9cbd74084dd42bd340ff837a9fb3de1f62babcb55c4a3a684c0b9881db385_amd64"
},
"product_reference": "openshift4/ose-metering-presto@sha256:84e9cbd74084dd42bd340ff837a9fb3de1f62babcb55c4a3a684c0b9881db385_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-metering-reporting-operator@sha256:677d94835e2141a208294a4c241c8ed214a6d9c5c21c03c88c7ccf19b461d3b5_amd64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-metering-reporting-operator@sha256:677d94835e2141a208294a4c241c8ed214a6d9c5c21c03c88c7ccf19b461d3b5_amd64"
},
"product_reference": "openshift4/ose-metering-reporting-operator@sha256:677d94835e2141a208294a4c241c8ed214a6d9c5c21c03c88c7ccf19b461d3b5_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-node-feature-discovery@sha256:232d317b3a859141cafea76fce1177284a2a2d58294acef23c7f73214bd5a43f_s390x as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-node-feature-discovery@sha256:232d317b3a859141cafea76fce1177284a2a2d58294acef23c7f73214bd5a43f_s390x"
},
"product_reference": "openshift4/ose-node-feature-discovery@sha256:232d317b3a859141cafea76fce1177284a2a2d58294acef23c7f73214bd5a43f_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-node-feature-discovery@sha256:949915f8d3fa7b0d99e8b01fdf6cc6a28c16942a6978fa7cbb604467a5b9bd04_amd64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-node-feature-discovery@sha256:949915f8d3fa7b0d99e8b01fdf6cc6a28c16942a6978fa7cbb604467a5b9bd04_amd64"
},
"product_reference": "openshift4/ose-node-feature-discovery@sha256:949915f8d3fa7b0d99e8b01fdf6cc6a28c16942a6978fa7cbb604467a5b9bd04_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-node-feature-discovery@sha256:bd3a05f7433b159efc5dd4aa12afffa6e9121ae612a93722425ddcef6fbaf9d3_ppc64le as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-node-feature-discovery@sha256:bd3a05f7433b159efc5dd4aa12afffa6e9121ae612a93722425ddcef6fbaf9d3_ppc64le"
},
"product_reference": "openshift4/ose-node-feature-discovery@sha256:bd3a05f7433b159efc5dd4aa12afffa6e9121ae612a93722425ddcef6fbaf9d3_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-node-problem-detector-rhel8@sha256:25f3e6e8ec060df5cd6ad82035cf6f7c973890829c95ef5a006af292882c5f17_ppc64le as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-node-problem-detector-rhel8@sha256:25f3e6e8ec060df5cd6ad82035cf6f7c973890829c95ef5a006af292882c5f17_ppc64le"
},
"product_reference": "openshift4/ose-node-problem-detector-rhel8@sha256:25f3e6e8ec060df5cd6ad82035cf6f7c973890829c95ef5a006af292882c5f17_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-node-problem-detector-rhel8@sha256:965ad84e25c85428bc5554dc24c929a294d766616649107cea227848f14605f1_s390x as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-node-problem-detector-rhel8@sha256:965ad84e25c85428bc5554dc24c929a294d766616649107cea227848f14605f1_s390x"
},
"product_reference": "openshift4/ose-node-problem-detector-rhel8@sha256:965ad84e25c85428bc5554dc24c929a294d766616649107cea227848f14605f1_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-node-problem-detector-rhel8@sha256:edd9b7d3df9f5f741c0d83607eabd20c0666960825dc21018813aee95fa0216a_amd64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-node-problem-detector-rhel8@sha256:edd9b7d3df9f5f741c0d83607eabd20c0666960825dc21018813aee95fa0216a_amd64"
},
"product_reference": "openshift4/ose-node-problem-detector-rhel8@sha256:edd9b7d3df9f5f741c0d83607eabd20c0666960825dc21018813aee95fa0216a_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-ptp-operator@sha256:3b88fd834e952da56657207ef1c29d5cb05b0a71a68cdd6c6af00ab846166e47_ppc64le as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:3b88fd834e952da56657207ef1c29d5cb05b0a71a68cdd6c6af00ab846166e47_ppc64le"
},
"product_reference": "openshift4/ose-ptp-operator@sha256:3b88fd834e952da56657207ef1c29d5cb05b0a71a68cdd6c6af00ab846166e47_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-ptp-operator@sha256:baf9d876219182ca7f3f684640d361a55e43570446eed059f7061e8ff429f551_s390x as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:baf9d876219182ca7f3f684640d361a55e43570446eed059f7061e8ff429f551_s390x"
},
"product_reference": "openshift4/ose-ptp-operator@sha256:baf9d876219182ca7f3f684640d361a55e43570446eed059f7061e8ff429f551_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-ptp-operator@sha256:c7fec4fe430865ff8668e960cba75cb8f5c1ea448131dbc786a977ad9b988279_amd64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:c7fec4fe430865ff8668e960cba75cb8f5c1ea448131dbc786a977ad9b988279_amd64"
},
"product_reference": "openshift4/ose-ptp-operator@sha256:c7fec4fe430865ff8668e960cba75cb8f5c1ea448131dbc786a977ad9b988279_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-ptp@sha256:78251c9f29301cf945e7cd21059e26a4efa81f387351343391da8851fd47ad55_ppc64le as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:78251c9f29301cf945e7cd21059e26a4efa81f387351343391da8851fd47ad55_ppc64le"
},
"product_reference": "openshift4/ose-ptp@sha256:78251c9f29301cf945e7cd21059e26a4efa81f387351343391da8851fd47ad55_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-ptp@sha256:7ccfbebc93d0f6d2e48d1940fec540bd809ecfb81be7940431466ca950420acd_s390x as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:7ccfbebc93d0f6d2e48d1940fec540bd809ecfb81be7940431466ca950420acd_s390x"
},
"product_reference": "openshift4/ose-ptp@sha256:7ccfbebc93d0f6d2e48d1940fec540bd809ecfb81be7940431466ca950420acd_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-ptp@sha256:ba082241f9cc57f8b35a979d7b9096bdad4c9f6dd4cdecde0e4d6eba7645d9e2_amd64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:ba082241f9cc57f8b35a979d7b9096bdad4c9f6dd4cdecde0e4d6eba7645d9e2_amd64"
},
"product_reference": "openshift4/ose-ptp@sha256:ba082241f9cc57f8b35a979d7b9096bdad4c9f6dd4cdecde0e4d6eba7645d9e2_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-service-idler-rhel8@sha256:b3ddfec490c5c285d373ea2eeea18361bdebbc377593157be592f8c903ab93e3_ppc64le as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-service-idler-rhel8@sha256:b3ddfec490c5c285d373ea2eeea18361bdebbc377593157be592f8c903ab93e3_ppc64le"
},
"product_reference": "openshift4/ose-service-idler-rhel8@sha256:b3ddfec490c5c285d373ea2eeea18361bdebbc377593157be592f8c903ab93e3_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-service-idler-rhel8@sha256:cd5a9bac048f8cad9f2a176101617712daad243e928db57c021c6da52774d953_s390x as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-service-idler-rhel8@sha256:cd5a9bac048f8cad9f2a176101617712daad243e928db57c021c6da52774d953_s390x"
},
"product_reference": "openshift4/ose-service-idler-rhel8@sha256:cd5a9bac048f8cad9f2a176101617712daad243e928db57c021c6da52774d953_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-service-idler-rhel8@sha256:e223fe4e6a2e1de6d0faa3c3b1164e914bdb9315f679416d3aecffd4f8544f06_amd64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-service-idler-rhel8@sha256:e223fe4e6a2e1de6d0faa3c3b1164e914bdb9315f679416d3aecffd4f8544f06_amd64"
},
"product_reference": "openshift4/ose-service-idler-rhel8@sha256:e223fe4e6a2e1de6d0faa3c3b1164e914bdb9315f679416d3aecffd4f8544f06_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-sriov-cni@sha256:4a6d5d05e952393f41912f0b07e57ed2c6f1be49bd1bf6be2ad8dabffc9bf5a1_ppc64le as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-sriov-cni@sha256:4a6d5d05e952393f41912f0b07e57ed2c6f1be49bd1bf6be2ad8dabffc9bf5a1_ppc64le"
},
"product_reference": "openshift4/ose-sriov-cni@sha256:4a6d5d05e952393f41912f0b07e57ed2c6f1be49bd1bf6be2ad8dabffc9bf5a1_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-sriov-cni@sha256:c1ee961c1df9a16a2764d252cd3ee00ccba8faa5286352c0eff96e0a06daeb85_amd64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-sriov-cni@sha256:c1ee961c1df9a16a2764d252cd3ee00ccba8faa5286352c0eff96e0a06daeb85_amd64"
},
"product_reference": "openshift4/ose-sriov-cni@sha256:c1ee961c1df9a16a2764d252cd3ee00ccba8faa5286352c0eff96e0a06daeb85_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-sriov-cni@sha256:e2161e3b282a02da7abc69b4d001ed19cffa1bee9e8275b5ee28874fcbd81670_s390x as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-sriov-cni@sha256:e2161e3b282a02da7abc69b4d001ed19cffa1bee9e8275b5ee28874fcbd81670_s390x"
},
"product_reference": "openshift4/ose-sriov-cni@sha256:e2161e3b282a02da7abc69b4d001ed19cffa1bee9e8275b5ee28874fcbd81670_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-sriov-dp-admission-controller@sha256:277aef8937aa7892c1bf281de09177c46af5717d0107ca3a249cd43c4d9d60b2_ppc64le as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:277aef8937aa7892c1bf281de09177c46af5717d0107ca3a249cd43c4d9d60b2_ppc64le"
},
"product_reference": "openshift4/ose-sriov-dp-admission-controller@sha256:277aef8937aa7892c1bf281de09177c46af5717d0107ca3a249cd43c4d9d60b2_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-sriov-dp-admission-controller@sha256:2971cf58e8005c83acfedbdc25047fc61b2857c080da9964269384b1a580facc_amd64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:2971cf58e8005c83acfedbdc25047fc61b2857c080da9964269384b1a580facc_amd64"
},
"product_reference": "openshift4/ose-sriov-dp-admission-controller@sha256:2971cf58e8005c83acfedbdc25047fc61b2857c080da9964269384b1a580facc_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-sriov-dp-admission-controller@sha256:9a10666afe36a5cfe9d184cc05e9505208ce48756637309767a9b1206b90c36f_s390x as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:9a10666afe36a5cfe9d184cc05e9505208ce48756637309767a9b1206b90c36f_s390x"
},
"product_reference": "openshift4/ose-sriov-dp-admission-controller@sha256:9a10666afe36a5cfe9d184cc05e9505208ce48756637309767a9b1206b90c36f_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-sriov-infiniband-cni@sha256:44b6e854ecd47519615b68965464e94b31e9a44a698df0574f858cf6f9f47b8c_ppc64le as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-sriov-infiniband-cni@sha256:44b6e854ecd47519615b68965464e94b31e9a44a698df0574f858cf6f9f47b8c_ppc64le"
},
"product_reference": "openshift4/ose-sriov-infiniband-cni@sha256:44b6e854ecd47519615b68965464e94b31e9a44a698df0574f858cf6f9f47b8c_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-sriov-infiniband-cni@sha256:bd3f71cebd3399a0c610439ef26582deb6e67ca46080fe8e6c3e2b51bb95d118_s390x as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-sriov-infiniband-cni@sha256:bd3f71cebd3399a0c610439ef26582deb6e67ca46080fe8e6c3e2b51bb95d118_s390x"
},
"product_reference": "openshift4/ose-sriov-infiniband-cni@sha256:bd3f71cebd3399a0c610439ef26582deb6e67ca46080fe8e6c3e2b51bb95d118_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-sriov-infiniband-cni@sha256:fc1db84a3523bdddfd54725ecd4f75ae2271f4e97d649009ca8f9ae94a25cc1a_amd64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-sriov-infiniband-cni@sha256:fc1db84a3523bdddfd54725ecd4f75ae2271f4e97d649009ca8f9ae94a25cc1a_amd64"
},
"product_reference": "openshift4/ose-sriov-infiniband-cni@sha256:fc1db84a3523bdddfd54725ecd4f75ae2271f4e97d649009ca8f9ae94a25cc1a_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-sriov-network-config-daemon@sha256:17ec16af68906589680c714c3fb858fb83389e9278ca79b8f9ec4ad953821f2c_amd64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:17ec16af68906589680c714c3fb858fb83389e9278ca79b8f9ec4ad953821f2c_amd64"
},
"product_reference": "openshift4/ose-sriov-network-config-daemon@sha256:17ec16af68906589680c714c3fb858fb83389e9278ca79b8f9ec4ad953821f2c_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-sriov-network-config-daemon@sha256:a81cd86608af1bf295b247df68549ca62a980d6063f87fe6855f52ef69f9d933_ppc64le as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:a81cd86608af1bf295b247df68549ca62a980d6063f87fe6855f52ef69f9d933_ppc64le"
},
"product_reference": "openshift4/ose-sriov-network-config-daemon@sha256:a81cd86608af1bf295b247df68549ca62a980d6063f87fe6855f52ef69f9d933_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-sriov-network-config-daemon@sha256:ddad2bc791774d3b8b98eec435a9a74bef2ca20a6dfc9b45c3020c03f3c03b73_s390x as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:ddad2bc791774d3b8b98eec435a9a74bef2ca20a6dfc9b45c3020c03f3c03b73_s390x"
},
"product_reference": "openshift4/ose-sriov-network-config-daemon@sha256:ddad2bc791774d3b8b98eec435a9a74bef2ca20a6dfc9b45c3020c03f3c03b73_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-sriov-network-device-plugin@sha256:5203b4e517f0255d2e530f61c7dfa21784987074540eb83845e52d6a66d8e875_ppc64le as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:5203b4e517f0255d2e530f61c7dfa21784987074540eb83845e52d6a66d8e875_ppc64le"
},
"product_reference": "openshift4/ose-sriov-network-device-plugin@sha256:5203b4e517f0255d2e530f61c7dfa21784987074540eb83845e52d6a66d8e875_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-sriov-network-device-plugin@sha256:ce8ac507dc8593513b6e1b72ed497f5cb8699a28fb812290cf74f441ebf360d5_s390x as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:ce8ac507dc8593513b6e1b72ed497f5cb8699a28fb812290cf74f441ebf360d5_s390x"
},
"product_reference": "openshift4/ose-sriov-network-device-plugin@sha256:ce8ac507dc8593513b6e1b72ed497f5cb8699a28fb812290cf74f441ebf360d5_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-sriov-network-device-plugin@sha256:e1f3573ca92174ca9226d60edbffa24e2f6cd4f8b6affc4381dc92b4f7f9c7c5_amd64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:e1f3573ca92174ca9226d60edbffa24e2f6cd4f8b6affc4381dc92b4f7f9c7c5_amd64"
},
"product_reference": "openshift4/ose-sriov-network-device-plugin@sha256:e1f3573ca92174ca9226d60edbffa24e2f6cd4f8b6affc4381dc92b4f7f9c7c5_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-sriov-network-operator@sha256:185cba65f61575ba943dd5cb2726a0ac9f46a2f7a70d215f20b5364236c9670d_ppc64le as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-sriov-network-operator@sha256:185cba65f61575ba943dd5cb2726a0ac9f46a2f7a70d215f20b5364236c9670d_ppc64le"
},
"product_reference": "openshift4/ose-sriov-network-operator@sha256:185cba65f61575ba943dd5cb2726a0ac9f46a2f7a70d215f20b5364236c9670d_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-sriov-network-operator@sha256:49d76edf3ab80e9be59a94ec660d8168812f3455f5f10ff71826bb96969ffcec_amd64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-sriov-network-operator@sha256:49d76edf3ab80e9be59a94ec660d8168812f3455f5f10ff71826bb96969ffcec_amd64"
},
"product_reference": "openshift4/ose-sriov-network-operator@sha256:49d76edf3ab80e9be59a94ec660d8168812f3455f5f10ff71826bb96969ffcec_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-sriov-network-operator@sha256:5dd21faf10657adb2e4bfeecdc7b04bfaa29938c19ffe57d88677553b5a1e79f_s390x as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-sriov-network-operator@sha256:5dd21faf10657adb2e4bfeecdc7b04bfaa29938c19ffe57d88677553b5a1e79f_s390x"
},
"product_reference": "openshift4/ose-sriov-network-operator@sha256:5dd21faf10657adb2e4bfeecdc7b04bfaa29938c19ffe57d88677553b5a1e79f_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-sriov-network-webhook@sha256:290d63c1f882428084ed263cb9bf6fa6be0ef839ac0b864248dab92cee6790a7_ppc64le as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:290d63c1f882428084ed263cb9bf6fa6be0ef839ac0b864248dab92cee6790a7_ppc64le"
},
"product_reference": "openshift4/ose-sriov-network-webhook@sha256:290d63c1f882428084ed263cb9bf6fa6be0ef839ac0b864248dab92cee6790a7_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-sriov-network-webhook@sha256:caf2e25693bcfd91e9e7f7892e8cab4629ee1c25563f9e8c9904142c3e84cc48_s390x as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:caf2e25693bcfd91e9e7f7892e8cab4629ee1c25563f9e8c9904142c3e84cc48_s390x"
},
"product_reference": "openshift4/ose-sriov-network-webhook@sha256:caf2e25693bcfd91e9e7f7892e8cab4629ee1c25563f9e8c9904142c3e84cc48_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-sriov-network-webhook@sha256:f07c522de4d1858ee086ccad7d5f9c922564b0b67b6677611074f856e4334c4e_amd64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:f07c522de4d1858ee086ccad7d5f9c922564b0b67b6677611074f856e4334c4e_amd64"
},
"product_reference": "openshift4/ose-sriov-network-webhook@sha256:f07c522de4d1858ee086ccad7d5f9c922564b0b67b6677611074f856e4334c4e_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-sriov-operator-must-gather@sha256:2a8e8fa7b43091882a5ee187715c7aafff72e361a8a75e0878068fcdb03f8a46_s390x as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-sriov-operator-must-gather@sha256:2a8e8fa7b43091882a5ee187715c7aafff72e361a8a75e0878068fcdb03f8a46_s390x"
},
"product_reference": "openshift4/ose-sriov-operator-must-gather@sha256:2a8e8fa7b43091882a5ee187715c7aafff72e361a8a75e0878068fcdb03f8a46_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-sriov-operator-must-gather@sha256:4297f0d0f045f58a11353fad6c9de6baaa31a6cb7903ad51f6b01bee4b9703f0_ppc64le as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-sriov-operator-must-gather@sha256:4297f0d0f045f58a11353fad6c9de6baaa31a6cb7903ad51f6b01bee4b9703f0_ppc64le"
},
"product_reference": "openshift4/ose-sriov-operator-must-gather@sha256:4297f0d0f045f58a11353fad6c9de6baaa31a6cb7903ad51f6b01bee4b9703f0_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-sriov-operator-must-gather@sha256:f8683e6e50556395669789acaeb433cf533dc43f77f45dcba49cbd69d3096c1b_amd64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-sriov-operator-must-gather@sha256:f8683e6e50556395669789acaeb433cf533dc43f77f45dcba49cbd69d3096c1b_amd64"
},
"product_reference": "openshift4/ose-sriov-operator-must-gather@sha256:f8683e6e50556395669789acaeb433cf533dc43f77f45dcba49cbd69d3096c1b_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:271c133e0d283cd7bec61eb7d3201218fced204b1101fafdcd06998fb17f088b_s390x as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:271c133e0d283cd7bec61eb7d3201218fced204b1101fafdcd06998fb17f088b_s390x"
},
"product_reference": "openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:271c133e0d283cd7bec61eb7d3201218fced204b1101fafdcd06998fb17f088b_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:b4a504d3d1fc1d1a8a2284edbf787dc3fc4279389c8f7a4f537da0f9d84f49de_ppc64le as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:b4a504d3d1fc1d1a8a2284edbf787dc3fc4279389c8f7a4f537da0f9d84f49de_ppc64le"
},
"product_reference": "openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:b4a504d3d1fc1d1a8a2284edbf787dc3fc4279389c8f7a4f537da0f9d84f49de_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:ea78f087daa0036569c99345c064af69d9970b6721682f435dd5e3b424ef8892_amd64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:ea78f087daa0036569c99345c064af69d9970b6721682f435dd5e3b424ef8892_amd64"
},
"product_reference": "openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:ea78f087daa0036569c99345c064af69d9970b6721682f435dd5e3b424ef8892_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:065ab5c72fef744a40955cc745bef43af5853ea6a92adb9282f871cfeb50ddd4_amd64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:065ab5c72fef744a40955cc745bef43af5853ea6a92adb9282f871cfeb50ddd4_amd64"
},
"product_reference": "openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:065ab5c72fef744a40955cc745bef43af5853ea6a92adb9282f871cfeb50ddd4_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:0d541b24cd4e5f6fda0c0f6a652a600ce5b7107076dc0572a3da6b5d166220f7_ppc64le as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:0d541b24cd4e5f6fda0c0f6a652a600ce5b7107076dc0572a3da6b5d166220f7_ppc64le"
},
"product_reference": "openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:0d541b24cd4e5f6fda0c0f6a652a600ce5b7107076dc0572a3da6b5d166220f7_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:a29b643415ccdec3c5d8157253b7273a0808de56f0dfe5329242dfcca8726700_s390x as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:a29b643415ccdec3c5d8157253b7273a0808de56f0dfe5329242dfcca8726700_s390x"
},
"product_reference": "openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:a29b643415ccdec3c5d8157253b7273a0808de56f0dfe5329242dfcca8726700_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.6"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-44832",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2021-12-28T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:0ead3c605631206f123a4c3b4c7b5e1249541d993d75c1a7cbaacae57bd047e7_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:6e7666c52fca236c7708df93a64720b1bc94d9997c5cca300fb78a5301a811d3_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:9851086ac084c5187482604b55b216009af51174b51b0a4ecaa22ae6965bdfac_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:538543b6ea1186ba46340e2fc0752dc397bc2bde989fa356427aa991ef52b23f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:552025bcda355dc99917e2a454b11df197c7033ec3468752db7f4f55385c0009_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:914377c29c441b67235d5da849da9d5d2ca0c206eff6092f81cba427359a6a68_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:3089ef3143857097229cf2b1098125c3bd889d920cbcd1e90e93870a4536a315_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:3487912c66a6b61677be483ad0d48d404933d4f2c855a962b0038adefda820ac_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:b10e9335ffcb0c66cc733c493e7e90c81ecdc62fe74cb628260553141dd0e768_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:3089ef3143857097229cf2b1098125c3bd889d920cbcd1e90e93870a4536a315_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:3487912c66a6b61677be483ad0d48d404933d4f2c855a962b0038adefda820ac_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:b10e9335ffcb0c66cc733c493e7e90c81ecdc62fe74cb628260553141dd0e768_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-logging-operator@sha256:2f8c778281b547d7f8a6926b4527651f1b93cbc836b4f567251b436406ae531d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-logging-operator@sha256:35b7c99ee5ef1e05c31713148ca45795d11fb8cec14f5b73a5082edde1a420dd_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-logging-operator@sha256:bf1348edada5d722cfdb83a825034eed794534da4297c2cba973ce10d422f3b6_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-nfd-operator@sha256:2fbdb1983c71d76bdc84593cb94b846afbe7504270ff49cf194d29f46c2a54ce_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-nfd-operator@sha256:60e1a506e61226b57744b5023b8683745b602b32570c844631c5516e277cea4d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-nfd-operator@sha256:837499b03eb6d86f40c9376d7f58ca99736fb028b9171215c9c11b3b7c9e1ea5_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:9be5d1bd86525b465f4e21734fb64cf33d06a558628abe51355818eec90d6c5b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:de31cfdda8f79d6d1712df654fb70f9b51ad59526751ee4cdded28b26924f64f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:f5a0bbf1cdee2baeeeef4a68f9c2778b3e32803aa39d3a5225ab14c5a834abda_amd64",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8@sha256:135edfa97d1e2c97e4d71e91f22cf412df20b1a2f985f9dace339ff6419b0afe_amd64",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8@sha256:67a5e7a3e155fee5aea31f5ff6191071f2dafdb3cf5f8f107fee7f749bac70b3_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8@sha256:af98ba0a7ae3b124c167043e04b1cf494a9a3fb5a8a6870456ee74b769f3505e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:13b72f06cf0587747fb189781a85a79e9d3245e9add207afba714b85659ccf51_amd64",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:e1025d0ff1b498ab133c2c8c952d74a06a26767919af075616ad3e3df7e1aa7b_s390x",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:e1f0421a3d7c05e9d89336b1a5d992aa794a707b45a7f19c24ba6fbf731fc030_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-egress-dns-proxy@sha256:06a4ed599ae7598453ea474092c8515b2bead4631d5fc22848f19100b3d8d34a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-egress-dns-proxy@sha256:12b125762c840f8f556b5338f26543c56358cb2a4e0da718f28c537c17978e92_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-dns-proxy@sha256:27f0d36b1d6e0b9f746d4645444311c80ce0b3bf2a7a1f40619e6abf5ebacdac_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-egress-http-proxy@sha256:1995f9ac67fec2ed8872a89fe7bf7bb72d9a25d50dc3f6060ae6cb7ca0b1cc50_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-egress-http-proxy@sha256:55731345ef77fdbf7592fa6c6385674111203be5aaa5d6bb01b86ce12da290f2_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-http-proxy@sha256:989062e17028afc452b6049eeb2b49988dbca1857b5be4c0ebc0d540ef4a9f0c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-egress-router@sha256:3fa086ab7418aade16598fdaab31318d6fea99d27b8e8cdc70c91aa14c970720_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-router@sha256:abc06cbf734379c3460d401eae44981d01f2489d85ba128d6c25ad4e9cc4ac5a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-egress-router@sha256:b793400ba4ca8347fed2769021f45589e96394d7f3f1b67d08e3787484193a8d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:55068deddcc722093ffbaef460407c0d62b95120489994ad35a3e103ae8bb825_s390x",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:babd8e4facbdf98988147f9ca14aed822b9661dfd07667c03cd5c2b3cd779c61_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:dad1e81945e33a88a10af0ba300ff838b9556b07856bb44625a1b5e06be59b5f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-proxy@sha256:30b5c49a7818318dca3ee1fabed17881ff1aaf7d85129ca28375754acefa01c1_s390x",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-proxy@sha256:6f38aaca7153b53dd766acef9a056816c358a389629930fb6704cd136457f1fd_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-proxy@sha256:ec79fffde7369e36a548c594e0cab8fd2aec68f4bfb870c966873de953c82e28_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ghostunnel@sha256:cf92e54db3dad23fa8df46847b1da1330d925bd0a6b3ac266eed31baae6c86a9_amd64",
"8Base-RHOSE-4.6:openshift4/ose-helm-operator@sha256:0c87dc49ed5f7fe9b495fc4ce9c04533a3cb30bcf35776730fb23d68fb7d935c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-helm-operator@sha256:23a05fd7b6dcdeec80089baf3ed23b4d601ac33f05bbf90b518aee0096f2e93a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-helm-operator@sha256:8123030facf3f2e1150a988fb48c04edb8bf8725fd1385fb5d6e00209a90aafc_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:18b19dd12254c5ce801ca4876c517a804dc1135104aada08822b8a1a01dea88b_s390x",
"8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:53e4efe77d61d5c975e0d2bda0a5721624fa9b9bbe845b879320745dc5808146_amd64",
"8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:f616d7ce6a927e4d07db54915e10c23052054883092b54cba31263fa2deeb143_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:5c917f6e16f53c787ab98ded89e6de10172ebbbc427ddd7b39274f6849fda279_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:f0803d7e103a6386db864d892b06a8506e1e8427f5439ade0b2b576cd57f39e1_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:ff35c8d9cafec29f141be52773cdbfc2b4da2197c54977554662e3c5b06443ba_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-operator@sha256:2e791e91cc04924add27dd73651cc783eb0dc134a5d936245ffcdb655fee973f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-operator@sha256:79d85a7a26cb26e7636c3e0057394739e5e7e553c460ea83130a75a1e047e139_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-operator@sha256:7ce40d96b827a92da571e809f563072c8dbcfeb4dd105e5e80c774ad7dd75424_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:88f085beb4edf3cdc7e03e08ec0bf896fd17fd5e8629891e1359b500ddee3d40_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:a112dd127655109b81ae6f9fa5d7458642c517a84a6fabb2ff76f19cf4b73cff_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:fce99497254da60d9ea29f8da240b21501f00369272a83229e9afe7cde4b3a9a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-curator5@sha256:ad1bc526e85aecd53f0b8563f6461f4e93ae7929f0e124a262781859ecad2b5d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-curator5@sha256:ef9ca522e2e42d28263fe567dfd1455872a13b779d009f569f86a9806f7727b5_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-curator5@sha256:f291f5cf001e32843171cced32c9266b3801cf8838d44fd150f7064c8edd15bc_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-eventrouter@sha256:0a4d48dd5651c1fd6038d6f1780c5bf012a6fad3dbb5442cb2331bac22ef30e6_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-eventrouter@sha256:3ce7b7b2c42de34e85ec322e781da324de0be3642acd1cbe7b51bc584a9266c0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-eventrouter@sha256:d174e013bab68f62d077d3994b3419e02bb48f7df30b7ba9416f3531898faa0f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-fluentd@sha256:4868be0ee955c03af2def300abc0462f1c9644f9247584e30fdccc2d8780679e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-fluentd@sha256:81b925ab3a62be690462b3b04d2dc837bac84650fb57f4adce339d69493cde44_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-fluentd@sha256:a8cfdeddcc6a910f5cb320afa136544575c6c8a957270973ce0fd09c090cada6_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:1b4742afd01443ad4b3e06b3fcaee1d5eb111db7a348f8b8a993e6d25da43460_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:713c0cf0011d8b9b965fce87c21c1822ec3e6b30a12d523cfae899e3df538376_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:96126e249c57434c3641c8bfdee4ffd009c5fc20cfa1ef2763ab33fbdca68d3b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-metering-ansible-operator@sha256:f976ae1318691de3da7f208bea500c745796ab9f8de712c1801268a2f431f23f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-hadoop@sha256:7c5a754163f73dbd38557b80f9c0b0286877774350177744ea6b199b0d62784f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-helm-container-rhel8@sha256:3c14ff447fbbccf0c201585598492336cdc9c7abec6be7e80e8df8ce15320ddc_s390x",
"8Base-RHOSE-4.6:openshift4/ose-metering-helm-container-rhel8@sha256:8280180d103a31b2e8594b2eb3711c205a956b2443624f6244488c86f0cab328_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-metering-helm-container-rhel8@sha256:d5a0cbbe425d23a642743748f74d4432e53ab2e30d7af633d470e7bda82a18af_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-hive@sha256:b7e2a84f2e134b4316a8db9edebacd9bd8bb2a7daa7bf000da1d8802c45a2b12_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-presto@sha256:84e9cbd74084dd42bd340ff837a9fb3de1f62babcb55c4a3a684c0b9881db385_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-reporting-operator@sha256:677d94835e2141a208294a4c241c8ed214a6d9c5c21c03c88c7ccf19b461d3b5_amd64",
"8Base-RHOSE-4.6:openshift4/ose-node-feature-discovery@sha256:232d317b3a859141cafea76fce1177284a2a2d58294acef23c7f73214bd5a43f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-node-feature-discovery@sha256:949915f8d3fa7b0d99e8b01fdf6cc6a28c16942a6978fa7cbb604467a5b9bd04_amd64",
"8Base-RHOSE-4.6:openshift4/ose-node-feature-discovery@sha256:bd3a05f7433b159efc5dd4aa12afffa6e9121ae612a93722425ddcef6fbaf9d3_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-node-problem-detector-rhel8@sha256:25f3e6e8ec060df5cd6ad82035cf6f7c973890829c95ef5a006af292882c5f17_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-node-problem-detector-rhel8@sha256:965ad84e25c85428bc5554dc24c929a294d766616649107cea227848f14605f1_s390x",
"8Base-RHOSE-4.6:openshift4/ose-node-problem-detector-rhel8@sha256:edd9b7d3df9f5f741c0d83607eabd20c0666960825dc21018813aee95fa0216a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:3b88fd834e952da56657207ef1c29d5cb05b0a71a68cdd6c6af00ab846166e47_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:baf9d876219182ca7f3f684640d361a55e43570446eed059f7061e8ff429f551_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:c7fec4fe430865ff8668e960cba75cb8f5c1ea448131dbc786a977ad9b988279_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:78251c9f29301cf945e7cd21059e26a4efa81f387351343391da8851fd47ad55_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:7ccfbebc93d0f6d2e48d1940fec540bd809ecfb81be7940431466ca950420acd_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:ba082241f9cc57f8b35a979d7b9096bdad4c9f6dd4cdecde0e4d6eba7645d9e2_amd64",
"8Base-RHOSE-4.6:openshift4/ose-service-idler-rhel8@sha256:b3ddfec490c5c285d373ea2eeea18361bdebbc377593157be592f8c903ab93e3_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-service-idler-rhel8@sha256:cd5a9bac048f8cad9f2a176101617712daad243e928db57c021c6da52774d953_s390x",
"8Base-RHOSE-4.6:openshift4/ose-service-idler-rhel8@sha256:e223fe4e6a2e1de6d0faa3c3b1164e914bdb9315f679416d3aecffd4f8544f06_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-cni@sha256:4a6d5d05e952393f41912f0b07e57ed2c6f1be49bd1bf6be2ad8dabffc9bf5a1_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-cni@sha256:c1ee961c1df9a16a2764d252cd3ee00ccba8faa5286352c0eff96e0a06daeb85_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-cni@sha256:e2161e3b282a02da7abc69b4d001ed19cffa1bee9e8275b5ee28874fcbd81670_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:277aef8937aa7892c1bf281de09177c46af5717d0107ca3a249cd43c4d9d60b2_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:2971cf58e8005c83acfedbdc25047fc61b2857c080da9964269384b1a580facc_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:9a10666afe36a5cfe9d184cc05e9505208ce48756637309767a9b1206b90c36f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-infiniband-cni@sha256:44b6e854ecd47519615b68965464e94b31e9a44a698df0574f858cf6f9f47b8c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-infiniband-cni@sha256:bd3f71cebd3399a0c610439ef26582deb6e67ca46080fe8e6c3e2b51bb95d118_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-infiniband-cni@sha256:fc1db84a3523bdddfd54725ecd4f75ae2271f4e97d649009ca8f9ae94a25cc1a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:17ec16af68906589680c714c3fb858fb83389e9278ca79b8f9ec4ad953821f2c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:a81cd86608af1bf295b247df68549ca62a980d6063f87fe6855f52ef69f9d933_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:ddad2bc791774d3b8b98eec435a9a74bef2ca20a6dfc9b45c3020c03f3c03b73_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:5203b4e517f0255d2e530f61c7dfa21784987074540eb83845e52d6a66d8e875_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:ce8ac507dc8593513b6e1b72ed497f5cb8699a28fb812290cf74f441ebf360d5_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:e1f3573ca92174ca9226d60edbffa24e2f6cd4f8b6affc4381dc92b4f7f9c7c5_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-operator@sha256:185cba65f61575ba943dd5cb2726a0ac9f46a2f7a70d215f20b5364236c9670d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-operator@sha256:49d76edf3ab80e9be59a94ec660d8168812f3455f5f10ff71826bb96969ffcec_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-operator@sha256:5dd21faf10657adb2e4bfeecdc7b04bfaa29938c19ffe57d88677553b5a1e79f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:290d63c1f882428084ed263cb9bf6fa6be0ef839ac0b864248dab92cee6790a7_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:caf2e25693bcfd91e9e7f7892e8cab4629ee1c25563f9e8c9904142c3e84cc48_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:f07c522de4d1858ee086ccad7d5f9c922564b0b67b6677611074f856e4334c4e_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-operator-must-gather@sha256:2a8e8fa7b43091882a5ee187715c7aafff72e361a8a75e0878068fcdb03f8a46_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-operator-must-gather@sha256:4297f0d0f045f58a11353fad6c9de6baaa31a6cb7903ad51f6b01bee4b9703f0_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-operator-must-gather@sha256:f8683e6e50556395669789acaeb433cf533dc43f77f45dcba49cbd69d3096c1b_amd64",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:271c133e0d283cd7bec61eb7d3201218fced204b1101fafdcd06998fb17f088b_s390x",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:b4a504d3d1fc1d1a8a2284edbf787dc3fc4279389c8f7a4f537da0f9d84f49de_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:ea78f087daa0036569c99345c064af69d9970b6721682f435dd5e3b424ef8892_amd64",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:065ab5c72fef744a40955cc745bef43af5853ea6a92adb9282f871cfeb50ddd4_amd64",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:0d541b24cd4e5f6fda0c0f6a652a600ce5b7107076dc0572a3da6b5d166220f7_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:a29b643415ccdec3c5d8157253b7273a0808de56f0dfe5329242dfcca8726700_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2035951"
}
],
"notes": [
{
"category": "description",
"text": "Apache Log4j2 versions 2.0-beta7 through 2.17.0 (excluding security fix releases 2.3.2 and 2.12.4) are vulnerable to a remote code execution (RCE) attack where an attacker with permission to modify the logging configuration file can construct a malicious configuration using a JDBC Appender with a data source referencing a JNDI URI which can execute remote code. This issue is fixed by limiting JNDI data source names to the java protocol in Log4j2 versions 2.17.1, 2.12.4, and 2.3.2.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "log4j-core: remote code execution via JDBC Appender",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Log4j 1.x is not impacted by this vulnerability. Therefore versions of log4j shipped with Red Hat Enterprise Linux are NOT affected by this flaw.\n\nFor Elasticsearch, as shipped in OpenShift Container Platform and OpenShift Logging, access to the log4j2.properties configuration is limited only to the cluster administrators and exploitation requires cluster logging changes, what reduced the impact of this vulnerability significantly [0].\n\n[0] https://discuss.elastic.co/t/apache-log4j2-remote-code-execution-rce-vulnerability-cve-2021-44228-esa-2021-31/291476#update-jan-6-5",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:08069eb8d8084532872995971c4613487efe93e338fb091db122b9bf48228927_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:43eaa7ac445e648a9a44b6dacb87f96708d67d2bc262ff59980d8929fb20797b_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:494cca490e8be47a3dd458f04791a11f80fca0255534fe926b5654e62d02950b_ppc64le"
],
"known_not_affected": [
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:0ead3c605631206f123a4c3b4c7b5e1249541d993d75c1a7cbaacae57bd047e7_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:6e7666c52fca236c7708df93a64720b1bc94d9997c5cca300fb78a5301a811d3_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:9851086ac084c5187482604b55b216009af51174b51b0a4ecaa22ae6965bdfac_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:538543b6ea1186ba46340e2fc0752dc397bc2bde989fa356427aa991ef52b23f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:552025bcda355dc99917e2a454b11df197c7033ec3468752db7f4f55385c0009_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:914377c29c441b67235d5da849da9d5d2ca0c206eff6092f81cba427359a6a68_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:3089ef3143857097229cf2b1098125c3bd889d920cbcd1e90e93870a4536a315_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:3487912c66a6b61677be483ad0d48d404933d4f2c855a962b0038adefda820ac_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:b10e9335ffcb0c66cc733c493e7e90c81ecdc62fe74cb628260553141dd0e768_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:3089ef3143857097229cf2b1098125c3bd889d920cbcd1e90e93870a4536a315_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:3487912c66a6b61677be483ad0d48d404933d4f2c855a962b0038adefda820ac_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:b10e9335ffcb0c66cc733c493e7e90c81ecdc62fe74cb628260553141dd0e768_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-logging-operator@sha256:2f8c778281b547d7f8a6926b4527651f1b93cbc836b4f567251b436406ae531d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-logging-operator@sha256:35b7c99ee5ef1e05c31713148ca45795d11fb8cec14f5b73a5082edde1a420dd_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-logging-operator@sha256:bf1348edada5d722cfdb83a825034eed794534da4297c2cba973ce10d422f3b6_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-nfd-operator@sha256:2fbdb1983c71d76bdc84593cb94b846afbe7504270ff49cf194d29f46c2a54ce_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-nfd-operator@sha256:60e1a506e61226b57744b5023b8683745b602b32570c844631c5516e277cea4d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-nfd-operator@sha256:837499b03eb6d86f40c9376d7f58ca99736fb028b9171215c9c11b3b7c9e1ea5_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:9be5d1bd86525b465f4e21734fb64cf33d06a558628abe51355818eec90d6c5b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:de31cfdda8f79d6d1712df654fb70f9b51ad59526751ee4cdded28b26924f64f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:f5a0bbf1cdee2baeeeef4a68f9c2778b3e32803aa39d3a5225ab14c5a834abda_amd64",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8@sha256:135edfa97d1e2c97e4d71e91f22cf412df20b1a2f985f9dace339ff6419b0afe_amd64",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8@sha256:67a5e7a3e155fee5aea31f5ff6191071f2dafdb3cf5f8f107fee7f749bac70b3_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8@sha256:af98ba0a7ae3b124c167043e04b1cf494a9a3fb5a8a6870456ee74b769f3505e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:13b72f06cf0587747fb189781a85a79e9d3245e9add207afba714b85659ccf51_amd64",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:e1025d0ff1b498ab133c2c8c952d74a06a26767919af075616ad3e3df7e1aa7b_s390x",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:e1f0421a3d7c05e9d89336b1a5d992aa794a707b45a7f19c24ba6fbf731fc030_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-egress-dns-proxy@sha256:06a4ed599ae7598453ea474092c8515b2bead4631d5fc22848f19100b3d8d34a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-egress-dns-proxy@sha256:12b125762c840f8f556b5338f26543c56358cb2a4e0da718f28c537c17978e92_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-dns-proxy@sha256:27f0d36b1d6e0b9f746d4645444311c80ce0b3bf2a7a1f40619e6abf5ebacdac_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-egress-http-proxy@sha256:1995f9ac67fec2ed8872a89fe7bf7bb72d9a25d50dc3f6060ae6cb7ca0b1cc50_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-egress-http-proxy@sha256:55731345ef77fdbf7592fa6c6385674111203be5aaa5d6bb01b86ce12da290f2_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-http-proxy@sha256:989062e17028afc452b6049eeb2b49988dbca1857b5be4c0ebc0d540ef4a9f0c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-egress-router@sha256:3fa086ab7418aade16598fdaab31318d6fea99d27b8e8cdc70c91aa14c970720_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-router@sha256:abc06cbf734379c3460d401eae44981d01f2489d85ba128d6c25ad4e9cc4ac5a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-egress-router@sha256:b793400ba4ca8347fed2769021f45589e96394d7f3f1b67d08e3787484193a8d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:55068deddcc722093ffbaef460407c0d62b95120489994ad35a3e103ae8bb825_s390x",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:babd8e4facbdf98988147f9ca14aed822b9661dfd07667c03cd5c2b3cd779c61_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:dad1e81945e33a88a10af0ba300ff838b9556b07856bb44625a1b5e06be59b5f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-proxy@sha256:30b5c49a7818318dca3ee1fabed17881ff1aaf7d85129ca28375754acefa01c1_s390x",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-proxy@sha256:6f38aaca7153b53dd766acef9a056816c358a389629930fb6704cd136457f1fd_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-proxy@sha256:ec79fffde7369e36a548c594e0cab8fd2aec68f4bfb870c966873de953c82e28_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ghostunnel@sha256:cf92e54db3dad23fa8df46847b1da1330d925bd0a6b3ac266eed31baae6c86a9_amd64",
"8Base-RHOSE-4.6:openshift4/ose-helm-operator@sha256:0c87dc49ed5f7fe9b495fc4ce9c04533a3cb30bcf35776730fb23d68fb7d935c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-helm-operator@sha256:23a05fd7b6dcdeec80089baf3ed23b4d601ac33f05bbf90b518aee0096f2e93a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-helm-operator@sha256:8123030facf3f2e1150a988fb48c04edb8bf8725fd1385fb5d6e00209a90aafc_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:18b19dd12254c5ce801ca4876c517a804dc1135104aada08822b8a1a01dea88b_s390x",
"8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:53e4efe77d61d5c975e0d2bda0a5721624fa9b9bbe845b879320745dc5808146_amd64",
"8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:f616d7ce6a927e4d07db54915e10c23052054883092b54cba31263fa2deeb143_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:5c917f6e16f53c787ab98ded89e6de10172ebbbc427ddd7b39274f6849fda279_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:f0803d7e103a6386db864d892b06a8506e1e8427f5439ade0b2b576cd57f39e1_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:ff35c8d9cafec29f141be52773cdbfc2b4da2197c54977554662e3c5b06443ba_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-operator@sha256:2e791e91cc04924add27dd73651cc783eb0dc134a5d936245ffcdb655fee973f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-operator@sha256:79d85a7a26cb26e7636c3e0057394739e5e7e553c460ea83130a75a1e047e139_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-operator@sha256:7ce40d96b827a92da571e809f563072c8dbcfeb4dd105e5e80c774ad7dd75424_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:88f085beb4edf3cdc7e03e08ec0bf896fd17fd5e8629891e1359b500ddee3d40_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:a112dd127655109b81ae6f9fa5d7458642c517a84a6fabb2ff76f19cf4b73cff_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:fce99497254da60d9ea29f8da240b21501f00369272a83229e9afe7cde4b3a9a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-curator5@sha256:ad1bc526e85aecd53f0b8563f6461f4e93ae7929f0e124a262781859ecad2b5d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-curator5@sha256:ef9ca522e2e42d28263fe567dfd1455872a13b779d009f569f86a9806f7727b5_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-curator5@sha256:f291f5cf001e32843171cced32c9266b3801cf8838d44fd150f7064c8edd15bc_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-eventrouter@sha256:0a4d48dd5651c1fd6038d6f1780c5bf012a6fad3dbb5442cb2331bac22ef30e6_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-eventrouter@sha256:3ce7b7b2c42de34e85ec322e781da324de0be3642acd1cbe7b51bc584a9266c0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-eventrouter@sha256:d174e013bab68f62d077d3994b3419e02bb48f7df30b7ba9416f3531898faa0f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-fluentd@sha256:4868be0ee955c03af2def300abc0462f1c9644f9247584e30fdccc2d8780679e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-fluentd@sha256:81b925ab3a62be690462b3b04d2dc837bac84650fb57f4adce339d69493cde44_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-fluentd@sha256:a8cfdeddcc6a910f5cb320afa136544575c6c8a957270973ce0fd09c090cada6_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:1b4742afd01443ad4b3e06b3fcaee1d5eb111db7a348f8b8a993e6d25da43460_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:713c0cf0011d8b9b965fce87c21c1822ec3e6b30a12d523cfae899e3df538376_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:96126e249c57434c3641c8bfdee4ffd009c5fc20cfa1ef2763ab33fbdca68d3b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-metering-ansible-operator@sha256:f976ae1318691de3da7f208bea500c745796ab9f8de712c1801268a2f431f23f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-hadoop@sha256:7c5a754163f73dbd38557b80f9c0b0286877774350177744ea6b199b0d62784f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-helm-container-rhel8@sha256:3c14ff447fbbccf0c201585598492336cdc9c7abec6be7e80e8df8ce15320ddc_s390x",
"8Base-RHOSE-4.6:openshift4/ose-metering-helm-container-rhel8@sha256:8280180d103a31b2e8594b2eb3711c205a956b2443624f6244488c86f0cab328_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-metering-helm-container-rhel8@sha256:d5a0cbbe425d23a642743748f74d4432e53ab2e30d7af633d470e7bda82a18af_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-hive@sha256:b7e2a84f2e134b4316a8db9edebacd9bd8bb2a7daa7bf000da1d8802c45a2b12_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-presto@sha256:84e9cbd74084dd42bd340ff837a9fb3de1f62babcb55c4a3a684c0b9881db385_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-reporting-operator@sha256:677d94835e2141a208294a4c241c8ed214a6d9c5c21c03c88c7ccf19b461d3b5_amd64",
"8Base-RHOSE-4.6:openshift4/ose-node-feature-discovery@sha256:232d317b3a859141cafea76fce1177284a2a2d58294acef23c7f73214bd5a43f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-node-feature-discovery@sha256:949915f8d3fa7b0d99e8b01fdf6cc6a28c16942a6978fa7cbb604467a5b9bd04_amd64",
"8Base-RHOSE-4.6:openshift4/ose-node-feature-discovery@sha256:bd3a05f7433b159efc5dd4aa12afffa6e9121ae612a93722425ddcef6fbaf9d3_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-node-problem-detector-rhel8@sha256:25f3e6e8ec060df5cd6ad82035cf6f7c973890829c95ef5a006af292882c5f17_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-node-problem-detector-rhel8@sha256:965ad84e25c85428bc5554dc24c929a294d766616649107cea227848f14605f1_s390x",
"8Base-RHOSE-4.6:openshift4/ose-node-problem-detector-rhel8@sha256:edd9b7d3df9f5f741c0d83607eabd20c0666960825dc21018813aee95fa0216a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:3b88fd834e952da56657207ef1c29d5cb05b0a71a68cdd6c6af00ab846166e47_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:baf9d876219182ca7f3f684640d361a55e43570446eed059f7061e8ff429f551_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:c7fec4fe430865ff8668e960cba75cb8f5c1ea448131dbc786a977ad9b988279_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:78251c9f29301cf945e7cd21059e26a4efa81f387351343391da8851fd47ad55_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:7ccfbebc93d0f6d2e48d1940fec540bd809ecfb81be7940431466ca950420acd_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:ba082241f9cc57f8b35a979d7b9096bdad4c9f6dd4cdecde0e4d6eba7645d9e2_amd64",
"8Base-RHOSE-4.6:openshift4/ose-service-idler-rhel8@sha256:b3ddfec490c5c285d373ea2eeea18361bdebbc377593157be592f8c903ab93e3_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-service-idler-rhel8@sha256:cd5a9bac048f8cad9f2a176101617712daad243e928db57c021c6da52774d953_s390x",
"8Base-RHOSE-4.6:openshift4/ose-service-idler-rhel8@sha256:e223fe4e6a2e1de6d0faa3c3b1164e914bdb9315f679416d3aecffd4f8544f06_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-cni@sha256:4a6d5d05e952393f41912f0b07e57ed2c6f1be49bd1bf6be2ad8dabffc9bf5a1_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-cni@sha256:c1ee961c1df9a16a2764d252cd3ee00ccba8faa5286352c0eff96e0a06daeb85_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-cni@sha256:e2161e3b282a02da7abc69b4d001ed19cffa1bee9e8275b5ee28874fcbd81670_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:277aef8937aa7892c1bf281de09177c46af5717d0107ca3a249cd43c4d9d60b2_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:2971cf58e8005c83acfedbdc25047fc61b2857c080da9964269384b1a580facc_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:9a10666afe36a5cfe9d184cc05e9505208ce48756637309767a9b1206b90c36f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-infiniband-cni@sha256:44b6e854ecd47519615b68965464e94b31e9a44a698df0574f858cf6f9f47b8c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-infiniband-cni@sha256:bd3f71cebd3399a0c610439ef26582deb6e67ca46080fe8e6c3e2b51bb95d118_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-infiniband-cni@sha256:fc1db84a3523bdddfd54725ecd4f75ae2271f4e97d649009ca8f9ae94a25cc1a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:17ec16af68906589680c714c3fb858fb83389e9278ca79b8f9ec4ad953821f2c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:a81cd86608af1bf295b247df68549ca62a980d6063f87fe6855f52ef69f9d933_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:ddad2bc791774d3b8b98eec435a9a74bef2ca20a6dfc9b45c3020c03f3c03b73_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:5203b4e517f0255d2e530f61c7dfa21784987074540eb83845e52d6a66d8e875_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:ce8ac507dc8593513b6e1b72ed497f5cb8699a28fb812290cf74f441ebf360d5_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:e1f3573ca92174ca9226d60edbffa24e2f6cd4f8b6affc4381dc92b4f7f9c7c5_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-operator@sha256:185cba65f61575ba943dd5cb2726a0ac9f46a2f7a70d215f20b5364236c9670d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-operator@sha256:49d76edf3ab80e9be59a94ec660d8168812f3455f5f10ff71826bb96969ffcec_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-operator@sha256:5dd21faf10657adb2e4bfeecdc7b04bfaa29938c19ffe57d88677553b5a1e79f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:290d63c1f882428084ed263cb9bf6fa6be0ef839ac0b864248dab92cee6790a7_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:caf2e25693bcfd91e9e7f7892e8cab4629ee1c25563f9e8c9904142c3e84cc48_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:f07c522de4d1858ee086ccad7d5f9c922564b0b67b6677611074f856e4334c4e_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-operator-must-gather@sha256:2a8e8fa7b43091882a5ee187715c7aafff72e361a8a75e0878068fcdb03f8a46_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-operator-must-gather@sha256:4297f0d0f045f58a11353fad6c9de6baaa31a6cb7903ad51f6b01bee4b9703f0_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-operator-must-gather@sha256:f8683e6e50556395669789acaeb433cf533dc43f77f45dcba49cbd69d3096c1b_amd64",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:271c133e0d283cd7bec61eb7d3201218fced204b1101fafdcd06998fb17f088b_s390x",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:b4a504d3d1fc1d1a8a2284edbf787dc3fc4279389c8f7a4f537da0f9d84f49de_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:ea78f087daa0036569c99345c064af69d9970b6721682f435dd5e3b424ef8892_amd64",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:065ab5c72fef744a40955cc745bef43af5853ea6a92adb9282f871cfeb50ddd4_amd64",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:0d541b24cd4e5f6fda0c0f6a652a600ce5b7107076dc0572a3da6b5d166220f7_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:a29b643415ccdec3c5d8157253b7273a0808de56f0dfe5329242dfcca8726700_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-44832"
},
{
"category": "external",
"summary": "RHBZ#2035951",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2035951"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-44832",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44832"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-44832",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-44832"
},
{
"category": "external",
"summary": "https://issues.apache.org/jira/browse/LOG4J2-3293",
"url": "https://issues.apache.org/jira/browse/LOG4J2-3293"
}
],
"release_date": "2021-12-28T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-01-27T08:24:22+00:00",
"details": "For OpenShift Container Platform 4.6 see the following documentation, which\nwill be updated shortly for this release, for important instructions on how\nto upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.6/release_notes/ocp-4-6-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.6/updating/updating-cluster-cli.html",
"product_ids": [
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:08069eb8d8084532872995971c4613487efe93e338fb091db122b9bf48228927_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:43eaa7ac445e648a9a44b6dacb87f96708d67d2bc262ff59980d8929fb20797b_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:494cca490e8be47a3dd458f04791a11f80fca0255534fe926b5654e62d02950b_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:0181"
},
{
"category": "workaround",
"details": "As per upstream:\n- In prior releases confirm that if the JDBC Appender is being used it is not configured to use any protocol other than Java.\n- Note that only the log4j-core JAR file is impacted by this vulnerability. Applications using only the log4j-api JAR file without the log4j-core JAR file are not impacted by this vulnerability.",
"product_ids": [
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:0ead3c605631206f123a4c3b4c7b5e1249541d993d75c1a7cbaacae57bd047e7_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:6e7666c52fca236c7708df93a64720b1bc94d9997c5cca300fb78a5301a811d3_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:9851086ac084c5187482604b55b216009af51174b51b0a4ecaa22ae6965bdfac_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:538543b6ea1186ba46340e2fc0752dc397bc2bde989fa356427aa991ef52b23f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:552025bcda355dc99917e2a454b11df197c7033ec3468752db7f4f55385c0009_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:914377c29c441b67235d5da849da9d5d2ca0c206eff6092f81cba427359a6a68_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:3089ef3143857097229cf2b1098125c3bd889d920cbcd1e90e93870a4536a315_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:3487912c66a6b61677be483ad0d48d404933d4f2c855a962b0038adefda820ac_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:b10e9335ffcb0c66cc733c493e7e90c81ecdc62fe74cb628260553141dd0e768_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:3089ef3143857097229cf2b1098125c3bd889d920cbcd1e90e93870a4536a315_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:3487912c66a6b61677be483ad0d48d404933d4f2c855a962b0038adefda820ac_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:b10e9335ffcb0c66cc733c493e7e90c81ecdc62fe74cb628260553141dd0e768_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-logging-operator@sha256:2f8c778281b547d7f8a6926b4527651f1b93cbc836b4f567251b436406ae531d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-logging-operator@sha256:35b7c99ee5ef1e05c31713148ca45795d11fb8cec14f5b73a5082edde1a420dd_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-logging-operator@sha256:bf1348edada5d722cfdb83a825034eed794534da4297c2cba973ce10d422f3b6_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-nfd-operator@sha256:2fbdb1983c71d76bdc84593cb94b846afbe7504270ff49cf194d29f46c2a54ce_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-nfd-operator@sha256:60e1a506e61226b57744b5023b8683745b602b32570c844631c5516e277cea4d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-nfd-operator@sha256:837499b03eb6d86f40c9376d7f58ca99736fb028b9171215c9c11b3b7c9e1ea5_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:9be5d1bd86525b465f4e21734fb64cf33d06a558628abe51355818eec90d6c5b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:de31cfdda8f79d6d1712df654fb70f9b51ad59526751ee4cdded28b26924f64f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:f5a0bbf1cdee2baeeeef4a68f9c2778b3e32803aa39d3a5225ab14c5a834abda_amd64",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8@sha256:135edfa97d1e2c97e4d71e91f22cf412df20b1a2f985f9dace339ff6419b0afe_amd64",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8@sha256:67a5e7a3e155fee5aea31f5ff6191071f2dafdb3cf5f8f107fee7f749bac70b3_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8@sha256:af98ba0a7ae3b124c167043e04b1cf494a9a3fb5a8a6870456ee74b769f3505e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:13b72f06cf0587747fb189781a85a79e9d3245e9add207afba714b85659ccf51_amd64",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:e1025d0ff1b498ab133c2c8c952d74a06a26767919af075616ad3e3df7e1aa7b_s390x",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:e1f0421a3d7c05e9d89336b1a5d992aa794a707b45a7f19c24ba6fbf731fc030_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-egress-dns-proxy@sha256:06a4ed599ae7598453ea474092c8515b2bead4631d5fc22848f19100b3d8d34a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-egress-dns-proxy@sha256:12b125762c840f8f556b5338f26543c56358cb2a4e0da718f28c537c17978e92_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-dns-proxy@sha256:27f0d36b1d6e0b9f746d4645444311c80ce0b3bf2a7a1f40619e6abf5ebacdac_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-egress-http-proxy@sha256:1995f9ac67fec2ed8872a89fe7bf7bb72d9a25d50dc3f6060ae6cb7ca0b1cc50_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-egress-http-proxy@sha256:55731345ef77fdbf7592fa6c6385674111203be5aaa5d6bb01b86ce12da290f2_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-http-proxy@sha256:989062e17028afc452b6049eeb2b49988dbca1857b5be4c0ebc0d540ef4a9f0c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-egress-router@sha256:3fa086ab7418aade16598fdaab31318d6fea99d27b8e8cdc70c91aa14c970720_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-router@sha256:abc06cbf734379c3460d401eae44981d01f2489d85ba128d6c25ad4e9cc4ac5a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-egress-router@sha256:b793400ba4ca8347fed2769021f45589e96394d7f3f1b67d08e3787484193a8d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:55068deddcc722093ffbaef460407c0d62b95120489994ad35a3e103ae8bb825_s390x",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:babd8e4facbdf98988147f9ca14aed822b9661dfd07667c03cd5c2b3cd779c61_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:dad1e81945e33a88a10af0ba300ff838b9556b07856bb44625a1b5e06be59b5f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-proxy@sha256:30b5c49a7818318dca3ee1fabed17881ff1aaf7d85129ca28375754acefa01c1_s390x",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-proxy@sha256:6f38aaca7153b53dd766acef9a056816c358a389629930fb6704cd136457f1fd_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-proxy@sha256:ec79fffde7369e36a548c594e0cab8fd2aec68f4bfb870c966873de953c82e28_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ghostunnel@sha256:cf92e54db3dad23fa8df46847b1da1330d925bd0a6b3ac266eed31baae6c86a9_amd64",
"8Base-RHOSE-4.6:openshift4/ose-helm-operator@sha256:0c87dc49ed5f7fe9b495fc4ce9c04533a3cb30bcf35776730fb23d68fb7d935c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-helm-operator@sha256:23a05fd7b6dcdeec80089baf3ed23b4d601ac33f05bbf90b518aee0096f2e93a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-helm-operator@sha256:8123030facf3f2e1150a988fb48c04edb8bf8725fd1385fb5d6e00209a90aafc_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:18b19dd12254c5ce801ca4876c517a804dc1135104aada08822b8a1a01dea88b_s390x",
"8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:53e4efe77d61d5c975e0d2bda0a5721624fa9b9bbe845b879320745dc5808146_amd64",
"8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:f616d7ce6a927e4d07db54915e10c23052054883092b54cba31263fa2deeb143_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:5c917f6e16f53c787ab98ded89e6de10172ebbbc427ddd7b39274f6849fda279_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:f0803d7e103a6386db864d892b06a8506e1e8427f5439ade0b2b576cd57f39e1_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:ff35c8d9cafec29f141be52773cdbfc2b4da2197c54977554662e3c5b06443ba_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-operator@sha256:2e791e91cc04924add27dd73651cc783eb0dc134a5d936245ffcdb655fee973f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-operator@sha256:79d85a7a26cb26e7636c3e0057394739e5e7e553c460ea83130a75a1e047e139_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-operator@sha256:7ce40d96b827a92da571e809f563072c8dbcfeb4dd105e5e80c774ad7dd75424_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:88f085beb4edf3cdc7e03e08ec0bf896fd17fd5e8629891e1359b500ddee3d40_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:a112dd127655109b81ae6f9fa5d7458642c517a84a6fabb2ff76f19cf4b73cff_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:fce99497254da60d9ea29f8da240b21501f00369272a83229e9afe7cde4b3a9a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-curator5@sha256:ad1bc526e85aecd53f0b8563f6461f4e93ae7929f0e124a262781859ecad2b5d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-curator5@sha256:ef9ca522e2e42d28263fe567dfd1455872a13b779d009f569f86a9806f7727b5_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-curator5@sha256:f291f5cf001e32843171cced32c9266b3801cf8838d44fd150f7064c8edd15bc_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:08069eb8d8084532872995971c4613487efe93e338fb091db122b9bf48228927_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:43eaa7ac445e648a9a44b6dacb87f96708d67d2bc262ff59980d8929fb20797b_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:494cca490e8be47a3dd458f04791a11f80fca0255534fe926b5654e62d02950b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-eventrouter@sha256:0a4d48dd5651c1fd6038d6f1780c5bf012a6fad3dbb5442cb2331bac22ef30e6_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-eventrouter@sha256:3ce7b7b2c42de34e85ec322e781da324de0be3642acd1cbe7b51bc584a9266c0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-eventrouter@sha256:d174e013bab68f62d077d3994b3419e02bb48f7df30b7ba9416f3531898faa0f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-fluentd@sha256:4868be0ee955c03af2def300abc0462f1c9644f9247584e30fdccc2d8780679e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-fluentd@sha256:81b925ab3a62be690462b3b04d2dc837bac84650fb57f4adce339d69493cde44_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-fluentd@sha256:a8cfdeddcc6a910f5cb320afa136544575c6c8a957270973ce0fd09c090cada6_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:1b4742afd01443ad4b3e06b3fcaee1d5eb111db7a348f8b8a993e6d25da43460_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:713c0cf0011d8b9b965fce87c21c1822ec3e6b30a12d523cfae899e3df538376_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:96126e249c57434c3641c8bfdee4ffd009c5fc20cfa1ef2763ab33fbdca68d3b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-metering-ansible-operator@sha256:f976ae1318691de3da7f208bea500c745796ab9f8de712c1801268a2f431f23f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-hadoop@sha256:7c5a754163f73dbd38557b80f9c0b0286877774350177744ea6b199b0d62784f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-helm-container-rhel8@sha256:3c14ff447fbbccf0c201585598492336cdc9c7abec6be7e80e8df8ce15320ddc_s390x",
"8Base-RHOSE-4.6:openshift4/ose-metering-helm-container-rhel8@sha256:8280180d103a31b2e8594b2eb3711c205a956b2443624f6244488c86f0cab328_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-metering-helm-container-rhel8@sha256:d5a0cbbe425d23a642743748f74d4432e53ab2e30d7af633d470e7bda82a18af_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-hive@sha256:b7e2a84f2e134b4316a8db9edebacd9bd8bb2a7daa7bf000da1d8802c45a2b12_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-presto@sha256:84e9cbd74084dd42bd340ff837a9fb3de1f62babcb55c4a3a684c0b9881db385_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-reporting-operator@sha256:677d94835e2141a208294a4c241c8ed214a6d9c5c21c03c88c7ccf19b461d3b5_amd64",
"8Base-RHOSE-4.6:openshift4/ose-node-feature-discovery@sha256:232d317b3a859141cafea76fce1177284a2a2d58294acef23c7f73214bd5a43f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-node-feature-discovery@sha256:949915f8d3fa7b0d99e8b01fdf6cc6a28c16942a6978fa7cbb604467a5b9bd04_amd64",
"8Base-RHOSE-4.6:openshift4/ose-node-feature-discovery@sha256:bd3a05f7433b159efc5dd4aa12afffa6e9121ae612a93722425ddcef6fbaf9d3_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-node-problem-detector-rhel8@sha256:25f3e6e8ec060df5cd6ad82035cf6f7c973890829c95ef5a006af292882c5f17_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-node-problem-detector-rhel8@sha256:965ad84e25c85428bc5554dc24c929a294d766616649107cea227848f14605f1_s390x",
"8Base-RHOSE-4.6:openshift4/ose-node-problem-detector-rhel8@sha256:edd9b7d3df9f5f741c0d83607eabd20c0666960825dc21018813aee95fa0216a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:3b88fd834e952da56657207ef1c29d5cb05b0a71a68cdd6c6af00ab846166e47_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:baf9d876219182ca7f3f684640d361a55e43570446eed059f7061e8ff429f551_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:c7fec4fe430865ff8668e960cba75cb8f5c1ea448131dbc786a977ad9b988279_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:78251c9f29301cf945e7cd21059e26a4efa81f387351343391da8851fd47ad55_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:7ccfbebc93d0f6d2e48d1940fec540bd809ecfb81be7940431466ca950420acd_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:ba082241f9cc57f8b35a979d7b9096bdad4c9f6dd4cdecde0e4d6eba7645d9e2_amd64",
"8Base-RHOSE-4.6:openshift4/ose-service-idler-rhel8@sha256:b3ddfec490c5c285d373ea2eeea18361bdebbc377593157be592f8c903ab93e3_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-service-idler-rhel8@sha256:cd5a9bac048f8cad9f2a176101617712daad243e928db57c021c6da52774d953_s390x",
"8Base-RHOSE-4.6:openshift4/ose-service-idler-rhel8@sha256:e223fe4e6a2e1de6d0faa3c3b1164e914bdb9315f679416d3aecffd4f8544f06_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-cni@sha256:4a6d5d05e952393f41912f0b07e57ed2c6f1be49bd1bf6be2ad8dabffc9bf5a1_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-cni@sha256:c1ee961c1df9a16a2764d252cd3ee00ccba8faa5286352c0eff96e0a06daeb85_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-cni@sha256:e2161e3b282a02da7abc69b4d001ed19cffa1bee9e8275b5ee28874fcbd81670_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:277aef8937aa7892c1bf281de09177c46af5717d0107ca3a249cd43c4d9d60b2_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:2971cf58e8005c83acfedbdc25047fc61b2857c080da9964269384b1a580facc_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:9a10666afe36a5cfe9d184cc05e9505208ce48756637309767a9b1206b90c36f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-infiniband-cni@sha256:44b6e854ecd47519615b68965464e94b31e9a44a698df0574f858cf6f9f47b8c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-infiniband-cni@sha256:bd3f71cebd3399a0c610439ef26582deb6e67ca46080fe8e6c3e2b51bb95d118_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-infiniband-cni@sha256:fc1db84a3523bdddfd54725ecd4f75ae2271f4e97d649009ca8f9ae94a25cc1a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:17ec16af68906589680c714c3fb858fb83389e9278ca79b8f9ec4ad953821f2c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:a81cd86608af1bf295b247df68549ca62a980d6063f87fe6855f52ef69f9d933_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:ddad2bc791774d3b8b98eec435a9a74bef2ca20a6dfc9b45c3020c03f3c03b73_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:5203b4e517f0255d2e530f61c7dfa21784987074540eb83845e52d6a66d8e875_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:ce8ac507dc8593513b6e1b72ed497f5cb8699a28fb812290cf74f441ebf360d5_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:e1f3573ca92174ca9226d60edbffa24e2f6cd4f8b6affc4381dc92b4f7f9c7c5_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-operator@sha256:185cba65f61575ba943dd5cb2726a0ac9f46a2f7a70d215f20b5364236c9670d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-operator@sha256:49d76edf3ab80e9be59a94ec660d8168812f3455f5f10ff71826bb96969ffcec_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-operator@sha256:5dd21faf10657adb2e4bfeecdc7b04bfaa29938c19ffe57d88677553b5a1e79f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:290d63c1f882428084ed263cb9bf6fa6be0ef839ac0b864248dab92cee6790a7_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:caf2e25693bcfd91e9e7f7892e8cab4629ee1c25563f9e8c9904142c3e84cc48_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:f07c522de4d1858ee086ccad7d5f9c922564b0b67b6677611074f856e4334c4e_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-operator-must-gather@sha256:2a8e8fa7b43091882a5ee187715c7aafff72e361a8a75e0878068fcdb03f8a46_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-operator-must-gather@sha256:4297f0d0f045f58a11353fad6c9de6baaa31a6cb7903ad51f6b01bee4b9703f0_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-operator-must-gather@sha256:f8683e6e50556395669789acaeb433cf533dc43f77f45dcba49cbd69d3096c1b_amd64",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:271c133e0d283cd7bec61eb7d3201218fced204b1101fafdcd06998fb17f088b_s390x",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:b4a504d3d1fc1d1a8a2284edbf787dc3fc4279389c8f7a4f537da0f9d84f49de_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:ea78f087daa0036569c99345c064af69d9970b6721682f435dd5e3b424ef8892_amd64",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:065ab5c72fef744a40955cc745bef43af5853ea6a92adb9282f871cfeb50ddd4_amd64",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:0d541b24cd4e5f6fda0c0f6a652a600ce5b7107076dc0572a3da6b5d166220f7_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:a29b643415ccdec3c5d8157253b7273a0808de56f0dfe5329242dfcca8726700_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:0ead3c605631206f123a4c3b4c7b5e1249541d993d75c1a7cbaacae57bd047e7_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:6e7666c52fca236c7708df93a64720b1bc94d9997c5cca300fb78a5301a811d3_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:9851086ac084c5187482604b55b216009af51174b51b0a4ecaa22ae6965bdfac_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:538543b6ea1186ba46340e2fc0752dc397bc2bde989fa356427aa991ef52b23f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:552025bcda355dc99917e2a454b11df197c7033ec3468752db7f4f55385c0009_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:914377c29c441b67235d5da849da9d5d2ca0c206eff6092f81cba427359a6a68_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:3089ef3143857097229cf2b1098125c3bd889d920cbcd1e90e93870a4536a315_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:3487912c66a6b61677be483ad0d48d404933d4f2c855a962b0038adefda820ac_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:b10e9335ffcb0c66cc733c493e7e90c81ecdc62fe74cb628260553141dd0e768_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:3089ef3143857097229cf2b1098125c3bd889d920cbcd1e90e93870a4536a315_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:3487912c66a6b61677be483ad0d48d404933d4f2c855a962b0038adefda820ac_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:b10e9335ffcb0c66cc733c493e7e90c81ecdc62fe74cb628260553141dd0e768_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-logging-operator@sha256:2f8c778281b547d7f8a6926b4527651f1b93cbc836b4f567251b436406ae531d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-logging-operator@sha256:35b7c99ee5ef1e05c31713148ca45795d11fb8cec14f5b73a5082edde1a420dd_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-logging-operator@sha256:bf1348edada5d722cfdb83a825034eed794534da4297c2cba973ce10d422f3b6_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-nfd-operator@sha256:2fbdb1983c71d76bdc84593cb94b846afbe7504270ff49cf194d29f46c2a54ce_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-nfd-operator@sha256:60e1a506e61226b57744b5023b8683745b602b32570c844631c5516e277cea4d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-nfd-operator@sha256:837499b03eb6d86f40c9376d7f58ca99736fb028b9171215c9c11b3b7c9e1ea5_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:9be5d1bd86525b465f4e21734fb64cf33d06a558628abe51355818eec90d6c5b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:de31cfdda8f79d6d1712df654fb70f9b51ad59526751ee4cdded28b26924f64f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:f5a0bbf1cdee2baeeeef4a68f9c2778b3e32803aa39d3a5225ab14c5a834abda_amd64",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8@sha256:135edfa97d1e2c97e4d71e91f22cf412df20b1a2f985f9dace339ff6419b0afe_amd64",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8@sha256:67a5e7a3e155fee5aea31f5ff6191071f2dafdb3cf5f8f107fee7f749bac70b3_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8@sha256:af98ba0a7ae3b124c167043e04b1cf494a9a3fb5a8a6870456ee74b769f3505e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:13b72f06cf0587747fb189781a85a79e9d3245e9add207afba714b85659ccf51_amd64",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:e1025d0ff1b498ab133c2c8c952d74a06a26767919af075616ad3e3df7e1aa7b_s390x",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:e1f0421a3d7c05e9d89336b1a5d992aa794a707b45a7f19c24ba6fbf731fc030_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-egress-dns-proxy@sha256:06a4ed599ae7598453ea474092c8515b2bead4631d5fc22848f19100b3d8d34a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-egress-dns-proxy@sha256:12b125762c840f8f556b5338f26543c56358cb2a4e0da718f28c537c17978e92_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-dns-proxy@sha256:27f0d36b1d6e0b9f746d4645444311c80ce0b3bf2a7a1f40619e6abf5ebacdac_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-egress-http-proxy@sha256:1995f9ac67fec2ed8872a89fe7bf7bb72d9a25d50dc3f6060ae6cb7ca0b1cc50_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-egress-http-proxy@sha256:55731345ef77fdbf7592fa6c6385674111203be5aaa5d6bb01b86ce12da290f2_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-http-proxy@sha256:989062e17028afc452b6049eeb2b49988dbca1857b5be4c0ebc0d540ef4a9f0c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-egress-router@sha256:3fa086ab7418aade16598fdaab31318d6fea99d27b8e8cdc70c91aa14c970720_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-router@sha256:abc06cbf734379c3460d401eae44981d01f2489d85ba128d6c25ad4e9cc4ac5a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-egress-router@sha256:b793400ba4ca8347fed2769021f45589e96394d7f3f1b67d08e3787484193a8d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:55068deddcc722093ffbaef460407c0d62b95120489994ad35a3e103ae8bb825_s390x",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:babd8e4facbdf98988147f9ca14aed822b9661dfd07667c03cd5c2b3cd779c61_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:dad1e81945e33a88a10af0ba300ff838b9556b07856bb44625a1b5e06be59b5f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-proxy@sha256:30b5c49a7818318dca3ee1fabed17881ff1aaf7d85129ca28375754acefa01c1_s390x",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-proxy@sha256:6f38aaca7153b53dd766acef9a056816c358a389629930fb6704cd136457f1fd_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-proxy@sha256:ec79fffde7369e36a548c594e0cab8fd2aec68f4bfb870c966873de953c82e28_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ghostunnel@sha256:cf92e54db3dad23fa8df46847b1da1330d925bd0a6b3ac266eed31baae6c86a9_amd64",
"8Base-RHOSE-4.6:openshift4/ose-helm-operator@sha256:0c87dc49ed5f7fe9b495fc4ce9c04533a3cb30bcf35776730fb23d68fb7d935c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-helm-operator@sha256:23a05fd7b6dcdeec80089baf3ed23b4d601ac33f05bbf90b518aee0096f2e93a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-helm-operator@sha256:8123030facf3f2e1150a988fb48c04edb8bf8725fd1385fb5d6e00209a90aafc_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:18b19dd12254c5ce801ca4876c517a804dc1135104aada08822b8a1a01dea88b_s390x",
"8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:53e4efe77d61d5c975e0d2bda0a5721624fa9b9bbe845b879320745dc5808146_amd64",
"8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:f616d7ce6a927e4d07db54915e10c23052054883092b54cba31263fa2deeb143_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:5c917f6e16f53c787ab98ded89e6de10172ebbbc427ddd7b39274f6849fda279_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:f0803d7e103a6386db864d892b06a8506e1e8427f5439ade0b2b576cd57f39e1_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:ff35c8d9cafec29f141be52773cdbfc2b4da2197c54977554662e3c5b06443ba_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-operator@sha256:2e791e91cc04924add27dd73651cc783eb0dc134a5d936245ffcdb655fee973f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-operator@sha256:79d85a7a26cb26e7636c3e0057394739e5e7e553c460ea83130a75a1e047e139_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-operator@sha256:7ce40d96b827a92da571e809f563072c8dbcfeb4dd105e5e80c774ad7dd75424_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:88f085beb4edf3cdc7e03e08ec0bf896fd17fd5e8629891e1359b500ddee3d40_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:a112dd127655109b81ae6f9fa5d7458642c517a84a6fabb2ff76f19cf4b73cff_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:fce99497254da60d9ea29f8da240b21501f00369272a83229e9afe7cde4b3a9a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-curator5@sha256:ad1bc526e85aecd53f0b8563f6461f4e93ae7929f0e124a262781859ecad2b5d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-curator5@sha256:ef9ca522e2e42d28263fe567dfd1455872a13b779d009f569f86a9806f7727b5_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-curator5@sha256:f291f5cf001e32843171cced32c9266b3801cf8838d44fd150f7064c8edd15bc_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:08069eb8d8084532872995971c4613487efe93e338fb091db122b9bf48228927_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:43eaa7ac445e648a9a44b6dacb87f96708d67d2bc262ff59980d8929fb20797b_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:494cca490e8be47a3dd458f04791a11f80fca0255534fe926b5654e62d02950b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-eventrouter@sha256:0a4d48dd5651c1fd6038d6f1780c5bf012a6fad3dbb5442cb2331bac22ef30e6_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-eventrouter@sha256:3ce7b7b2c42de34e85ec322e781da324de0be3642acd1cbe7b51bc584a9266c0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-eventrouter@sha256:d174e013bab68f62d077d3994b3419e02bb48f7df30b7ba9416f3531898faa0f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-fluentd@sha256:4868be0ee955c03af2def300abc0462f1c9644f9247584e30fdccc2d8780679e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-fluentd@sha256:81b925ab3a62be690462b3b04d2dc837bac84650fb57f4adce339d69493cde44_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-fluentd@sha256:a8cfdeddcc6a910f5cb320afa136544575c6c8a957270973ce0fd09c090cada6_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:1b4742afd01443ad4b3e06b3fcaee1d5eb111db7a348f8b8a993e6d25da43460_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:713c0cf0011d8b9b965fce87c21c1822ec3e6b30a12d523cfae899e3df538376_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:96126e249c57434c3641c8bfdee4ffd009c5fc20cfa1ef2763ab33fbdca68d3b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-metering-ansible-operator@sha256:f976ae1318691de3da7f208bea500c745796ab9f8de712c1801268a2f431f23f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-hadoop@sha256:7c5a754163f73dbd38557b80f9c0b0286877774350177744ea6b199b0d62784f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-helm-container-rhel8@sha256:3c14ff447fbbccf0c201585598492336cdc9c7abec6be7e80e8df8ce15320ddc_s390x",
"8Base-RHOSE-4.6:openshift4/ose-metering-helm-container-rhel8@sha256:8280180d103a31b2e8594b2eb3711c205a956b2443624f6244488c86f0cab328_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-metering-helm-container-rhel8@sha256:d5a0cbbe425d23a642743748f74d4432e53ab2e30d7af633d470e7bda82a18af_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-hive@sha256:b7e2a84f2e134b4316a8db9edebacd9bd8bb2a7daa7bf000da1d8802c45a2b12_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-presto@sha256:84e9cbd74084dd42bd340ff837a9fb3de1f62babcb55c4a3a684c0b9881db385_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-reporting-operator@sha256:677d94835e2141a208294a4c241c8ed214a6d9c5c21c03c88c7ccf19b461d3b5_amd64",
"8Base-RHOSE-4.6:openshift4/ose-node-feature-discovery@sha256:232d317b3a859141cafea76fce1177284a2a2d58294acef23c7f73214bd5a43f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-node-feature-discovery@sha256:949915f8d3fa7b0d99e8b01fdf6cc6a28c16942a6978fa7cbb604467a5b9bd04_amd64",
"8Base-RHOSE-4.6:openshift4/ose-node-feature-discovery@sha256:bd3a05f7433b159efc5dd4aa12afffa6e9121ae612a93722425ddcef6fbaf9d3_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-node-problem-detector-rhel8@sha256:25f3e6e8ec060df5cd6ad82035cf6f7c973890829c95ef5a006af292882c5f17_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-node-problem-detector-rhel8@sha256:965ad84e25c85428bc5554dc24c929a294d766616649107cea227848f14605f1_s390x",
"8Base-RHOSE-4.6:openshift4/ose-node-problem-detector-rhel8@sha256:edd9b7d3df9f5f741c0d83607eabd20c0666960825dc21018813aee95fa0216a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:3b88fd834e952da56657207ef1c29d5cb05b0a71a68cdd6c6af00ab846166e47_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:baf9d876219182ca7f3f684640d361a55e43570446eed059f7061e8ff429f551_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:c7fec4fe430865ff8668e960cba75cb8f5c1ea448131dbc786a977ad9b988279_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:78251c9f29301cf945e7cd21059e26a4efa81f387351343391da8851fd47ad55_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:7ccfbebc93d0f6d2e48d1940fec540bd809ecfb81be7940431466ca950420acd_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:ba082241f9cc57f8b35a979d7b9096bdad4c9f6dd4cdecde0e4d6eba7645d9e2_amd64",
"8Base-RHOSE-4.6:openshift4/ose-service-idler-rhel8@sha256:b3ddfec490c5c285d373ea2eeea18361bdebbc377593157be592f8c903ab93e3_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-service-idler-rhel8@sha256:cd5a9bac048f8cad9f2a176101617712daad243e928db57c021c6da52774d953_s390x",
"8Base-RHOSE-4.6:openshift4/ose-service-idler-rhel8@sha256:e223fe4e6a2e1de6d0faa3c3b1164e914bdb9315f679416d3aecffd4f8544f06_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-cni@sha256:4a6d5d05e952393f41912f0b07e57ed2c6f1be49bd1bf6be2ad8dabffc9bf5a1_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-cni@sha256:c1ee961c1df9a16a2764d252cd3ee00ccba8faa5286352c0eff96e0a06daeb85_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-cni@sha256:e2161e3b282a02da7abc69b4d001ed19cffa1bee9e8275b5ee28874fcbd81670_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:277aef8937aa7892c1bf281de09177c46af5717d0107ca3a249cd43c4d9d60b2_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:2971cf58e8005c83acfedbdc25047fc61b2857c080da9964269384b1a580facc_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:9a10666afe36a5cfe9d184cc05e9505208ce48756637309767a9b1206b90c36f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-infiniband-cni@sha256:44b6e854ecd47519615b68965464e94b31e9a44a698df0574f858cf6f9f47b8c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-infiniband-cni@sha256:bd3f71cebd3399a0c610439ef26582deb6e67ca46080fe8e6c3e2b51bb95d118_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-infiniband-cni@sha256:fc1db84a3523bdddfd54725ecd4f75ae2271f4e97d649009ca8f9ae94a25cc1a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:17ec16af68906589680c714c3fb858fb83389e9278ca79b8f9ec4ad953821f2c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:a81cd86608af1bf295b247df68549ca62a980d6063f87fe6855f52ef69f9d933_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:ddad2bc791774d3b8b98eec435a9a74bef2ca20a6dfc9b45c3020c03f3c03b73_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:5203b4e517f0255d2e530f61c7dfa21784987074540eb83845e52d6a66d8e875_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:ce8ac507dc8593513b6e1b72ed497f5cb8699a28fb812290cf74f441ebf360d5_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:e1f3573ca92174ca9226d60edbffa24e2f6cd4f8b6affc4381dc92b4f7f9c7c5_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-operator@sha256:185cba65f61575ba943dd5cb2726a0ac9f46a2f7a70d215f20b5364236c9670d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-operator@sha256:49d76edf3ab80e9be59a94ec660d8168812f3455f5f10ff71826bb96969ffcec_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-operator@sha256:5dd21faf10657adb2e4bfeecdc7b04bfaa29938c19ffe57d88677553b5a1e79f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:290d63c1f882428084ed263cb9bf6fa6be0ef839ac0b864248dab92cee6790a7_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:caf2e25693bcfd91e9e7f7892e8cab4629ee1c25563f9e8c9904142c3e84cc48_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:f07c522de4d1858ee086ccad7d5f9c922564b0b67b6677611074f856e4334c4e_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-operator-must-gather@sha256:2a8e8fa7b43091882a5ee187715c7aafff72e361a8a75e0878068fcdb03f8a46_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-operator-must-gather@sha256:4297f0d0f045f58a11353fad6c9de6baaa31a6cb7903ad51f6b01bee4b9703f0_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-operator-must-gather@sha256:f8683e6e50556395669789acaeb433cf533dc43f77f45dcba49cbd69d3096c1b_amd64",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:271c133e0d283cd7bec61eb7d3201218fced204b1101fafdcd06998fb17f088b_s390x",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:b4a504d3d1fc1d1a8a2284edbf787dc3fc4279389c8f7a4f537da0f9d84f49de_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:ea78f087daa0036569c99345c064af69d9970b6721682f435dd5e3b424ef8892_amd64",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:065ab5c72fef744a40955cc745bef43af5853ea6a92adb9282f871cfeb50ddd4_amd64",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:0d541b24cd4e5f6fda0c0f6a652a600ce5b7107076dc0572a3da6b5d166220f7_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:a29b643415ccdec3c5d8157253b7273a0808de56f0dfe5329242dfcca8726700_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "log4j-core: remote code execution via JDBC Appender"
}
]
}
RHSA-2022:0083
Vulnerability from csaf_redhat - Published: 2022-01-20 12:12 - Updated: 2025-11-21 18:27Summary
Red Hat Security Advisory: Red Hat build of Eclipse Vert.x 4.1.8 security update
Notes
Topic
An update is now available for Red Hat build of Eclipse Vert.x.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability. For more information, see the CVE pages listed in the References section.
Details
This release of Red Hat build of Eclipse Vert.x 4.1.8 GA includes security updates. For more information, see the release notes listed in the References section.
Security Fix(es):
* log4j-core: remote code execution via JDBC Appender (CVE-2021-44832)
* log4j-core: DoS in log4j 2.x with thread context message pattern and context lookup pattern (incomplete fix for CVE-2021-44228) (CVE-2021-45046)
* log4j-core: DoS in log4j 2.x with Thread Context Map (MDC) input data contains a recursive lookup and context lookup pattern (CVE-2021-45105)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update is now available for Red Hat build of Eclipse Vert.x.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability. For more information, see the CVE pages listed in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "This release of Red Hat build of Eclipse Vert.x 4.1.8 GA includes security updates. For more information, see the release notes listed in the References section.\n\nSecurity Fix(es):\n\n* log4j-core: remote code execution via JDBC Appender (CVE-2021-44832)\n\n* log4j-core: DoS in log4j 2.x with thread context message pattern and context lookup pattern (incomplete fix for CVE-2021-44228) (CVE-2021-45046)\n\n* log4j-core: DoS in log4j 2.x with Thread Context Map (MDC) input data contains a recursive lookup and context lookup pattern (CVE-2021-45105)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2022:0083",
"url": "https://access.redhat.com/errata/RHSA-2022:0083"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=distributions\u0026product=catRhoar.eclipse.vertx\u0026version=4.1.8",
"url": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=distributions\u0026product=catRhoar.eclipse.vertx\u0026version=4.1.8"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_build_of_eclipse_vert.x/4.1/html/release_notes_for_eclipse_vert.x_4.1/index",
"url": "https://access.redhat.com/documentation/en-us/red_hat_build_of_eclipse_vert.x/4.1/html/release_notes_for_eclipse_vert.x_4.1/index"
},
{
"category": "external",
"summary": "2032580",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2032580"
},
{
"category": "external",
"summary": "2034067",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2034067"
},
{
"category": "external",
"summary": "2035951",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2035951"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2022/rhsa-2022_0083.json"
}
],
"title": "Red Hat Security Advisory: Red Hat build of Eclipse Vert.x 4.1.8 security update",
"tracking": {
"current_release_date": "2025-11-21T18:27:46+00:00",
"generator": {
"date": "2025-11-21T18:27:46+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.12"
}
},
"id": "RHSA-2022:0083",
"initial_release_date": "2022-01-20T12:12:50+00:00",
"revision_history": [
{
"date": "2022-01-20T12:12:50+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2022-01-20T12:12:50+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-11-21T18:27:46+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Vert.x 4.1.8",
"product": {
"name": "Vert.x 4.1.8",
"product_id": "Vert.x 4.1.8",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift_application_runtimes:1.0"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenShift Application Runtimes"
}
],
"category": "vendor",
"name": "Red Hat"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-44832",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2021-12-28T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2035951"
}
],
"notes": [
{
"category": "description",
"text": "Apache Log4j2 versions 2.0-beta7 through 2.17.0 (excluding security fix releases 2.3.2 and 2.12.4) are vulnerable to a remote code execution (RCE) attack where an attacker with permission to modify the logging configuration file can construct a malicious configuration using a JDBC Appender with a data source referencing a JNDI URI which can execute remote code. This issue is fixed by limiting JNDI data source names to the java protocol in Log4j2 versions 2.17.1, 2.12.4, and 2.3.2.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "log4j-core: remote code execution via JDBC Appender",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Log4j 1.x is not impacted by this vulnerability. Therefore versions of log4j shipped with Red Hat Enterprise Linux are NOT affected by this flaw.\n\nFor Elasticsearch, as shipped in OpenShift Container Platform and OpenShift Logging, access to the log4j2.properties configuration is limited only to the cluster administrators and exploitation requires cluster logging changes, what reduced the impact of this vulnerability significantly [0].\n\n[0] https://discuss.elastic.co/t/apache-log4j2-remote-code-execution-rce-vulnerability-cve-2021-44228-esa-2021-31/291476#update-jan-6-5",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Vert.x 4.1.8"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-44832"
},
{
"category": "external",
"summary": "RHBZ#2035951",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2035951"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-44832",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44832"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-44832",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-44832"
},
{
"category": "external",
"summary": "https://issues.apache.org/jira/browse/LOG4J2-3293",
"url": "https://issues.apache.org/jira/browse/LOG4J2-3293"
}
],
"release_date": "2021-12-28T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-01-20T12:12:50+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link for the update. You must be logged in to download the update.",
"product_ids": [
"Vert.x 4.1.8"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:0083"
},
{
"category": "workaround",
"details": "As per upstream:\n- In prior releases confirm that if the JDBC Appender is being used it is not configured to use any protocol other than Java.\n- Note that only the log4j-core JAR file is impacted by this vulnerability. Applications using only the log4j-api JAR file without the log4j-core JAR file are not impacted by this vulnerability.",
"product_ids": [
"Vert.x 4.1.8"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Vert.x 4.1.8"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "log4j-core: remote code execution via JDBC Appender"
},
{
"cve": "CVE-2021-45046",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2021-12-14T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2032580"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Apache Log4j logging library in versions from 2.0.0 and before 2.16.0. A remote attacker with control over Thread Context Map (MDC) input data could craft malicious input using a JNDI Lookup pattern resulting in remote code execution (RCE) in a limited number of environments.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "log4j-core: DoS in log4j 2.x with thread context message pattern and context lookup pattern (incomplete fix for CVE-2021-44228)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Although we have matched Apache\u0027s CVSS score, with the exception of the scope metric which will remain unaltered at \"unchanged\"; as we believe code execution would be at the permission levels of the running JVM and not exceeding that of the original CVE-2021-44228 flaw.\n \nWe have given this vulnerability an impact rating of Moderate, this is because of the unlikely nature of log4j lookup mapping values being derived from attacker controlled values. This is not the default configuration for end-applications using log4j 2.x and would require explicit action from a privileged user (a developer or administrator) to access the vulnerability. \nIn certain non-default configurations, it was found that the fix to address CVE-2021-44228 in Apache Log4j 2.15.0 was insufficient.\n\nThis issue affects the log4j version between 2.0 and 2.15. Log4j 1.x is NOT impacted by this vulnerability. \n\nPrerequisites to exploit this flaw are :\n\n- A remotely accessible endpoint with any protocol (HTTP, TCP, etc) that allows an attacker to send arbitrary data,\n- A log statement in the endpoint that logs the attacker controlled data.\n- Log4j configuration file should be explicitly configured to use a non-default Pattern Layout with a Context Lookup eg. ($${ctx:loginId}) \n\nIn most cases, the mitigation suggested for CVE-2021-44228 (i.e. to set the system property `log4j2.noFormatMsgLookup` to `true) does NOT mitigate this specific vulnerability. \nLog4j 2.16.0 fixes this issue by removing support for message lookup patterns and disabling JNDI functionality by default.\n\nFor Elasticsearch, as shipped in OpenShift 3.11, the \"log4j2.formatMsgNoLookups=true\" system property mitigation is sufficient as there are no included non-standard configurations that allow for exploitation:\n\nhttps://github.com/openshift/openshift-ansible/blob/release-3.11/roles/openshift_logging_elasticsearch/templates/log4j2.properties.j2\n\nhttps://discuss.elastic.co/t/apache-log4j2-remote-code-execution-rce-vulnerability-cve-2021-44228-esa-2021-31/291476\n\nFor CodeReady Studio the fix for this flaw is available on CodeReady Studio 12.21.3 and above versions.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Vert.x 4.1.8"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-45046"
},
{
"category": "external",
"summary": "RHBZ#2032580",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2032580"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-45046",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-45046"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-45046",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-45046"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2021-44228",
"url": "https://access.redhat.com/security/cve/CVE-2021-44228"
},
{
"category": "external",
"summary": "https://logging.apache.org/log4j/2.x/security.html",
"url": "https://logging.apache.org/log4j/2.x/security.html"
},
{
"category": "external",
"summary": "https://www.openwall.com/lists/oss-security/2021/12/14/4",
"url": "https://www.openwall.com/lists/oss-security/2021/12/14/4"
},
{
"category": "external",
"summary": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog",
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
}
],
"release_date": "2021-12-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-01-20T12:12:50+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link for the update. You must be logged in to download the update.",
"product_ids": [
"Vert.x 4.1.8"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:0083"
},
{
"category": "workaround",
"details": "For Log4j versions up to and including 2.15.0, this issue can be mitigated by removing the JndiLookup class from the classpath (example: zip -q -d log4j-core-*.jar org/apache/logging/log4j/core/lookup/JndiLookup.class).",
"product_ids": [
"Vert.x 4.1.8"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Vert.x 4.1.8"
]
}
],
"threats": [
{
"category": "exploit_status",
"date": "2023-05-01T00:00:00+00:00",
"details": "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
},
{
"category": "impact",
"details": "Moderate"
}
],
"title": "log4j-core: DoS in log4j 2.x with thread context message pattern and context lookup pattern (incomplete fix for CVE-2021-44228)"
},
{
"cve": "CVE-2021-45105",
"cwe": {
"id": "CWE-674",
"name": "Uncontrolled Recursion"
},
"discovery_date": "2021-12-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2034067"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Apache Log4j logging library 2.x. when the logging configuration uses a non-default Pattern Layout with a Context Lookup. Attackers with control over Thread Context Map (MDC) input data can craft malicious input data that contains a recursive lookup and can cause Denial of Service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "log4j-core: DoS in log4j 2.x with Thread Context Map (MDC) input data contains a recursive lookup and context lookup pattern",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Product Security has performed an analysis of this flaw and has classified the Attack Complexity(AC) as High because there are multiple factors involved which are beyond attacker\u0027s control:\n\n- The application has to use the logging configuration using a Context Map Lookup (for example, $${ctx:loginId}) which is a non-default Pattern Layout.\n- The application developer has to use the map org.apache.logging.log4j.ThreadContext in the application code and save at-least one key (for example, ThreadContext.put(\"loginId\", \"myId\");) in the ThreadContext map object.\n- Attackers must also know this saved key name in order to exploit this flaw.\n\nNote that saving keys in this map is a non-essential usage of log4j and just an optional feature provided. Refer to https://logging.apache.org/log4j/2.x/manual/lookups.html#ContextMapLookup to know more about the Context Map Lookup feature of Log4j.\n\nLog4j 1.x is not impacted by this vulnerability. Note that only the log4j-core JAR file is impacted by this vulnerability. Applications using ONLY the log4j-api JAR file without the log4j-core JAR file are NOT impacted by this vulnerability.\n\n\nDespite including a vulnerable version of Log4j 2.x, this vulnerability is not exploitable in Elasticsearch[0], as shipped in OpenShift Container Platform and OpenShift Logging. OpenShift 3.11 specifically does not contain any context lookups:\n\nhttps://github.com/openshift/openshift-ansible/blob/release-3.11/roles/openshift_logging_elasticsearch/templates/log4j2.properties.j2\n\nThis vulnerability is therefore rated Low for Elasticsearch in OpenShift Container Platform and OpenShift Logging.\n\n[0] https://discuss.elastic.co/t/apache-log4j2-remote-code-execution-rce-vulnerability-cve-2021-44228-esa-2021-31/291476#update-december-18-4",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Vert.x 4.1.8"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-45105"
},
{
"category": "external",
"summary": "RHBZ#2034067",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2034067"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-45105",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-45105"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-45105",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-45105"
},
{
"category": "external",
"summary": "https://issues.apache.org/jira/browse/LOG4J2-3230",
"url": "https://issues.apache.org/jira/browse/LOG4J2-3230"
},
{
"category": "external",
"summary": "https://logging.apache.org/log4j/2.x/security.html",
"url": "https://logging.apache.org/log4j/2.x/security.html"
},
{
"category": "external",
"summary": "https://www.openwall.com/lists/oss-security/2021/12/19/1",
"url": "https://www.openwall.com/lists/oss-security/2021/12/19/1"
}
],
"release_date": "2021-12-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-01-20T12:12:50+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link for the update. You must be logged in to download the update.",
"product_ids": [
"Vert.x 4.1.8"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:0083"
},
{
"category": "workaround",
"details": "For Log4j 2 versions up to and including 2.16.0, this flaw can be mitigated by:\n- In PatternLayout in the Log4j logging configuration, replace Context Lookups like ${ctx:loginId} or $${ctx:loginId} with Thread Context Map patterns (%X, %mdc, or %MDC) like %X{loginId}.\n- Otherwise, in the Log4j logging configuration, remove references to Context Lookups like ${ctx:loginId} or $${ctx:loginId} where they originate from sources external to the application such as HTTP headers or user input.",
"product_ids": [
"Vert.x 4.1.8"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Vert.x 4.1.8"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "log4j-core: DoS in log4j 2.x with Thread Context Map (MDC) input data contains a recursive lookup and context lookup pattern"
}
]
}
RHSA-2022_0203
Vulnerability from csaf_redhat - Published: 2022-01-20 09:26 - Updated: 2024-12-18 00:01Summary
Red Hat Security Advisory: Red Hat Fuse 7.8-7.10 security update
Notes
Topic
A micro version update for Fuse 7.8, 7.9, and 7.10 is now available for Red Hat Fuse on Karaf and Red Hat Fuse on Spring Boot. The purpose of this text-only errata is to inform you about the security issues fixed in this release.
Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
The releases of Red Hat Fuse 7.8.2, 7.9.1 and 7.10.1 serve as a patch to Red Hat Fuse on Karaf and Red Hat Fuse on Spring Boot and includes security fixes, which are documented in the Release Notes document linked to in the References.
Security Fix(es):
* log4j-core: Remote code execution in Log4j 2.x when logs contain an attacker-controlled string value (CVE-2021-44228)
* log4j-core: remote code execution via JDBC Appender (CVE-2021-44832)
* log4j-core: DoS in log4j 2.x with thread context message pattern and context lookup pattern (incomplete fix for CVE-2021-44228) (CVE-2021-45046)
* log4j-core: DoS in log4j 2.x with Thread Context Map (MDC) input data contains a recursive lookup and context lookup pattern (CVE-2021-45105)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Critical"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "A micro version update for Fuse 7.8, 7.9, and 7.10 is now available for Red Hat Fuse on Karaf and Red Hat Fuse on Spring Boot. The purpose of this text-only errata is to inform you about the security issues fixed in this release.\n\nRed Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "The releases of Red Hat Fuse 7.8.2, 7.9.1 and 7.10.1 serve as a patch to Red Hat Fuse on Karaf and Red Hat Fuse on Spring Boot and includes security fixes, which are documented in the Release Notes document linked to in the References.\n\nSecurity Fix(es):\n\n* log4j-core: Remote code execution in Log4j 2.x when logs contain an attacker-controlled string value (CVE-2021-44228)\n\n* log4j-core: remote code execution via JDBC Appender (CVE-2021-44832)\n\n* log4j-core: DoS in log4j 2.x with thread context message pattern and context lookup pattern (incomplete fix for CVE-2021-44228) (CVE-2021-45046)\n\n* log4j-core: DoS in log4j 2.x with Thread Context Map (MDC) input data contains a recursive lookup and context lookup pattern (CVE-2021-45105)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2022:0203",
"url": "https://access.redhat.com/errata/RHSA-2022:0203"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#critical",
"url": "https://access.redhat.com/security/updates/classification/#critical"
},
{
"category": "external",
"summary": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=securityPatches\u0026product=jboss.fuse\u0026version=7.08.0",
"url": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=securityPatches\u0026product=jboss.fuse\u0026version=7.08.0"
},
{
"category": "external",
"summary": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=securityPatches\u0026product=jboss.fuse\u0026version=7.09.0",
"url": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=securityPatches\u0026product=jboss.fuse\u0026version=7.09.0"
},
{
"category": "external",
"summary": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=securityPatches\u0026product=jboss.fuse\u0026version=7.10.0",
"url": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=securityPatches\u0026product=jboss.fuse\u0026version=7.10.0"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/vulnerabilities/RHSB-2021-009",
"url": "https://access.redhat.com/security/vulnerabilities/RHSB-2021-009"
},
{
"category": "external",
"summary": "2030932",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2030932"
},
{
"category": "external",
"summary": "2032580",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2032580"
},
{
"category": "external",
"summary": "2034067",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2034067"
},
{
"category": "external",
"summary": "2035951",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2035951"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2022/rhsa-2022_0203.json"
}
],
"title": "Red Hat Security Advisory: Red Hat Fuse 7.8-7.10 security update",
"tracking": {
"current_release_date": "2024-12-18T00:01:50+00:00",
"generator": {
"date": "2024-12-18T00:01:50+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.3"
}
},
"id": "RHSA-2022:0203",
"initial_release_date": "2022-01-20T09:26:34+00:00",
"revision_history": [
{
"date": "2022-01-20T09:26:34+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2022-01-20T09:26:34+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-12-18T00:01:50+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Fuse 7.8.2, 7.9.1, 7.10.1",
"product": {
"name": "Red Hat Fuse 7.8.2, 7.9.1, 7.10.1",
"product_id": "Red Hat Fuse 7.8.2, 7.9.1, 7.10.1",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_fuse:7"
}
}
}
],
"category": "product_family",
"name": "Red Hat JBoss Fuse"
}
],
"category": "vendor",
"name": "Red Hat"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-44228",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2021-12-10T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2030932"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Apache Log4j logging library in versions from 2.0.0 and before 2.15.0. A remote attacker who can control log messages or log message parameters, can execute arbitrary code on the server via JNDI LDAP endpoint.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "log4j-core: Remote code execution in Log4j 2.x when logs contain an attacker-controlled string value",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue only affects log4j versions between 2.0 and 2.14.1. In order to exploit this flaw you need:\n- A remotely accessible endpoint with any protocol (HTTP, TCP, etc) that allows an attacker to send arbitrary data,\n- A log statement in the endpoint that logs the attacker controlled data.\n\nIn Red Hat OpenShift Logging the vulnerable log4j library is shipped in the Elasticsearch components. Because Elasticsearch is not susceptible to remote code execution with this vulnerability due to use of the Java Security Manager and because access to these components is limited, the impact by this vulnerability is reduced to Moderate.\n\nAs per upstream applications using Log4j 1.x may be impacted by this flaw if their configuration uses JNDI. However, the risk is much lower. This flaw in Log4j 1.x is tracked via https://access.redhat.com/security/cve/CVE-2021-4104 and has been rated as having Moderate security impact.\n\nCodeReady Studio version 12.21.1 was released containing a fix for this vulnerability.\n\nThe following products are NOT affected by this flaw and have been explicitly listed here for the benefit of our customers.\n- Red Hat Enterprise Linux\n- Red Hat Advanced Cluster Management for Kubernetes \n- Red Hat Advanced Cluster Security for Kubernetes\n- Red Hat Ansible Automation Platform (Engine and Tower)\n- Red Hat Certificate System\n- Red Hat Directory Server\n- Red Hat Identity Management\n- Red Hat CloudForms \n- Red Hat Update Infrastructure\n- Red Hat Satellite\n- Red Hat Ceph Storage\n- Red Hat Gluster Storage\n- Red Hat OpenShift Data Foundation\n- Red Hat OpenStack Platform\n- Red Hat Virtualization\n- Red Hat Single Sign-On\n- Red Hat 3scale API Management",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Fuse 7.8.2, 7.9.1, 7.10.1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-44228"
},
{
"category": "external",
"summary": "RHBZ#2030932",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2030932"
},
{
"category": "external",
"summary": "RHSB-2021-009",
"url": "https://access.redhat.com/security/vulnerabilities/RHSB-2021-009"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-44228",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44228"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-44228",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-44228"
},
{
"category": "external",
"summary": "https://github.com/advisories/GHSA-jfh8-c2jp-5v3q",
"url": "https://github.com/advisories/GHSA-jfh8-c2jp-5v3q"
},
{
"category": "external",
"summary": "https://logging.apache.org/log4j/2.x/security.html",
"url": "https://logging.apache.org/log4j/2.x/security.html"
},
{
"category": "external",
"summary": "https://www.lunasec.io/docs/blog/log4j-zero-day/",
"url": "https://www.lunasec.io/docs/blog/log4j-zero-day/"
},
{
"category": "external",
"summary": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog",
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
}
],
"release_date": "2021-12-10T02:01:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-01-20T09:26:34+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nInstallation instructions are available from the Fuse product documentation pages:\n\nFuse 7.8:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.8/html/installing_on_apache_karaf/apply-hotfix-patch\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.8/html/deploying_into_spring_boot/patch-red-hat-fuse-applications\n\nFuse 7.9:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.9/html/installing_on_apache_karaf/apply-hotfix-patch\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.9/html/deploying_into_spring_boot/patch-red-hat-fuse-applications\n\nFuse 7.10:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.10/html/installing_on_apache_karaf/apply-hotfix-patch\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.10/html/deploying_into_spring_boot/patch-red-hat-fuse-applications",
"product_ids": [
"Red Hat Fuse 7.8.2, 7.9.1, 7.10.1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:0203"
},
{
"category": "workaround",
"details": "For Log4j versions \u003e=2.10\nset the system property log4j2.formatMsgNoLookups or the environment variable LOG4J_FORMAT_MSG_NO_LOOKUPS to true\n\nFor Log4j versions \u003e=2.7 and \u003c=2.14.1\nall PatternLayout patterns can be modified to specify the message converter as %m{nolookups} instead of just %m\n\nFor Log4j versions \u003e=2.0-beta9 and \u003c=2.10.0\nremove the JndiLookup class from the classpath. For example: \n```\nzip -q -d log4j-core-*.jar org/apache/logging/log4j/core/lookup/JndiLookup.class\n```\n\nOn OpenShift 4 and in OpenShift Logging, the above mitigation can be applied by following the steps in this article: https://access.redhat.com/solutions/6578421\n\nOn OpenShift 3.11, mitigation to the affected Elasticsearch component can be applied by following the steps in this article: https://access.redhat.com/solutions/6578441",
"product_ids": [
"Red Hat Fuse 7.8.2, 7.9.1, 7.10.1"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat Fuse 7.8.2, 7.9.1, 7.10.1"
]
}
],
"threats": [
{
"category": "exploit_status",
"date": "2021-12-10T00:00:00+00:00",
"details": "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
},
{
"category": "impact",
"details": "Critical"
}
],
"title": "log4j-core: Remote code execution in Log4j 2.x when logs contain an attacker-controlled string value"
},
{
"cve": "CVE-2021-44832",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2021-12-28T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2035951"
}
],
"notes": [
{
"category": "description",
"text": "Apache Log4j2 versions 2.0-beta7 through 2.17.0 (excluding security fix releases 2.3.2 and 2.12.4) are vulnerable to a remote code execution (RCE) attack where an attacker with permission to modify the logging configuration file can construct a malicious configuration using a JDBC Appender with a data source referencing a JNDI URI which can execute remote code. This issue is fixed by limiting JNDI data source names to the java protocol in Log4j2 versions 2.17.1, 2.12.4, and 2.3.2.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "log4j-core: remote code execution via JDBC Appender",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Log4j 1.x is not impacted by this vulnerability. Therefore versions of log4j shipped with Red Hat Enterprise Linux are NOT affected by this flaw.\n\nFor Elasticsearch, as shipped in OpenShift Container Platform and OpenShift Logging, access to the log4j2.properties configuration is limited only to the cluster administrators and exploitation requires cluster logging changes, what reduced the impact of this vulnerability significantly [0].\n\n[0] https://discuss.elastic.co/t/apache-log4j2-remote-code-execution-rce-vulnerability-cve-2021-44228-esa-2021-31/291476#update-jan-6-5",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Fuse 7.8.2, 7.9.1, 7.10.1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-44832"
},
{
"category": "external",
"summary": "RHBZ#2035951",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2035951"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-44832",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44832"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-44832",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-44832"
},
{
"category": "external",
"summary": "https://issues.apache.org/jira/browse/LOG4J2-3293",
"url": "https://issues.apache.org/jira/browse/LOG4J2-3293"
}
],
"release_date": "2021-12-28T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-01-20T09:26:34+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nInstallation instructions are available from the Fuse product documentation pages:\n\nFuse 7.8:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.8/html/installing_on_apache_karaf/apply-hotfix-patch\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.8/html/deploying_into_spring_boot/patch-red-hat-fuse-applications\n\nFuse 7.9:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.9/html/installing_on_apache_karaf/apply-hotfix-patch\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.9/html/deploying_into_spring_boot/patch-red-hat-fuse-applications\n\nFuse 7.10:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.10/html/installing_on_apache_karaf/apply-hotfix-patch\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.10/html/deploying_into_spring_boot/patch-red-hat-fuse-applications",
"product_ids": [
"Red Hat Fuse 7.8.2, 7.9.1, 7.10.1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:0203"
},
{
"category": "workaround",
"details": "As per upstream:\n- In prior releases confirm that if the JDBC Appender is being used it is not configured to use any protocol other than Java.\n- Note that only the log4j-core JAR file is impacted by this vulnerability. Applications using only the log4j-api JAR file without the log4j-core JAR file are not impacted by this vulnerability.",
"product_ids": [
"Red Hat Fuse 7.8.2, 7.9.1, 7.10.1"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat Fuse 7.8.2, 7.9.1, 7.10.1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "log4j-core: remote code execution via JDBC Appender"
},
{
"cve": "CVE-2021-45046",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2021-12-14T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2032580"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Apache Log4j logging library in versions from 2.0.0 and before 2.16.0. A remote attacker with control over Thread Context Map (MDC) input data could craft malicious input using a JNDI Lookup pattern resulting in remote code execution (RCE) in a limited number of environments.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "log4j-core: DoS in log4j 2.x with thread context message pattern and context lookup pattern (incomplete fix for CVE-2021-44228)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Although we have matched Apache\u0027s CVSS score, with the exception of the scope metric which will remain unaltered at \"unchanged\"; as we believe code execution would be at the permission levels of the running JVM and not exceeding that of the original CVE-2021-44228 flaw.\n \nWe have given this vulnerability an impact rating of Moderate, this is because of the unlikely nature of log4j lookup mapping values being derived from attacker controlled values. This is not the default configuration for end-applications using log4j 2.x and would require explicit action from a privileged user (a developer or administrator) to access the vulnerability. \nIn certain non-default configurations, it was found that the fix to address CVE-2021-44228 in Apache Log4j 2.15.0 was insufficient.\n\nThis issue affects the log4j version between 2.0 and 2.15. Log4j 1.x is NOT impacted by this vulnerability. \n\nPrerequisites to exploit this flaw are :\n\n- A remotely accessible endpoint with any protocol (HTTP, TCP, etc) that allows an attacker to send arbitrary data,\n- A log statement in the endpoint that logs the attacker controlled data.\n- Log4j configuration file should be explicitly configured to use a non-default Pattern Layout with a Context Lookup eg. ($${ctx:loginId}) \n\nIn most cases, the mitigation suggested for CVE-2021-44228 (i.e. to set the system property `log4j2.noFormatMsgLookup` to `true) does NOT mitigate this specific vulnerability. \nLog4j 2.16.0 fixes this issue by removing support for message lookup patterns and disabling JNDI functionality by default.\n\nFor Elasticsearch, as shipped in OpenShift 3.11, the \"log4j2.formatMsgNoLookups=true\" system property mitigation is sufficient as there are no included non-standard configurations that allow for exploitation:\n\nhttps://github.com/openshift/openshift-ansible/blob/release-3.11/roles/openshift_logging_elasticsearch/templates/log4j2.properties.j2\n\nhttps://discuss.elastic.co/t/apache-log4j2-remote-code-execution-rce-vulnerability-cve-2021-44228-esa-2021-31/291476\n\nFor CodeReady Studio the fix for this flaw is available on CodeReady Studio 12.21.3 and above versions.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Fuse 7.8.2, 7.9.1, 7.10.1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-45046"
},
{
"category": "external",
"summary": "RHBZ#2032580",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2032580"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-45046",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-45046"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-45046",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-45046"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2021-44228",
"url": "https://access.redhat.com/security/cve/CVE-2021-44228"
},
{
"category": "external",
"summary": "https://logging.apache.org/log4j/2.x/security.html",
"url": "https://logging.apache.org/log4j/2.x/security.html"
},
{
"category": "external",
"summary": "https://www.openwall.com/lists/oss-security/2021/12/14/4",
"url": "https://www.openwall.com/lists/oss-security/2021/12/14/4"
},
{
"category": "external",
"summary": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog",
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
}
],
"release_date": "2021-12-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-01-20T09:26:34+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nInstallation instructions are available from the Fuse product documentation pages:\n\nFuse 7.8:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.8/html/installing_on_apache_karaf/apply-hotfix-patch\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.8/html/deploying_into_spring_boot/patch-red-hat-fuse-applications\n\nFuse 7.9:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.9/html/installing_on_apache_karaf/apply-hotfix-patch\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.9/html/deploying_into_spring_boot/patch-red-hat-fuse-applications\n\nFuse 7.10:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.10/html/installing_on_apache_karaf/apply-hotfix-patch\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.10/html/deploying_into_spring_boot/patch-red-hat-fuse-applications",
"product_ids": [
"Red Hat Fuse 7.8.2, 7.9.1, 7.10.1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:0203"
},
{
"category": "workaround",
"details": "For Log4j versions up to and including 2.15.0, this issue can be mitigated by removing the JndiLookup class from the classpath (example: zip -q -d log4j-core-*.jar org/apache/logging/log4j/core/lookup/JndiLookup.class).",
"product_ids": [
"Red Hat Fuse 7.8.2, 7.9.1, 7.10.1"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat Fuse 7.8.2, 7.9.1, 7.10.1"
]
}
],
"threats": [
{
"category": "exploit_status",
"date": "2023-05-01T00:00:00+00:00",
"details": "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
},
{
"category": "impact",
"details": "Moderate"
}
],
"title": "log4j-core: DoS in log4j 2.x with thread context message pattern and context lookup pattern (incomplete fix for CVE-2021-44228)"
},
{
"cve": "CVE-2021-45105",
"cwe": {
"id": "CWE-674",
"name": "Uncontrolled Recursion"
},
"discovery_date": "2021-12-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2034067"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Apache Log4j logging library 2.x. when the logging configuration uses a non-default Pattern Layout with a Context Lookup. Attackers with control over Thread Context Map (MDC) input data can craft malicious input data that contains a recursive lookup and can cause Denial of Service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "log4j-core: DoS in log4j 2.x with Thread Context Map (MDC) input data contains a recursive lookup and context lookup pattern",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Product Security has performed an analysis of this flaw and has classified the Attack Complexity(AC) as High because there are multiple factors involved which are beyond attacker\u0027s control:\n\n- The application has to use the logging configuration using a Context Map Lookup (for example, $${ctx:loginId}) which is a non-default Pattern Layout.\n- The application developer has to use the map org.apache.logging.log4j.ThreadContext in the application code and save at-least one key (for example, ThreadContext.put(\"loginId\", \"myId\");) in the ThreadContext map object.\n- Attackers must also know this saved key name in order to exploit this flaw.\n\nNote that saving keys in this map is a non-essential usage of log4j and just an optional feature provided. Refer to https://logging.apache.org/log4j/2.x/manual/lookups.html#ContextMapLookup to know more about the Context Map Lookup feature of Log4j.\n\nLog4j 1.x is not impacted by this vulnerability. Note that only the log4j-core JAR file is impacted by this vulnerability. Applications using ONLY the log4j-api JAR file without the log4j-core JAR file are NOT impacted by this vulnerability.\n\n\nDespite including a vulnerable version of Log4j 2.x, this vulnerability is not exploitable in Elasticsearch[0], as shipped in OpenShift Container Platform and OpenShift Logging. OpenShift 3.11 specifically does not contain any context lookups:\n\nhttps://github.com/openshift/openshift-ansible/blob/release-3.11/roles/openshift_logging_elasticsearch/templates/log4j2.properties.j2\n\nThis vulnerability is therefore rated Low for Elasticsearch in OpenShift Container Platform and OpenShift Logging.\n\n[0] https://discuss.elastic.co/t/apache-log4j2-remote-code-execution-rce-vulnerability-cve-2021-44228-esa-2021-31/291476#update-december-18-4",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Fuse 7.8.2, 7.9.1, 7.10.1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-45105"
},
{
"category": "external",
"summary": "RHBZ#2034067",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2034067"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-45105",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-45105"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-45105",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-45105"
},
{
"category": "external",
"summary": "https://issues.apache.org/jira/browse/LOG4J2-3230",
"url": "https://issues.apache.org/jira/browse/LOG4J2-3230"
},
{
"category": "external",
"summary": "https://logging.apache.org/log4j/2.x/security.html",
"url": "https://logging.apache.org/log4j/2.x/security.html"
},
{
"category": "external",
"summary": "https://www.openwall.com/lists/oss-security/2021/12/19/1",
"url": "https://www.openwall.com/lists/oss-security/2021/12/19/1"
}
],
"release_date": "2021-12-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-01-20T09:26:34+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nInstallation instructions are available from the Fuse product documentation pages:\n\nFuse 7.8:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.8/html/installing_on_apache_karaf/apply-hotfix-patch\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.8/html/deploying_into_spring_boot/patch-red-hat-fuse-applications\n\nFuse 7.9:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.9/html/installing_on_apache_karaf/apply-hotfix-patch\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.9/html/deploying_into_spring_boot/patch-red-hat-fuse-applications\n\nFuse 7.10:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.10/html/installing_on_apache_karaf/apply-hotfix-patch\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.10/html/deploying_into_spring_boot/patch-red-hat-fuse-applications",
"product_ids": [
"Red Hat Fuse 7.8.2, 7.9.1, 7.10.1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:0203"
},
{
"category": "workaround",
"details": "For Log4j 2 versions up to and including 2.16.0, this flaw can be mitigated by:\n- In PatternLayout in the Log4j logging configuration, replace Context Lookups like ${ctx:loginId} or $${ctx:loginId} with Thread Context Map patterns (%X, %mdc, or %MDC) like %X{loginId}.\n- Otherwise, in the Log4j logging configuration, remove references to Context Lookups like ${ctx:loginId} or $${ctx:loginId} where they originate from sources external to the application such as HTTP headers or user input.",
"product_ids": [
"Red Hat Fuse 7.8.2, 7.9.1, 7.10.1"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Fuse 7.8.2, 7.9.1, 7.10.1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "log4j-core: DoS in log4j 2.x with Thread Context Map (MDC) input data contains a recursive lookup and context lookup pattern"
}
]
}
RHSA-2022:0223
Vulnerability from csaf_redhat - Published: 2022-01-20 18:55 - Updated: 2025-11-21 18:28Summary
Red Hat Security Advisory: Red Hat Integration Camel-K 1.6.3 release and security update
Notes
Topic
A minor version update (from 1.6.2 to 1.6.3) is now available for Red Hat Integration Camel K that includes bug fixes. The purpose of this text-only errata is to inform you about the security issues fixed in this release.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
A minor version update (from 1.6.2 to 1.6.3) is now available for Red Hat Camel K that includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References.
Security Fix(es):
* log4j-core: remote code execution via JDBC Appender (CVE-2021-44832)
* log4j-core: DoS in log4j 2.x with thread context message pattern and context lookup pattern (incomplete fix for CVE-2021-44228) (CVE-2021-45046)
* log4j-core: DoS in log4j 2.x with Thread Context Map (MDC) input data contains a recursive lookup and context lookup pattern (CVE-2021-45105)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "A minor version update (from 1.6.2 to 1.6.3) is now available for Red Hat Integration Camel K that includes bug fixes. The purpose of this text-only errata is to inform you about the security issues fixed in this release.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "A minor version update (from 1.6.2 to 1.6.3) is now available for Red Hat Camel K that includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References.\n\nSecurity Fix(es):\n\n* log4j-core: remote code execution via JDBC Appender (CVE-2021-44832)\n\n* log4j-core: DoS in log4j 2.x with thread context message pattern and context lookup pattern (incomplete fix for CVE-2021-44228) (CVE-2021-45046)\n\n* log4j-core: DoS in log4j 2.x with Thread Context Map (MDC) input data contains a recursive lookup and context lookup pattern (CVE-2021-45105)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2022:0223",
"url": "https://access.redhat.com/errata/RHSA-2022:0223"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=distributions\u0026product=red.hat.integration\u0026version=2022-Q1",
"url": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=distributions\u0026product=red.hat.integration\u0026version=2022-Q1"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_integration/2022.q1",
"url": "https://access.redhat.com/documentation/en-us/red_hat_integration/2022.q1"
},
{
"category": "external",
"summary": "2032580",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2032580"
},
{
"category": "external",
"summary": "2034067",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2034067"
},
{
"category": "external",
"summary": "2035951",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2035951"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2022/rhsa-2022_0223.json"
}
],
"title": "Red Hat Security Advisory: Red Hat Integration Camel-K 1.6.3 release and security update",
"tracking": {
"current_release_date": "2025-11-21T18:28:02+00:00",
"generator": {
"date": "2025-11-21T18:28:02+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.12"
}
},
"id": "RHSA-2022:0223",
"initial_release_date": "2022-01-20T18:55:14+00:00",
"revision_history": [
{
"date": "2022-01-20T18:55:14+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2022-01-20T18:55:14+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-11-21T18:28:02+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Integration Camel-K 1.6.3",
"product": {
"name": "Red Hat Integration Camel-K 1.6.3",
"product_id": "Red Hat Integration Camel-K 1.6.3",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:integration:1"
}
}
}
],
"category": "product_family",
"name": "Red Hat Integration"
}
],
"category": "vendor",
"name": "Red Hat"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-44832",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2021-12-28T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2035951"
}
],
"notes": [
{
"category": "description",
"text": "Apache Log4j2 versions 2.0-beta7 through 2.17.0 (excluding security fix releases 2.3.2 and 2.12.4) are vulnerable to a remote code execution (RCE) attack where an attacker with permission to modify the logging configuration file can construct a malicious configuration using a JDBC Appender with a data source referencing a JNDI URI which can execute remote code. This issue is fixed by limiting JNDI data source names to the java protocol in Log4j2 versions 2.17.1, 2.12.4, and 2.3.2.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "log4j-core: remote code execution via JDBC Appender",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Log4j 1.x is not impacted by this vulnerability. Therefore versions of log4j shipped with Red Hat Enterprise Linux are NOT affected by this flaw.\n\nFor Elasticsearch, as shipped in OpenShift Container Platform and OpenShift Logging, access to the log4j2.properties configuration is limited only to the cluster administrators and exploitation requires cluster logging changes, what reduced the impact of this vulnerability significantly [0].\n\n[0] https://discuss.elastic.co/t/apache-log4j2-remote-code-execution-rce-vulnerability-cve-2021-44228-esa-2021-31/291476#update-jan-6-5",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Integration Camel-K 1.6.3"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-44832"
},
{
"category": "external",
"summary": "RHBZ#2035951",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2035951"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-44832",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44832"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-44832",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-44832"
},
{
"category": "external",
"summary": "https://issues.apache.org/jira/browse/LOG4J2-3293",
"url": "https://issues.apache.org/jira/browse/LOG4J2-3293"
}
],
"release_date": "2021-12-28T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-01-20T18:55:14+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat Integration Camel-K 1.6.3"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:0223"
},
{
"category": "workaround",
"details": "As per upstream:\n- In prior releases confirm that if the JDBC Appender is being used it is not configured to use any protocol other than Java.\n- Note that only the log4j-core JAR file is impacted by this vulnerability. Applications using only the log4j-api JAR file without the log4j-core JAR file are not impacted by this vulnerability.",
"product_ids": [
"Red Hat Integration Camel-K 1.6.3"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat Integration Camel-K 1.6.3"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "log4j-core: remote code execution via JDBC Appender"
},
{
"cve": "CVE-2021-45046",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2021-12-14T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2032580"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Apache Log4j logging library in versions from 2.0.0 and before 2.16.0. A remote attacker with control over Thread Context Map (MDC) input data could craft malicious input using a JNDI Lookup pattern resulting in remote code execution (RCE) in a limited number of environments.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "log4j-core: DoS in log4j 2.x with thread context message pattern and context lookup pattern (incomplete fix for CVE-2021-44228)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Although we have matched Apache\u0027s CVSS score, with the exception of the scope metric which will remain unaltered at \"unchanged\"; as we believe code execution would be at the permission levels of the running JVM and not exceeding that of the original CVE-2021-44228 flaw.\n \nWe have given this vulnerability an impact rating of Moderate, this is because of the unlikely nature of log4j lookup mapping values being derived from attacker controlled values. This is not the default configuration for end-applications using log4j 2.x and would require explicit action from a privileged user (a developer or administrator) to access the vulnerability. \nIn certain non-default configurations, it was found that the fix to address CVE-2021-44228 in Apache Log4j 2.15.0 was insufficient.\n\nThis issue affects the log4j version between 2.0 and 2.15. Log4j 1.x is NOT impacted by this vulnerability. \n\nPrerequisites to exploit this flaw are :\n\n- A remotely accessible endpoint with any protocol (HTTP, TCP, etc) that allows an attacker to send arbitrary data,\n- A log statement in the endpoint that logs the attacker controlled data.\n- Log4j configuration file should be explicitly configured to use a non-default Pattern Layout with a Context Lookup eg. ($${ctx:loginId}) \n\nIn most cases, the mitigation suggested for CVE-2021-44228 (i.e. to set the system property `log4j2.noFormatMsgLookup` to `true) does NOT mitigate this specific vulnerability. \nLog4j 2.16.0 fixes this issue by removing support for message lookup patterns and disabling JNDI functionality by default.\n\nFor Elasticsearch, as shipped in OpenShift 3.11, the \"log4j2.formatMsgNoLookups=true\" system property mitigation is sufficient as there are no included non-standard configurations that allow for exploitation:\n\nhttps://github.com/openshift/openshift-ansible/blob/release-3.11/roles/openshift_logging_elasticsearch/templates/log4j2.properties.j2\n\nhttps://discuss.elastic.co/t/apache-log4j2-remote-code-execution-rce-vulnerability-cve-2021-44228-esa-2021-31/291476\n\nFor CodeReady Studio the fix for this flaw is available on CodeReady Studio 12.21.3 and above versions.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Integration Camel-K 1.6.3"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-45046"
},
{
"category": "external",
"summary": "RHBZ#2032580",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2032580"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-45046",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-45046"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-45046",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-45046"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2021-44228",
"url": "https://access.redhat.com/security/cve/CVE-2021-44228"
},
{
"category": "external",
"summary": "https://logging.apache.org/log4j/2.x/security.html",
"url": "https://logging.apache.org/log4j/2.x/security.html"
},
{
"category": "external",
"summary": "https://www.openwall.com/lists/oss-security/2021/12/14/4",
"url": "https://www.openwall.com/lists/oss-security/2021/12/14/4"
},
{
"category": "external",
"summary": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog",
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
}
],
"release_date": "2021-12-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-01-20T18:55:14+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat Integration Camel-K 1.6.3"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:0223"
},
{
"category": "workaround",
"details": "For Log4j versions up to and including 2.15.0, this issue can be mitigated by removing the JndiLookup class from the classpath (example: zip -q -d log4j-core-*.jar org/apache/logging/log4j/core/lookup/JndiLookup.class).",
"product_ids": [
"Red Hat Integration Camel-K 1.6.3"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat Integration Camel-K 1.6.3"
]
}
],
"threats": [
{
"category": "exploit_status",
"date": "2023-05-01T00:00:00+00:00",
"details": "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
},
{
"category": "impact",
"details": "Moderate"
}
],
"title": "log4j-core: DoS in log4j 2.x with thread context message pattern and context lookup pattern (incomplete fix for CVE-2021-44228)"
},
{
"cve": "CVE-2021-45105",
"cwe": {
"id": "CWE-674",
"name": "Uncontrolled Recursion"
},
"discovery_date": "2021-12-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2034067"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Apache Log4j logging library 2.x. when the logging configuration uses a non-default Pattern Layout with a Context Lookup. Attackers with control over Thread Context Map (MDC) input data can craft malicious input data that contains a recursive lookup and can cause Denial of Service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "log4j-core: DoS in log4j 2.x with Thread Context Map (MDC) input data contains a recursive lookup and context lookup pattern",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Product Security has performed an analysis of this flaw and has classified the Attack Complexity(AC) as High because there are multiple factors involved which are beyond attacker\u0027s control:\n\n- The application has to use the logging configuration using a Context Map Lookup (for example, $${ctx:loginId}) which is a non-default Pattern Layout.\n- The application developer has to use the map org.apache.logging.log4j.ThreadContext in the application code and save at-least one key (for example, ThreadContext.put(\"loginId\", \"myId\");) in the ThreadContext map object.\n- Attackers must also know this saved key name in order to exploit this flaw.\n\nNote that saving keys in this map is a non-essential usage of log4j and just an optional feature provided. Refer to https://logging.apache.org/log4j/2.x/manual/lookups.html#ContextMapLookup to know more about the Context Map Lookup feature of Log4j.\n\nLog4j 1.x is not impacted by this vulnerability. Note that only the log4j-core JAR file is impacted by this vulnerability. Applications using ONLY the log4j-api JAR file without the log4j-core JAR file are NOT impacted by this vulnerability.\n\n\nDespite including a vulnerable version of Log4j 2.x, this vulnerability is not exploitable in Elasticsearch[0], as shipped in OpenShift Container Platform and OpenShift Logging. OpenShift 3.11 specifically does not contain any context lookups:\n\nhttps://github.com/openshift/openshift-ansible/blob/release-3.11/roles/openshift_logging_elasticsearch/templates/log4j2.properties.j2\n\nThis vulnerability is therefore rated Low for Elasticsearch in OpenShift Container Platform and OpenShift Logging.\n\n[0] https://discuss.elastic.co/t/apache-log4j2-remote-code-execution-rce-vulnerability-cve-2021-44228-esa-2021-31/291476#update-december-18-4",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Integration Camel-K 1.6.3"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-45105"
},
{
"category": "external",
"summary": "RHBZ#2034067",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2034067"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-45105",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-45105"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-45105",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-45105"
},
{
"category": "external",
"summary": "https://issues.apache.org/jira/browse/LOG4J2-3230",
"url": "https://issues.apache.org/jira/browse/LOG4J2-3230"
},
{
"category": "external",
"summary": "https://logging.apache.org/log4j/2.x/security.html",
"url": "https://logging.apache.org/log4j/2.x/security.html"
},
{
"category": "external",
"summary": "https://www.openwall.com/lists/oss-security/2021/12/19/1",
"url": "https://www.openwall.com/lists/oss-security/2021/12/19/1"
}
],
"release_date": "2021-12-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-01-20T18:55:14+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat Integration Camel-K 1.6.3"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:0223"
},
{
"category": "workaround",
"details": "For Log4j 2 versions up to and including 2.16.0, this flaw can be mitigated by:\n- In PatternLayout in the Log4j logging configuration, replace Context Lookups like ${ctx:loginId} or $${ctx:loginId} with Thread Context Map patterns (%X, %mdc, or %MDC) like %X{loginId}.\n- Otherwise, in the Log4j logging configuration, remove references to Context Lookups like ${ctx:loginId} or $${ctx:loginId} where they originate from sources external to the application such as HTTP headers or user input.",
"product_ids": [
"Red Hat Integration Camel-K 1.6.3"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Integration Camel-K 1.6.3"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "log4j-core: DoS in log4j 2.x with Thread Context Map (MDC) input data contains a recursive lookup and context lookup pattern"
}
]
}
RHSA-2022:1296
Vulnerability from csaf_redhat - Published: 2022-04-11 12:59 - Updated: 2025-11-21 18:29Summary
Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.4.4 security update
Notes
Topic
A security update is now available for Red Hat JBoss Enterprise Application Platform 7.4 for Red Hat Enterprise Linux 7.
Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime.
This release of Red Hat JBoss Enterprise Application Platform 7.4.4 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.4.3 and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.4.4 Release Notes for information about the most significant bug fixes and enhancements included in this release.
Security Fix(es):
* log4j: SQL injection in Log4j 1.x when application is configured to use JDBCAppender (CVE-2022-23305)
* log4j: Unsafe deserialization flaw in Chainsaw log viewer (CVE-2022-23307)
* log4j: Remote code execution in Log4j 1.x when application is configured to use JMSAppender (CVE-2021-4104)
* log4j-core: remote code execution via JDBC Appender (CVE-2021-44832)
* log4j-core: DoS in log4j 2.x with thread context message pattern and context lookup pattern (incomplete fix for CVE-2021-44228) (CVE-2021-45046)
* log4j-core: DoS in log4j 2.x with Thread Context Map (MDC) input data contains a recursive lookup and context lookup pattern (CVE-2021-45105)
* log4j: Remote code execution in Log4j 1.x when application is configured to use JMSSink (CVE-2022-23302)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Low"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "A security update is now available for Red Hat JBoss Enterprise Application Platform 7.4 for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime.\n\nThis release of Red Hat JBoss Enterprise Application Platform 7.4.4 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.4.3 and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.4.4 Release Notes for information about the most significant bug fixes and enhancements included in this release.\n\nSecurity Fix(es):\n\n* log4j: SQL injection in Log4j 1.x when application is configured to use JDBCAppender (CVE-2022-23305)\n\n* log4j: Unsafe deserialization flaw in Chainsaw log viewer (CVE-2022-23307)\n\n* log4j: Remote code execution in Log4j 1.x when application is configured to use JMSAppender (CVE-2021-4104)\n\n* log4j-core: remote code execution via JDBC Appender (CVE-2021-44832)\n\n* log4j-core: DoS in log4j 2.x with thread context message pattern and context lookup pattern (incomplete fix for CVE-2021-44228) (CVE-2021-45046)\n\n* log4j-core: DoS in log4j 2.x with Thread Context Map (MDC) input data contains a recursive lookup and context lookup pattern (CVE-2021-45105)\n\n* log4j: Remote code execution in Log4j 1.x when application is configured to use JMSSink (CVE-2022-23302)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2022:1296",
"url": "https://access.redhat.com/errata/RHSA-2022:1296"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#low",
"url": "https://access.redhat.com/security/updates/classification/#low"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.4/",
"url": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.4/"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.4/html-single/installation_guide/",
"url": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.4/html-single/installation_guide/"
},
{
"category": "external",
"summary": "2031667",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2031667"
},
{
"category": "external",
"summary": "2032580",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2032580"
},
{
"category": "external",
"summary": "2034067",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2034067"
},
{
"category": "external",
"summary": "2035951",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2035951"
},
{
"category": "external",
"summary": "2041949",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2041949"
},
{
"category": "external",
"summary": "2041959",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2041959"
},
{
"category": "external",
"summary": "2041967",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2041967"
},
{
"category": "external",
"summary": "JBEAP-22105",
"url": "https://issues.redhat.com/browse/JBEAP-22105"
},
{
"category": "external",
"summary": "JBEAP-22385",
"url": "https://issues.redhat.com/browse/JBEAP-22385"
},
{
"category": "external",
"summary": "JBEAP-22731",
"url": "https://issues.redhat.com/browse/JBEAP-22731"
},
{
"category": "external",
"summary": "JBEAP-22738",
"url": "https://issues.redhat.com/browse/JBEAP-22738"
},
{
"category": "external",
"summary": "JBEAP-22819",
"url": "https://issues.redhat.com/browse/JBEAP-22819"
},
{
"category": "external",
"summary": "JBEAP-22839",
"url": "https://issues.redhat.com/browse/JBEAP-22839"
},
{
"category": "external",
"summary": "JBEAP-22864",
"url": "https://issues.redhat.com/browse/JBEAP-22864"
},
{
"category": "external",
"summary": "JBEAP-22899",
"url": "https://issues.redhat.com/browse/JBEAP-22899"
},
{
"category": "external",
"summary": "JBEAP-22904",
"url": "https://issues.redhat.com/browse/JBEAP-22904"
},
{
"category": "external",
"summary": "JBEAP-22911",
"url": "https://issues.redhat.com/browse/JBEAP-22911"
},
{
"category": "external",
"summary": "JBEAP-22912",
"url": "https://issues.redhat.com/browse/JBEAP-22912"
},
{
"category": "external",
"summary": "JBEAP-22913",
"url": "https://issues.redhat.com/browse/JBEAP-22913"
},
{
"category": "external",
"summary": "JBEAP-22935",
"url": "https://issues.redhat.com/browse/JBEAP-22935"
},
{
"category": "external",
"summary": "JBEAP-22945",
"url": "https://issues.redhat.com/browse/JBEAP-22945"
},
{
"category": "external",
"summary": "JBEAP-22973",
"url": "https://issues.redhat.com/browse/JBEAP-22973"
},
{
"category": "external",
"summary": "JBEAP-23038",
"url": "https://issues.redhat.com/browse/JBEAP-23038"
},
{
"category": "external",
"summary": "JBEAP-23040",
"url": "https://issues.redhat.com/browse/JBEAP-23040"
},
{
"category": "external",
"summary": "JBEAP-23045",
"url": "https://issues.redhat.com/browse/JBEAP-23045"
},
{
"category": "external",
"summary": "JBEAP-23101",
"url": "https://issues.redhat.com/browse/JBEAP-23101"
},
{
"category": "external",
"summary": "JBEAP-23105",
"url": "https://issues.redhat.com/browse/JBEAP-23105"
},
{
"category": "external",
"summary": "JBEAP-23143",
"url": "https://issues.redhat.com/browse/JBEAP-23143"
},
{
"category": "external",
"summary": "JBEAP-23177",
"url": "https://issues.redhat.com/browse/JBEAP-23177"
},
{
"category": "external",
"summary": "JBEAP-23323",
"url": "https://issues.redhat.com/browse/JBEAP-23323"
},
{
"category": "external",
"summary": "JBEAP-23373",
"url": "https://issues.redhat.com/browse/JBEAP-23373"
},
{
"category": "external",
"summary": "JBEAP-23374",
"url": "https://issues.redhat.com/browse/JBEAP-23374"
},
{
"category": "external",
"summary": "JBEAP-23375",
"url": "https://issues.redhat.com/browse/JBEAP-23375"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2022/rhsa-2022_1296.json"
}
],
"title": "Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.4.4 security update",
"tracking": {
"current_release_date": "2025-11-21T18:29:49+00:00",
"generator": {
"date": "2025-11-21T18:29:49+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.12"
}
},
"id": "RHSA-2022:1296",
"initial_release_date": "2022-04-11T12:59:41+00:00",
"revision_history": [
{
"date": "2022-04-11T12:59:41+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2022-04-11T12:59:41+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-11-21T18:29:49+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product": {
"name": "Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el7"
}
}
}
],
"category": "product_family",
"name": "Red Hat JBoss Enterprise Application Platform"
},
{
"branches": [
{
"category": "product_version",
"name": "eap7-jboss-xnio-base-0:3.8.6-1.Final_redhat_00001.1.el7eap.src",
"product": {
"name": "eap7-jboss-xnio-base-0:3.8.6-1.Final_redhat_00001.1.el7eap.src",
"product_id": "eap7-jboss-xnio-base-0:3.8.6-1.Final_redhat_00001.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-xnio-base@3.8.6-1.Final_redhat_00001.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-xom-0:1.3.7-1.redhat_00001.1.el7eap.src",
"product": {
"name": "eap7-xom-0:1.3.7-1.redhat_00001.1.el7eap.src",
"product_id": "eap7-xom-0:1.3.7-1.redhat_00001.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-xom@1.3.7-1.redhat_00001.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-hal-console-0:3.3.9-1.Final_redhat_00001.1.el7eap.src",
"product": {
"name": "eap7-hal-console-0:3.3.9-1.Final_redhat_00001.1.el7eap.src",
"product_id": "eap7-hal-console-0:3.3.9-1.Final_redhat_00001.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hal-console@3.3.9-1.Final_redhat_00001.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-undertow-0:2.2.16-1.Final_redhat_00001.1.el7eap.src",
"product": {
"name": "eap7-undertow-0:2.2.16-1.Final_redhat_00001.1.el7eap.src",
"product_id": "eap7-undertow-0:2.2.16-1.Final_redhat_00001.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-undertow@2.2.16-1.Final_redhat_00001.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-0:5.3.25-1.Final_redhat_00002.1.el7eap.src",
"product": {
"name": "eap7-hibernate-0:5.3.25-1.Final_redhat_00002.1.el7eap.src",
"product_id": "eap7-hibernate-0:5.3.25-1.Final_redhat_00002.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate@5.3.25-1.Final_redhat_00002.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-narayana-0:5.11.4-1.Final_redhat_00001.1.el7eap.src",
"product": {
"name": "eap7-narayana-0:5.11.4-1.Final_redhat_00001.1.el7eap.src",
"product_id": "eap7-narayana-0:5.11.4-1.Final_redhat_00001.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-narayana@5.11.4-1.Final_redhat_00001.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-0:2.16.0-7.redhat_00034.1.el7eap.src",
"product": {
"name": "eap7-activemq-artemis-0:2.16.0-7.redhat_00034.1.el7eap.src",
"product_id": "eap7-activemq-artemis-0:2.16.0-7.redhat_00034.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis@2.16.0-7.redhat_00034.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-elytron-0:1.15.11-1.Final_redhat_00002.1.el7eap.src",
"product": {
"name": "eap7-wildfly-elytron-0:1.15.11-1.Final_redhat_00002.1.el7eap.src",
"product_id": "eap7-wildfly-elytron-0:1.15.11-1.Final_redhat_00002.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-elytron@1.15.11-1.Final_redhat_00002.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-infinispan-0:11.0.15-1.Final_redhat_00001.1.el7eap.src",
"product": {
"name": "eap7-infinispan-0:11.0.15-1.Final_redhat_00001.1.el7eap.src",
"product_id": "eap7-infinispan-0:11.0.15-1.Final_redhat_00001.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-infinispan@11.0.15-1.Final_redhat_00001.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-objectweb-asm-0:9.1.0-1.redhat_00002.1.el7eap.src",
"product": {
"name": "eap7-objectweb-asm-0:9.1.0-1.redhat_00002.1.el7eap.src",
"product_id": "eap7-objectweb-asm-0:9.1.0-1.redhat_00002.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-objectweb-asm@9.1.0-1.redhat_00002.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-vfs-0:3.2.16-1.Final_redhat_00001.1.el7eap.src",
"product": {
"name": "eap7-jboss-vfs-0:3.2.16-1.Final_redhat_00001.1.el7eap.src",
"product_id": "eap7-jboss-vfs-0:3.2.16-1.Final_redhat_00001.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-vfs@3.2.16-1.Final_redhat_00001.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-log4j-0:2.17.1-1.redhat_00001.1.el7eap.src",
"product": {
"name": "eap7-log4j-0:2.17.1-1.redhat_00001.1.el7eap.src",
"product_id": "eap7-log4j-0:2.17.1-1.redhat_00001.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-log4j@2.17.1-1.redhat_00001.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-yasson-0:1.0.10-1.redhat_00001.1.el7eap.src",
"product": {
"name": "eap7-yasson-0:1.0.10-1.redhat_00001.1.el7eap.src",
"product_id": "eap7-yasson-0:1.0.10-1.redhat_00001.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-yasson@1.0.10-1.redhat_00001.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-ecj-1:3.26.0-1.redhat_00002.1.el7eap.src",
"product": {
"name": "eap7-ecj-1:3.26.0-1.redhat_00002.1.el7eap.src",
"product_id": "eap7-ecj-1:3.26.0-1.redhat_00002.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ecj@3.26.0-1.redhat_00002.1.el7eap?arch=src\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "eap7-jbossws-cxf-0:5.4.4-1.Final_redhat_00001.1.el7eap.src",
"product": {
"name": "eap7-jbossws-cxf-0:5.4.4-1.Final_redhat_00001.1.el7eap.src",
"product_id": "eap7-jbossws-cxf-0:5.4.4-1.Final_redhat_00001.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jbossws-cxf@5.4.4-1.Final_redhat_00001.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-openssl-el7-x86_64-0:2.2.0-2.Final_redhat_00002.1.el7eap.src",
"product": {
"name": "eap7-wildfly-openssl-el7-x86_64-0:2.2.0-2.Final_redhat_00002.1.el7eap.src",
"product_id": "eap7-wildfly-openssl-el7-x86_64-0:2.2.0-2.Final_redhat_00002.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-openssl-el7-x86_64@2.2.0-2.Final_redhat_00002.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-openssl-0:2.2.0-3.Final_redhat_00002.1.el7eap.src",
"product": {
"name": "eap7-wildfly-openssl-0:2.2.0-3.Final_redhat_00002.1.el7eap.src",
"product_id": "eap7-wildfly-openssl-0:2.2.0-3.Final_redhat_00002.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-openssl@2.2.0-3.Final_redhat_00002.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-0:1.10.0-15.Final_redhat_00014.1.el7eap.src",
"product": {
"name": "eap7-jboss-server-migration-0:1.10.0-15.Final_redhat_00014.1.el7eap.src",
"product_id": "eap7-jboss-server-migration-0:1.10.0-15.Final_redhat_00014.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration@1.10.0-15.Final_redhat_00014.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-0:7.4.4-3.GA_redhat_00011.1.el7eap.src",
"product": {
"name": "eap7-wildfly-0:7.4.4-3.GA_redhat_00011.1.el7eap.src",
"product_id": "eap7-wildfly-0:7.4.4-3.GA_redhat_00011.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly@7.4.4-3.GA_redhat_00011.1.el7eap?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "eap7-jboss-xnio-base-0:3.8.6-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-jboss-xnio-base-0:3.8.6-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-jboss-xnio-base-0:3.8.6-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-xnio-base@3.8.6-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-xom-0:1.3.7-1.redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-xom-0:1.3.7-1.redhat_00001.1.el7eap.noarch",
"product_id": "eap7-xom-0:1.3.7-1.redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-xom@1.3.7-1.redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-hal-console-0:3.3.9-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-hal-console-0:3.3.9-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-hal-console-0:3.3.9-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hal-console@3.3.9-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-undertow-0:2.2.16-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-undertow-0:2.2.16-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-undertow-0:2.2.16-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-undertow@2.2.16-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-0:5.3.25-1.Final_redhat_00002.1.el7eap.noarch",
"product": {
"name": "eap7-hibernate-0:5.3.25-1.Final_redhat_00002.1.el7eap.noarch",
"product_id": "eap7-hibernate-0:5.3.25-1.Final_redhat_00002.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate@5.3.25-1.Final_redhat_00002.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-core-0:5.3.25-1.Final_redhat_00002.1.el7eap.noarch",
"product": {
"name": "eap7-hibernate-core-0:5.3.25-1.Final_redhat_00002.1.el7eap.noarch",
"product_id": "eap7-hibernate-core-0:5.3.25-1.Final_redhat_00002.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate-core@5.3.25-1.Final_redhat_00002.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-entitymanager-0:5.3.25-1.Final_redhat_00002.1.el7eap.noarch",
"product": {
"name": "eap7-hibernate-entitymanager-0:5.3.25-1.Final_redhat_00002.1.el7eap.noarch",
"product_id": "eap7-hibernate-entitymanager-0:5.3.25-1.Final_redhat_00002.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate-entitymanager@5.3.25-1.Final_redhat_00002.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-envers-0:5.3.25-1.Final_redhat_00002.1.el7eap.noarch",
"product": {
"name": "eap7-hibernate-envers-0:5.3.25-1.Final_redhat_00002.1.el7eap.noarch",
"product_id": "eap7-hibernate-envers-0:5.3.25-1.Final_redhat_00002.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate-envers@5.3.25-1.Final_redhat_00002.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-java8-0:5.3.25-1.Final_redhat_00002.1.el7eap.noarch",
"product": {
"name": "eap7-hibernate-java8-0:5.3.25-1.Final_redhat_00002.1.el7eap.noarch",
"product_id": "eap7-hibernate-java8-0:5.3.25-1.Final_redhat_00002.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate-java8@5.3.25-1.Final_redhat_00002.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-narayana-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-narayana-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-narayana-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-narayana@5.11.4-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-narayana-compensations-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-narayana-compensations-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-narayana-compensations-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-narayana-compensations@5.11.4-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-narayana-jbosstxbridge-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-narayana-jbosstxbridge-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-narayana-jbosstxbridge-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-narayana-jbosstxbridge@5.11.4-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-narayana-jbossxts-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-narayana-jbossxts-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-narayana-jbossxts-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-narayana-jbossxts@5.11.4-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-narayana-jts-idlj-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-narayana-jts-idlj-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-narayana-jts-idlj-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-narayana-jts-idlj@5.11.4-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-narayana-jts-integration-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-narayana-jts-integration-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-narayana-jts-integration-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-narayana-jts-integration@5.11.4-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-narayana-restat-api-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-narayana-restat-api-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-narayana-restat-api-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-narayana-restat-api@5.11.4-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-narayana-restat-bridge-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-narayana-restat-bridge-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-narayana-restat-bridge-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-narayana-restat-bridge@5.11.4-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-narayana-restat-integration-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-narayana-restat-integration-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-narayana-restat-integration-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-narayana-restat-integration@5.11.4-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-narayana-restat-util-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-narayana-restat-util-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-narayana-restat-util-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-narayana-restat-util@5.11.4-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-narayana-txframework-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-narayana-txframework-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-narayana-txframework-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-narayana-txframework@5.11.4-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"product": {
"name": "eap7-activemq-artemis-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"product_id": "eap7-activemq-artemis-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis@2.16.0-7.redhat_00034.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-cli-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"product": {
"name": "eap7-activemq-artemis-cli-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"product_id": "eap7-activemq-artemis-cli-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-cli@2.16.0-7.redhat_00034.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-commons-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"product": {
"name": "eap7-activemq-artemis-commons-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"product_id": "eap7-activemq-artemis-commons-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-commons@2.16.0-7.redhat_00034.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-core-client-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"product": {
"name": "eap7-activemq-artemis-core-client-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"product_id": "eap7-activemq-artemis-core-client-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-core-client@2.16.0-7.redhat_00034.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-dto-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"product": {
"name": "eap7-activemq-artemis-dto-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"product_id": "eap7-activemq-artemis-dto-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-dto@2.16.0-7.redhat_00034.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-hornetq-protocol-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"product": {
"name": "eap7-activemq-artemis-hornetq-protocol-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"product_id": "eap7-activemq-artemis-hornetq-protocol-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-hornetq-protocol@2.16.0-7.redhat_00034.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-hqclient-protocol-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"product": {
"name": "eap7-activemq-artemis-hqclient-protocol-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"product_id": "eap7-activemq-artemis-hqclient-protocol-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-hqclient-protocol@2.16.0-7.redhat_00034.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-jdbc-store-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"product": {
"name": "eap7-activemq-artemis-jdbc-store-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"product_id": "eap7-activemq-artemis-jdbc-store-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-jdbc-store@2.16.0-7.redhat_00034.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-jms-client-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"product": {
"name": "eap7-activemq-artemis-jms-client-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"product_id": "eap7-activemq-artemis-jms-client-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-jms-client@2.16.0-7.redhat_00034.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-jms-server-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"product": {
"name": "eap7-activemq-artemis-jms-server-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"product_id": "eap7-activemq-artemis-jms-server-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-jms-server@2.16.0-7.redhat_00034.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-journal-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"product": {
"name": "eap7-activemq-artemis-journal-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"product_id": "eap7-activemq-artemis-journal-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-journal@2.16.0-7.redhat_00034.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-ra-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"product": {
"name": "eap7-activemq-artemis-ra-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"product_id": "eap7-activemq-artemis-ra-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-ra@2.16.0-7.redhat_00034.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-selector-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"product": {
"name": "eap7-activemq-artemis-selector-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"product_id": "eap7-activemq-artemis-selector-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-selector@2.16.0-7.redhat_00034.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-server-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"product": {
"name": "eap7-activemq-artemis-server-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"product_id": "eap7-activemq-artemis-server-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-server@2.16.0-7.redhat_00034.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-service-extensions-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"product": {
"name": "eap7-activemq-artemis-service-extensions-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"product_id": "eap7-activemq-artemis-service-extensions-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-service-extensions@2.16.0-7.redhat_00034.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-tools-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"product": {
"name": "eap7-activemq-artemis-tools-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"product_id": "eap7-activemq-artemis-tools-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-tools@2.16.0-7.redhat_00034.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-elytron-0:1.15.11-1.Final_redhat_00002.1.el7eap.noarch",
"product": {
"name": "eap7-wildfly-elytron-0:1.15.11-1.Final_redhat_00002.1.el7eap.noarch",
"product_id": "eap7-wildfly-elytron-0:1.15.11-1.Final_redhat_00002.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-elytron@1.15.11-1.Final_redhat_00002.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-elytron-tool-0:1.15.11-1.Final_redhat_00002.1.el7eap.noarch",
"product": {
"name": "eap7-wildfly-elytron-tool-0:1.15.11-1.Final_redhat_00002.1.el7eap.noarch",
"product_id": "eap7-wildfly-elytron-tool-0:1.15.11-1.Final_redhat_00002.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-elytron-tool@1.15.11-1.Final_redhat_00002.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-infinispan-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-infinispan-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-infinispan-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-infinispan@11.0.15-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-infinispan-cachestore-jdbc-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-infinispan-cachestore-jdbc-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-infinispan-cachestore-jdbc-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-infinispan-cachestore-jdbc@11.0.15-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-infinispan-cachestore-remote-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-infinispan-cachestore-remote-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-infinispan-cachestore-remote-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-infinispan-cachestore-remote@11.0.15-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-infinispan-client-hotrod-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-infinispan-client-hotrod-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-infinispan-client-hotrod-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-infinispan-client-hotrod@11.0.15-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-infinispan-commons-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-infinispan-commons-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-infinispan-commons-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-infinispan-commons@11.0.15-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-infinispan-component-annotations-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-infinispan-component-annotations-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-infinispan-component-annotations-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-infinispan-component-annotations@11.0.15-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-infinispan-core-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-infinispan-core-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-infinispan-core-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-infinispan-core@11.0.15-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-infinispan-hibernate-cache-commons-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-infinispan-hibernate-cache-commons-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-infinispan-hibernate-cache-commons-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-infinispan-hibernate-cache-commons@11.0.15-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-infinispan-hibernate-cache-spi-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-infinispan-hibernate-cache-spi-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-infinispan-hibernate-cache-spi-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-infinispan-hibernate-cache-spi@11.0.15-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-infinispan-hibernate-cache-v53-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-infinispan-hibernate-cache-v53-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-infinispan-hibernate-cache-v53-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-infinispan-hibernate-cache-v53@11.0.15-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-objectweb-asm-0:9.1.0-1.redhat_00002.1.el7eap.noarch",
"product": {
"name": "eap7-objectweb-asm-0:9.1.0-1.redhat_00002.1.el7eap.noarch",
"product_id": "eap7-objectweb-asm-0:9.1.0-1.redhat_00002.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-objectweb-asm@9.1.0-1.redhat_00002.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-vfs-0:3.2.16-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-jboss-vfs-0:3.2.16-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-jboss-vfs-0:3.2.16-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-vfs@3.2.16-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-log4j-0:2.17.1-1.redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-log4j-0:2.17.1-1.redhat_00001.1.el7eap.noarch",
"product_id": "eap7-log4j-0:2.17.1-1.redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-log4j@2.17.1-1.redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-yasson-0:1.0.10-1.redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-yasson-0:1.0.10-1.redhat_00001.1.el7eap.noarch",
"product_id": "eap7-yasson-0:1.0.10-1.redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-yasson@1.0.10-1.redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ecj-1:3.26.0-1.redhat_00002.1.el7eap.noarch",
"product": {
"name": "eap7-ecj-1:3.26.0-1.redhat_00002.1.el7eap.noarch",
"product_id": "eap7-ecj-1:3.26.0-1.redhat_00002.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ecj@3.26.0-1.redhat_00002.1.el7eap?arch=noarch\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "eap7-jbossws-cxf-0:5.4.4-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-jbossws-cxf-0:5.4.4-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-jbossws-cxf-0:5.4.4-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jbossws-cxf@5.4.4-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-openssl-0:2.2.0-3.Final_redhat_00002.1.el7eap.noarch",
"product": {
"name": "eap7-wildfly-openssl-0:2.2.0-3.Final_redhat_00002.1.el7eap.noarch",
"product_id": "eap7-wildfly-openssl-0:2.2.0-3.Final_redhat_00002.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-openssl@2.2.0-3.Final_redhat_00002.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-openssl-java-0:2.2.0-3.Final_redhat_00002.1.el7eap.noarch",
"product": {
"name": "eap7-wildfly-openssl-java-0:2.2.0-3.Final_redhat_00002.1.el7eap.noarch",
"product_id": "eap7-wildfly-openssl-java-0:2.2.0-3.Final_redhat_00002.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-openssl-java@2.2.0-3.Final_redhat_00002.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-0:1.10.0-15.Final_redhat_00014.1.el7eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-0:1.10.0-15.Final_redhat_00014.1.el7eap.noarch",
"product_id": "eap7-jboss-server-migration-0:1.10.0-15.Final_redhat_00014.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration@1.10.0-15.Final_redhat_00014.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-cli-0:1.10.0-15.Final_redhat_00014.1.el7eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-cli-0:1.10.0-15.Final_redhat_00014.1.el7eap.noarch",
"product_id": "eap7-jboss-server-migration-cli-0:1.10.0-15.Final_redhat_00014.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-cli@1.10.0-15.Final_redhat_00014.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-core-0:1.10.0-15.Final_redhat_00014.1.el7eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-core-0:1.10.0-15.Final_redhat_00014.1.el7eap.noarch",
"product_id": "eap7-jboss-server-migration-core-0:1.10.0-15.Final_redhat_00014.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-core@1.10.0-15.Final_redhat_00014.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-0:7.4.4-3.GA_redhat_00011.1.el7eap.noarch",
"product": {
"name": "eap7-wildfly-0:7.4.4-3.GA_redhat_00011.1.el7eap.noarch",
"product_id": "eap7-wildfly-0:7.4.4-3.GA_redhat_00011.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly@7.4.4-3.GA_redhat_00011.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-java-jdk11-0:7.4.4-3.GA_redhat_00011.1.el7eap.noarch",
"product": {
"name": "eap7-wildfly-java-jdk11-0:7.4.4-3.GA_redhat_00011.1.el7eap.noarch",
"product_id": "eap7-wildfly-java-jdk11-0:7.4.4-3.GA_redhat_00011.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-java-jdk11@7.4.4-3.GA_redhat_00011.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-java-jdk8-0:7.4.4-3.GA_redhat_00011.1.el7eap.noarch",
"product": {
"name": "eap7-wildfly-java-jdk8-0:7.4.4-3.GA_redhat_00011.1.el7eap.noarch",
"product_id": "eap7-wildfly-java-jdk8-0:7.4.4-3.GA_redhat_00011.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-java-jdk8@7.4.4-3.GA_redhat_00011.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-javadocs-0:7.4.4-3.GA_redhat_00011.1.el7eap.noarch",
"product": {
"name": "eap7-wildfly-javadocs-0:7.4.4-3.GA_redhat_00011.1.el7eap.noarch",
"product_id": "eap7-wildfly-javadocs-0:7.4.4-3.GA_redhat_00011.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-javadocs@7.4.4-3.GA_redhat_00011.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-modules-0:7.4.4-3.GA_redhat_00011.1.el7eap.noarch",
"product": {
"name": "eap7-wildfly-modules-0:7.4.4-3.GA_redhat_00011.1.el7eap.noarch",
"product_id": "eap7-wildfly-modules-0:7.4.4-3.GA_redhat_00011.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-modules@7.4.4-3.GA_redhat_00011.1.el7eap?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "eap7-wildfly-openssl-el7-x86_64-0:2.2.0-2.Final_redhat_00002.1.el7eap.x86_64",
"product": {
"name": "eap7-wildfly-openssl-el7-x86_64-0:2.2.0-2.Final_redhat_00002.1.el7eap.x86_64",
"product_id": "eap7-wildfly-openssl-el7-x86_64-0:2.2.0-2.Final_redhat_00002.1.el7eap.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-openssl-el7-x86_64@2.2.0-2.Final_redhat_00002.1.el7eap?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-openssl-el7-x86_64-debuginfo-0:2.2.0-2.Final_redhat_00002.1.el7eap.x86_64",
"product": {
"name": "eap7-wildfly-openssl-el7-x86_64-debuginfo-0:2.2.0-2.Final_redhat_00002.1.el7eap.x86_64",
"product_id": "eap7-wildfly-openssl-el7-x86_64-debuginfo-0:2.2.0-2.Final_redhat_00002.1.el7eap.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-openssl-el7-x86_64-debuginfo@2.2.0-2.Final_redhat_00002.1.el7eap?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-0:2.16.0-7.redhat_00034.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-7.redhat_00034.1.el7eap.noarch"
},
"product_reference": "eap7-activemq-artemis-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-0:2.16.0-7.redhat_00034.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-7.redhat_00034.1.el7eap.src"
},
"product_reference": "eap7-activemq-artemis-0:2.16.0-7.redhat_00034.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-cli-0:2.16.0-7.redhat_00034.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-7.redhat_00034.1.el7eap.noarch"
},
"product_reference": "eap7-activemq-artemis-cli-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-commons-0:2.16.0-7.redhat_00034.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-7.redhat_00034.1.el7eap.noarch"
},
"product_reference": "eap7-activemq-artemis-commons-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-core-client-0:2.16.0-7.redhat_00034.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-7.redhat_00034.1.el7eap.noarch"
},
"product_reference": "eap7-activemq-artemis-core-client-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-dto-0:2.16.0-7.redhat_00034.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-7.redhat_00034.1.el7eap.noarch"
},
"product_reference": "eap7-activemq-artemis-dto-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-hornetq-protocol-0:2.16.0-7.redhat_00034.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-7.redhat_00034.1.el7eap.noarch"
},
"product_reference": "eap7-activemq-artemis-hornetq-protocol-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-hqclient-protocol-0:2.16.0-7.redhat_00034.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-7.redhat_00034.1.el7eap.noarch"
},
"product_reference": "eap7-activemq-artemis-hqclient-protocol-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-jdbc-store-0:2.16.0-7.redhat_00034.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-7.redhat_00034.1.el7eap.noarch"
},
"product_reference": "eap7-activemq-artemis-jdbc-store-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-jms-client-0:2.16.0-7.redhat_00034.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-7.redhat_00034.1.el7eap.noarch"
},
"product_reference": "eap7-activemq-artemis-jms-client-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-jms-server-0:2.16.0-7.redhat_00034.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-7.redhat_00034.1.el7eap.noarch"
},
"product_reference": "eap7-activemq-artemis-jms-server-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-journal-0:2.16.0-7.redhat_00034.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-7.redhat_00034.1.el7eap.noarch"
},
"product_reference": "eap7-activemq-artemis-journal-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-ra-0:2.16.0-7.redhat_00034.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-7.redhat_00034.1.el7eap.noarch"
},
"product_reference": "eap7-activemq-artemis-ra-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-selector-0:2.16.0-7.redhat_00034.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-7.redhat_00034.1.el7eap.noarch"
},
"product_reference": "eap7-activemq-artemis-selector-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-server-0:2.16.0-7.redhat_00034.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-7.redhat_00034.1.el7eap.noarch"
},
"product_reference": "eap7-activemq-artemis-server-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-service-extensions-0:2.16.0-7.redhat_00034.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-7.redhat_00034.1.el7eap.noarch"
},
"product_reference": "eap7-activemq-artemis-service-extensions-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-tools-0:2.16.0-7.redhat_00034.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-7.redhat_00034.1.el7eap.noarch"
},
"product_reference": "eap7-activemq-artemis-tools-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ecj-1:3.26.0-1.redhat_00002.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-ecj-1:3.26.0-1.redhat_00002.1.el7eap.noarch"
},
"product_reference": "eap7-ecj-1:3.26.0-1.redhat_00002.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ecj-1:3.26.0-1.redhat_00002.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-ecj-1:3.26.0-1.redhat_00002.1.el7eap.src"
},
"product_reference": "eap7-ecj-1:3.26.0-1.redhat_00002.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hal-console-0:3.3.9-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.9-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-hal-console-0:3.3.9-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hal-console-0:3.3.9-1.Final_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.9-1.Final_redhat_00001.1.el7eap.src"
},
"product_reference": "eap7-hal-console-0:3.3.9-1.Final_redhat_00001.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-0:5.3.25-1.Final_redhat_00002.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-hibernate-0:5.3.25-1.Final_redhat_00002.1.el7eap.noarch"
},
"product_reference": "eap7-hibernate-0:5.3.25-1.Final_redhat_00002.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-0:5.3.25-1.Final_redhat_00002.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-hibernate-0:5.3.25-1.Final_redhat_00002.1.el7eap.src"
},
"product_reference": "eap7-hibernate-0:5.3.25-1.Final_redhat_00002.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-core-0:5.3.25-1.Final_redhat_00002.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-hibernate-core-0:5.3.25-1.Final_redhat_00002.1.el7eap.noarch"
},
"product_reference": "eap7-hibernate-core-0:5.3.25-1.Final_redhat_00002.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-entitymanager-0:5.3.25-1.Final_redhat_00002.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.25-1.Final_redhat_00002.1.el7eap.noarch"
},
"product_reference": "eap7-hibernate-entitymanager-0:5.3.25-1.Final_redhat_00002.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-envers-0:5.3.25-1.Final_redhat_00002.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-hibernate-envers-0:5.3.25-1.Final_redhat_00002.1.el7eap.noarch"
},
"product_reference": "eap7-hibernate-envers-0:5.3.25-1.Final_redhat_00002.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-java8-0:5.3.25-1.Final_redhat_00002.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-hibernate-java8-0:5.3.25-1.Final_redhat_00002.1.el7eap.noarch"
},
"product_reference": "eap7-hibernate-java8-0:5.3.25-1.Final_redhat_00002.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-infinispan-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-infinispan-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-infinispan-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-infinispan-0:11.0.15-1.Final_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-infinispan-0:11.0.15-1.Final_redhat_00001.1.el7eap.src"
},
"product_reference": "eap7-infinispan-0:11.0.15-1.Final_redhat_00001.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-infinispan-cachestore-jdbc-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-infinispan-cachestore-jdbc-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-infinispan-cachestore-remote-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-infinispan-cachestore-remote-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-infinispan-client-hotrod-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-infinispan-client-hotrod-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-infinispan-commons-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-infinispan-commons-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-infinispan-commons-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-infinispan-component-annotations-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-infinispan-component-annotations-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-infinispan-core-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-infinispan-core-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-infinispan-core-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-infinispan-hibernate-cache-commons-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-infinispan-hibernate-cache-commons-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-infinispan-hibernate-cache-spi-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-infinispan-hibernate-cache-spi-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-infinispan-hibernate-cache-v53-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-infinispan-hibernate-cache-v53-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-0:1.10.0-15.Final_redhat_00014.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-15.Final_redhat_00014.1.el7eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-0:1.10.0-15.Final_redhat_00014.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-0:1.10.0-15.Final_redhat_00014.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-15.Final_redhat_00014.1.el7eap.src"
},
"product_reference": "eap7-jboss-server-migration-0:1.10.0-15.Final_redhat_00014.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-cli-0:1.10.0-15.Final_redhat_00014.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-15.Final_redhat_00014.1.el7eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-cli-0:1.10.0-15.Final_redhat_00014.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-core-0:1.10.0-15.Final_redhat_00014.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-15.Final_redhat_00014.1.el7eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-core-0:1.10.0-15.Final_redhat_00014.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-vfs-0:3.2.16-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-jboss-vfs-0:3.2.16-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-jboss-vfs-0:3.2.16-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-vfs-0:3.2.16-1.Final_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-jboss-vfs-0:3.2.16-1.Final_redhat_00001.1.el7eap.src"
},
"product_reference": "eap7-jboss-vfs-0:3.2.16-1.Final_redhat_00001.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-xnio-base-0:3.8.6-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.6-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-jboss-xnio-base-0:3.8.6-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-xnio-base-0:3.8.6-1.Final_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.6-1.Final_redhat_00001.1.el7eap.src"
},
"product_reference": "eap7-jboss-xnio-base-0:3.8.6-1.Final_redhat_00001.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jbossws-cxf-0:5.4.4-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.4-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-jbossws-cxf-0:5.4.4-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jbossws-cxf-0:5.4.4-1.Final_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.4-1.Final_redhat_00001.1.el7eap.src"
},
"product_reference": "eap7-jbossws-cxf-0:5.4.4-1.Final_redhat_00001.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-log4j-0:2.17.1-1.redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-log4j-0:2.17.1-1.redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-log4j-0:2.17.1-1.redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-log4j-0:2.17.1-1.redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-log4j-0:2.17.1-1.redhat_00001.1.el7eap.src"
},
"product_reference": "eap7-log4j-0:2.17.1-1.redhat_00001.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-narayana-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-narayana-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-narayana-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-narayana-0:5.11.4-1.Final_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-narayana-0:5.11.4-1.Final_redhat_00001.1.el7eap.src"
},
"product_reference": "eap7-narayana-0:5.11.4-1.Final_redhat_00001.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-narayana-compensations-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-narayana-compensations-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-narayana-compensations-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-narayana-jbosstxbridge-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-narayana-jbosstxbridge-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-narayana-jbosstxbridge-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-narayana-jbossxts-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-narayana-jbossxts-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-narayana-jbossxts-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-narayana-jts-idlj-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-narayana-jts-idlj-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-narayana-jts-idlj-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-narayana-jts-integration-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-narayana-jts-integration-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-narayana-jts-integration-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-narayana-restat-api-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-narayana-restat-api-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-narayana-restat-api-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-narayana-restat-bridge-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-narayana-restat-bridge-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-narayana-restat-bridge-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-narayana-restat-integration-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-narayana-restat-integration-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-narayana-restat-integration-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-narayana-restat-util-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-narayana-restat-util-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-narayana-restat-util-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-narayana-txframework-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-narayana-txframework-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-narayana-txframework-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-objectweb-asm-0:9.1.0-1.redhat_00002.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-objectweb-asm-0:9.1.0-1.redhat_00002.1.el7eap.noarch"
},
"product_reference": "eap7-objectweb-asm-0:9.1.0-1.redhat_00002.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-objectweb-asm-0:9.1.0-1.redhat_00002.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-objectweb-asm-0:9.1.0-1.redhat_00002.1.el7eap.src"
},
"product_reference": "eap7-objectweb-asm-0:9.1.0-1.redhat_00002.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-undertow-0:2.2.16-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-undertow-0:2.2.16-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-undertow-0:2.2.16-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-undertow-0:2.2.16-1.Final_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-undertow-0:2.2.16-1.Final_redhat_00001.1.el7eap.src"
},
"product_reference": "eap7-undertow-0:2.2.16-1.Final_redhat_00001.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-0:7.4.4-3.GA_redhat_00011.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.4-3.GA_redhat_00011.1.el7eap.noarch"
},
"product_reference": "eap7-wildfly-0:7.4.4-3.GA_redhat_00011.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-0:7.4.4-3.GA_redhat_00011.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.4-3.GA_redhat_00011.1.el7eap.src"
},
"product_reference": "eap7-wildfly-0:7.4.4-3.GA_redhat_00011.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-elytron-0:1.15.11-1.Final_redhat_00002.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.11-1.Final_redhat_00002.1.el7eap.noarch"
},
"product_reference": "eap7-wildfly-elytron-0:1.15.11-1.Final_redhat_00002.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-elytron-0:1.15.11-1.Final_redhat_00002.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.11-1.Final_redhat_00002.1.el7eap.src"
},
"product_reference": "eap7-wildfly-elytron-0:1.15.11-1.Final_redhat_00002.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-elytron-tool-0:1.15.11-1.Final_redhat_00002.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.11-1.Final_redhat_00002.1.el7eap.noarch"
},
"product_reference": "eap7-wildfly-elytron-tool-0:1.15.11-1.Final_redhat_00002.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-java-jdk11-0:7.4.4-3.GA_redhat_00011.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.4-3.GA_redhat_00011.1.el7eap.noarch"
},
"product_reference": "eap7-wildfly-java-jdk11-0:7.4.4-3.GA_redhat_00011.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-java-jdk8-0:7.4.4-3.GA_redhat_00011.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.4-3.GA_redhat_00011.1.el7eap.noarch"
},
"product_reference": "eap7-wildfly-java-jdk8-0:7.4.4-3.GA_redhat_00011.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-javadocs-0:7.4.4-3.GA_redhat_00011.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.4-3.GA_redhat_00011.1.el7eap.noarch"
},
"product_reference": "eap7-wildfly-javadocs-0:7.4.4-3.GA_redhat_00011.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-modules-0:7.4.4-3.GA_redhat_00011.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.4-3.GA_redhat_00011.1.el7eap.noarch"
},
"product_reference": "eap7-wildfly-modules-0:7.4.4-3.GA_redhat_00011.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-openssl-0:2.2.0-3.Final_redhat_00002.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-wildfly-openssl-0:2.2.0-3.Final_redhat_00002.1.el7eap.noarch"
},
"product_reference": "eap7-wildfly-openssl-0:2.2.0-3.Final_redhat_00002.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-openssl-0:2.2.0-3.Final_redhat_00002.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-wildfly-openssl-0:2.2.0-3.Final_redhat_00002.1.el7eap.src"
},
"product_reference": "eap7-wildfly-openssl-0:2.2.0-3.Final_redhat_00002.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-openssl-el7-x86_64-0:2.2.0-2.Final_redhat_00002.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-wildfly-openssl-el7-x86_64-0:2.2.0-2.Final_redhat_00002.1.el7eap.src"
},
"product_reference": "eap7-wildfly-openssl-el7-x86_64-0:2.2.0-2.Final_redhat_00002.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-openssl-el7-x86_64-0:2.2.0-2.Final_redhat_00002.1.el7eap.x86_64 as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-wildfly-openssl-el7-x86_64-0:2.2.0-2.Final_redhat_00002.1.el7eap.x86_64"
},
"product_reference": "eap7-wildfly-openssl-el7-x86_64-0:2.2.0-2.Final_redhat_00002.1.el7eap.x86_64",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-openssl-el7-x86_64-debuginfo-0:2.2.0-2.Final_redhat_00002.1.el7eap.x86_64 as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-wildfly-openssl-el7-x86_64-debuginfo-0:2.2.0-2.Final_redhat_00002.1.el7eap.x86_64"
},
"product_reference": "eap7-wildfly-openssl-el7-x86_64-debuginfo-0:2.2.0-2.Final_redhat_00002.1.el7eap.x86_64",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-openssl-java-0:2.2.0-3.Final_redhat_00002.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-wildfly-openssl-java-0:2.2.0-3.Final_redhat_00002.1.el7eap.noarch"
},
"product_reference": "eap7-wildfly-openssl-java-0:2.2.0-3.Final_redhat_00002.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-xom-0:1.3.7-1.redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-xom-0:1.3.7-1.redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-xom-0:1.3.7-1.redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-xom-0:1.3.7-1.redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-xom-0:1.3.7-1.redhat_00001.1.el7eap.src"
},
"product_reference": "eap7-xom-0:1.3.7-1.redhat_00001.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-yasson-0:1.0.10-1.redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-yasson-0:1.0.10-1.redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-yasson-0:1.0.10-1.redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-yasson-0:1.0.10-1.redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-yasson-0:1.0.10-1.redhat_00001.1.el7eap.src"
},
"product_reference": "eap7-yasson-0:1.0.10-1.redhat_00001.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.4"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-4104",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2021-12-13T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-7.redhat_00034.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ecj-1:3.26.0-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ecj-1:3.26.0-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.9-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.9-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-0:5.3.25-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-0:5.3.25-1.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-core-0:5.3.25-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.25-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-envers-0:5.3.25-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-java8-0:5.3.25-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-0:11.0.15-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-commons-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-core-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-15.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-15.Final_redhat_00014.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-15.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-15.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-vfs-0:3.2.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-vfs-0:3.2.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.6-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.4-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-narayana-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-0:5.11.4-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-narayana-compensations-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-jbosstxbridge-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-jbossxts-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-jts-idlj-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-jts-integration-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-restat-api-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-restat-bridge-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-restat-integration-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-restat-util-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-txframework-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-objectweb-asm-0:9.1.0-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-objectweb-asm-0:9.1.0-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.4-3.GA_redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.4-3.GA_redhat_00011.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.11-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.11-1.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.11-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.4-3.GA_redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.4-3.GA_redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.4-3.GA_redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.4-3.GA_redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-openssl-0:2.2.0-3.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-openssl-0:2.2.0-3.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-openssl-el7-x86_64-0:2.2.0-2.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-openssl-el7-x86_64-0:2.2.0-2.Final_redhat_00002.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-wildfly-openssl-el7-x86_64-debuginfo-0:2.2.0-2.Final_redhat_00002.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-wildfly-openssl-java-0:2.2.0-3.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-xom-0:1.3.7-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-xom-0:1.3.7-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-yasson-0:1.0.10-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-yasson-0:1.0.10-1.redhat_00001.1.el7eap.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2031667"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Java logging library Apache Log4j in version 1.x. JMSAppender in Log4j 1.x is vulnerable to deserialization of untrusted data. This allows a remote attacker to execute code on the server if the deployed application is configured to use JMSAppender and to the attacker\u0027s JNDI LDAP endpoint.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "log4j: Remote code execution in Log4j 1.x when application is configured to use JMSAppender",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Based on the conditions to be exploitable (see details below), the risk is much lower than Log4j 2.x and Red Hat has assessed this to be Moderate severity. This flaw has been filed for Log4j 1.x, and the corresponding flaw information for Log4j 2.x is available at: https://access.redhat.com/security/cve/CVE-2021-44228\n\nNote this flaw ONLY affects applications which are specifically configured to use JMSAppender, which is not the default, or when the attacker has write access to the Log4j configuration for adding JMSAppender to the attacker\u0027s JNDI LDAP endpoint. \n\nIf the Log4j configuration is set TopicBindingName or TopicConnectionFactoryBindingName configurations allowing JMSAppender to perform JNDI requests that result in remote code execution in a similar fashion to CVE-2021-44228 Log4j 2.x, Log4j 1.x is vulnerable. However, the attack vector is reduced as it depends on having write access, which is not a standard configuration rather than untrusted user input. These are sufficient factors beyond the attacker\u0027s control.\n\nThe tomcat package shipped with Red Hat Enterprise Linux does not include log4j but it does include a default configuration for log4j, log4j.properties, which could be used with tomcat if users choose to install and configure the library. The JMSAppender is not enabled by default, and the permissions of the file can only be modified as root.\n\nRed Hat Virtualization ships log4j12-1.2.17, but it is used and configured in a way which makes this flaw not possible to exploit. Therefore impact is rated Low.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBEAP-7.4:eap7-log4j-0:2.17.1-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-log4j-0:2.17.1-1.redhat_00001.1.el7eap.src"
],
"known_not_affected": [
"7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-7.redhat_00034.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ecj-1:3.26.0-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ecj-1:3.26.0-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.9-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.9-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-0:5.3.25-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-0:5.3.25-1.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-core-0:5.3.25-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.25-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-envers-0:5.3.25-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-java8-0:5.3.25-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-0:11.0.15-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-commons-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-core-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-15.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-15.Final_redhat_00014.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-15.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-15.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-vfs-0:3.2.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-vfs-0:3.2.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.6-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.4-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-narayana-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-0:5.11.4-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-narayana-compensations-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-jbosstxbridge-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-jbossxts-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-jts-idlj-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-jts-integration-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-restat-api-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-restat-bridge-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-restat-integration-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-restat-util-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-txframework-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-objectweb-asm-0:9.1.0-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-objectweb-asm-0:9.1.0-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.4-3.GA_redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.4-3.GA_redhat_00011.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.11-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.11-1.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.11-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.4-3.GA_redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.4-3.GA_redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.4-3.GA_redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.4-3.GA_redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-openssl-0:2.2.0-3.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-openssl-0:2.2.0-3.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-openssl-el7-x86_64-0:2.2.0-2.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-openssl-el7-x86_64-0:2.2.0-2.Final_redhat_00002.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-wildfly-openssl-el7-x86_64-debuginfo-0:2.2.0-2.Final_redhat_00002.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-wildfly-openssl-java-0:2.2.0-3.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-xom-0:1.3.7-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-xom-0:1.3.7-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-yasson-0:1.0.10-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-yasson-0:1.0.10-1.redhat_00001.1.el7eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-4104"
},
{
"category": "external",
"summary": "RHBZ#2031667",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2031667"
},
{
"category": "external",
"summary": "RHSB-2021-009",
"url": "https://access.redhat.com/security/vulnerabilities/RHSB-2021-009"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-4104",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-4104"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-4104",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-4104"
},
{
"category": "external",
"summary": "https://github.com/apache/logging-log4j2/pull/608#issuecomment-990494126",
"url": "https://github.com/apache/logging-log4j2/pull/608#issuecomment-990494126"
},
{
"category": "external",
"summary": "https://github.com/apache/logging-log4j2/pull/608#issuecomment-991723301",
"url": "https://github.com/apache/logging-log4j2/pull/608#issuecomment-991723301"
},
{
"category": "external",
"summary": "https://lists.apache.org/thread/0x4zvtq92yggdgvwfgsftqrj4xx5w0nx",
"url": "https://lists.apache.org/thread/0x4zvtq92yggdgvwfgsftqrj4xx5w0nx"
},
{
"category": "external",
"summary": "https://www.openwall.com/lists/oss-security/2021/12/13/1",
"url": "https://www.openwall.com/lists/oss-security/2021/12/13/1"
}
],
"release_date": "2021-12-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-04-11T12:59:41+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-JBEAP-7.4:eap7-log4j-0:2.17.1-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-log4j-0:2.17.1-1.redhat_00001.1.el7eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:1296"
},
{
"category": "workaround",
"details": "These are the possible mitigations for this flaw for releases version 1.x:\n\n- Comment out or remove JMSAppender in the Log4j configuration if it is used\n- Remove the JMSAppender class from the classpath. For example:\n```\nzip -q -d log4j-*.jar org/apache/log4j/net/JMSAppender.class\n```\n- Restrict access for the OS user on the platform running the application to prevent modifying the Log4j configuration by the attacker.",
"product_ids": [
"7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-7.redhat_00034.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ecj-1:3.26.0-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ecj-1:3.26.0-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.9-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.9-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-0:5.3.25-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-0:5.3.25-1.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-core-0:5.3.25-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.25-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-envers-0:5.3.25-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-java8-0:5.3.25-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-0:11.0.15-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-commons-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-core-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-15.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-15.Final_redhat_00014.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-15.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-15.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-vfs-0:3.2.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-vfs-0:3.2.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.6-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.4-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-log4j-0:2.17.1-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-log4j-0:2.17.1-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-narayana-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-0:5.11.4-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-narayana-compensations-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-jbosstxbridge-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-jbossxts-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-jts-idlj-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-jts-integration-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-restat-api-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-restat-bridge-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-restat-integration-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-restat-util-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-txframework-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-objectweb-asm-0:9.1.0-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-objectweb-asm-0:9.1.0-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.4-3.GA_redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.4-3.GA_redhat_00011.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.11-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.11-1.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.11-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.4-3.GA_redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.4-3.GA_redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.4-3.GA_redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.4-3.GA_redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-openssl-0:2.2.0-3.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-openssl-0:2.2.0-3.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-openssl-el7-x86_64-0:2.2.0-2.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-openssl-el7-x86_64-0:2.2.0-2.Final_redhat_00002.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-wildfly-openssl-el7-x86_64-debuginfo-0:2.2.0-2.Final_redhat_00002.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-wildfly-openssl-java-0:2.2.0-3.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-xom-0:1.3.7-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-xom-0:1.3.7-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-yasson-0:1.0.10-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-yasson-0:1.0.10-1.redhat_00001.1.el7eap.src"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-7.redhat_00034.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ecj-1:3.26.0-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ecj-1:3.26.0-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.9-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.9-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-0:5.3.25-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-0:5.3.25-1.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-core-0:5.3.25-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.25-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-envers-0:5.3.25-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-java8-0:5.3.25-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-0:11.0.15-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-commons-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-core-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-15.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-15.Final_redhat_00014.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-15.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-15.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-vfs-0:3.2.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-vfs-0:3.2.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.6-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.4-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-log4j-0:2.17.1-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-log4j-0:2.17.1-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-narayana-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-0:5.11.4-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-narayana-compensations-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-jbosstxbridge-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-jbossxts-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-jts-idlj-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-jts-integration-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-restat-api-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-restat-bridge-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-restat-integration-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-restat-util-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-txframework-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-objectweb-asm-0:9.1.0-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-objectweb-asm-0:9.1.0-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.4-3.GA_redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.4-3.GA_redhat_00011.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.11-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.11-1.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.11-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.4-3.GA_redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.4-3.GA_redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.4-3.GA_redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.4-3.GA_redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-openssl-0:2.2.0-3.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-openssl-0:2.2.0-3.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-openssl-el7-x86_64-0:2.2.0-2.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-openssl-el7-x86_64-0:2.2.0-2.Final_redhat_00002.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-wildfly-openssl-el7-x86_64-debuginfo-0:2.2.0-2.Final_redhat_00002.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-wildfly-openssl-java-0:2.2.0-3.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-xom-0:1.3.7-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-xom-0:1.3.7-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-yasson-0:1.0.10-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-yasson-0:1.0.10-1.redhat_00001.1.el7eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "log4j: Remote code execution in Log4j 1.x when application is configured to use JMSAppender"
},
{
"cve": "CVE-2021-44832",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2021-12-28T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-7.redhat_00034.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ecj-1:3.26.0-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ecj-1:3.26.0-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.9-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.9-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-0:5.3.25-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-0:5.3.25-1.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-core-0:5.3.25-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.25-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-envers-0:5.3.25-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-java8-0:5.3.25-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-0:11.0.15-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-commons-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-core-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-15.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-15.Final_redhat_00014.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-15.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-15.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-vfs-0:3.2.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-vfs-0:3.2.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.6-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.4-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-narayana-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-0:5.11.4-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-narayana-compensations-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-jbosstxbridge-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-jbossxts-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-jts-idlj-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-jts-integration-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-restat-api-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-restat-bridge-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-restat-integration-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-restat-util-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-txframework-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-objectweb-asm-0:9.1.0-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-objectweb-asm-0:9.1.0-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.4-3.GA_redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.4-3.GA_redhat_00011.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.11-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.11-1.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.11-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.4-3.GA_redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.4-3.GA_redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.4-3.GA_redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.4-3.GA_redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-openssl-0:2.2.0-3.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-openssl-0:2.2.0-3.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-openssl-el7-x86_64-0:2.2.0-2.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-openssl-el7-x86_64-0:2.2.0-2.Final_redhat_00002.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-wildfly-openssl-el7-x86_64-debuginfo-0:2.2.0-2.Final_redhat_00002.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-wildfly-openssl-java-0:2.2.0-3.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-xom-0:1.3.7-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-xom-0:1.3.7-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-yasson-0:1.0.10-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-yasson-0:1.0.10-1.redhat_00001.1.el7eap.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2035951"
}
],
"notes": [
{
"category": "description",
"text": "Apache Log4j2 versions 2.0-beta7 through 2.17.0 (excluding security fix releases 2.3.2 and 2.12.4) are vulnerable to a remote code execution (RCE) attack where an attacker with permission to modify the logging configuration file can construct a malicious configuration using a JDBC Appender with a data source referencing a JNDI URI which can execute remote code. This issue is fixed by limiting JNDI data source names to the java protocol in Log4j2 versions 2.17.1, 2.12.4, and 2.3.2.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "log4j-core: remote code execution via JDBC Appender",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Log4j 1.x is not impacted by this vulnerability. Therefore versions of log4j shipped with Red Hat Enterprise Linux are NOT affected by this flaw.\n\nFor Elasticsearch, as shipped in OpenShift Container Platform and OpenShift Logging, access to the log4j2.properties configuration is limited only to the cluster administrators and exploitation requires cluster logging changes, what reduced the impact of this vulnerability significantly [0].\n\n[0] https://discuss.elastic.co/t/apache-log4j2-remote-code-execution-rce-vulnerability-cve-2021-44228-esa-2021-31/291476#update-jan-6-5",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBEAP-7.4:eap7-log4j-0:2.17.1-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-log4j-0:2.17.1-1.redhat_00001.1.el7eap.src"
],
"known_not_affected": [
"7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-7.redhat_00034.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ecj-1:3.26.0-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ecj-1:3.26.0-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.9-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.9-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-0:5.3.25-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-0:5.3.25-1.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-core-0:5.3.25-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.25-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-envers-0:5.3.25-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-java8-0:5.3.25-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-0:11.0.15-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-commons-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-core-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-15.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-15.Final_redhat_00014.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-15.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-15.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-vfs-0:3.2.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-vfs-0:3.2.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.6-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.4-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-narayana-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-0:5.11.4-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-narayana-compensations-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-jbosstxbridge-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-jbossxts-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-jts-idlj-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-jts-integration-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-restat-api-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-restat-bridge-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-restat-integration-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-restat-util-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-txframework-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-objectweb-asm-0:9.1.0-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-objectweb-asm-0:9.1.0-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.4-3.GA_redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.4-3.GA_redhat_00011.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.11-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.11-1.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.11-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.4-3.GA_redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.4-3.GA_redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.4-3.GA_redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.4-3.GA_redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-openssl-0:2.2.0-3.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-openssl-0:2.2.0-3.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-openssl-el7-x86_64-0:2.2.0-2.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-openssl-el7-x86_64-0:2.2.0-2.Final_redhat_00002.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-wildfly-openssl-el7-x86_64-debuginfo-0:2.2.0-2.Final_redhat_00002.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-wildfly-openssl-java-0:2.2.0-3.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-xom-0:1.3.7-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-xom-0:1.3.7-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-yasson-0:1.0.10-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-yasson-0:1.0.10-1.redhat_00001.1.el7eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-44832"
},
{
"category": "external",
"summary": "RHBZ#2035951",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2035951"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-44832",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44832"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-44832",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-44832"
},
{
"category": "external",
"summary": "https://issues.apache.org/jira/browse/LOG4J2-3293",
"url": "https://issues.apache.org/jira/browse/LOG4J2-3293"
}
],
"release_date": "2021-12-28T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-04-11T12:59:41+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-JBEAP-7.4:eap7-log4j-0:2.17.1-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-log4j-0:2.17.1-1.redhat_00001.1.el7eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:1296"
},
{
"category": "workaround",
"details": "As per upstream:\n- In prior releases confirm that if the JDBC Appender is being used it is not configured to use any protocol other than Java.\n- Note that only the log4j-core JAR file is impacted by this vulnerability. Applications using only the log4j-api JAR file without the log4j-core JAR file are not impacted by this vulnerability.",
"product_ids": [
"7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-7.redhat_00034.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ecj-1:3.26.0-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ecj-1:3.26.0-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.9-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.9-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-0:5.3.25-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-0:5.3.25-1.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-core-0:5.3.25-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.25-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-envers-0:5.3.25-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-java8-0:5.3.25-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-0:11.0.15-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-commons-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-core-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-15.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-15.Final_redhat_00014.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-15.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-15.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-vfs-0:3.2.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-vfs-0:3.2.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.6-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.4-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-log4j-0:2.17.1-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-log4j-0:2.17.1-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-narayana-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-0:5.11.4-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-narayana-compensations-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-jbosstxbridge-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-jbossxts-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-jts-idlj-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-jts-integration-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-restat-api-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-restat-bridge-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-restat-integration-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-restat-util-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-txframework-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-objectweb-asm-0:9.1.0-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-objectweb-asm-0:9.1.0-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.4-3.GA_redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.4-3.GA_redhat_00011.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.11-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.11-1.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.11-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.4-3.GA_redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.4-3.GA_redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.4-3.GA_redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.4-3.GA_redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-openssl-0:2.2.0-3.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-openssl-0:2.2.0-3.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-openssl-el7-x86_64-0:2.2.0-2.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-openssl-el7-x86_64-0:2.2.0-2.Final_redhat_00002.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-wildfly-openssl-el7-x86_64-debuginfo-0:2.2.0-2.Final_redhat_00002.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-wildfly-openssl-java-0:2.2.0-3.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-xom-0:1.3.7-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-xom-0:1.3.7-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-yasson-0:1.0.10-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-yasson-0:1.0.10-1.redhat_00001.1.el7eap.src"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-7.redhat_00034.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ecj-1:3.26.0-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ecj-1:3.26.0-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.9-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.9-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-0:5.3.25-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-0:5.3.25-1.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-core-0:5.3.25-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.25-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-envers-0:5.3.25-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-java8-0:5.3.25-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-0:11.0.15-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-commons-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-core-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-15.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-15.Final_redhat_00014.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-15.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-15.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-vfs-0:3.2.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-vfs-0:3.2.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.6-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.4-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-log4j-0:2.17.1-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-log4j-0:2.17.1-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-narayana-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-0:5.11.4-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-narayana-compensations-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-jbosstxbridge-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-jbossxts-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-jts-idlj-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-jts-integration-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-restat-api-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-restat-bridge-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-restat-integration-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-restat-util-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-txframework-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-objectweb-asm-0:9.1.0-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-objectweb-asm-0:9.1.0-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.4-3.GA_redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.4-3.GA_redhat_00011.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.11-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.11-1.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.11-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.4-3.GA_redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.4-3.GA_redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.4-3.GA_redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.4-3.GA_redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-openssl-0:2.2.0-3.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-openssl-0:2.2.0-3.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-openssl-el7-x86_64-0:2.2.0-2.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-openssl-el7-x86_64-0:2.2.0-2.Final_redhat_00002.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-wildfly-openssl-el7-x86_64-debuginfo-0:2.2.0-2.Final_redhat_00002.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-wildfly-openssl-java-0:2.2.0-3.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-xom-0:1.3.7-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-xom-0:1.3.7-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-yasson-0:1.0.10-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-yasson-0:1.0.10-1.redhat_00001.1.el7eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "log4j-core: remote code execution via JDBC Appender"
},
{
"cve": "CVE-2021-45046",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2021-12-14T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-7.redhat_00034.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ecj-1:3.26.0-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ecj-1:3.26.0-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.9-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.9-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-0:5.3.25-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-0:5.3.25-1.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-core-0:5.3.25-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.25-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-envers-0:5.3.25-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-java8-0:5.3.25-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-0:11.0.15-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-commons-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-core-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-15.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-15.Final_redhat_00014.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-15.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-15.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-vfs-0:3.2.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-vfs-0:3.2.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.6-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.4-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-narayana-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-0:5.11.4-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-narayana-compensations-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-jbosstxbridge-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-jbossxts-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-jts-idlj-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-jts-integration-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-restat-api-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-restat-bridge-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-restat-integration-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-restat-util-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-txframework-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-objectweb-asm-0:9.1.0-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-objectweb-asm-0:9.1.0-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.4-3.GA_redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.4-3.GA_redhat_00011.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.11-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.11-1.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.11-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.4-3.GA_redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.4-3.GA_redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.4-3.GA_redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.4-3.GA_redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-openssl-0:2.2.0-3.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-openssl-0:2.2.0-3.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-openssl-el7-x86_64-0:2.2.0-2.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-openssl-el7-x86_64-0:2.2.0-2.Final_redhat_00002.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-wildfly-openssl-el7-x86_64-debuginfo-0:2.2.0-2.Final_redhat_00002.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-wildfly-openssl-java-0:2.2.0-3.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-xom-0:1.3.7-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-xom-0:1.3.7-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-yasson-0:1.0.10-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-yasson-0:1.0.10-1.redhat_00001.1.el7eap.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2032580"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Apache Log4j logging library in versions from 2.0.0 and before 2.16.0. A remote attacker with control over Thread Context Map (MDC) input data could craft malicious input using a JNDI Lookup pattern resulting in remote code execution (RCE) in a limited number of environments.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "log4j-core: DoS in log4j 2.x with thread context message pattern and context lookup pattern (incomplete fix for CVE-2021-44228)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Although we have matched Apache\u0027s CVSS score, with the exception of the scope metric which will remain unaltered at \"unchanged\"; as we believe code execution would be at the permission levels of the running JVM and not exceeding that of the original CVE-2021-44228 flaw.\n \nWe have given this vulnerability an impact rating of Moderate, this is because of the unlikely nature of log4j lookup mapping values being derived from attacker controlled values. This is not the default configuration for end-applications using log4j 2.x and would require explicit action from a privileged user (a developer or administrator) to access the vulnerability. \nIn certain non-default configurations, it was found that the fix to address CVE-2021-44228 in Apache Log4j 2.15.0 was insufficient.\n\nThis issue affects the log4j version between 2.0 and 2.15. Log4j 1.x is NOT impacted by this vulnerability. \n\nPrerequisites to exploit this flaw are :\n\n- A remotely accessible endpoint with any protocol (HTTP, TCP, etc) that allows an attacker to send arbitrary data,\n- A log statement in the endpoint that logs the attacker controlled data.\n- Log4j configuration file should be explicitly configured to use a non-default Pattern Layout with a Context Lookup eg. ($${ctx:loginId}) \n\nIn most cases, the mitigation suggested for CVE-2021-44228 (i.e. to set the system property `log4j2.noFormatMsgLookup` to `true) does NOT mitigate this specific vulnerability. \nLog4j 2.16.0 fixes this issue by removing support for message lookup patterns and disabling JNDI functionality by default.\n\nFor Elasticsearch, as shipped in OpenShift 3.11, the \"log4j2.formatMsgNoLookups=true\" system property mitigation is sufficient as there are no included non-standard configurations that allow for exploitation:\n\nhttps://github.com/openshift/openshift-ansible/blob/release-3.11/roles/openshift_logging_elasticsearch/templates/log4j2.properties.j2\n\nhttps://discuss.elastic.co/t/apache-log4j2-remote-code-execution-rce-vulnerability-cve-2021-44228-esa-2021-31/291476\n\nFor CodeReady Studio the fix for this flaw is available on CodeReady Studio 12.21.3 and above versions.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBEAP-7.4:eap7-log4j-0:2.17.1-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-log4j-0:2.17.1-1.redhat_00001.1.el7eap.src"
],
"known_not_affected": [
"7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-7.redhat_00034.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ecj-1:3.26.0-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ecj-1:3.26.0-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.9-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.9-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-0:5.3.25-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-0:5.3.25-1.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-core-0:5.3.25-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.25-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-envers-0:5.3.25-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-java8-0:5.3.25-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-0:11.0.15-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-commons-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-core-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-15.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-15.Final_redhat_00014.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-15.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-15.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-vfs-0:3.2.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-vfs-0:3.2.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.6-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.4-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-narayana-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-0:5.11.4-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-narayana-compensations-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-jbosstxbridge-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-jbossxts-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-jts-idlj-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-jts-integration-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-restat-api-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-restat-bridge-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-restat-integration-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-restat-util-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-txframework-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-objectweb-asm-0:9.1.0-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-objectweb-asm-0:9.1.0-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.4-3.GA_redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.4-3.GA_redhat_00011.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.11-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.11-1.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.11-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.4-3.GA_redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.4-3.GA_redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.4-3.GA_redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.4-3.GA_redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-openssl-0:2.2.0-3.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-openssl-0:2.2.0-3.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-openssl-el7-x86_64-0:2.2.0-2.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-openssl-el7-x86_64-0:2.2.0-2.Final_redhat_00002.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-wildfly-openssl-el7-x86_64-debuginfo-0:2.2.0-2.Final_redhat_00002.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-wildfly-openssl-java-0:2.2.0-3.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-xom-0:1.3.7-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-xom-0:1.3.7-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-yasson-0:1.0.10-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-yasson-0:1.0.10-1.redhat_00001.1.el7eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-45046"
},
{
"category": "external",
"summary": "RHBZ#2032580",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2032580"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-45046",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-45046"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-45046",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-45046"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2021-44228",
"url": "https://access.redhat.com/security/cve/CVE-2021-44228"
},
{
"category": "external",
"summary": "https://logging.apache.org/log4j/2.x/security.html",
"url": "https://logging.apache.org/log4j/2.x/security.html"
},
{
"category": "external",
"summary": "https://www.openwall.com/lists/oss-security/2021/12/14/4",
"url": "https://www.openwall.com/lists/oss-security/2021/12/14/4"
},
{
"category": "external",
"summary": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog",
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
}
],
"release_date": "2021-12-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-04-11T12:59:41+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-JBEAP-7.4:eap7-log4j-0:2.17.1-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-log4j-0:2.17.1-1.redhat_00001.1.el7eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:1296"
},
{
"category": "workaround",
"details": "For Log4j versions up to and including 2.15.0, this issue can be mitigated by removing the JndiLookup class from the classpath (example: zip -q -d log4j-core-*.jar org/apache/logging/log4j/core/lookup/JndiLookup.class).",
"product_ids": [
"7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-7.redhat_00034.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ecj-1:3.26.0-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ecj-1:3.26.0-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.9-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.9-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-0:5.3.25-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-0:5.3.25-1.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-core-0:5.3.25-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.25-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-envers-0:5.3.25-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-java8-0:5.3.25-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-0:11.0.15-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-commons-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-core-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-15.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-15.Final_redhat_00014.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-15.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-15.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-vfs-0:3.2.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-vfs-0:3.2.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.6-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.4-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-log4j-0:2.17.1-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-log4j-0:2.17.1-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-narayana-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-0:5.11.4-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-narayana-compensations-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-jbosstxbridge-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-jbossxts-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-jts-idlj-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-jts-integration-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-restat-api-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-restat-bridge-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-restat-integration-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-restat-util-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-txframework-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-objectweb-asm-0:9.1.0-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-objectweb-asm-0:9.1.0-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.4-3.GA_redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.4-3.GA_redhat_00011.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.11-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.11-1.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.11-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.4-3.GA_redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.4-3.GA_redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.4-3.GA_redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.4-3.GA_redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-openssl-0:2.2.0-3.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-openssl-0:2.2.0-3.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-openssl-el7-x86_64-0:2.2.0-2.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-openssl-el7-x86_64-0:2.2.0-2.Final_redhat_00002.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-wildfly-openssl-el7-x86_64-debuginfo-0:2.2.0-2.Final_redhat_00002.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-wildfly-openssl-java-0:2.2.0-3.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-xom-0:1.3.7-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-xom-0:1.3.7-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-yasson-0:1.0.10-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-yasson-0:1.0.10-1.redhat_00001.1.el7eap.src"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-7.redhat_00034.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ecj-1:3.26.0-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ecj-1:3.26.0-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.9-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.9-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-0:5.3.25-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-0:5.3.25-1.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-core-0:5.3.25-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.25-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-envers-0:5.3.25-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-java8-0:5.3.25-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-0:11.0.15-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-commons-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-core-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-15.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-15.Final_redhat_00014.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-15.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-15.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-vfs-0:3.2.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-vfs-0:3.2.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.6-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.4-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-log4j-0:2.17.1-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-log4j-0:2.17.1-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-narayana-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-0:5.11.4-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-narayana-compensations-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-jbosstxbridge-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-jbossxts-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-jts-idlj-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-jts-integration-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-restat-api-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-restat-bridge-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-restat-integration-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-restat-util-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-txframework-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-objectweb-asm-0:9.1.0-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-objectweb-asm-0:9.1.0-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.4-3.GA_redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.4-3.GA_redhat_00011.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.11-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.11-1.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.11-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.4-3.GA_redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.4-3.GA_redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.4-3.GA_redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.4-3.GA_redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-openssl-0:2.2.0-3.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-openssl-0:2.2.0-3.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-openssl-el7-x86_64-0:2.2.0-2.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-openssl-el7-x86_64-0:2.2.0-2.Final_redhat_00002.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-wildfly-openssl-el7-x86_64-debuginfo-0:2.2.0-2.Final_redhat_00002.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-wildfly-openssl-java-0:2.2.0-3.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-xom-0:1.3.7-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-xom-0:1.3.7-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-yasson-0:1.0.10-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-yasson-0:1.0.10-1.redhat_00001.1.el7eap.src"
]
}
],
"threats": [
{
"category": "exploit_status",
"date": "2023-05-01T00:00:00+00:00",
"details": "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
},
{
"category": "impact",
"details": "Low"
}
],
"title": "log4j-core: DoS in log4j 2.x with thread context message pattern and context lookup pattern (incomplete fix for CVE-2021-44228)"
},
{
"cve": "CVE-2021-45105",
"cwe": {
"id": "CWE-674",
"name": "Uncontrolled Recursion"
},
"discovery_date": "2021-12-19T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-7.redhat_00034.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ecj-1:3.26.0-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ecj-1:3.26.0-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.9-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.9-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-0:5.3.25-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-0:5.3.25-1.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-core-0:5.3.25-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.25-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-envers-0:5.3.25-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-java8-0:5.3.25-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-0:11.0.15-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-commons-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-core-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-15.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-15.Final_redhat_00014.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-15.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-15.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-vfs-0:3.2.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-vfs-0:3.2.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.6-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.4-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-narayana-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-0:5.11.4-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-narayana-compensations-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-jbosstxbridge-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-jbossxts-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-jts-idlj-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-jts-integration-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-restat-api-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-restat-bridge-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-restat-integration-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-restat-util-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-txframework-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-objectweb-asm-0:9.1.0-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-objectweb-asm-0:9.1.0-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.4-3.GA_redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.4-3.GA_redhat_00011.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.11-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.11-1.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.11-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.4-3.GA_redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.4-3.GA_redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.4-3.GA_redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.4-3.GA_redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-openssl-0:2.2.0-3.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-openssl-0:2.2.0-3.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-openssl-el7-x86_64-0:2.2.0-2.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-openssl-el7-x86_64-0:2.2.0-2.Final_redhat_00002.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-wildfly-openssl-el7-x86_64-debuginfo-0:2.2.0-2.Final_redhat_00002.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-wildfly-openssl-java-0:2.2.0-3.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-xom-0:1.3.7-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-xom-0:1.3.7-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-yasson-0:1.0.10-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-yasson-0:1.0.10-1.redhat_00001.1.el7eap.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2034067"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Apache Log4j logging library 2.x. when the logging configuration uses a non-default Pattern Layout with a Context Lookup. Attackers with control over Thread Context Map (MDC) input data can craft malicious input data that contains a recursive lookup and can cause Denial of Service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "log4j-core: DoS in log4j 2.x with Thread Context Map (MDC) input data contains a recursive lookup and context lookup pattern",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Product Security has performed an analysis of this flaw and has classified the Attack Complexity(AC) as High because there are multiple factors involved which are beyond attacker\u0027s control:\n\n- The application has to use the logging configuration using a Context Map Lookup (for example, $${ctx:loginId}) which is a non-default Pattern Layout.\n- The application developer has to use the map org.apache.logging.log4j.ThreadContext in the application code and save at-least one key (for example, ThreadContext.put(\"loginId\", \"myId\");) in the ThreadContext map object.\n- Attackers must also know this saved key name in order to exploit this flaw.\n\nNote that saving keys in this map is a non-essential usage of log4j and just an optional feature provided. Refer to https://logging.apache.org/log4j/2.x/manual/lookups.html#ContextMapLookup to know more about the Context Map Lookup feature of Log4j.\n\nLog4j 1.x is not impacted by this vulnerability. Note that only the log4j-core JAR file is impacted by this vulnerability. Applications using ONLY the log4j-api JAR file without the log4j-core JAR file are NOT impacted by this vulnerability.\n\n\nDespite including a vulnerable version of Log4j 2.x, this vulnerability is not exploitable in Elasticsearch[0], as shipped in OpenShift Container Platform and OpenShift Logging. OpenShift 3.11 specifically does not contain any context lookups:\n\nhttps://github.com/openshift/openshift-ansible/blob/release-3.11/roles/openshift_logging_elasticsearch/templates/log4j2.properties.j2\n\nThis vulnerability is therefore rated Low for Elasticsearch in OpenShift Container Platform and OpenShift Logging.\n\n[0] https://discuss.elastic.co/t/apache-log4j2-remote-code-execution-rce-vulnerability-cve-2021-44228-esa-2021-31/291476#update-december-18-4",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBEAP-7.4:eap7-log4j-0:2.17.1-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-log4j-0:2.17.1-1.redhat_00001.1.el7eap.src"
],
"known_not_affected": [
"7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-7.redhat_00034.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ecj-1:3.26.0-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ecj-1:3.26.0-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.9-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.9-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-0:5.3.25-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-0:5.3.25-1.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-core-0:5.3.25-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.25-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-envers-0:5.3.25-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-java8-0:5.3.25-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-0:11.0.15-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-commons-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-core-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-15.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-15.Final_redhat_00014.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-15.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-15.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-vfs-0:3.2.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-vfs-0:3.2.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.6-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.4-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-narayana-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-0:5.11.4-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-narayana-compensations-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-jbosstxbridge-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-jbossxts-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-jts-idlj-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-jts-integration-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-restat-api-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-restat-bridge-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-restat-integration-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-restat-util-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-txframework-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-objectweb-asm-0:9.1.0-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-objectweb-asm-0:9.1.0-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.4-3.GA_redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.4-3.GA_redhat_00011.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.11-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.11-1.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.11-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.4-3.GA_redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.4-3.GA_redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.4-3.GA_redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.4-3.GA_redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-openssl-0:2.2.0-3.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-openssl-0:2.2.0-3.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-openssl-el7-x86_64-0:2.2.0-2.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-openssl-el7-x86_64-0:2.2.0-2.Final_redhat_00002.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-wildfly-openssl-el7-x86_64-debuginfo-0:2.2.0-2.Final_redhat_00002.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-wildfly-openssl-java-0:2.2.0-3.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-xom-0:1.3.7-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-xom-0:1.3.7-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-yasson-0:1.0.10-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-yasson-0:1.0.10-1.redhat_00001.1.el7eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-45105"
},
{
"category": "external",
"summary": "RHBZ#2034067",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2034067"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-45105",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-45105"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-45105",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-45105"
},
{
"category": "external",
"summary": "https://issues.apache.org/jira/browse/LOG4J2-3230",
"url": "https://issues.apache.org/jira/browse/LOG4J2-3230"
},
{
"category": "external",
"summary": "https://logging.apache.org/log4j/2.x/security.html",
"url": "https://logging.apache.org/log4j/2.x/security.html"
},
{
"category": "external",
"summary": "https://www.openwall.com/lists/oss-security/2021/12/19/1",
"url": "https://www.openwall.com/lists/oss-security/2021/12/19/1"
}
],
"release_date": "2021-12-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-04-11T12:59:41+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-JBEAP-7.4:eap7-log4j-0:2.17.1-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-log4j-0:2.17.1-1.redhat_00001.1.el7eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:1296"
},
{
"category": "workaround",
"details": "For Log4j 2 versions up to and including 2.16.0, this flaw can be mitigated by:\n- In PatternLayout in the Log4j logging configuration, replace Context Lookups like ${ctx:loginId} or $${ctx:loginId} with Thread Context Map patterns (%X, %mdc, or %MDC) like %X{loginId}.\n- Otherwise, in the Log4j logging configuration, remove references to Context Lookups like ${ctx:loginId} or $${ctx:loginId} where they originate from sources external to the application such as HTTP headers or user input.",
"product_ids": [
"7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-7.redhat_00034.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ecj-1:3.26.0-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ecj-1:3.26.0-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.9-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.9-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-0:5.3.25-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-0:5.3.25-1.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-core-0:5.3.25-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.25-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-envers-0:5.3.25-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-java8-0:5.3.25-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-0:11.0.15-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-commons-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-core-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-15.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-15.Final_redhat_00014.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-15.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-15.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-vfs-0:3.2.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-vfs-0:3.2.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.6-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.4-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-log4j-0:2.17.1-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-log4j-0:2.17.1-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-narayana-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-0:5.11.4-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-narayana-compensations-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-jbosstxbridge-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-jbossxts-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-jts-idlj-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-jts-integration-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-restat-api-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-restat-bridge-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-restat-integration-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-restat-util-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-txframework-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-objectweb-asm-0:9.1.0-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-objectweb-asm-0:9.1.0-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.4-3.GA_redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.4-3.GA_redhat_00011.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.11-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.11-1.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.11-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.4-3.GA_redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.4-3.GA_redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.4-3.GA_redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.4-3.GA_redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-openssl-0:2.2.0-3.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-openssl-0:2.2.0-3.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-openssl-el7-x86_64-0:2.2.0-2.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-openssl-el7-x86_64-0:2.2.0-2.Final_redhat_00002.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-wildfly-openssl-el7-x86_64-debuginfo-0:2.2.0-2.Final_redhat_00002.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-wildfly-openssl-java-0:2.2.0-3.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-xom-0:1.3.7-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-xom-0:1.3.7-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-yasson-0:1.0.10-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-yasson-0:1.0.10-1.redhat_00001.1.el7eap.src"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-7.redhat_00034.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ecj-1:3.26.0-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ecj-1:3.26.0-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.9-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.9-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-0:5.3.25-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-0:5.3.25-1.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-core-0:5.3.25-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.25-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-envers-0:5.3.25-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-java8-0:5.3.25-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-0:11.0.15-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-commons-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-core-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-15.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-15.Final_redhat_00014.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-15.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-15.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-vfs-0:3.2.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-vfs-0:3.2.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.6-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.4-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-log4j-0:2.17.1-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-log4j-0:2.17.1-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-narayana-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-0:5.11.4-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-narayana-compensations-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-jbosstxbridge-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-jbossxts-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-jts-idlj-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-jts-integration-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-restat-api-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-restat-bridge-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-restat-integration-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-restat-util-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-txframework-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-objectweb-asm-0:9.1.0-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-objectweb-asm-0:9.1.0-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.4-3.GA_redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.4-3.GA_redhat_00011.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.11-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.11-1.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.11-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.4-3.GA_redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.4-3.GA_redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.4-3.GA_redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.4-3.GA_redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-openssl-0:2.2.0-3.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-openssl-0:2.2.0-3.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-openssl-el7-x86_64-0:2.2.0-2.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-openssl-el7-x86_64-0:2.2.0-2.Final_redhat_00002.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-wildfly-openssl-el7-x86_64-debuginfo-0:2.2.0-2.Final_redhat_00002.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-wildfly-openssl-java-0:2.2.0-3.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-xom-0:1.3.7-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-xom-0:1.3.7-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-yasson-0:1.0.10-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-yasson-0:1.0.10-1.redhat_00001.1.el7eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "log4j-core: DoS in log4j 2.x with Thread Context Map (MDC) input data contains a recursive lookup and context lookup pattern"
},
{
"cve": "CVE-2022-23302",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2022-01-18T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-7.redhat_00034.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ecj-1:3.26.0-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ecj-1:3.26.0-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.9-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.9-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-0:5.3.25-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-0:5.3.25-1.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-core-0:5.3.25-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.25-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-envers-0:5.3.25-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-java8-0:5.3.25-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-0:11.0.15-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-commons-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-core-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-15.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-15.Final_redhat_00014.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-15.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-15.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-vfs-0:3.2.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-vfs-0:3.2.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.6-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.4-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-narayana-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-0:5.11.4-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-narayana-compensations-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-jbosstxbridge-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-jbossxts-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-jts-idlj-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-jts-integration-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-restat-api-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-restat-bridge-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-restat-integration-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-restat-util-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-txframework-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-objectweb-asm-0:9.1.0-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-objectweb-asm-0:9.1.0-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.4-3.GA_redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.4-3.GA_redhat_00011.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.11-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.11-1.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.11-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.4-3.GA_redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.4-3.GA_redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.4-3.GA_redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.4-3.GA_redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-openssl-0:2.2.0-3.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-openssl-0:2.2.0-3.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-openssl-el7-x86_64-0:2.2.0-2.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-openssl-el7-x86_64-0:2.2.0-2.Final_redhat_00002.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-wildfly-openssl-el7-x86_64-debuginfo-0:2.2.0-2.Final_redhat_00002.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-wildfly-openssl-java-0:2.2.0-3.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-xom-0:1.3.7-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-xom-0:1.3.7-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-yasson-0:1.0.10-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-yasson-0:1.0.10-1.redhat_00001.1.el7eap.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2041949"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Java logging library Apache Log4j in version 1.x. JMSSink in Log4j 1.x is vulnerable to deserialization of untrusted data. This allows a remote attacker to execute code on the server if JMSSink is deployed and has been configured to perform JNDI requests.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "log4j: Remote code execution in Log4j 1.x when application is configured to use JMSSink",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Note this flaw ONLY affects applications which are specifically configured to use JMSSink, which is not the default, or when the attacker has write access to the Log4j configuration for adding JMSSink to the attacker\u0027s JNDI LDAP endpoint.\n\nRed Hat Satellite bundles log4j-over-slf4j with Candlepin, however, product is not affected as it uses logback framework for logging.\n\nRed Hat Virtualization and OpenShift Container Platform in the OCP Metering stack (the Hive/Presto/Hadoop components) ship a vulnerable version of the log4j package, however JMSSink is not used. Therefore the impact of this vulnerability for these products is rated Low.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBEAP-7.4:eap7-log4j-0:2.17.1-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-log4j-0:2.17.1-1.redhat_00001.1.el7eap.src"
],
"known_not_affected": [
"7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-7.redhat_00034.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ecj-1:3.26.0-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ecj-1:3.26.0-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.9-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.9-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-0:5.3.25-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-0:5.3.25-1.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-core-0:5.3.25-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.25-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-envers-0:5.3.25-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-java8-0:5.3.25-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-0:11.0.15-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-commons-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-core-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-15.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-15.Final_redhat_00014.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-15.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-15.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-vfs-0:3.2.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-vfs-0:3.2.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.6-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.4-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-narayana-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-0:5.11.4-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-narayana-compensations-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-jbosstxbridge-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-jbossxts-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-jts-idlj-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-jts-integration-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-restat-api-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-restat-bridge-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-restat-integration-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-restat-util-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-txframework-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-objectweb-asm-0:9.1.0-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-objectweb-asm-0:9.1.0-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.4-3.GA_redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.4-3.GA_redhat_00011.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.11-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.11-1.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.11-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.4-3.GA_redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.4-3.GA_redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.4-3.GA_redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.4-3.GA_redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-openssl-0:2.2.0-3.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-openssl-0:2.2.0-3.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-openssl-el7-x86_64-0:2.2.0-2.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-openssl-el7-x86_64-0:2.2.0-2.Final_redhat_00002.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-wildfly-openssl-el7-x86_64-debuginfo-0:2.2.0-2.Final_redhat_00002.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-wildfly-openssl-java-0:2.2.0-3.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-xom-0:1.3.7-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-xom-0:1.3.7-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-yasson-0:1.0.10-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-yasson-0:1.0.10-1.redhat_00001.1.el7eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-23302"
},
{
"category": "external",
"summary": "RHBZ#2041949",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2041949"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-23302",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23302"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-23302",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-23302"
},
{
"category": "external",
"summary": "https://www.openwall.com/lists/oss-security/2022/01/18/3",
"url": "https://www.openwall.com/lists/oss-security/2022/01/18/3"
}
],
"release_date": "2022-01-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-04-11T12:59:41+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-JBEAP-7.4:eap7-log4j-0:2.17.1-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-log4j-0:2.17.1-1.redhat_00001.1.el7eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:1296"
},
{
"category": "workaround",
"details": "These are the possible mitigations for this flaw for releases version 1.x:\n\n- Comment out or remove JMSSink in the Log4j configuration if it is used\n- Remove the JMSSink class from the server\u0027s jar files. For example:\n```\nzip -q -d log4j-*.jar org/apache/log4j/net/JMSSink.class\n```\n- Restrict access for the OS user on the platform running the application to prevent modifying the Log4j configuration by the attacker.",
"product_ids": [
"7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-7.redhat_00034.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ecj-1:3.26.0-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ecj-1:3.26.0-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.9-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.9-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-0:5.3.25-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-0:5.3.25-1.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-core-0:5.3.25-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.25-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-envers-0:5.3.25-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-java8-0:5.3.25-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-0:11.0.15-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-commons-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-core-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-15.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-15.Final_redhat_00014.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-15.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-15.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-vfs-0:3.2.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-vfs-0:3.2.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.6-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.4-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-log4j-0:2.17.1-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-log4j-0:2.17.1-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-narayana-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-0:5.11.4-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-narayana-compensations-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-jbosstxbridge-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-jbossxts-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-jts-idlj-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-jts-integration-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-restat-api-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-restat-bridge-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-restat-integration-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-restat-util-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-txframework-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-objectweb-asm-0:9.1.0-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-objectweb-asm-0:9.1.0-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.4-3.GA_redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.4-3.GA_redhat_00011.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.11-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.11-1.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.11-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.4-3.GA_redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.4-3.GA_redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.4-3.GA_redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.4-3.GA_redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-openssl-0:2.2.0-3.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-openssl-0:2.2.0-3.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-openssl-el7-x86_64-0:2.2.0-2.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-openssl-el7-x86_64-0:2.2.0-2.Final_redhat_00002.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-wildfly-openssl-el7-x86_64-debuginfo-0:2.2.0-2.Final_redhat_00002.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-wildfly-openssl-java-0:2.2.0-3.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-xom-0:1.3.7-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-xom-0:1.3.7-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-yasson-0:1.0.10-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-yasson-0:1.0.10-1.redhat_00001.1.el7eap.src"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-7.redhat_00034.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ecj-1:3.26.0-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ecj-1:3.26.0-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.9-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.9-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-0:5.3.25-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-0:5.3.25-1.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-core-0:5.3.25-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.25-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-envers-0:5.3.25-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-java8-0:5.3.25-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-0:11.0.15-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-commons-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-core-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-15.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-15.Final_redhat_00014.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-15.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-15.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-vfs-0:3.2.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-vfs-0:3.2.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.6-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.4-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-log4j-0:2.17.1-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-log4j-0:2.17.1-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-narayana-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-0:5.11.4-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-narayana-compensations-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-jbosstxbridge-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-jbossxts-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-jts-idlj-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-jts-integration-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-restat-api-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-restat-bridge-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-restat-integration-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-restat-util-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-txframework-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-objectweb-asm-0:9.1.0-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-objectweb-asm-0:9.1.0-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.4-3.GA_redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.4-3.GA_redhat_00011.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.11-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.11-1.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.11-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.4-3.GA_redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.4-3.GA_redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.4-3.GA_redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.4-3.GA_redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-openssl-0:2.2.0-3.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-openssl-0:2.2.0-3.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-openssl-el7-x86_64-0:2.2.0-2.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-openssl-el7-x86_64-0:2.2.0-2.Final_redhat_00002.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-wildfly-openssl-el7-x86_64-debuginfo-0:2.2.0-2.Final_redhat_00002.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-wildfly-openssl-java-0:2.2.0-3.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-xom-0:1.3.7-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-xom-0:1.3.7-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-yasson-0:1.0.10-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-yasson-0:1.0.10-1.redhat_00001.1.el7eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "log4j: Remote code execution in Log4j 1.x when application is configured to use JMSSink"
},
{
"cve": "CVE-2022-23305",
"cwe": {
"id": "CWE-89",
"name": "Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)"
},
"discovery_date": "2022-01-18T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-7.redhat_00034.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ecj-1:3.26.0-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ecj-1:3.26.0-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.9-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.9-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-0:5.3.25-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-0:5.3.25-1.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-core-0:5.3.25-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.25-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-envers-0:5.3.25-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-java8-0:5.3.25-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-0:11.0.15-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-commons-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-core-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-15.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-15.Final_redhat_00014.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-15.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-15.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-vfs-0:3.2.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-vfs-0:3.2.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.6-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.4-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-narayana-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-0:5.11.4-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-narayana-compensations-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-jbosstxbridge-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-jbossxts-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-jts-idlj-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-jts-integration-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-restat-api-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-restat-bridge-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-restat-integration-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-restat-util-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-txframework-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-objectweb-asm-0:9.1.0-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-objectweb-asm-0:9.1.0-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.4-3.GA_redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.4-3.GA_redhat_00011.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.11-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.11-1.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.11-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.4-3.GA_redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.4-3.GA_redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.4-3.GA_redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.4-3.GA_redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-openssl-0:2.2.0-3.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-openssl-0:2.2.0-3.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-openssl-el7-x86_64-0:2.2.0-2.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-openssl-el7-x86_64-0:2.2.0-2.Final_redhat_00002.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-wildfly-openssl-el7-x86_64-debuginfo-0:2.2.0-2.Final_redhat_00002.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-wildfly-openssl-java-0:2.2.0-3.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-xom-0:1.3.7-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-xom-0:1.3.7-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-yasson-0:1.0.10-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-yasson-0:1.0.10-1.redhat_00001.1.el7eap.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2041959"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Java logging library Apache Log4j in version 1.x. JDBCAppender in Log4j 1.x is vulnerable to SQL injection in untrusted data. This allows a remote attacker to run SQL statements in the database if the deployed application is configured to use JDBCAppender with certain interpolation tokens.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "log4j: SQL injection in Log4j 1.x when application is configured to use JDBCAppender",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Note this issue only affects Log4j 1.x when specifically configured to use the JDBCAppender, which is not the default.\n\nRed Hat Satellite bundles log4j-over-slf4j with Candlepin, however, product is not affected as it uses logback framework for logging.\n\nRed Hat Virtualization and OpenShift Container Platform in the OCP Metering stack (the Hive/Presto/Hadoop components) ship a vulnerable version of the log4j package, however JDBCAppender is not used. Therefore the impact of this vulnerability for these products is rated Low.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBEAP-7.4:eap7-log4j-0:2.17.1-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-log4j-0:2.17.1-1.redhat_00001.1.el7eap.src"
],
"known_not_affected": [
"7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-7.redhat_00034.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ecj-1:3.26.0-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ecj-1:3.26.0-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.9-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.9-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-0:5.3.25-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-0:5.3.25-1.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-core-0:5.3.25-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.25-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-envers-0:5.3.25-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-java8-0:5.3.25-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-0:11.0.15-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-commons-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-core-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-15.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-15.Final_redhat_00014.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-15.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-15.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-vfs-0:3.2.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-vfs-0:3.2.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.6-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.4-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-narayana-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-0:5.11.4-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-narayana-compensations-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-jbosstxbridge-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-jbossxts-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-jts-idlj-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-jts-integration-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-restat-api-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-restat-bridge-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-restat-integration-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-restat-util-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-txframework-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-objectweb-asm-0:9.1.0-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-objectweb-asm-0:9.1.0-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.4-3.GA_redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.4-3.GA_redhat_00011.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.11-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.11-1.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.11-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.4-3.GA_redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.4-3.GA_redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.4-3.GA_redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.4-3.GA_redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-openssl-0:2.2.0-3.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-openssl-0:2.2.0-3.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-openssl-el7-x86_64-0:2.2.0-2.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-openssl-el7-x86_64-0:2.2.0-2.Final_redhat_00002.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-wildfly-openssl-el7-x86_64-debuginfo-0:2.2.0-2.Final_redhat_00002.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-wildfly-openssl-java-0:2.2.0-3.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-xom-0:1.3.7-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-xom-0:1.3.7-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-yasson-0:1.0.10-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-yasson-0:1.0.10-1.redhat_00001.1.el7eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-23305"
},
{
"category": "external",
"summary": "RHBZ#2041959",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2041959"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-23305",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23305"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-23305",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-23305"
},
{
"category": "external",
"summary": "https://www.openwall.com/lists/oss-security/2022/01/18/4",
"url": "https://www.openwall.com/lists/oss-security/2022/01/18/4"
}
],
"release_date": "2022-01-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-04-11T12:59:41+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-JBEAP-7.4:eap7-log4j-0:2.17.1-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-log4j-0:2.17.1-1.redhat_00001.1.el7eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:1296"
},
{
"category": "workaround",
"details": "These are the possible mitigations for this flaw for releases version 1.x:\n\n- Comment out or remove JDBCAppender in the Log4j configuration if it is used\n- Remove the JDBCAppender class from the server\u0027s jar files. For example:\n```\nzip -q -d log4j-*.jar org/apache/log4j/jdbc/JDBCAppender.class\n```",
"product_ids": [
"7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-7.redhat_00034.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ecj-1:3.26.0-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ecj-1:3.26.0-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.9-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.9-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-0:5.3.25-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-0:5.3.25-1.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-core-0:5.3.25-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.25-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-envers-0:5.3.25-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-java8-0:5.3.25-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-0:11.0.15-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-commons-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-core-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-15.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-15.Final_redhat_00014.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-15.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-15.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-vfs-0:3.2.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-vfs-0:3.2.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.6-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.4-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-log4j-0:2.17.1-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-log4j-0:2.17.1-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-narayana-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-0:5.11.4-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-narayana-compensations-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-jbosstxbridge-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-jbossxts-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-jts-idlj-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-jts-integration-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-restat-api-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-restat-bridge-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-restat-integration-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-restat-util-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-txframework-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-objectweb-asm-0:9.1.0-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-objectweb-asm-0:9.1.0-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.4-3.GA_redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.4-3.GA_redhat_00011.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.11-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.11-1.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.11-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.4-3.GA_redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.4-3.GA_redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.4-3.GA_redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.4-3.GA_redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-openssl-0:2.2.0-3.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-openssl-0:2.2.0-3.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-openssl-el7-x86_64-0:2.2.0-2.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-openssl-el7-x86_64-0:2.2.0-2.Final_redhat_00002.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-wildfly-openssl-el7-x86_64-debuginfo-0:2.2.0-2.Final_redhat_00002.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-wildfly-openssl-java-0:2.2.0-3.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-xom-0:1.3.7-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-xom-0:1.3.7-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-yasson-0:1.0.10-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-yasson-0:1.0.10-1.redhat_00001.1.el7eap.src"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-7.redhat_00034.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ecj-1:3.26.0-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ecj-1:3.26.0-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.9-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.9-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-0:5.3.25-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-0:5.3.25-1.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-core-0:5.3.25-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.25-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-envers-0:5.3.25-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-java8-0:5.3.25-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-0:11.0.15-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-commons-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-core-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-15.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-15.Final_redhat_00014.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-15.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-15.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-vfs-0:3.2.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-vfs-0:3.2.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.6-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.4-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-log4j-0:2.17.1-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-log4j-0:2.17.1-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-narayana-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-0:5.11.4-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-narayana-compensations-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-jbosstxbridge-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-jbossxts-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-jts-idlj-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-jts-integration-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-restat-api-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-restat-bridge-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-restat-integration-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-restat-util-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-txframework-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-objectweb-asm-0:9.1.0-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-objectweb-asm-0:9.1.0-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.4-3.GA_redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.4-3.GA_redhat_00011.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.11-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.11-1.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.11-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.4-3.GA_redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.4-3.GA_redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.4-3.GA_redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.4-3.GA_redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-openssl-0:2.2.0-3.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-openssl-0:2.2.0-3.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-openssl-el7-x86_64-0:2.2.0-2.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-openssl-el7-x86_64-0:2.2.0-2.Final_redhat_00002.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-wildfly-openssl-el7-x86_64-debuginfo-0:2.2.0-2.Final_redhat_00002.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-wildfly-openssl-java-0:2.2.0-3.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-xom-0:1.3.7-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-xom-0:1.3.7-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-yasson-0:1.0.10-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-yasson-0:1.0.10-1.redhat_00001.1.el7eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "log4j: SQL injection in Log4j 1.x when application is configured to use JDBCAppender"
},
{
"cve": "CVE-2022-23307",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2022-01-18T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-7.redhat_00034.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ecj-1:3.26.0-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ecj-1:3.26.0-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.9-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.9-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-0:5.3.25-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-0:5.3.25-1.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-core-0:5.3.25-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.25-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-envers-0:5.3.25-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-java8-0:5.3.25-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-0:11.0.15-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-commons-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-core-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-15.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-15.Final_redhat_00014.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-15.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-15.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-vfs-0:3.2.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-vfs-0:3.2.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.6-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.4-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-narayana-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-0:5.11.4-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-narayana-compensations-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-jbosstxbridge-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-jbossxts-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-jts-idlj-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-jts-integration-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-restat-api-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-restat-bridge-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-restat-integration-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-restat-util-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-txframework-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-objectweb-asm-0:9.1.0-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-objectweb-asm-0:9.1.0-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.4-3.GA_redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.4-3.GA_redhat_00011.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.11-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.11-1.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.11-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.4-3.GA_redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.4-3.GA_redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.4-3.GA_redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.4-3.GA_redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-openssl-0:2.2.0-3.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-openssl-0:2.2.0-3.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-openssl-el7-x86_64-0:2.2.0-2.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-openssl-el7-x86_64-0:2.2.0-2.Final_redhat_00002.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-wildfly-openssl-el7-x86_64-debuginfo-0:2.2.0-2.Final_redhat_00002.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-wildfly-openssl-java-0:2.2.0-3.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-xom-0:1.3.7-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-xom-0:1.3.7-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-yasson-0:1.0.10-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-yasson-0:1.0.10-1.redhat_00001.1.el7eap.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2041967"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the log4j 1.x chainsaw component, where the contents of certain log entries are deserialized and possibly permit code execution. This flaw allows an attacker to send a malicious request with serialized data to the server to be deserialized when the chainsaw component is run.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "log4j: Unsafe deserialization flaw in Chainsaw log viewer",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Chainsaw is a standalone graphical user interface for viewing log entries in log4j. This flaw may be bypassed by using other available means to access log entries.\n\nRed Hat Satellite bundles log4j-over-slf4j with Candlepin, however, product is not affected as it uses logback framework for logging.\n\nRed Hat Virtualization ships a vulnerable version of the log4j package, however chainsaw is not part of typical use cases. An attacker looking to exploit this would need to not only be able to generate a malicious log entry, but also have the necessary access and permissions to start chainsaw on the engine node. Therefore the impact of this vulnerability for Red Hat Virtualization is rated Low.\n\nSimilar to Red Hat Virtualization in OpenShift Container Platform (OCP), the Hive/Presto/Hadoop components that comprise the OCP Metering stack, ship the vulnerable version of log4j package, however vulnerable chainsaw component is not used by default. Therefore the impact to OCP is reduced to Low.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBEAP-7.4:eap7-log4j-0:2.17.1-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-log4j-0:2.17.1-1.redhat_00001.1.el7eap.src"
],
"known_not_affected": [
"7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-7.redhat_00034.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ecj-1:3.26.0-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ecj-1:3.26.0-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.9-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.9-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-0:5.3.25-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-0:5.3.25-1.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-core-0:5.3.25-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.25-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-envers-0:5.3.25-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-java8-0:5.3.25-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-0:11.0.15-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-commons-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-core-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-15.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-15.Final_redhat_00014.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-15.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-15.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-vfs-0:3.2.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-vfs-0:3.2.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.6-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.4-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-narayana-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-0:5.11.4-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-narayana-compensations-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-jbosstxbridge-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-jbossxts-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-jts-idlj-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-jts-integration-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-restat-api-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-restat-bridge-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-restat-integration-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-restat-util-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-txframework-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-objectweb-asm-0:9.1.0-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-objectweb-asm-0:9.1.0-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.4-3.GA_redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.4-3.GA_redhat_00011.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.11-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.11-1.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.11-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.4-3.GA_redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.4-3.GA_redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.4-3.GA_redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.4-3.GA_redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-openssl-0:2.2.0-3.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-openssl-0:2.2.0-3.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-openssl-el7-x86_64-0:2.2.0-2.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-openssl-el7-x86_64-0:2.2.0-2.Final_redhat_00002.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-wildfly-openssl-el7-x86_64-debuginfo-0:2.2.0-2.Final_redhat_00002.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-wildfly-openssl-java-0:2.2.0-3.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-xom-0:1.3.7-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-xom-0:1.3.7-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-yasson-0:1.0.10-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-yasson-0:1.0.10-1.redhat_00001.1.el7eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-23307"
},
{
"category": "external",
"summary": "RHBZ#2041967",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2041967"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-23307",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23307"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-23307",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-23307"
},
{
"category": "external",
"summary": "https://www.openwall.com/lists/oss-security/2022/01/18/5",
"url": "https://www.openwall.com/lists/oss-security/2022/01/18/5"
}
],
"release_date": "2022-01-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-04-11T12:59:41+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-JBEAP-7.4:eap7-log4j-0:2.17.1-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-log4j-0:2.17.1-1.redhat_00001.1.el7eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:1296"
},
{
"category": "workaround",
"details": "These are the mitigations available for this flaw for log4j 1.x:\n- Avoid using Chainsaw to view logs, and instead use some other utility, especially if there is a log view available within the product itself.\n- Remove the Chainsaw classes from the log4j jar files. For example:\n```\nzip -q -d log4j-*.jar org/apache/log4j/chainsaw/*\n```\n(log4j jars may be nested in zip archives within product)",
"product_ids": [
"7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-7.redhat_00034.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ecj-1:3.26.0-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ecj-1:3.26.0-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.9-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.9-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-0:5.3.25-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-0:5.3.25-1.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-core-0:5.3.25-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.25-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-envers-0:5.3.25-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-java8-0:5.3.25-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-0:11.0.15-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-commons-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-core-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-15.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-15.Final_redhat_00014.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-15.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-15.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-vfs-0:3.2.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-vfs-0:3.2.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.6-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.4-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-log4j-0:2.17.1-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-log4j-0:2.17.1-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-narayana-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-0:5.11.4-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-narayana-compensations-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-jbosstxbridge-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-jbossxts-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-jts-idlj-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-jts-integration-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-restat-api-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-restat-bridge-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-restat-integration-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-restat-util-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-txframework-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-objectweb-asm-0:9.1.0-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-objectweb-asm-0:9.1.0-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.4-3.GA_redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.4-3.GA_redhat_00011.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.11-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.11-1.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.11-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.4-3.GA_redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.4-3.GA_redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.4-3.GA_redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.4-3.GA_redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-openssl-0:2.2.0-3.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-openssl-0:2.2.0-3.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-openssl-el7-x86_64-0:2.2.0-2.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-openssl-el7-x86_64-0:2.2.0-2.Final_redhat_00002.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-wildfly-openssl-el7-x86_64-debuginfo-0:2.2.0-2.Final_redhat_00002.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-wildfly-openssl-java-0:2.2.0-3.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-xom-0:1.3.7-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-xom-0:1.3.7-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-yasson-0:1.0.10-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-yasson-0:1.0.10-1.redhat_00001.1.el7eap.src"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-7.redhat_00034.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ecj-1:3.26.0-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ecj-1:3.26.0-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.9-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.9-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-0:5.3.25-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-0:5.3.25-1.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-core-0:5.3.25-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.25-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-envers-0:5.3.25-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-java8-0:5.3.25-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-0:11.0.15-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-commons-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-core-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-15.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-15.Final_redhat_00014.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-15.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-15.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-vfs-0:3.2.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-vfs-0:3.2.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.6-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.4-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-log4j-0:2.17.1-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-log4j-0:2.17.1-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-narayana-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-0:5.11.4-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-narayana-compensations-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-jbosstxbridge-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-jbossxts-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-jts-idlj-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-jts-integration-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-restat-api-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-restat-bridge-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-restat-integration-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-restat-util-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-txframework-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-objectweb-asm-0:9.1.0-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-objectweb-asm-0:9.1.0-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.4-3.GA_redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.4-3.GA_redhat_00011.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.11-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.11-1.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.11-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.4-3.GA_redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.4-3.GA_redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.4-3.GA_redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.4-3.GA_redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-openssl-0:2.2.0-3.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-openssl-0:2.2.0-3.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-openssl-el7-x86_64-0:2.2.0-2.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-openssl-el7-x86_64-0:2.2.0-2.Final_redhat_00002.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-wildfly-openssl-el7-x86_64-debuginfo-0:2.2.0-2.Final_redhat_00002.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-wildfly-openssl-java-0:2.2.0-3.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-xom-0:1.3.7-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-xom-0:1.3.7-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-yasson-0:1.0.10-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-yasson-0:1.0.10-1.redhat_00001.1.el7eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "log4j: Unsafe deserialization flaw in Chainsaw log viewer"
}
]
}
RHSA-2022_0225
Vulnerability from csaf_redhat - Published: 2022-01-20 21:09 - Updated: 2024-11-24 21:30Summary
Red Hat Security Advisory: Red Hat OpenShift Enterprise Logging bug fix and security update (5.0.12)
Notes
Topic
An update is now available for OpenShift Logging (5.0.12)
Red Hat Product Security has rated this update as having a security impact of
Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives
a detailed severity rating, is available for each vulnerability from the CVE
link(s) in the References section.
Details
Openshift Logging Bug Fix Release (5.0.12)
Security Fix(es):
* log4j-core: remote code execution via JDBC Appender (CVE-2021-44832)
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update is now available for OpenShift Logging (5.0.12)\n\nRed Hat Product Security has rated this update as having a security impact of\nModerate. A Common Vulnerability Scoring System (CVSS) base score, which gives\na detailed severity rating, is available for each vulnerability from the CVE\nlink(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Openshift Logging Bug Fix Release (5.0.12)\n\nSecurity Fix(es):\n\n* log4j-core: remote code execution via JDBC Appender (CVE-2021-44832)",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2022:0225",
"url": "https://access.redhat.com/errata/RHSA-2022:0225"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "2035951",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2035951"
},
{
"category": "external",
"summary": "LOG-2089",
"url": "https://issues.redhat.com/browse/LOG-2089"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2022/rhsa-2022_0225.json"
}
],
"title": "Red Hat Security Advisory: Red Hat OpenShift Enterprise Logging bug fix and security update (5.0.12)",
"tracking": {
"current_release_date": "2024-11-24T21:30:04+00:00",
"generator": {
"date": "2024-11-24T21:30:04+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.1"
}
},
"id": "RHSA-2022:0225",
"initial_release_date": "2022-01-20T21:09:05+00:00",
"revision_history": [
{
"date": "2022-01-20T21:09:05+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2022-01-20T21:09:06+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-24T21:30:04+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "OpenShift Logging 5.0",
"product": {
"name": "OpenShift Logging 5.0",
"product_id": "8Base-OSE-LOGGING-5.0",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:logging:5.0::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenShift Enterprise"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-logging/cluster-logging-rhel8-operator@sha256:989d85eee44074af63c6aea0f80a11c86338a32eed0db930feec87c7d08d5135_s390x",
"product": {
"name": "openshift-logging/cluster-logging-rhel8-operator@sha256:989d85eee44074af63c6aea0f80a11c86338a32eed0db930feec87c7d08d5135_s390x",
"product_id": "openshift-logging/cluster-logging-rhel8-operator@sha256:989d85eee44074af63c6aea0f80a11c86338a32eed0db930feec87c7d08d5135_s390x",
"product_identification_helper": {
"purl": "pkg:oci/cluster-logging-rhel8-operator@sha256:989d85eee44074af63c6aea0f80a11c86338a32eed0db930feec87c7d08d5135?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/cluster-logging-rhel8-operator\u0026tag=v5.0.12-1"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch-rhel8-operator@sha256:d9b8605f7d19097c5f0a91d678cc2f102af892878871880023fc41721b276ef7_s390x",
"product": {
"name": "openshift-logging/elasticsearch-rhel8-operator@sha256:d9b8605f7d19097c5f0a91d678cc2f102af892878871880023fc41721b276ef7_s390x",
"product_id": "openshift-logging/elasticsearch-rhel8-operator@sha256:d9b8605f7d19097c5f0a91d678cc2f102af892878871880023fc41721b276ef7_s390x",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch-rhel8-operator@sha256:d9b8605f7d19097c5f0a91d678cc2f102af892878871880023fc41721b276ef7?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch-rhel8-operator\u0026tag=v5.0.12-1"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:dba9c39a48e4f4a93db4daa1d596a08fc60c8c55c6b7889a7b69be241c7cd119_s390x",
"product": {
"name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:dba9c39a48e4f4a93db4daa1d596a08fc60c8c55c6b7889a7b69be241c7cd119_s390x",
"product_id": "openshift-logging/elasticsearch-proxy-rhel8@sha256:dba9c39a48e4f4a93db4daa1d596a08fc60c8c55c6b7889a7b69be241c7cd119_s390x",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch-proxy-rhel8@sha256:dba9c39a48e4f4a93db4daa1d596a08fc60c8c55c6b7889a7b69be241c7cd119?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch-proxy-rhel8\u0026tag=v5.0.12-1"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/logging-curator5-rhel8@sha256:f561d39b3e7249000f22471454d04323d529217842e293d0bc10af30acaa7ad8_s390x",
"product": {
"name": "openshift-logging/logging-curator5-rhel8@sha256:f561d39b3e7249000f22471454d04323d529217842e293d0bc10af30acaa7ad8_s390x",
"product_id": "openshift-logging/logging-curator5-rhel8@sha256:f561d39b3e7249000f22471454d04323d529217842e293d0bc10af30acaa7ad8_s390x",
"product_identification_helper": {
"purl": "pkg:oci/logging-curator5-rhel8@sha256:f561d39b3e7249000f22471454d04323d529217842e293d0bc10af30acaa7ad8?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/logging-curator5-rhel8\u0026tag=v5.0.12-1"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch6-rhel8@sha256:5b6bd22611e78f26389183e0e3cc6f860eda122720909a3644f6edc7eae4e8da_s390x",
"product": {
"name": "openshift-logging/elasticsearch6-rhel8@sha256:5b6bd22611e78f26389183e0e3cc6f860eda122720909a3644f6edc7eae4e8da_s390x",
"product_id": "openshift-logging/elasticsearch6-rhel8@sha256:5b6bd22611e78f26389183e0e3cc6f860eda122720909a3644f6edc7eae4e8da_s390x",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch6-rhel8@sha256:5b6bd22611e78f26389183e0e3cc6f860eda122720909a3644f6edc7eae4e8da?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch6-rhel8\u0026tag=v5.0.12-1"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/eventrouter-rhel8@sha256:b64462859b9229e261a14035b65ab702bd301fcba043254796c9bf28205e6d79_s390x",
"product": {
"name": "openshift-logging/eventrouter-rhel8@sha256:b64462859b9229e261a14035b65ab702bd301fcba043254796c9bf28205e6d79_s390x",
"product_id": "openshift-logging/eventrouter-rhel8@sha256:b64462859b9229e261a14035b65ab702bd301fcba043254796c9bf28205e6d79_s390x",
"product_identification_helper": {
"purl": "pkg:oci/eventrouter-rhel8@sha256:b64462859b9229e261a14035b65ab702bd301fcba043254796c9bf28205e6d79?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/eventrouter-rhel8\u0026tag=v5.0.12-1"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/fluentd-rhel8@sha256:a1fce6215b404d0107dc435c7f3458d7c3acc4f927ad177af43b18c9cadc1bb1_s390x",
"product": {
"name": "openshift-logging/fluentd-rhel8@sha256:a1fce6215b404d0107dc435c7f3458d7c3acc4f927ad177af43b18c9cadc1bb1_s390x",
"product_id": "openshift-logging/fluentd-rhel8@sha256:a1fce6215b404d0107dc435c7f3458d7c3acc4f927ad177af43b18c9cadc1bb1_s390x",
"product_identification_helper": {
"purl": "pkg:oci/fluentd-rhel8@sha256:a1fce6215b404d0107dc435c7f3458d7c3acc4f927ad177af43b18c9cadc1bb1?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/fluentd-rhel8\u0026tag=v5.0.12-1"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/kibana6-rhel8@sha256:23a36e4ba3a8c26585c28a0fc1a947a2f35092fdc92631c9e242928556143374_s390x",
"product": {
"name": "openshift-logging/kibana6-rhel8@sha256:23a36e4ba3a8c26585c28a0fc1a947a2f35092fdc92631c9e242928556143374_s390x",
"product_id": "openshift-logging/kibana6-rhel8@sha256:23a36e4ba3a8c26585c28a0fc1a947a2f35092fdc92631c9e242928556143374_s390x",
"product_identification_helper": {
"purl": "pkg:oci/kibana6-rhel8@sha256:23a36e4ba3a8c26585c28a0fc1a947a2f35092fdc92631c9e242928556143374?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/kibana6-rhel8\u0026tag=v5.0.12-1"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-logging/cluster-logging-rhel8-operator@sha256:6444d97d9ed0d5e07c8df5a9ae55cb431250c5432cec6e90ecaae0fbe00be6d5_ppc64le",
"product": {
"name": "openshift-logging/cluster-logging-rhel8-operator@sha256:6444d97d9ed0d5e07c8df5a9ae55cb431250c5432cec6e90ecaae0fbe00be6d5_ppc64le",
"product_id": "openshift-logging/cluster-logging-rhel8-operator@sha256:6444d97d9ed0d5e07c8df5a9ae55cb431250c5432cec6e90ecaae0fbe00be6d5_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/cluster-logging-rhel8-operator@sha256:6444d97d9ed0d5e07c8df5a9ae55cb431250c5432cec6e90ecaae0fbe00be6d5?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/cluster-logging-rhel8-operator\u0026tag=v5.0.12-1"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch-rhel8-operator@sha256:87a757926b3934d21632b830511ca077d9fdb12417fa8886fad85c10143a6842_ppc64le",
"product": {
"name": "openshift-logging/elasticsearch-rhel8-operator@sha256:87a757926b3934d21632b830511ca077d9fdb12417fa8886fad85c10143a6842_ppc64le",
"product_id": "openshift-logging/elasticsearch-rhel8-operator@sha256:87a757926b3934d21632b830511ca077d9fdb12417fa8886fad85c10143a6842_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch-rhel8-operator@sha256:87a757926b3934d21632b830511ca077d9fdb12417fa8886fad85c10143a6842?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch-rhel8-operator\u0026tag=v5.0.12-1"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:411a7dc6932d910e53aeb09320d25325ff4228930ae198cfe67d21404fa0e3ed_ppc64le",
"product": {
"name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:411a7dc6932d910e53aeb09320d25325ff4228930ae198cfe67d21404fa0e3ed_ppc64le",
"product_id": "openshift-logging/elasticsearch-proxy-rhel8@sha256:411a7dc6932d910e53aeb09320d25325ff4228930ae198cfe67d21404fa0e3ed_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch-proxy-rhel8@sha256:411a7dc6932d910e53aeb09320d25325ff4228930ae198cfe67d21404fa0e3ed?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch-proxy-rhel8\u0026tag=v5.0.12-1"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/logging-curator5-rhel8@sha256:76bb02283a7740fbc2f25fd95e0f0b30118a585296a62bcc745872ecdd93ba1e_ppc64le",
"product": {
"name": "openshift-logging/logging-curator5-rhel8@sha256:76bb02283a7740fbc2f25fd95e0f0b30118a585296a62bcc745872ecdd93ba1e_ppc64le",
"product_id": "openshift-logging/logging-curator5-rhel8@sha256:76bb02283a7740fbc2f25fd95e0f0b30118a585296a62bcc745872ecdd93ba1e_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/logging-curator5-rhel8@sha256:76bb02283a7740fbc2f25fd95e0f0b30118a585296a62bcc745872ecdd93ba1e?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/logging-curator5-rhel8\u0026tag=v5.0.12-1"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch6-rhel8@sha256:c014b38a59a73f425c8ebd764148bad4956f24eda4670c42fd67826546df01be_ppc64le",
"product": {
"name": "openshift-logging/elasticsearch6-rhel8@sha256:c014b38a59a73f425c8ebd764148bad4956f24eda4670c42fd67826546df01be_ppc64le",
"product_id": "openshift-logging/elasticsearch6-rhel8@sha256:c014b38a59a73f425c8ebd764148bad4956f24eda4670c42fd67826546df01be_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch6-rhel8@sha256:c014b38a59a73f425c8ebd764148bad4956f24eda4670c42fd67826546df01be?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch6-rhel8\u0026tag=v5.0.12-1"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/eventrouter-rhel8@sha256:4afc627224c584844325fac536c2e8f0b510fa4ff84b9b05bdafe2d8505f4eac_ppc64le",
"product": {
"name": "openshift-logging/eventrouter-rhel8@sha256:4afc627224c584844325fac536c2e8f0b510fa4ff84b9b05bdafe2d8505f4eac_ppc64le",
"product_id": "openshift-logging/eventrouter-rhel8@sha256:4afc627224c584844325fac536c2e8f0b510fa4ff84b9b05bdafe2d8505f4eac_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/eventrouter-rhel8@sha256:4afc627224c584844325fac536c2e8f0b510fa4ff84b9b05bdafe2d8505f4eac?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/eventrouter-rhel8\u0026tag=v5.0.12-1"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/fluentd-rhel8@sha256:70d1eeac2c53a0c77fdcf1ae305c12786227aa6e7f4f1f3ab4365a119111f1ea_ppc64le",
"product": {
"name": "openshift-logging/fluentd-rhel8@sha256:70d1eeac2c53a0c77fdcf1ae305c12786227aa6e7f4f1f3ab4365a119111f1ea_ppc64le",
"product_id": "openshift-logging/fluentd-rhel8@sha256:70d1eeac2c53a0c77fdcf1ae305c12786227aa6e7f4f1f3ab4365a119111f1ea_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/fluentd-rhel8@sha256:70d1eeac2c53a0c77fdcf1ae305c12786227aa6e7f4f1f3ab4365a119111f1ea?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/fluentd-rhel8\u0026tag=v5.0.12-1"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/kibana6-rhel8@sha256:7cc111b0928dd598abfe6f4db5c021e056e7fa1270a3953168924f5194f00db5_ppc64le",
"product": {
"name": "openshift-logging/kibana6-rhel8@sha256:7cc111b0928dd598abfe6f4db5c021e056e7fa1270a3953168924f5194f00db5_ppc64le",
"product_id": "openshift-logging/kibana6-rhel8@sha256:7cc111b0928dd598abfe6f4db5c021e056e7fa1270a3953168924f5194f00db5_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/kibana6-rhel8@sha256:7cc111b0928dd598abfe6f4db5c021e056e7fa1270a3953168924f5194f00db5?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/kibana6-rhel8\u0026tag=v5.0.12-1"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-logging/cluster-logging-rhel8-operator@sha256:e5f8312c65a081ae6433e9d8ed6e81682f5883781f4c757585559800b19fcb94_amd64",
"product": {
"name": "openshift-logging/cluster-logging-rhel8-operator@sha256:e5f8312c65a081ae6433e9d8ed6e81682f5883781f4c757585559800b19fcb94_amd64",
"product_id": "openshift-logging/cluster-logging-rhel8-operator@sha256:e5f8312c65a081ae6433e9d8ed6e81682f5883781f4c757585559800b19fcb94_amd64",
"product_identification_helper": {
"purl": "pkg:oci/cluster-logging-rhel8-operator@sha256:e5f8312c65a081ae6433e9d8ed6e81682f5883781f4c757585559800b19fcb94?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/cluster-logging-rhel8-operator\u0026tag=v5.0.12-1"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/cluster-logging-operator-bundle@sha256:88c8992a0850de9983c13c3a8e5b5cb2ed1779e31e86c0c7195ab0d38fc2727d_amd64",
"product": {
"name": "openshift-logging/cluster-logging-operator-bundle@sha256:88c8992a0850de9983c13c3a8e5b5cb2ed1779e31e86c0c7195ab0d38fc2727d_amd64",
"product_id": "openshift-logging/cluster-logging-operator-bundle@sha256:88c8992a0850de9983c13c3a8e5b5cb2ed1779e31e86c0c7195ab0d38fc2727d_amd64",
"product_identification_helper": {
"purl": "pkg:oci/cluster-logging-operator-bundle@sha256:88c8992a0850de9983c13c3a8e5b5cb2ed1779e31e86c0c7195ab0d38fc2727d?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/cluster-logging-operator-bundle\u0026tag=v5.0.12-1"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch-rhel8-operator@sha256:31ee1ebcb1276a491a5fee1b86aacbd1ebc0c07bdd4c9b536ce95c948995b6d0_amd64",
"product": {
"name": "openshift-logging/elasticsearch-rhel8-operator@sha256:31ee1ebcb1276a491a5fee1b86aacbd1ebc0c07bdd4c9b536ce95c948995b6d0_amd64",
"product_id": "openshift-logging/elasticsearch-rhel8-operator@sha256:31ee1ebcb1276a491a5fee1b86aacbd1ebc0c07bdd4c9b536ce95c948995b6d0_amd64",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch-rhel8-operator@sha256:31ee1ebcb1276a491a5fee1b86aacbd1ebc0c07bdd4c9b536ce95c948995b6d0?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch-rhel8-operator\u0026tag=v5.0.12-1"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch-operator-bundle@sha256:6fda7c65e256b5ca27a3e0b99d5289fd3eb67cc738787f659ee449e79e01e56c_amd64",
"product": {
"name": "openshift-logging/elasticsearch-operator-bundle@sha256:6fda7c65e256b5ca27a3e0b99d5289fd3eb67cc738787f659ee449e79e01e56c_amd64",
"product_id": "openshift-logging/elasticsearch-operator-bundle@sha256:6fda7c65e256b5ca27a3e0b99d5289fd3eb67cc738787f659ee449e79e01e56c_amd64",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch-operator-bundle@sha256:6fda7c65e256b5ca27a3e0b99d5289fd3eb67cc738787f659ee449e79e01e56c?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch-operator-bundle\u0026tag=v5.0.12-1"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:a3a23a88514f9f9117f2dceb99c7686b2056ebf3b7dd3c82efa34f5855e549e8_amd64",
"product": {
"name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:a3a23a88514f9f9117f2dceb99c7686b2056ebf3b7dd3c82efa34f5855e549e8_amd64",
"product_id": "openshift-logging/elasticsearch-proxy-rhel8@sha256:a3a23a88514f9f9117f2dceb99c7686b2056ebf3b7dd3c82efa34f5855e549e8_amd64",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch-proxy-rhel8@sha256:a3a23a88514f9f9117f2dceb99c7686b2056ebf3b7dd3c82efa34f5855e549e8?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch-proxy-rhel8\u0026tag=v5.0.12-1"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/logging-curator5-rhel8@sha256:3f1a81fdc28c7254be59a8a3630f4c36c05f655bab886627393823ffa9ad2cf6_amd64",
"product": {
"name": "openshift-logging/logging-curator5-rhel8@sha256:3f1a81fdc28c7254be59a8a3630f4c36c05f655bab886627393823ffa9ad2cf6_amd64",
"product_id": "openshift-logging/logging-curator5-rhel8@sha256:3f1a81fdc28c7254be59a8a3630f4c36c05f655bab886627393823ffa9ad2cf6_amd64",
"product_identification_helper": {
"purl": "pkg:oci/logging-curator5-rhel8@sha256:3f1a81fdc28c7254be59a8a3630f4c36c05f655bab886627393823ffa9ad2cf6?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/logging-curator5-rhel8\u0026tag=v5.0.12-1"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch6-rhel8@sha256:15aef84c7916059dbddcdb5abadf9bd17ce282d4ab1e85c7b9473a025fc1d7ae_amd64",
"product": {
"name": "openshift-logging/elasticsearch6-rhel8@sha256:15aef84c7916059dbddcdb5abadf9bd17ce282d4ab1e85c7b9473a025fc1d7ae_amd64",
"product_id": "openshift-logging/elasticsearch6-rhel8@sha256:15aef84c7916059dbddcdb5abadf9bd17ce282d4ab1e85c7b9473a025fc1d7ae_amd64",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch6-rhel8@sha256:15aef84c7916059dbddcdb5abadf9bd17ce282d4ab1e85c7b9473a025fc1d7ae?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch6-rhel8\u0026tag=v5.0.12-1"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/eventrouter-rhel8@sha256:f659b70ed9b1ecb132337b75e6b3891f3e0452be4bf39e3cff517a51d6520f7a_amd64",
"product": {
"name": "openshift-logging/eventrouter-rhel8@sha256:f659b70ed9b1ecb132337b75e6b3891f3e0452be4bf39e3cff517a51d6520f7a_amd64",
"product_id": "openshift-logging/eventrouter-rhel8@sha256:f659b70ed9b1ecb132337b75e6b3891f3e0452be4bf39e3cff517a51d6520f7a_amd64",
"product_identification_helper": {
"purl": "pkg:oci/eventrouter-rhel8@sha256:f659b70ed9b1ecb132337b75e6b3891f3e0452be4bf39e3cff517a51d6520f7a?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/eventrouter-rhel8\u0026tag=v5.0.12-1"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/fluentd-rhel8@sha256:b7139adf92aec389c86c3d2911773520abe984a6902cf92f1d7a124480f60823_amd64",
"product": {
"name": "openshift-logging/fluentd-rhel8@sha256:b7139adf92aec389c86c3d2911773520abe984a6902cf92f1d7a124480f60823_amd64",
"product_id": "openshift-logging/fluentd-rhel8@sha256:b7139adf92aec389c86c3d2911773520abe984a6902cf92f1d7a124480f60823_amd64",
"product_identification_helper": {
"purl": "pkg:oci/fluentd-rhel8@sha256:b7139adf92aec389c86c3d2911773520abe984a6902cf92f1d7a124480f60823?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/fluentd-rhel8\u0026tag=v5.0.12-1"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/kibana6-rhel8@sha256:749d9a8434d2c5a4251d59701a3a57ece72b2fe8f3a450c6e3161905cbbd4ce3_amd64",
"product": {
"name": "openshift-logging/kibana6-rhel8@sha256:749d9a8434d2c5a4251d59701a3a57ece72b2fe8f3a450c6e3161905cbbd4ce3_amd64",
"product_id": "openshift-logging/kibana6-rhel8@sha256:749d9a8434d2c5a4251d59701a3a57ece72b2fe8f3a450c6e3161905cbbd4ce3_amd64",
"product_identification_helper": {
"purl": "pkg:oci/kibana6-rhel8@sha256:749d9a8434d2c5a4251d59701a3a57ece72b2fe8f3a450c6e3161905cbbd4ce3?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/kibana6-rhel8\u0026tag=v5.0.12-1"
}
}
}
],
"category": "architecture",
"name": "amd64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/cluster-logging-operator-bundle@sha256:88c8992a0850de9983c13c3a8e5b5cb2ed1779e31e86c0c7195ab0d38fc2727d_amd64 as a component of OpenShift Logging 5.0",
"product_id": "8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-operator-bundle@sha256:88c8992a0850de9983c13c3a8e5b5cb2ed1779e31e86c0c7195ab0d38fc2727d_amd64"
},
"product_reference": "openshift-logging/cluster-logging-operator-bundle@sha256:88c8992a0850de9983c13c3a8e5b5cb2ed1779e31e86c0c7195ab0d38fc2727d_amd64",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/cluster-logging-rhel8-operator@sha256:6444d97d9ed0d5e07c8df5a9ae55cb431250c5432cec6e90ecaae0fbe00be6d5_ppc64le as a component of OpenShift Logging 5.0",
"product_id": "8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:6444d97d9ed0d5e07c8df5a9ae55cb431250c5432cec6e90ecaae0fbe00be6d5_ppc64le"
},
"product_reference": "openshift-logging/cluster-logging-rhel8-operator@sha256:6444d97d9ed0d5e07c8df5a9ae55cb431250c5432cec6e90ecaae0fbe00be6d5_ppc64le",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/cluster-logging-rhel8-operator@sha256:989d85eee44074af63c6aea0f80a11c86338a32eed0db930feec87c7d08d5135_s390x as a component of OpenShift Logging 5.0",
"product_id": "8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:989d85eee44074af63c6aea0f80a11c86338a32eed0db930feec87c7d08d5135_s390x"
},
"product_reference": "openshift-logging/cluster-logging-rhel8-operator@sha256:989d85eee44074af63c6aea0f80a11c86338a32eed0db930feec87c7d08d5135_s390x",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/cluster-logging-rhel8-operator@sha256:e5f8312c65a081ae6433e9d8ed6e81682f5883781f4c757585559800b19fcb94_amd64 as a component of OpenShift Logging 5.0",
"product_id": "8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:e5f8312c65a081ae6433e9d8ed6e81682f5883781f4c757585559800b19fcb94_amd64"
},
"product_reference": "openshift-logging/cluster-logging-rhel8-operator@sha256:e5f8312c65a081ae6433e9d8ed6e81682f5883781f4c757585559800b19fcb94_amd64",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch-operator-bundle@sha256:6fda7c65e256b5ca27a3e0b99d5289fd3eb67cc738787f659ee449e79e01e56c_amd64 as a component of OpenShift Logging 5.0",
"product_id": "8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-operator-bundle@sha256:6fda7c65e256b5ca27a3e0b99d5289fd3eb67cc738787f659ee449e79e01e56c_amd64"
},
"product_reference": "openshift-logging/elasticsearch-operator-bundle@sha256:6fda7c65e256b5ca27a3e0b99d5289fd3eb67cc738787f659ee449e79e01e56c_amd64",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:411a7dc6932d910e53aeb09320d25325ff4228930ae198cfe67d21404fa0e3ed_ppc64le as a component of OpenShift Logging 5.0",
"product_id": "8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:411a7dc6932d910e53aeb09320d25325ff4228930ae198cfe67d21404fa0e3ed_ppc64le"
},
"product_reference": "openshift-logging/elasticsearch-proxy-rhel8@sha256:411a7dc6932d910e53aeb09320d25325ff4228930ae198cfe67d21404fa0e3ed_ppc64le",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:a3a23a88514f9f9117f2dceb99c7686b2056ebf3b7dd3c82efa34f5855e549e8_amd64 as a component of OpenShift Logging 5.0",
"product_id": "8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:a3a23a88514f9f9117f2dceb99c7686b2056ebf3b7dd3c82efa34f5855e549e8_amd64"
},
"product_reference": "openshift-logging/elasticsearch-proxy-rhel8@sha256:a3a23a88514f9f9117f2dceb99c7686b2056ebf3b7dd3c82efa34f5855e549e8_amd64",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:dba9c39a48e4f4a93db4daa1d596a08fc60c8c55c6b7889a7b69be241c7cd119_s390x as a component of OpenShift Logging 5.0",
"product_id": "8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:dba9c39a48e4f4a93db4daa1d596a08fc60c8c55c6b7889a7b69be241c7cd119_s390x"
},
"product_reference": "openshift-logging/elasticsearch-proxy-rhel8@sha256:dba9c39a48e4f4a93db4daa1d596a08fc60c8c55c6b7889a7b69be241c7cd119_s390x",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch-rhel8-operator@sha256:31ee1ebcb1276a491a5fee1b86aacbd1ebc0c07bdd4c9b536ce95c948995b6d0_amd64 as a component of OpenShift Logging 5.0",
"product_id": "8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:31ee1ebcb1276a491a5fee1b86aacbd1ebc0c07bdd4c9b536ce95c948995b6d0_amd64"
},
"product_reference": "openshift-logging/elasticsearch-rhel8-operator@sha256:31ee1ebcb1276a491a5fee1b86aacbd1ebc0c07bdd4c9b536ce95c948995b6d0_amd64",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch-rhel8-operator@sha256:87a757926b3934d21632b830511ca077d9fdb12417fa8886fad85c10143a6842_ppc64le as a component of OpenShift Logging 5.0",
"product_id": "8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:87a757926b3934d21632b830511ca077d9fdb12417fa8886fad85c10143a6842_ppc64le"
},
"product_reference": "openshift-logging/elasticsearch-rhel8-operator@sha256:87a757926b3934d21632b830511ca077d9fdb12417fa8886fad85c10143a6842_ppc64le",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch-rhel8-operator@sha256:d9b8605f7d19097c5f0a91d678cc2f102af892878871880023fc41721b276ef7_s390x as a component of OpenShift Logging 5.0",
"product_id": "8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:d9b8605f7d19097c5f0a91d678cc2f102af892878871880023fc41721b276ef7_s390x"
},
"product_reference": "openshift-logging/elasticsearch-rhel8-operator@sha256:d9b8605f7d19097c5f0a91d678cc2f102af892878871880023fc41721b276ef7_s390x",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch6-rhel8@sha256:15aef84c7916059dbddcdb5abadf9bd17ce282d4ab1e85c7b9473a025fc1d7ae_amd64 as a component of OpenShift Logging 5.0",
"product_id": "8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:15aef84c7916059dbddcdb5abadf9bd17ce282d4ab1e85c7b9473a025fc1d7ae_amd64"
},
"product_reference": "openshift-logging/elasticsearch6-rhel8@sha256:15aef84c7916059dbddcdb5abadf9bd17ce282d4ab1e85c7b9473a025fc1d7ae_amd64",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch6-rhel8@sha256:5b6bd22611e78f26389183e0e3cc6f860eda122720909a3644f6edc7eae4e8da_s390x as a component of OpenShift Logging 5.0",
"product_id": "8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:5b6bd22611e78f26389183e0e3cc6f860eda122720909a3644f6edc7eae4e8da_s390x"
},
"product_reference": "openshift-logging/elasticsearch6-rhel8@sha256:5b6bd22611e78f26389183e0e3cc6f860eda122720909a3644f6edc7eae4e8da_s390x",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch6-rhel8@sha256:c014b38a59a73f425c8ebd764148bad4956f24eda4670c42fd67826546df01be_ppc64le as a component of OpenShift Logging 5.0",
"product_id": "8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:c014b38a59a73f425c8ebd764148bad4956f24eda4670c42fd67826546df01be_ppc64le"
},
"product_reference": "openshift-logging/elasticsearch6-rhel8@sha256:c014b38a59a73f425c8ebd764148bad4956f24eda4670c42fd67826546df01be_ppc64le",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/eventrouter-rhel8@sha256:4afc627224c584844325fac536c2e8f0b510fa4ff84b9b05bdafe2d8505f4eac_ppc64le as a component of OpenShift Logging 5.0",
"product_id": "8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:4afc627224c584844325fac536c2e8f0b510fa4ff84b9b05bdafe2d8505f4eac_ppc64le"
},
"product_reference": "openshift-logging/eventrouter-rhel8@sha256:4afc627224c584844325fac536c2e8f0b510fa4ff84b9b05bdafe2d8505f4eac_ppc64le",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/eventrouter-rhel8@sha256:b64462859b9229e261a14035b65ab702bd301fcba043254796c9bf28205e6d79_s390x as a component of OpenShift Logging 5.0",
"product_id": "8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:b64462859b9229e261a14035b65ab702bd301fcba043254796c9bf28205e6d79_s390x"
},
"product_reference": "openshift-logging/eventrouter-rhel8@sha256:b64462859b9229e261a14035b65ab702bd301fcba043254796c9bf28205e6d79_s390x",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/eventrouter-rhel8@sha256:f659b70ed9b1ecb132337b75e6b3891f3e0452be4bf39e3cff517a51d6520f7a_amd64 as a component of OpenShift Logging 5.0",
"product_id": "8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:f659b70ed9b1ecb132337b75e6b3891f3e0452be4bf39e3cff517a51d6520f7a_amd64"
},
"product_reference": "openshift-logging/eventrouter-rhel8@sha256:f659b70ed9b1ecb132337b75e6b3891f3e0452be4bf39e3cff517a51d6520f7a_amd64",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/fluentd-rhel8@sha256:70d1eeac2c53a0c77fdcf1ae305c12786227aa6e7f4f1f3ab4365a119111f1ea_ppc64le as a component of OpenShift Logging 5.0",
"product_id": "8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:70d1eeac2c53a0c77fdcf1ae305c12786227aa6e7f4f1f3ab4365a119111f1ea_ppc64le"
},
"product_reference": "openshift-logging/fluentd-rhel8@sha256:70d1eeac2c53a0c77fdcf1ae305c12786227aa6e7f4f1f3ab4365a119111f1ea_ppc64le",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/fluentd-rhel8@sha256:a1fce6215b404d0107dc435c7f3458d7c3acc4f927ad177af43b18c9cadc1bb1_s390x as a component of OpenShift Logging 5.0",
"product_id": "8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:a1fce6215b404d0107dc435c7f3458d7c3acc4f927ad177af43b18c9cadc1bb1_s390x"
},
"product_reference": "openshift-logging/fluentd-rhel8@sha256:a1fce6215b404d0107dc435c7f3458d7c3acc4f927ad177af43b18c9cadc1bb1_s390x",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/fluentd-rhel8@sha256:b7139adf92aec389c86c3d2911773520abe984a6902cf92f1d7a124480f60823_amd64 as a component of OpenShift Logging 5.0",
"product_id": "8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:b7139adf92aec389c86c3d2911773520abe984a6902cf92f1d7a124480f60823_amd64"
},
"product_reference": "openshift-logging/fluentd-rhel8@sha256:b7139adf92aec389c86c3d2911773520abe984a6902cf92f1d7a124480f60823_amd64",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/kibana6-rhel8@sha256:23a36e4ba3a8c26585c28a0fc1a947a2f35092fdc92631c9e242928556143374_s390x as a component of OpenShift Logging 5.0",
"product_id": "8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:23a36e4ba3a8c26585c28a0fc1a947a2f35092fdc92631c9e242928556143374_s390x"
},
"product_reference": "openshift-logging/kibana6-rhel8@sha256:23a36e4ba3a8c26585c28a0fc1a947a2f35092fdc92631c9e242928556143374_s390x",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/kibana6-rhel8@sha256:749d9a8434d2c5a4251d59701a3a57ece72b2fe8f3a450c6e3161905cbbd4ce3_amd64 as a component of OpenShift Logging 5.0",
"product_id": "8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:749d9a8434d2c5a4251d59701a3a57ece72b2fe8f3a450c6e3161905cbbd4ce3_amd64"
},
"product_reference": "openshift-logging/kibana6-rhel8@sha256:749d9a8434d2c5a4251d59701a3a57ece72b2fe8f3a450c6e3161905cbbd4ce3_amd64",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/kibana6-rhel8@sha256:7cc111b0928dd598abfe6f4db5c021e056e7fa1270a3953168924f5194f00db5_ppc64le as a component of OpenShift Logging 5.0",
"product_id": "8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:7cc111b0928dd598abfe6f4db5c021e056e7fa1270a3953168924f5194f00db5_ppc64le"
},
"product_reference": "openshift-logging/kibana6-rhel8@sha256:7cc111b0928dd598abfe6f4db5c021e056e7fa1270a3953168924f5194f00db5_ppc64le",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/logging-curator5-rhel8@sha256:3f1a81fdc28c7254be59a8a3630f4c36c05f655bab886627393823ffa9ad2cf6_amd64 as a component of OpenShift Logging 5.0",
"product_id": "8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:3f1a81fdc28c7254be59a8a3630f4c36c05f655bab886627393823ffa9ad2cf6_amd64"
},
"product_reference": "openshift-logging/logging-curator5-rhel8@sha256:3f1a81fdc28c7254be59a8a3630f4c36c05f655bab886627393823ffa9ad2cf6_amd64",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/logging-curator5-rhel8@sha256:76bb02283a7740fbc2f25fd95e0f0b30118a585296a62bcc745872ecdd93ba1e_ppc64le as a component of OpenShift Logging 5.0",
"product_id": "8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:76bb02283a7740fbc2f25fd95e0f0b30118a585296a62bcc745872ecdd93ba1e_ppc64le"
},
"product_reference": "openshift-logging/logging-curator5-rhel8@sha256:76bb02283a7740fbc2f25fd95e0f0b30118a585296a62bcc745872ecdd93ba1e_ppc64le",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/logging-curator5-rhel8@sha256:f561d39b3e7249000f22471454d04323d529217842e293d0bc10af30acaa7ad8_s390x as a component of OpenShift Logging 5.0",
"product_id": "8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:f561d39b3e7249000f22471454d04323d529217842e293d0bc10af30acaa7ad8_s390x"
},
"product_reference": "openshift-logging/logging-curator5-rhel8@sha256:f561d39b3e7249000f22471454d04323d529217842e293d0bc10af30acaa7ad8_s390x",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.0"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-44832",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2021-12-28T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-operator-bundle@sha256:88c8992a0850de9983c13c3a8e5b5cb2ed1779e31e86c0c7195ab0d38fc2727d_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:6444d97d9ed0d5e07c8df5a9ae55cb431250c5432cec6e90ecaae0fbe00be6d5_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:989d85eee44074af63c6aea0f80a11c86338a32eed0db930feec87c7d08d5135_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:e5f8312c65a081ae6433e9d8ed6e81682f5883781f4c757585559800b19fcb94_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-operator-bundle@sha256:6fda7c65e256b5ca27a3e0b99d5289fd3eb67cc738787f659ee449e79e01e56c_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:411a7dc6932d910e53aeb09320d25325ff4228930ae198cfe67d21404fa0e3ed_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:a3a23a88514f9f9117f2dceb99c7686b2056ebf3b7dd3c82efa34f5855e549e8_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:dba9c39a48e4f4a93db4daa1d596a08fc60c8c55c6b7889a7b69be241c7cd119_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:31ee1ebcb1276a491a5fee1b86aacbd1ebc0c07bdd4c9b536ce95c948995b6d0_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:87a757926b3934d21632b830511ca077d9fdb12417fa8886fad85c10143a6842_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:d9b8605f7d19097c5f0a91d678cc2f102af892878871880023fc41721b276ef7_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:4afc627224c584844325fac536c2e8f0b510fa4ff84b9b05bdafe2d8505f4eac_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:b64462859b9229e261a14035b65ab702bd301fcba043254796c9bf28205e6d79_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:f659b70ed9b1ecb132337b75e6b3891f3e0452be4bf39e3cff517a51d6520f7a_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:70d1eeac2c53a0c77fdcf1ae305c12786227aa6e7f4f1f3ab4365a119111f1ea_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:a1fce6215b404d0107dc435c7f3458d7c3acc4f927ad177af43b18c9cadc1bb1_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:b7139adf92aec389c86c3d2911773520abe984a6902cf92f1d7a124480f60823_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:23a36e4ba3a8c26585c28a0fc1a947a2f35092fdc92631c9e242928556143374_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:749d9a8434d2c5a4251d59701a3a57ece72b2fe8f3a450c6e3161905cbbd4ce3_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:7cc111b0928dd598abfe6f4db5c021e056e7fa1270a3953168924f5194f00db5_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:3f1a81fdc28c7254be59a8a3630f4c36c05f655bab886627393823ffa9ad2cf6_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:76bb02283a7740fbc2f25fd95e0f0b30118a585296a62bcc745872ecdd93ba1e_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:f561d39b3e7249000f22471454d04323d529217842e293d0bc10af30acaa7ad8_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2035951"
}
],
"notes": [
{
"category": "description",
"text": "Apache Log4j2 versions 2.0-beta7 through 2.17.0 (excluding security fix releases 2.3.2 and 2.12.4) are vulnerable to a remote code execution (RCE) attack where an attacker with permission to modify the logging configuration file can construct a malicious configuration using a JDBC Appender with a data source referencing a JNDI URI which can execute remote code. This issue is fixed by limiting JNDI data source names to the java protocol in Log4j2 versions 2.17.1, 2.12.4, and 2.3.2.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "log4j-core: remote code execution via JDBC Appender",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Log4j 1.x is not impacted by this vulnerability. Therefore versions of log4j shipped with Red Hat Enterprise Linux are NOT affected by this flaw.\n\nFor Elasticsearch, as shipped in OpenShift Container Platform and OpenShift Logging, access to the log4j2.properties configuration is limited only to the cluster administrators and exploitation requires cluster logging changes, what reduced the impact of this vulnerability significantly [0].\n\n[0] https://discuss.elastic.co/t/apache-log4j2-remote-code-execution-rce-vulnerability-cve-2021-44228-esa-2021-31/291476#update-jan-6-5",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:15aef84c7916059dbddcdb5abadf9bd17ce282d4ab1e85c7b9473a025fc1d7ae_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:5b6bd22611e78f26389183e0e3cc6f860eda122720909a3644f6edc7eae4e8da_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:c014b38a59a73f425c8ebd764148bad4956f24eda4670c42fd67826546df01be_ppc64le"
],
"known_not_affected": [
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-operator-bundle@sha256:88c8992a0850de9983c13c3a8e5b5cb2ed1779e31e86c0c7195ab0d38fc2727d_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:6444d97d9ed0d5e07c8df5a9ae55cb431250c5432cec6e90ecaae0fbe00be6d5_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:989d85eee44074af63c6aea0f80a11c86338a32eed0db930feec87c7d08d5135_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:e5f8312c65a081ae6433e9d8ed6e81682f5883781f4c757585559800b19fcb94_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-operator-bundle@sha256:6fda7c65e256b5ca27a3e0b99d5289fd3eb67cc738787f659ee449e79e01e56c_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:411a7dc6932d910e53aeb09320d25325ff4228930ae198cfe67d21404fa0e3ed_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:a3a23a88514f9f9117f2dceb99c7686b2056ebf3b7dd3c82efa34f5855e549e8_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:dba9c39a48e4f4a93db4daa1d596a08fc60c8c55c6b7889a7b69be241c7cd119_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:31ee1ebcb1276a491a5fee1b86aacbd1ebc0c07bdd4c9b536ce95c948995b6d0_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:87a757926b3934d21632b830511ca077d9fdb12417fa8886fad85c10143a6842_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:d9b8605f7d19097c5f0a91d678cc2f102af892878871880023fc41721b276ef7_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:4afc627224c584844325fac536c2e8f0b510fa4ff84b9b05bdafe2d8505f4eac_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:b64462859b9229e261a14035b65ab702bd301fcba043254796c9bf28205e6d79_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:f659b70ed9b1ecb132337b75e6b3891f3e0452be4bf39e3cff517a51d6520f7a_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:70d1eeac2c53a0c77fdcf1ae305c12786227aa6e7f4f1f3ab4365a119111f1ea_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:a1fce6215b404d0107dc435c7f3458d7c3acc4f927ad177af43b18c9cadc1bb1_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:b7139adf92aec389c86c3d2911773520abe984a6902cf92f1d7a124480f60823_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:23a36e4ba3a8c26585c28a0fc1a947a2f35092fdc92631c9e242928556143374_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:749d9a8434d2c5a4251d59701a3a57ece72b2fe8f3a450c6e3161905cbbd4ce3_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:7cc111b0928dd598abfe6f4db5c021e056e7fa1270a3953168924f5194f00db5_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:3f1a81fdc28c7254be59a8a3630f4c36c05f655bab886627393823ffa9ad2cf6_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:76bb02283a7740fbc2f25fd95e0f0b30118a585296a62bcc745872ecdd93ba1e_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:f561d39b3e7249000f22471454d04323d529217842e293d0bc10af30acaa7ad8_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-44832"
},
{
"category": "external",
"summary": "RHBZ#2035951",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2035951"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-44832",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44832"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-44832",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-44832"
},
{
"category": "external",
"summary": "https://issues.apache.org/jira/browse/LOG4J2-3293",
"url": "https://issues.apache.org/jira/browse/LOG4J2-3293"
}
],
"release_date": "2021-12-28T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-01-20T21:09:05+00:00",
"details": "For OpenShift Container Platform 4.7 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:\n\nhttps://docs.openshift.com/container-platform/4.7/release_notes/ocp-4-7-release-notes.html\n\nFor Red Hat OpenShift Logging 5.0, see the following instructions to apply this update:\n\nhttps://docs.openshift.com/container-platform/4.7/logging/cluster-logging-upgrading.html",
"product_ids": [
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:15aef84c7916059dbddcdb5abadf9bd17ce282d4ab1e85c7b9473a025fc1d7ae_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:5b6bd22611e78f26389183e0e3cc6f860eda122720909a3644f6edc7eae4e8da_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:c014b38a59a73f425c8ebd764148bad4956f24eda4670c42fd67826546df01be_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:0225"
},
{
"category": "workaround",
"details": "As per upstream:\n- In prior releases confirm that if the JDBC Appender is being used it is not configured to use any protocol other than Java.\n- Note that only the log4j-core JAR file is impacted by this vulnerability. Applications using only the log4j-api JAR file without the log4j-core JAR file are not impacted by this vulnerability.",
"product_ids": [
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-operator-bundle@sha256:88c8992a0850de9983c13c3a8e5b5cb2ed1779e31e86c0c7195ab0d38fc2727d_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:6444d97d9ed0d5e07c8df5a9ae55cb431250c5432cec6e90ecaae0fbe00be6d5_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:989d85eee44074af63c6aea0f80a11c86338a32eed0db930feec87c7d08d5135_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:e5f8312c65a081ae6433e9d8ed6e81682f5883781f4c757585559800b19fcb94_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-operator-bundle@sha256:6fda7c65e256b5ca27a3e0b99d5289fd3eb67cc738787f659ee449e79e01e56c_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:411a7dc6932d910e53aeb09320d25325ff4228930ae198cfe67d21404fa0e3ed_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:a3a23a88514f9f9117f2dceb99c7686b2056ebf3b7dd3c82efa34f5855e549e8_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:dba9c39a48e4f4a93db4daa1d596a08fc60c8c55c6b7889a7b69be241c7cd119_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:31ee1ebcb1276a491a5fee1b86aacbd1ebc0c07bdd4c9b536ce95c948995b6d0_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:87a757926b3934d21632b830511ca077d9fdb12417fa8886fad85c10143a6842_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:d9b8605f7d19097c5f0a91d678cc2f102af892878871880023fc41721b276ef7_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:15aef84c7916059dbddcdb5abadf9bd17ce282d4ab1e85c7b9473a025fc1d7ae_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:5b6bd22611e78f26389183e0e3cc6f860eda122720909a3644f6edc7eae4e8da_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:c014b38a59a73f425c8ebd764148bad4956f24eda4670c42fd67826546df01be_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:4afc627224c584844325fac536c2e8f0b510fa4ff84b9b05bdafe2d8505f4eac_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:b64462859b9229e261a14035b65ab702bd301fcba043254796c9bf28205e6d79_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:f659b70ed9b1ecb132337b75e6b3891f3e0452be4bf39e3cff517a51d6520f7a_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:70d1eeac2c53a0c77fdcf1ae305c12786227aa6e7f4f1f3ab4365a119111f1ea_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:a1fce6215b404d0107dc435c7f3458d7c3acc4f927ad177af43b18c9cadc1bb1_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:b7139adf92aec389c86c3d2911773520abe984a6902cf92f1d7a124480f60823_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:23a36e4ba3a8c26585c28a0fc1a947a2f35092fdc92631c9e242928556143374_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:749d9a8434d2c5a4251d59701a3a57ece72b2fe8f3a450c6e3161905cbbd4ce3_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:7cc111b0928dd598abfe6f4db5c021e056e7fa1270a3953168924f5194f00db5_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:3f1a81fdc28c7254be59a8a3630f4c36c05f655bab886627393823ffa9ad2cf6_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:76bb02283a7740fbc2f25fd95e0f0b30118a585296a62bcc745872ecdd93ba1e_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:f561d39b3e7249000f22471454d04323d529217842e293d0bc10af30acaa7ad8_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:15aef84c7916059dbddcdb5abadf9bd17ce282d4ab1e85c7b9473a025fc1d7ae_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:5b6bd22611e78f26389183e0e3cc6f860eda122720909a3644f6edc7eae4e8da_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:c014b38a59a73f425c8ebd764148bad4956f24eda4670c42fd67826546df01be_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "log4j-core: remote code execution via JDBC Appender"
}
]
}
RHSA-2022:0467
Vulnerability from csaf_redhat - Published: 2022-02-08 12:52 - Updated: 2025-11-21 18:28Summary
Red Hat Security Advisory: Red Hat AMQ Streams 1.6.7 release and security update
Notes
Topic
Red Hat AMQ Streams 1.6.7 is now available from the Red Hat Customer Portal.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat AMQ Streams, based on the Apache Kafka project, offers a distributed backbone that allows microservices and other applications to share data with extremely high throughput and extremely low latency.
This release of Red Hat AMQ Streams 1.6.7 serves as a replacement for Red Hat AMQ Streams 1.6.6, and includes security and bug fixes, and enhancements. For further information, refer to the release notes linked to in the References section.
Security Fix(es):
* log4j: SQL injection in Log4j 1.x when application is configured to use JDBCAppender (CVE-2022-23305)
* log4j: Unsafe deserialization flaw in Chainsaw log viewer (CVE-2022-23307)
* kubernetes-client: Insecure deserialization in unmarshalYaml method (CVE-2021-4178)
* log4j-core: remote code execution via JDBC Appender (CVE-2021-44832)
* log4j: Remote code execution in Log4j 1.x when application is configured to use JMSSink (CVE-2022-23302)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Red Hat AMQ Streams 1.6.7 is now available from the Red Hat Customer Portal.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat AMQ Streams, based on the Apache Kafka project, offers a distributed backbone that allows microservices and other applications to share data with extremely high throughput and extremely low latency. \n\nThis release of Red Hat AMQ Streams 1.6.7 serves as a replacement for Red Hat AMQ Streams 1.6.6, and includes security and bug fixes, and enhancements. For further information, refer to the release notes linked to in the References section.\n\nSecurity Fix(es):\n\n* log4j: SQL injection in Log4j 1.x when application is configured to use JDBCAppender (CVE-2022-23305)\n\n* log4j: Unsafe deserialization flaw in Chainsaw log viewer (CVE-2022-23307)\n\n* kubernetes-client: Insecure deserialization in unmarshalYaml method (CVE-2021-4178)\n\n* log4j-core: remote code execution via JDBC Appender (CVE-2021-44832)\n\n* log4j: Remote code execution in Log4j 1.x when application is configured to use JMSSink (CVE-2022-23302)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2022:0467",
"url": "https://access.redhat.com/errata/RHSA-2022:0467"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=distributions\u0026product=jboss.amq.streams\u0026version=1.6.7",
"url": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=distributions\u0026product=jboss.amq.streams\u0026version=1.6.7"
},
{
"category": "external",
"summary": "2034388",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2034388"
},
{
"category": "external",
"summary": "2035951",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2035951"
},
{
"category": "external",
"summary": "2041949",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2041949"
},
{
"category": "external",
"summary": "2041959",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2041959"
},
{
"category": "external",
"summary": "2041967",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2041967"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2022/rhsa-2022_0467.json"
}
],
"title": "Red Hat Security Advisory: Red Hat AMQ Streams 1.6.7 release and security update",
"tracking": {
"current_release_date": "2025-11-21T18:28:38+00:00",
"generator": {
"date": "2025-11-21T18:28:38+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.12"
}
},
"id": "RHSA-2022:0467",
"initial_release_date": "2022-02-08T12:52:13+00:00",
"revision_history": [
{
"date": "2022-02-08T12:52:13+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2022-02-08T12:52:13+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-11-21T18:28:38+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat AMQ Streams 1.6.7",
"product": {
"name": "Red Hat AMQ Streams 1.6.7",
"product_id": "Red Hat AMQ Streams 1.6.7",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:amq_streams:1"
}
}
}
],
"category": "product_family",
"name": "Red Hat JBoss AMQ"
}
],
"category": "vendor",
"name": "Red Hat"
}
]
},
"vulnerabilities": [
{
"acknowledgments": [
{
"names": [
"Jordy Versmissen"
]
}
],
"cve": "CVE-2021-4178",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2021-12-16T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2034388"
}
],
"notes": [
{
"category": "description",
"text": "A arbitrary code execution flaw was found in the Fabric 8 Kubernetes client affecting versions 5.0.0-beta-1 and above. Due to an improperly configured YAML parsing, this will allow a local and privileged attacker to supply malicious YAML.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kubernetes-client: Insecure deserialization in unmarshalYaml method",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat CodeReady Studio 12 is not affected by this flaw because it does not ship a vulnerable version of kubernetes-client; the version that it ships does not use SnakeYAML.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AMQ Streams 1.6.7"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-4178"
},
{
"category": "external",
"summary": "RHBZ#2034388",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2034388"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-4178",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-4178"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-4178",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-4178"
}
],
"release_date": "2022-01-05T15:05:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-02-08T12:52:13+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat AMQ Streams 1.6.7"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:0467"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat AMQ Streams 1.6.7"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kubernetes-client: Insecure deserialization in unmarshalYaml method"
},
{
"cve": "CVE-2021-44832",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2021-12-28T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2035951"
}
],
"notes": [
{
"category": "description",
"text": "Apache Log4j2 versions 2.0-beta7 through 2.17.0 (excluding security fix releases 2.3.2 and 2.12.4) are vulnerable to a remote code execution (RCE) attack where an attacker with permission to modify the logging configuration file can construct a malicious configuration using a JDBC Appender with a data source referencing a JNDI URI which can execute remote code. This issue is fixed by limiting JNDI data source names to the java protocol in Log4j2 versions 2.17.1, 2.12.4, and 2.3.2.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "log4j-core: remote code execution via JDBC Appender",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Log4j 1.x is not impacted by this vulnerability. Therefore versions of log4j shipped with Red Hat Enterprise Linux are NOT affected by this flaw.\n\nFor Elasticsearch, as shipped in OpenShift Container Platform and OpenShift Logging, access to the log4j2.properties configuration is limited only to the cluster administrators and exploitation requires cluster logging changes, what reduced the impact of this vulnerability significantly [0].\n\n[0] https://discuss.elastic.co/t/apache-log4j2-remote-code-execution-rce-vulnerability-cve-2021-44228-esa-2021-31/291476#update-jan-6-5",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AMQ Streams 1.6.7"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-44832"
},
{
"category": "external",
"summary": "RHBZ#2035951",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2035951"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-44832",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44832"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-44832",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-44832"
},
{
"category": "external",
"summary": "https://issues.apache.org/jira/browse/LOG4J2-3293",
"url": "https://issues.apache.org/jira/browse/LOG4J2-3293"
}
],
"release_date": "2021-12-28T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-02-08T12:52:13+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat AMQ Streams 1.6.7"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:0467"
},
{
"category": "workaround",
"details": "As per upstream:\n- In prior releases confirm that if the JDBC Appender is being used it is not configured to use any protocol other than Java.\n- Note that only the log4j-core JAR file is impacted by this vulnerability. Applications using only the log4j-api JAR file without the log4j-core JAR file are not impacted by this vulnerability.",
"product_ids": [
"Red Hat AMQ Streams 1.6.7"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat AMQ Streams 1.6.7"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "log4j-core: remote code execution via JDBC Appender"
},
{
"cve": "CVE-2022-23302",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2022-01-18T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2041949"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Java logging library Apache Log4j in version 1.x. JMSSink in Log4j 1.x is vulnerable to deserialization of untrusted data. This allows a remote attacker to execute code on the server if JMSSink is deployed and has been configured to perform JNDI requests.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "log4j: Remote code execution in Log4j 1.x when application is configured to use JMSSink",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Note this flaw ONLY affects applications which are specifically configured to use JMSSink, which is not the default, or when the attacker has write access to the Log4j configuration for adding JMSSink to the attacker\u0027s JNDI LDAP endpoint.\n\nRed Hat Satellite bundles log4j-over-slf4j with Candlepin, however, product is not affected as it uses logback framework for logging.\n\nRed Hat Virtualization and OpenShift Container Platform in the OCP Metering stack (the Hive/Presto/Hadoop components) ship a vulnerable version of the log4j package, however JMSSink is not used. Therefore the impact of this vulnerability for these products is rated Low.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AMQ Streams 1.6.7"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-23302"
},
{
"category": "external",
"summary": "RHBZ#2041949",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2041949"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-23302",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23302"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-23302",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-23302"
},
{
"category": "external",
"summary": "https://www.openwall.com/lists/oss-security/2022/01/18/3",
"url": "https://www.openwall.com/lists/oss-security/2022/01/18/3"
}
],
"release_date": "2022-01-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-02-08T12:52:13+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat AMQ Streams 1.6.7"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:0467"
},
{
"category": "workaround",
"details": "These are the possible mitigations for this flaw for releases version 1.x:\n\n- Comment out or remove JMSSink in the Log4j configuration if it is used\n- Remove the JMSSink class from the server\u0027s jar files. For example:\n```\nzip -q -d log4j-*.jar org/apache/log4j/net/JMSSink.class\n```\n- Restrict access for the OS user on the platform running the application to prevent modifying the Log4j configuration by the attacker.",
"product_ids": [
"Red Hat AMQ Streams 1.6.7"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat AMQ Streams 1.6.7"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "log4j: Remote code execution in Log4j 1.x when application is configured to use JMSSink"
},
{
"cve": "CVE-2022-23305",
"cwe": {
"id": "CWE-89",
"name": "Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)"
},
"discovery_date": "2022-01-18T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2041959"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Java logging library Apache Log4j in version 1.x. JDBCAppender in Log4j 1.x is vulnerable to SQL injection in untrusted data. This allows a remote attacker to run SQL statements in the database if the deployed application is configured to use JDBCAppender with certain interpolation tokens.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "log4j: SQL injection in Log4j 1.x when application is configured to use JDBCAppender",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Note this issue only affects Log4j 1.x when specifically configured to use the JDBCAppender, which is not the default.\n\nRed Hat Satellite bundles log4j-over-slf4j with Candlepin, however, product is not affected as it uses logback framework for logging.\n\nRed Hat Virtualization and OpenShift Container Platform in the OCP Metering stack (the Hive/Presto/Hadoop components) ship a vulnerable version of the log4j package, however JDBCAppender is not used. Therefore the impact of this vulnerability for these products is rated Low.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AMQ Streams 1.6.7"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-23305"
},
{
"category": "external",
"summary": "RHBZ#2041959",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2041959"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-23305",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23305"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-23305",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-23305"
},
{
"category": "external",
"summary": "https://www.openwall.com/lists/oss-security/2022/01/18/4",
"url": "https://www.openwall.com/lists/oss-security/2022/01/18/4"
}
],
"release_date": "2022-01-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-02-08T12:52:13+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat AMQ Streams 1.6.7"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:0467"
},
{
"category": "workaround",
"details": "These are the possible mitigations for this flaw for releases version 1.x:\n\n- Comment out or remove JDBCAppender in the Log4j configuration if it is used\n- Remove the JDBCAppender class from the server\u0027s jar files. For example:\n```\nzip -q -d log4j-*.jar org/apache/log4j/jdbc/JDBCAppender.class\n```",
"product_ids": [
"Red Hat AMQ Streams 1.6.7"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat AMQ Streams 1.6.7"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "log4j: SQL injection in Log4j 1.x when application is configured to use JDBCAppender"
},
{
"cve": "CVE-2022-23307",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2022-01-18T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2041967"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the log4j 1.x chainsaw component, where the contents of certain log entries are deserialized and possibly permit code execution. This flaw allows an attacker to send a malicious request with serialized data to the server to be deserialized when the chainsaw component is run.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "log4j: Unsafe deserialization flaw in Chainsaw log viewer",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Chainsaw is a standalone graphical user interface for viewing log entries in log4j. This flaw may be bypassed by using other available means to access log entries.\n\nRed Hat Satellite bundles log4j-over-slf4j with Candlepin, however, product is not affected as it uses logback framework for logging.\n\nRed Hat Virtualization ships a vulnerable version of the log4j package, however chainsaw is not part of typical use cases. An attacker looking to exploit this would need to not only be able to generate a malicious log entry, but also have the necessary access and permissions to start chainsaw on the engine node. Therefore the impact of this vulnerability for Red Hat Virtualization is rated Low.\n\nSimilar to Red Hat Virtualization in OpenShift Container Platform (OCP), the Hive/Presto/Hadoop components that comprise the OCP Metering stack, ship the vulnerable version of log4j package, however vulnerable chainsaw component is not used by default. Therefore the impact to OCP is reduced to Low.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AMQ Streams 1.6.7"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-23307"
},
{
"category": "external",
"summary": "RHBZ#2041967",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2041967"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-23307",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23307"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-23307",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-23307"
},
{
"category": "external",
"summary": "https://www.openwall.com/lists/oss-security/2022/01/18/5",
"url": "https://www.openwall.com/lists/oss-security/2022/01/18/5"
}
],
"release_date": "2022-01-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-02-08T12:52:13+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat AMQ Streams 1.6.7"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:0467"
},
{
"category": "workaround",
"details": "These are the mitigations available for this flaw for log4j 1.x:\n- Avoid using Chainsaw to view logs, and instead use some other utility, especially if there is a log view available within the product itself.\n- Remove the Chainsaw classes from the log4j jar files. For example:\n```\nzip -q -d log4j-*.jar org/apache/log4j/chainsaw/*\n```\n(log4j jars may be nested in zip archives within product)",
"product_ids": [
"Red Hat AMQ Streams 1.6.7"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat AMQ Streams 1.6.7"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "log4j: Unsafe deserialization flaw in Chainsaw log viewer"
}
]
}
RHSA-2022_0467
Vulnerability from csaf_redhat - Published: 2022-02-08 12:52 - Updated: 2024-11-26 02:52Summary
Red Hat Security Advisory: Red Hat AMQ Streams 1.6.7 release and security update
Notes
Topic
Red Hat AMQ Streams 1.6.7 is now available from the Red Hat Customer Portal.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat AMQ Streams, based on the Apache Kafka project, offers a distributed backbone that allows microservices and other applications to share data with extremely high throughput and extremely low latency.
This release of Red Hat AMQ Streams 1.6.7 serves as a replacement for Red Hat AMQ Streams 1.6.6, and includes security and bug fixes, and enhancements. For further information, refer to the release notes linked to in the References section.
Security Fix(es):
* log4j: SQL injection in Log4j 1.x when application is configured to use JDBCAppender (CVE-2022-23305)
* log4j: Unsafe deserialization flaw in Chainsaw log viewer (CVE-2022-23307)
* kubernetes-client: Insecure deserialization in unmarshalYaml method (CVE-2021-4178)
* log4j-core: remote code execution via JDBC Appender (CVE-2021-44832)
* log4j: Remote code execution in Log4j 1.x when application is configured to use JMSSink (CVE-2022-23302)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Red Hat AMQ Streams 1.6.7 is now available from the Red Hat Customer Portal.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat AMQ Streams, based on the Apache Kafka project, offers a distributed backbone that allows microservices and other applications to share data with extremely high throughput and extremely low latency. \n\nThis release of Red Hat AMQ Streams 1.6.7 serves as a replacement for Red Hat AMQ Streams 1.6.6, and includes security and bug fixes, and enhancements. For further information, refer to the release notes linked to in the References section.\n\nSecurity Fix(es):\n\n* log4j: SQL injection in Log4j 1.x when application is configured to use JDBCAppender (CVE-2022-23305)\n\n* log4j: Unsafe deserialization flaw in Chainsaw log viewer (CVE-2022-23307)\n\n* kubernetes-client: Insecure deserialization in unmarshalYaml method (CVE-2021-4178)\n\n* log4j-core: remote code execution via JDBC Appender (CVE-2021-44832)\n\n* log4j: Remote code execution in Log4j 1.x when application is configured to use JMSSink (CVE-2022-23302)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2022:0467",
"url": "https://access.redhat.com/errata/RHSA-2022:0467"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=distributions\u0026product=jboss.amq.streams\u0026version=1.6.7",
"url": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=distributions\u0026product=jboss.amq.streams\u0026version=1.6.7"
},
{
"category": "external",
"summary": "2034388",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2034388"
},
{
"category": "external",
"summary": "2035951",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2035951"
},
{
"category": "external",
"summary": "2041949",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2041949"
},
{
"category": "external",
"summary": "2041959",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2041959"
},
{
"category": "external",
"summary": "2041967",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2041967"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2022/rhsa-2022_0467.json"
}
],
"title": "Red Hat Security Advisory: Red Hat AMQ Streams 1.6.7 release and security update",
"tracking": {
"current_release_date": "2024-11-26T02:52:09+00:00",
"generator": {
"date": "2024-11-26T02:52:09+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.1"
}
},
"id": "RHSA-2022:0467",
"initial_release_date": "2022-02-08T12:52:13+00:00",
"revision_history": [
{
"date": "2022-02-08T12:52:13+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2022-02-08T12:52:13+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-26T02:52:09+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat AMQ Streams 1.6.7",
"product": {
"name": "Red Hat AMQ Streams 1.6.7",
"product_id": "Red Hat AMQ Streams 1.6.7",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:amq_streams:1"
}
}
}
],
"category": "product_family",
"name": "Red Hat JBoss AMQ"
}
],
"category": "vendor",
"name": "Red Hat"
}
]
},
"vulnerabilities": [
{
"acknowledgments": [
{
"names": [
"Jordy Versmissen"
]
}
],
"cve": "CVE-2021-4178",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2021-12-16T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2034388"
}
],
"notes": [
{
"category": "description",
"text": "A arbitrary code execution flaw was found in the Fabric 8 Kubernetes client affecting versions 5.0.0-beta-1 and above. Due to an improperly configured YAML parsing, this will allow a local and privileged attacker to supply malicious YAML.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kubernetes-client: Insecure deserialization in unmarshalYaml method",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat CodeReady Studio 12 is not affected by this flaw because it does not ship a vulnerable version of kubernetes-client; the version that it ships does not use SnakeYAML.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AMQ Streams 1.6.7"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-4178"
},
{
"category": "external",
"summary": "RHBZ#2034388",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2034388"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-4178",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-4178"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-4178",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-4178"
}
],
"release_date": "2022-01-05T15:05:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-02-08T12:52:13+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat AMQ Streams 1.6.7"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:0467"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat AMQ Streams 1.6.7"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kubernetes-client: Insecure deserialization in unmarshalYaml method"
},
{
"cve": "CVE-2021-44832",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2021-12-28T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2035951"
}
],
"notes": [
{
"category": "description",
"text": "Apache Log4j2 versions 2.0-beta7 through 2.17.0 (excluding security fix releases 2.3.2 and 2.12.4) are vulnerable to a remote code execution (RCE) attack where an attacker with permission to modify the logging configuration file can construct a malicious configuration using a JDBC Appender with a data source referencing a JNDI URI which can execute remote code. This issue is fixed by limiting JNDI data source names to the java protocol in Log4j2 versions 2.17.1, 2.12.4, and 2.3.2.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "log4j-core: remote code execution via JDBC Appender",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Log4j 1.x is not impacted by this vulnerability. Therefore versions of log4j shipped with Red Hat Enterprise Linux are NOT affected by this flaw.\n\nFor Elasticsearch, as shipped in OpenShift Container Platform and OpenShift Logging, access to the log4j2.properties configuration is limited only to the cluster administrators and exploitation requires cluster logging changes, what reduced the impact of this vulnerability significantly [0].\n\n[0] https://discuss.elastic.co/t/apache-log4j2-remote-code-execution-rce-vulnerability-cve-2021-44228-esa-2021-31/291476#update-jan-6-5",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AMQ Streams 1.6.7"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-44832"
},
{
"category": "external",
"summary": "RHBZ#2035951",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2035951"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-44832",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44832"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-44832",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-44832"
},
{
"category": "external",
"summary": "https://issues.apache.org/jira/browse/LOG4J2-3293",
"url": "https://issues.apache.org/jira/browse/LOG4J2-3293"
}
],
"release_date": "2021-12-28T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-02-08T12:52:13+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat AMQ Streams 1.6.7"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:0467"
},
{
"category": "workaround",
"details": "As per upstream:\n- In prior releases confirm that if the JDBC Appender is being used it is not configured to use any protocol other than Java.\n- Note that only the log4j-core JAR file is impacted by this vulnerability. Applications using only the log4j-api JAR file without the log4j-core JAR file are not impacted by this vulnerability.",
"product_ids": [
"Red Hat AMQ Streams 1.6.7"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat AMQ Streams 1.6.7"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "log4j-core: remote code execution via JDBC Appender"
},
{
"cve": "CVE-2022-23302",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2022-01-18T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2041949"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Java logging library Apache Log4j in version 1.x. JMSSink in Log4j 1.x is vulnerable to deserialization of untrusted data. This allows a remote attacker to execute code on the server if JMSSink is deployed and has been configured to perform JNDI requests.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "log4j: Remote code execution in Log4j 1.x when application is configured to use JMSSink",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Note this flaw ONLY affects applications which are specifically configured to use JMSSink, which is not the default, or when the attacker has write access to the Log4j configuration for adding JMSSink to the attacker\u0027s JNDI LDAP endpoint.\n\nRed Hat Satellite bundles log4j-over-slf4j with Candlepin, however, product is not affected as it uses logback framework for logging.\n\nRed Hat Virtualization and OpenShift Container Platform in the OCP Metering stack (the Hive/Presto/Hadoop components) ship a vulnerable version of the log4j package, however JMSSink is not used. Therefore the impact of this vulnerability for these products is rated Low.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AMQ Streams 1.6.7"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-23302"
},
{
"category": "external",
"summary": "RHBZ#2041949",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2041949"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-23302",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23302"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-23302",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-23302"
},
{
"category": "external",
"summary": "https://www.openwall.com/lists/oss-security/2022/01/18/3",
"url": "https://www.openwall.com/lists/oss-security/2022/01/18/3"
}
],
"release_date": "2022-01-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-02-08T12:52:13+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat AMQ Streams 1.6.7"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:0467"
},
{
"category": "workaround",
"details": "These are the possible mitigations for this flaw for releases version 1.x:\n\n- Comment out or remove JMSSink in the Log4j configuration if it is used\n- Remove the JMSSink class from the server\u0027s jar files. For example:\n```\nzip -q -d log4j-*.jar org/apache/log4j/net/JMSSink.class\n```\n- Restrict access for the OS user on the platform running the application to prevent modifying the Log4j configuration by the attacker.",
"product_ids": [
"Red Hat AMQ Streams 1.6.7"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat AMQ Streams 1.6.7"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "log4j: Remote code execution in Log4j 1.x when application is configured to use JMSSink"
},
{
"cve": "CVE-2022-23305",
"cwe": {
"id": "CWE-89",
"name": "Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)"
},
"discovery_date": "2022-01-18T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2041959"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Java logging library Apache Log4j in version 1.x. JDBCAppender in Log4j 1.x is vulnerable to SQL injection in untrusted data. This allows a remote attacker to run SQL statements in the database if the deployed application is configured to use JDBCAppender with certain interpolation tokens.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "log4j: SQL injection in Log4j 1.x when application is configured to use JDBCAppender",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Note this issue only affects Log4j 1.x when specifically configured to use the JDBCAppender, which is not the default.\n\nRed Hat Satellite bundles log4j-over-slf4j with Candlepin, however, product is not affected as it uses logback framework for logging.\n\nRed Hat Virtualization and OpenShift Container Platform in the OCP Metering stack (the Hive/Presto/Hadoop components) ship a vulnerable version of the log4j package, however JDBCAppender is not used. Therefore the impact of this vulnerability for these products is rated Low.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AMQ Streams 1.6.7"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-23305"
},
{
"category": "external",
"summary": "RHBZ#2041959",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2041959"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-23305",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23305"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-23305",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-23305"
},
{
"category": "external",
"summary": "https://www.openwall.com/lists/oss-security/2022/01/18/4",
"url": "https://www.openwall.com/lists/oss-security/2022/01/18/4"
}
],
"release_date": "2022-01-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-02-08T12:52:13+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat AMQ Streams 1.6.7"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:0467"
},
{
"category": "workaround",
"details": "These are the possible mitigations for this flaw for releases version 1.x:\n\n- Comment out or remove JDBCAppender in the Log4j configuration if it is used\n- Remove the JDBCAppender class from the server\u0027s jar files. For example:\n```\nzip -q -d log4j-*.jar org/apache/log4j/jdbc/JDBCAppender.class\n```",
"product_ids": [
"Red Hat AMQ Streams 1.6.7"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat AMQ Streams 1.6.7"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "log4j: SQL injection in Log4j 1.x when application is configured to use JDBCAppender"
},
{
"cve": "CVE-2022-23307",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2022-01-18T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2041967"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the log4j 1.x chainsaw component, where the contents of certain log entries are deserialized and possibly permit code execution. This flaw allows an attacker to send a malicious request with serialized data to the server to be deserialized when the chainsaw component is run.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "log4j: Unsafe deserialization flaw in Chainsaw log viewer",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Chainsaw is a standalone graphical user interface for viewing log entries in log4j. This flaw may be bypassed by using other available means to access log entries.\n\nRed Hat Satellite bundles log4j-over-slf4j with Candlepin, however, product is not affected as it uses logback framework for logging.\n\nRed Hat Virtualization ships a vulnerable version of the log4j package, however chainsaw is not part of typical use cases. An attacker looking to exploit this would need to not only be able to generate a malicious log entry, but also have the necessary access and permissions to start chainsaw on the engine node. Therefore the impact of this vulnerability for Red Hat Virtualization is rated Low.\n\nSimilar to Red Hat Virtualization in OpenShift Container Platform (OCP), the Hive/Presto/Hadoop components that comprise the OCP Metering stack, ship the vulnerable version of log4j package, however vulnerable chainsaw component is not used by default. Therefore the impact to OCP is reduced to Low.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AMQ Streams 1.6.7"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-23307"
},
{
"category": "external",
"summary": "RHBZ#2041967",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2041967"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-23307",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23307"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-23307",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-23307"
},
{
"category": "external",
"summary": "https://www.openwall.com/lists/oss-security/2022/01/18/5",
"url": "https://www.openwall.com/lists/oss-security/2022/01/18/5"
}
],
"release_date": "2022-01-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-02-08T12:52:13+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat AMQ Streams 1.6.7"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:0467"
},
{
"category": "workaround",
"details": "These are the mitigations available for this flaw for log4j 1.x:\n- Avoid using Chainsaw to view logs, and instead use some other utility, especially if there is a log view available within the product itself.\n- Remove the Chainsaw classes from the log4j jar files. For example:\n```\nzip -q -d log4j-*.jar org/apache/log4j/chainsaw/*\n```\n(log4j jars may be nested in zip archives within product)",
"product_ids": [
"Red Hat AMQ Streams 1.6.7"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat AMQ Streams 1.6.7"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "log4j: Unsafe deserialization flaw in Chainsaw log viewer"
}
]
}
RHSA-2022_1299
Vulnerability from csaf_redhat - Published: 2022-04-11 13:00 - Updated: 2024-11-26 02:52Summary
Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.4.4 security update
Notes
Topic
A security update is now available for Red Hat JBoss Enterprise Application Platform 7.4.
Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime.
This release of Red Hat JBoss Enterprise Application Platform 7.4.4 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.4.3 and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.4.4 Release Notes for information about the most significant bug fixes and enhancements included in this release.
Security Fix(es):
* log4j: SQL injection in Log4j 1.x when application is configured to use JDBCAppender (CVE-2022-23305)
* log4j: Unsafe deserialization flaw in Chainsaw log viewer (CVE-2022-23307)
* log4j: Remote code execution in Log4j 1.x when application is configured to use JMSAppender (CVE-2021-4104)
* log4j-core: remote code execution via JDBC Appender (CVE-2021-44832)
* log4j-core: DoS in log4j 2.x with thread context message pattern and context lookup pattern (incomplete fix for CVE-2021-44228) (CVE-2021-45046)
* log4j-core: DoS in log4j 2.x with Thread Context Map (MDC) input data contains a recursive lookup and context lookup pattern (CVE-2021-45105)
* log4j: Remote code execution in Log4j 1.x when application is configured to use JMSSink (CVE-2022-23302)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Low"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "A security update is now available for Red Hat JBoss Enterprise Application Platform 7.4.\n\nRed Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime.\n\nThis release of Red Hat JBoss Enterprise Application Platform 7.4.4 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.4.3 and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.4.4 Release Notes for information about the most significant bug fixes and enhancements included in this release.\n\nSecurity Fix(es):\n\n* log4j: SQL injection in Log4j 1.x when application is configured to use JDBCAppender (CVE-2022-23305)\n\n* log4j: Unsafe deserialization flaw in Chainsaw log viewer (CVE-2022-23307)\n\n* log4j: Remote code execution in Log4j 1.x when application is configured to use JMSAppender (CVE-2021-4104)\n\n* log4j-core: remote code execution via JDBC Appender (CVE-2021-44832)\n\n* log4j-core: DoS in log4j 2.x with thread context message pattern and context lookup pattern (incomplete fix for CVE-2021-44228) (CVE-2021-45046)\n\n* log4j-core: DoS in log4j 2.x with Thread Context Map (MDC) input data contains a recursive lookup and context lookup pattern (CVE-2021-45105)\n\n* log4j: Remote code execution in Log4j 1.x when application is configured to use JMSSink (CVE-2022-23302)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2022:1299",
"url": "https://access.redhat.com/errata/RHSA-2022:1299"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#low",
"url": "https://access.redhat.com/security/updates/classification/#low"
},
{
"category": "external",
"summary": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=securityPatches\u0026product=appplatform\u0026version=7.4",
"url": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=securityPatches\u0026product=appplatform\u0026version=7.4"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.4/",
"url": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.4/"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.4/html-single/installation_guide/",
"url": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.4/html-single/installation_guide/"
},
{
"category": "external",
"summary": "2031667",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2031667"
},
{
"category": "external",
"summary": "2032580",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2032580"
},
{
"category": "external",
"summary": "2034067",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2034067"
},
{
"category": "external",
"summary": "2035951",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2035951"
},
{
"category": "external",
"summary": "2041949",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2041949"
},
{
"category": "external",
"summary": "2041959",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2041959"
},
{
"category": "external",
"summary": "2041967",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2041967"
},
{
"category": "external",
"summary": "JBEAP-22105",
"url": "https://issues.redhat.com/browse/JBEAP-22105"
},
{
"category": "external",
"summary": "JBEAP-22385",
"url": "https://issues.redhat.com/browse/JBEAP-22385"
},
{
"category": "external",
"summary": "JBEAP-22731",
"url": "https://issues.redhat.com/browse/JBEAP-22731"
},
{
"category": "external",
"summary": "JBEAP-22738",
"url": "https://issues.redhat.com/browse/JBEAP-22738"
},
{
"category": "external",
"summary": "JBEAP-22819",
"url": "https://issues.redhat.com/browse/JBEAP-22819"
},
{
"category": "external",
"summary": "JBEAP-22839",
"url": "https://issues.redhat.com/browse/JBEAP-22839"
},
{
"category": "external",
"summary": "JBEAP-22864",
"url": "https://issues.redhat.com/browse/JBEAP-22864"
},
{
"category": "external",
"summary": "JBEAP-22904",
"url": "https://issues.redhat.com/browse/JBEAP-22904"
},
{
"category": "external",
"summary": "JBEAP-22911",
"url": "https://issues.redhat.com/browse/JBEAP-22911"
},
{
"category": "external",
"summary": "JBEAP-22912",
"url": "https://issues.redhat.com/browse/JBEAP-22912"
},
{
"category": "external",
"summary": "JBEAP-22913",
"url": "https://issues.redhat.com/browse/JBEAP-22913"
},
{
"category": "external",
"summary": "JBEAP-22935",
"url": "https://issues.redhat.com/browse/JBEAP-22935"
},
{
"category": "external",
"summary": "JBEAP-22945",
"url": "https://issues.redhat.com/browse/JBEAP-22945"
},
{
"category": "external",
"summary": "JBEAP-22973",
"url": "https://issues.redhat.com/browse/JBEAP-22973"
},
{
"category": "external",
"summary": "JBEAP-23038",
"url": "https://issues.redhat.com/browse/JBEAP-23038"
},
{
"category": "external",
"summary": "JBEAP-23040",
"url": "https://issues.redhat.com/browse/JBEAP-23040"
},
{
"category": "external",
"summary": "JBEAP-23045",
"url": "https://issues.redhat.com/browse/JBEAP-23045"
},
{
"category": "external",
"summary": "JBEAP-23101",
"url": "https://issues.redhat.com/browse/JBEAP-23101"
},
{
"category": "external",
"summary": "JBEAP-23105",
"url": "https://issues.redhat.com/browse/JBEAP-23105"
},
{
"category": "external",
"summary": "JBEAP-23143",
"url": "https://issues.redhat.com/browse/JBEAP-23143"
},
{
"category": "external",
"summary": "JBEAP-23177",
"url": "https://issues.redhat.com/browse/JBEAP-23177"
},
{
"category": "external",
"summary": "JBEAP-23323",
"url": "https://issues.redhat.com/browse/JBEAP-23323"
},
{
"category": "external",
"summary": "JBEAP-23373",
"url": "https://issues.redhat.com/browse/JBEAP-23373"
},
{
"category": "external",
"summary": "JBEAP-23374",
"url": "https://issues.redhat.com/browse/JBEAP-23374"
},
{
"category": "external",
"summary": "JBEAP-23375",
"url": "https://issues.redhat.com/browse/JBEAP-23375"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2022/rhsa-2022_1299.json"
}
],
"title": "Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.4.4 security update",
"tracking": {
"current_release_date": "2024-11-26T02:52:49+00:00",
"generator": {
"date": "2024-11-26T02:52:49+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.1"
}
},
"id": "RHSA-2022:1299",
"initial_release_date": "2022-04-11T13:00:49+00:00",
"revision_history": [
{
"date": "2022-04-11T13:00:49+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2022-04-11T13:00:49+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-26T02:52:49+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "EAP 7.4.4 release",
"product": {
"name": "EAP 7.4.4 release",
"product_id": "EAP 7.4.4 release",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4"
}
}
}
],
"category": "product_family",
"name": "Red Hat JBoss Enterprise Application Platform"
}
],
"category": "vendor",
"name": "Red Hat"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-4104",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2021-12-13T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2031667"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Java logging library Apache Log4j in version 1.x. JMSAppender in Log4j 1.x is vulnerable to deserialization of untrusted data. This allows a remote attacker to execute code on the server if the deployed application is configured to use JMSAppender and to the attacker\u0027s JNDI LDAP endpoint.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "log4j: Remote code execution in Log4j 1.x when application is configured to use JMSAppender",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Based on the conditions to be exploitable (see details below), the risk is much lower than Log4j 2.x and Red Hat has assessed this to be Moderate severity. This flaw has been filed for Log4j 1.x, and the corresponding flaw information for Log4j 2.x is available at: https://access.redhat.com/security/cve/CVE-2021-44228\n\nNote this flaw ONLY affects applications which are specifically configured to use JMSAppender, which is not the default, or when the attacker has write access to the Log4j configuration for adding JMSAppender to the attacker\u0027s JNDI LDAP endpoint. \n\nIf the Log4j configuration is set TopicBindingName or TopicConnectionFactoryBindingName configurations allowing JMSAppender to perform JNDI requests that result in remote code execution in a similar fashion to CVE-2021-44228 Log4j 2.x, Log4j 1.x is vulnerable. However, the attack vector is reduced as it depends on having write access, which is not a standard configuration rather than untrusted user input. These are sufficient factors beyond the attacker\u0027s control.\n\nThe tomcat package shipped with Red Hat Enterprise Linux does not include log4j but it does include a default configuration for log4j, log4j.properties, which could be used with tomcat if users choose to install and configure the library. The JMSAppender is not enabled by default, and the permissions of the file can only be modified as root.\n\nRed Hat Virtualization ships log4j12-1.2.17, but it is used and configured in a way which makes this flaw not possible to exploit. Therefore impact is rated Low.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"EAP 7.4.4 release"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-4104"
},
{
"category": "external",
"summary": "RHBZ#2031667",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2031667"
},
{
"category": "external",
"summary": "RHSB-2021-009",
"url": "https://access.redhat.com/security/vulnerabilities/RHSB-2021-009"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-4104",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-4104"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-4104",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-4104"
},
{
"category": "external",
"summary": "https://github.com/apache/logging-log4j2/pull/608#issuecomment-990494126",
"url": "https://github.com/apache/logging-log4j2/pull/608#issuecomment-990494126"
},
{
"category": "external",
"summary": "https://github.com/apache/logging-log4j2/pull/608#issuecomment-991723301",
"url": "https://github.com/apache/logging-log4j2/pull/608#issuecomment-991723301"
},
{
"category": "external",
"summary": "https://lists.apache.org/thread/0x4zvtq92yggdgvwfgsftqrj4xx5w0nx",
"url": "https://lists.apache.org/thread/0x4zvtq92yggdgvwfgsftqrj4xx5w0nx"
},
{
"category": "external",
"summary": "https://www.openwall.com/lists/oss-security/2021/12/13/1",
"url": "https://www.openwall.com/lists/oss-security/2021/12/13/1"
}
],
"release_date": "2021-12-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-04-11T13:00:49+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"EAP 7.4.4 release"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:1299"
},
{
"category": "workaround",
"details": "These are the possible mitigations for this flaw for releases version 1.x:\n\n- Comment out or remove JMSAppender in the Log4j configuration if it is used\n- Remove the JMSAppender class from the classpath. For example:\n```\nzip -q -d log4j-*.jar org/apache/log4j/net/JMSAppender.class\n```\n- Restrict access for the OS user on the platform running the application to prevent modifying the Log4j configuration by the attacker.",
"product_ids": [
"EAP 7.4.4 release"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"EAP 7.4.4 release"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "log4j: Remote code execution in Log4j 1.x when application is configured to use JMSAppender"
},
{
"cve": "CVE-2021-44832",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2021-12-28T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2035951"
}
],
"notes": [
{
"category": "description",
"text": "Apache Log4j2 versions 2.0-beta7 through 2.17.0 (excluding security fix releases 2.3.2 and 2.12.4) are vulnerable to a remote code execution (RCE) attack where an attacker with permission to modify the logging configuration file can construct a malicious configuration using a JDBC Appender with a data source referencing a JNDI URI which can execute remote code. This issue is fixed by limiting JNDI data source names to the java protocol in Log4j2 versions 2.17.1, 2.12.4, and 2.3.2.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "log4j-core: remote code execution via JDBC Appender",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Log4j 1.x is not impacted by this vulnerability. Therefore versions of log4j shipped with Red Hat Enterprise Linux are NOT affected by this flaw.\n\nFor Elasticsearch, as shipped in OpenShift Container Platform and OpenShift Logging, access to the log4j2.properties configuration is limited only to the cluster administrators and exploitation requires cluster logging changes, what reduced the impact of this vulnerability significantly [0].\n\n[0] https://discuss.elastic.co/t/apache-log4j2-remote-code-execution-rce-vulnerability-cve-2021-44228-esa-2021-31/291476#update-jan-6-5",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"EAP 7.4.4 release"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-44832"
},
{
"category": "external",
"summary": "RHBZ#2035951",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2035951"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-44832",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44832"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-44832",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-44832"
},
{
"category": "external",
"summary": "https://issues.apache.org/jira/browse/LOG4J2-3293",
"url": "https://issues.apache.org/jira/browse/LOG4J2-3293"
}
],
"release_date": "2021-12-28T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-04-11T13:00:49+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"EAP 7.4.4 release"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:1299"
},
{
"category": "workaround",
"details": "As per upstream:\n- In prior releases confirm that if the JDBC Appender is being used it is not configured to use any protocol other than Java.\n- Note that only the log4j-core JAR file is impacted by this vulnerability. Applications using only the log4j-api JAR file without the log4j-core JAR file are not impacted by this vulnerability.",
"product_ids": [
"EAP 7.4.4 release"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"EAP 7.4.4 release"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "log4j-core: remote code execution via JDBC Appender"
},
{
"cve": "CVE-2021-45046",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2021-12-14T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2032580"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Apache Log4j logging library in versions from 2.0.0 and before 2.16.0. A remote attacker with control over Thread Context Map (MDC) input data could craft malicious input using a JNDI Lookup pattern resulting in remote code execution (RCE) in a limited number of environments.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "log4j-core: DoS in log4j 2.x with thread context message pattern and context lookup pattern (incomplete fix for CVE-2021-44228)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Although we have matched Apache\u0027s CVSS score, with the exception of the scope metric which will remain unaltered at \"unchanged\"; as we believe code execution would be at the permission levels of the running JVM and not exceeding that of the original CVE-2021-44228 flaw.\n \nWe have given this vulnerability an impact rating of Moderate, this is because of the unlikely nature of log4j lookup mapping values being derived from attacker controlled values. This is not the default configuration for end-applications using log4j 2.x and would require explicit action from a privileged user (a developer or administrator) to access the vulnerability. \nIn certain non-default configurations, it was found that the fix to address CVE-2021-44228 in Apache Log4j 2.15.0 was insufficient.\n\nThis issue affects the log4j version between 2.0 and 2.15. Log4j 1.x is NOT impacted by this vulnerability. \n\nPrerequisites to exploit this flaw are :\n\n- A remotely accessible endpoint with any protocol (HTTP, TCP, etc) that allows an attacker to send arbitrary data,\n- A log statement in the endpoint that logs the attacker controlled data.\n- Log4j configuration file should be explicitly configured to use a non-default Pattern Layout with a Context Lookup eg. ($${ctx:loginId}) \n\nIn most cases, the mitigation suggested for CVE-2021-44228 (i.e. to set the system property `log4j2.noFormatMsgLookup` to `true) does NOT mitigate this specific vulnerability. \nLog4j 2.16.0 fixes this issue by removing support for message lookup patterns and disabling JNDI functionality by default.\n\nFor Elasticsearch, as shipped in OpenShift 3.11, the \"log4j2.formatMsgNoLookups=true\" system property mitigation is sufficient as there are no included non-standard configurations that allow for exploitation:\n\nhttps://github.com/openshift/openshift-ansible/blob/release-3.11/roles/openshift_logging_elasticsearch/templates/log4j2.properties.j2\n\nhttps://discuss.elastic.co/t/apache-log4j2-remote-code-execution-rce-vulnerability-cve-2021-44228-esa-2021-31/291476\n\nFor CodeReady Studio the fix for this flaw is available on CodeReady Studio 12.21.3 and above versions.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"EAP 7.4.4 release"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-45046"
},
{
"category": "external",
"summary": "RHBZ#2032580",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2032580"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-45046",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-45046"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-45046",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-45046"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2021-44228",
"url": "https://access.redhat.com/security/cve/CVE-2021-44228"
},
{
"category": "external",
"summary": "https://logging.apache.org/log4j/2.x/security.html",
"url": "https://logging.apache.org/log4j/2.x/security.html"
},
{
"category": "external",
"summary": "https://www.openwall.com/lists/oss-security/2021/12/14/4",
"url": "https://www.openwall.com/lists/oss-security/2021/12/14/4"
},
{
"category": "external",
"summary": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog",
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
}
],
"release_date": "2021-12-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-04-11T13:00:49+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"EAP 7.4.4 release"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:1299"
},
{
"category": "workaround",
"details": "For Log4j versions up to and including 2.15.0, this issue can be mitigated by removing the JndiLookup class from the classpath (example: zip -q -d log4j-core-*.jar org/apache/logging/log4j/core/lookup/JndiLookup.class).",
"product_ids": [
"EAP 7.4.4 release"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"EAP 7.4.4 release"
]
}
],
"threats": [
{
"category": "exploit_status",
"date": "2023-05-01T00:00:00+00:00",
"details": "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
},
{
"category": "impact",
"details": "Low"
}
],
"title": "log4j-core: DoS in log4j 2.x with thread context message pattern and context lookup pattern (incomplete fix for CVE-2021-44228)"
},
{
"cve": "CVE-2021-45105",
"cwe": {
"id": "CWE-674",
"name": "Uncontrolled Recursion"
},
"discovery_date": "2021-12-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2034067"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Apache Log4j logging library 2.x. when the logging configuration uses a non-default Pattern Layout with a Context Lookup. Attackers with control over Thread Context Map (MDC) input data can craft malicious input data that contains a recursive lookup and can cause Denial of Service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "log4j-core: DoS in log4j 2.x with Thread Context Map (MDC) input data contains a recursive lookup and context lookup pattern",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Product Security has performed an analysis of this flaw and has classified the Attack Complexity(AC) as High because there are multiple factors involved which are beyond attacker\u0027s control:\n\n- The application has to use the logging configuration using a Context Map Lookup (for example, $${ctx:loginId}) which is a non-default Pattern Layout.\n- The application developer has to use the map org.apache.logging.log4j.ThreadContext in the application code and save at-least one key (for example, ThreadContext.put(\"loginId\", \"myId\");) in the ThreadContext map object.\n- Attackers must also know this saved key name in order to exploit this flaw.\n\nNote that saving keys in this map is a non-essential usage of log4j and just an optional feature provided. Refer to https://logging.apache.org/log4j/2.x/manual/lookups.html#ContextMapLookup to know more about the Context Map Lookup feature of Log4j.\n\nLog4j 1.x is not impacted by this vulnerability. Note that only the log4j-core JAR file is impacted by this vulnerability. Applications using ONLY the log4j-api JAR file without the log4j-core JAR file are NOT impacted by this vulnerability.\n\n\nDespite including a vulnerable version of Log4j 2.x, this vulnerability is not exploitable in Elasticsearch[0], as shipped in OpenShift Container Platform and OpenShift Logging. OpenShift 3.11 specifically does not contain any context lookups:\n\nhttps://github.com/openshift/openshift-ansible/blob/release-3.11/roles/openshift_logging_elasticsearch/templates/log4j2.properties.j2\n\nThis vulnerability is therefore rated Low for Elasticsearch in OpenShift Container Platform and OpenShift Logging.\n\n[0] https://discuss.elastic.co/t/apache-log4j2-remote-code-execution-rce-vulnerability-cve-2021-44228-esa-2021-31/291476#update-december-18-4",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"EAP 7.4.4 release"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-45105"
},
{
"category": "external",
"summary": "RHBZ#2034067",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2034067"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-45105",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-45105"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-45105",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-45105"
},
{
"category": "external",
"summary": "https://issues.apache.org/jira/browse/LOG4J2-3230",
"url": "https://issues.apache.org/jira/browse/LOG4J2-3230"
},
{
"category": "external",
"summary": "https://logging.apache.org/log4j/2.x/security.html",
"url": "https://logging.apache.org/log4j/2.x/security.html"
},
{
"category": "external",
"summary": "https://www.openwall.com/lists/oss-security/2021/12/19/1",
"url": "https://www.openwall.com/lists/oss-security/2021/12/19/1"
}
],
"release_date": "2021-12-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-04-11T13:00:49+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"EAP 7.4.4 release"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:1299"
},
{
"category": "workaround",
"details": "For Log4j 2 versions up to and including 2.16.0, this flaw can be mitigated by:\n- In PatternLayout in the Log4j logging configuration, replace Context Lookups like ${ctx:loginId} or $${ctx:loginId} with Thread Context Map patterns (%X, %mdc, or %MDC) like %X{loginId}.\n- Otherwise, in the Log4j logging configuration, remove references to Context Lookups like ${ctx:loginId} or $${ctx:loginId} where they originate from sources external to the application such as HTTP headers or user input.",
"product_ids": [
"EAP 7.4.4 release"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"EAP 7.4.4 release"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "log4j-core: DoS in log4j 2.x with Thread Context Map (MDC) input data contains a recursive lookup and context lookup pattern"
},
{
"cve": "CVE-2022-23302",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2022-01-18T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2041949"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Java logging library Apache Log4j in version 1.x. JMSSink in Log4j 1.x is vulnerable to deserialization of untrusted data. This allows a remote attacker to execute code on the server if JMSSink is deployed and has been configured to perform JNDI requests.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "log4j: Remote code execution in Log4j 1.x when application is configured to use JMSSink",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Note this flaw ONLY affects applications which are specifically configured to use JMSSink, which is not the default, or when the attacker has write access to the Log4j configuration for adding JMSSink to the attacker\u0027s JNDI LDAP endpoint.\n\nRed Hat Satellite bundles log4j-over-slf4j with Candlepin, however, product is not affected as it uses logback framework for logging.\n\nRed Hat Virtualization and OpenShift Container Platform in the OCP Metering stack (the Hive/Presto/Hadoop components) ship a vulnerable version of the log4j package, however JMSSink is not used. Therefore the impact of this vulnerability for these products is rated Low.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"EAP 7.4.4 release"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-23302"
},
{
"category": "external",
"summary": "RHBZ#2041949",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2041949"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-23302",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23302"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-23302",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-23302"
},
{
"category": "external",
"summary": "https://www.openwall.com/lists/oss-security/2022/01/18/3",
"url": "https://www.openwall.com/lists/oss-security/2022/01/18/3"
}
],
"release_date": "2022-01-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-04-11T13:00:49+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"EAP 7.4.4 release"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:1299"
},
{
"category": "workaround",
"details": "These are the possible mitigations for this flaw for releases version 1.x:\n\n- Comment out or remove JMSSink in the Log4j configuration if it is used\n- Remove the JMSSink class from the server\u0027s jar files. For example:\n```\nzip -q -d log4j-*.jar org/apache/log4j/net/JMSSink.class\n```\n- Restrict access for the OS user on the platform running the application to prevent modifying the Log4j configuration by the attacker.",
"product_ids": [
"EAP 7.4.4 release"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"EAP 7.4.4 release"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "log4j: Remote code execution in Log4j 1.x when application is configured to use JMSSink"
},
{
"cve": "CVE-2022-23305",
"cwe": {
"id": "CWE-89",
"name": "Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)"
},
"discovery_date": "2022-01-18T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2041959"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Java logging library Apache Log4j in version 1.x. JDBCAppender in Log4j 1.x is vulnerable to SQL injection in untrusted data. This allows a remote attacker to run SQL statements in the database if the deployed application is configured to use JDBCAppender with certain interpolation tokens.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "log4j: SQL injection in Log4j 1.x when application is configured to use JDBCAppender",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Note this issue only affects Log4j 1.x when specifically configured to use the JDBCAppender, which is not the default.\n\nRed Hat Satellite bundles log4j-over-slf4j with Candlepin, however, product is not affected as it uses logback framework for logging.\n\nRed Hat Virtualization and OpenShift Container Platform in the OCP Metering stack (the Hive/Presto/Hadoop components) ship a vulnerable version of the log4j package, however JDBCAppender is not used. Therefore the impact of this vulnerability for these products is rated Low.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"EAP 7.4.4 release"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-23305"
},
{
"category": "external",
"summary": "RHBZ#2041959",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2041959"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-23305",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23305"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-23305",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-23305"
},
{
"category": "external",
"summary": "https://www.openwall.com/lists/oss-security/2022/01/18/4",
"url": "https://www.openwall.com/lists/oss-security/2022/01/18/4"
}
],
"release_date": "2022-01-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-04-11T13:00:49+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"EAP 7.4.4 release"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:1299"
},
{
"category": "workaround",
"details": "These are the possible mitigations for this flaw for releases version 1.x:\n\n- Comment out or remove JDBCAppender in the Log4j configuration if it is used\n- Remove the JDBCAppender class from the server\u0027s jar files. For example:\n```\nzip -q -d log4j-*.jar org/apache/log4j/jdbc/JDBCAppender.class\n```",
"product_ids": [
"EAP 7.4.4 release"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"EAP 7.4.4 release"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "log4j: SQL injection in Log4j 1.x when application is configured to use JDBCAppender"
},
{
"cve": "CVE-2022-23307",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2022-01-18T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2041967"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the log4j 1.x chainsaw component, where the contents of certain log entries are deserialized and possibly permit code execution. This flaw allows an attacker to send a malicious request with serialized data to the server to be deserialized when the chainsaw component is run.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "log4j: Unsafe deserialization flaw in Chainsaw log viewer",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Chainsaw is a standalone graphical user interface for viewing log entries in log4j. This flaw may be bypassed by using other available means to access log entries.\n\nRed Hat Satellite bundles log4j-over-slf4j with Candlepin, however, product is not affected as it uses logback framework for logging.\n\nRed Hat Virtualization ships a vulnerable version of the log4j package, however chainsaw is not part of typical use cases. An attacker looking to exploit this would need to not only be able to generate a malicious log entry, but also have the necessary access and permissions to start chainsaw on the engine node. Therefore the impact of this vulnerability for Red Hat Virtualization is rated Low.\n\nSimilar to Red Hat Virtualization in OpenShift Container Platform (OCP), the Hive/Presto/Hadoop components that comprise the OCP Metering stack, ship the vulnerable version of log4j package, however vulnerable chainsaw component is not used by default. Therefore the impact to OCP is reduced to Low.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"EAP 7.4.4 release"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-23307"
},
{
"category": "external",
"summary": "RHBZ#2041967",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2041967"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-23307",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23307"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-23307",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-23307"
},
{
"category": "external",
"summary": "https://www.openwall.com/lists/oss-security/2022/01/18/5",
"url": "https://www.openwall.com/lists/oss-security/2022/01/18/5"
}
],
"release_date": "2022-01-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-04-11T13:00:49+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"EAP 7.4.4 release"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:1299"
},
{
"category": "workaround",
"details": "These are the mitigations available for this flaw for log4j 1.x:\n- Avoid using Chainsaw to view logs, and instead use some other utility, especially if there is a log view available within the product itself.\n- Remove the Chainsaw classes from the log4j jar files. For example:\n```\nzip -q -d log4j-*.jar org/apache/log4j/chainsaw/*\n```\n(log4j jars may be nested in zip archives within product)",
"product_ids": [
"EAP 7.4.4 release"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"EAP 7.4.4 release"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "log4j: Unsafe deserialization flaw in Chainsaw log viewer"
}
]
}
RHSA-2022:1297
Vulnerability from csaf_redhat - Published: 2022-04-11 13:00 - Updated: 2025-11-21 18:29Summary
Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.4.4 security update
Notes
Topic
A security update is now available for Red Hat JBoss Enterprise Application Platform 7.4 for Red Hat Enterprise Linux 8.
Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime.
This release of Red Hat JBoss Enterprise Application Platform 7.4.4 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.4.3 and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.4.4 Release Notes for information about the most significant bug fixes and enhancements included in this release.
Security Fix(es):
* log4j: SQL injection in Log4j 1.x when application is configured to use JDBCAppender (CVE-2022-23305)
* log4j: Unsafe deserialization flaw in Chainsaw log viewer (CVE-2022-23307)
* log4j: Remote code execution in Log4j 1.x when application is configured to use JMSAppender (CVE-2021-4104)
* log4j-core: remote code execution via JDBC Appender (CVE-2021-44832)
* log4j-core: DoS in log4j 2.x with thread context message pattern and context lookup pattern (incomplete fix for CVE-2021-44228) (CVE-2021-45046)
* log4j-core: DoS in log4j 2.x with Thread Context Map (MDC) input data contains a recursive lookup and context lookup pattern (CVE-2021-45105)
* log4j: Remote code execution in Log4j 1.x when application is configured to use JMSSink (CVE-2022-23302)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Low"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "A security update is now available for Red Hat JBoss Enterprise Application Platform 7.4 for Red Hat Enterprise Linux 8.\n\nRed Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime.\n\nThis release of Red Hat JBoss Enterprise Application Platform 7.4.4 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.4.3 and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.4.4 Release Notes for information about the most significant bug fixes and enhancements included in this release.\n\nSecurity Fix(es):\n\n* log4j: SQL injection in Log4j 1.x when application is configured to use JDBCAppender (CVE-2022-23305)\n\n* log4j: Unsafe deserialization flaw in Chainsaw log viewer (CVE-2022-23307)\n\n* log4j: Remote code execution in Log4j 1.x when application is configured to use JMSAppender (CVE-2021-4104)\n\n* log4j-core: remote code execution via JDBC Appender (CVE-2021-44832)\n\n* log4j-core: DoS in log4j 2.x with thread context message pattern and context lookup pattern (incomplete fix for CVE-2021-44228) (CVE-2021-45046)\n\n* log4j-core: DoS in log4j 2.x with Thread Context Map (MDC) input data contains a recursive lookup and context lookup pattern (CVE-2021-45105)\n\n* log4j: Remote code execution in Log4j 1.x when application is configured to use JMSSink (CVE-2022-23302)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2022:1297",
"url": "https://access.redhat.com/errata/RHSA-2022:1297"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#low",
"url": "https://access.redhat.com/security/updates/classification/#low"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.4/",
"url": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.4/"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.4/html-single/installation_guide/",
"url": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.4/html-single/installation_guide/"
},
{
"category": "external",
"summary": "2031667",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2031667"
},
{
"category": "external",
"summary": "2032580",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2032580"
},
{
"category": "external",
"summary": "2034067",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2034067"
},
{
"category": "external",
"summary": "2035951",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2035951"
},
{
"category": "external",
"summary": "2041949",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2041949"
},
{
"category": "external",
"summary": "2041959",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2041959"
},
{
"category": "external",
"summary": "2041967",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2041967"
},
{
"category": "external",
"summary": "JBEAP-22105",
"url": "https://issues.redhat.com/browse/JBEAP-22105"
},
{
"category": "external",
"summary": "JBEAP-22385",
"url": "https://issues.redhat.com/browse/JBEAP-22385"
},
{
"category": "external",
"summary": "JBEAP-22731",
"url": "https://issues.redhat.com/browse/JBEAP-22731"
},
{
"category": "external",
"summary": "JBEAP-22738",
"url": "https://issues.redhat.com/browse/JBEAP-22738"
},
{
"category": "external",
"summary": "JBEAP-22819",
"url": "https://issues.redhat.com/browse/JBEAP-22819"
},
{
"category": "external",
"summary": "JBEAP-22839",
"url": "https://issues.redhat.com/browse/JBEAP-22839"
},
{
"category": "external",
"summary": "JBEAP-22864",
"url": "https://issues.redhat.com/browse/JBEAP-22864"
},
{
"category": "external",
"summary": "JBEAP-22900",
"url": "https://issues.redhat.com/browse/JBEAP-22900"
},
{
"category": "external",
"summary": "JBEAP-22904",
"url": "https://issues.redhat.com/browse/JBEAP-22904"
},
{
"category": "external",
"summary": "JBEAP-22911",
"url": "https://issues.redhat.com/browse/JBEAP-22911"
},
{
"category": "external",
"summary": "JBEAP-22912",
"url": "https://issues.redhat.com/browse/JBEAP-22912"
},
{
"category": "external",
"summary": "JBEAP-22913",
"url": "https://issues.redhat.com/browse/JBEAP-22913"
},
{
"category": "external",
"summary": "JBEAP-22935",
"url": "https://issues.redhat.com/browse/JBEAP-22935"
},
{
"category": "external",
"summary": "JBEAP-22945",
"url": "https://issues.redhat.com/browse/JBEAP-22945"
},
{
"category": "external",
"summary": "JBEAP-22973",
"url": "https://issues.redhat.com/browse/JBEAP-22973"
},
{
"category": "external",
"summary": "JBEAP-23038",
"url": "https://issues.redhat.com/browse/JBEAP-23038"
},
{
"category": "external",
"summary": "JBEAP-23040",
"url": "https://issues.redhat.com/browse/JBEAP-23040"
},
{
"category": "external",
"summary": "JBEAP-23045",
"url": "https://issues.redhat.com/browse/JBEAP-23045"
},
{
"category": "external",
"summary": "JBEAP-23101",
"url": "https://issues.redhat.com/browse/JBEAP-23101"
},
{
"category": "external",
"summary": "JBEAP-23105",
"url": "https://issues.redhat.com/browse/JBEAP-23105"
},
{
"category": "external",
"summary": "JBEAP-23143",
"url": "https://issues.redhat.com/browse/JBEAP-23143"
},
{
"category": "external",
"summary": "JBEAP-23177",
"url": "https://issues.redhat.com/browse/JBEAP-23177"
},
{
"category": "external",
"summary": "JBEAP-23323",
"url": "https://issues.redhat.com/browse/JBEAP-23323"
},
{
"category": "external",
"summary": "JBEAP-23373",
"url": "https://issues.redhat.com/browse/JBEAP-23373"
},
{
"category": "external",
"summary": "JBEAP-23374",
"url": "https://issues.redhat.com/browse/JBEAP-23374"
},
{
"category": "external",
"summary": "JBEAP-23375",
"url": "https://issues.redhat.com/browse/JBEAP-23375"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2022/rhsa-2022_1297.json"
}
],
"title": "Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.4.4 security update",
"tracking": {
"current_release_date": "2025-11-21T18:29:49+00:00",
"generator": {
"date": "2025-11-21T18:29:49+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.12"
}
},
"id": "RHSA-2022:1297",
"initial_release_date": "2022-04-11T13:00:18+00:00",
"revision_history": [
{
"date": "2022-04-11T13:00:18+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2022-04-11T13:00:18+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-11-21T18:29:49+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat JBoss EAP 7.4 for RHEL 8",
"product": {
"name": "Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat JBoss Enterprise Application Platform"
},
{
"branches": [
{
"category": "product_version",
"name": "eap7-jboss-xnio-base-0:3.8.6-1.Final_redhat_00001.1.el8eap.src",
"product": {
"name": "eap7-jboss-xnio-base-0:3.8.6-1.Final_redhat_00001.1.el8eap.src",
"product_id": "eap7-jboss-xnio-base-0:3.8.6-1.Final_redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-xnio-base@3.8.6-1.Final_redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-xom-0:1.3.7-1.redhat_00001.1.el8eap.src",
"product": {
"name": "eap7-xom-0:1.3.7-1.redhat_00001.1.el8eap.src",
"product_id": "eap7-xom-0:1.3.7-1.redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-xom@1.3.7-1.redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-hal-console-0:3.3.9-1.Final_redhat_00001.1.el8eap.src",
"product": {
"name": "eap7-hal-console-0:3.3.9-1.Final_redhat_00001.1.el8eap.src",
"product_id": "eap7-hal-console-0:3.3.9-1.Final_redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hal-console@3.3.9-1.Final_redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-undertow-0:2.2.16-1.Final_redhat_00001.1.el8eap.src",
"product": {
"name": "eap7-undertow-0:2.2.16-1.Final_redhat_00001.1.el8eap.src",
"product_id": "eap7-undertow-0:2.2.16-1.Final_redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-undertow@2.2.16-1.Final_redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-0:5.3.25-1.Final_redhat_00002.1.el8eap.src",
"product": {
"name": "eap7-hibernate-0:5.3.25-1.Final_redhat_00002.1.el8eap.src",
"product_id": "eap7-hibernate-0:5.3.25-1.Final_redhat_00002.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate@5.3.25-1.Final_redhat_00002.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-narayana-0:5.11.4-1.Final_redhat_00001.1.el8eap.src",
"product": {
"name": "eap7-narayana-0:5.11.4-1.Final_redhat_00001.1.el8eap.src",
"product_id": "eap7-narayana-0:5.11.4-1.Final_redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-narayana@5.11.4-1.Final_redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-0:2.16.0-7.redhat_00034.1.el8eap.src",
"product": {
"name": "eap7-activemq-artemis-0:2.16.0-7.redhat_00034.1.el8eap.src",
"product_id": "eap7-activemq-artemis-0:2.16.0-7.redhat_00034.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis@2.16.0-7.redhat_00034.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-elytron-0:1.15.11-1.Final_redhat_00002.1.el8eap.src",
"product": {
"name": "eap7-wildfly-elytron-0:1.15.11-1.Final_redhat_00002.1.el8eap.src",
"product_id": "eap7-wildfly-elytron-0:1.15.11-1.Final_redhat_00002.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-elytron@1.15.11-1.Final_redhat_00002.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-objectweb-asm-0:9.1.0-1.redhat_00002.1.el8eap.src",
"product": {
"name": "eap7-objectweb-asm-0:9.1.0-1.redhat_00002.1.el8eap.src",
"product_id": "eap7-objectweb-asm-0:9.1.0-1.redhat_00002.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-objectweb-asm@9.1.0-1.redhat_00002.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-infinispan-0:11.0.15-1.Final_redhat_00001.1.el8eap.src",
"product": {
"name": "eap7-infinispan-0:11.0.15-1.Final_redhat_00001.1.el8eap.src",
"product_id": "eap7-infinispan-0:11.0.15-1.Final_redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-infinispan@11.0.15-1.Final_redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-log4j-0:2.17.1-1.redhat_00001.1.el8eap.src",
"product": {
"name": "eap7-log4j-0:2.17.1-1.redhat_00001.1.el8eap.src",
"product_id": "eap7-log4j-0:2.17.1-1.redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-log4j@2.17.1-1.redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-vfs-0:3.2.16-1.Final_redhat_00001.1.el8eap.src",
"product": {
"name": "eap7-jboss-vfs-0:3.2.16-1.Final_redhat_00001.1.el8eap.src",
"product_id": "eap7-jboss-vfs-0:3.2.16-1.Final_redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-vfs@3.2.16-1.Final_redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-yasson-0:1.0.10-1.redhat_00001.1.el8eap.src",
"product": {
"name": "eap7-yasson-0:1.0.10-1.redhat_00001.1.el8eap.src",
"product_id": "eap7-yasson-0:1.0.10-1.redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-yasson@1.0.10-1.redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-ecj-1:3.26.0-1.redhat_00002.1.el8eap.src",
"product": {
"name": "eap7-ecj-1:3.26.0-1.redhat_00002.1.el8eap.src",
"product_id": "eap7-ecj-1:3.26.0-1.redhat_00002.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ecj@3.26.0-1.redhat_00002.1.el8eap?arch=src\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "eap7-jbossws-cxf-0:5.4.4-1.Final_redhat_00001.1.el8eap.src",
"product": {
"name": "eap7-jbossws-cxf-0:5.4.4-1.Final_redhat_00001.1.el8eap.src",
"product_id": "eap7-jbossws-cxf-0:5.4.4-1.Final_redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jbossws-cxf@5.4.4-1.Final_redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-openssl-0:2.2.0-3.Final_redhat_00002.1.el8eap.src",
"product": {
"name": "eap7-wildfly-openssl-0:2.2.0-3.Final_redhat_00002.1.el8eap.src",
"product_id": "eap7-wildfly-openssl-0:2.2.0-3.Final_redhat_00002.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-openssl@2.2.0-3.Final_redhat_00002.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-openssl-el8-x86_64-0:2.2.0-2.Final_redhat_00002.1.el8eap.src",
"product": {
"name": "eap7-wildfly-openssl-el8-x86_64-0:2.2.0-2.Final_redhat_00002.1.el8eap.src",
"product_id": "eap7-wildfly-openssl-el8-x86_64-0:2.2.0-2.Final_redhat_00002.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-openssl-el8-x86_64@2.2.0-2.Final_redhat_00002.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-0:1.10.0-15.Final_redhat_00014.1.el8eap.src",
"product": {
"name": "eap7-jboss-server-migration-0:1.10.0-15.Final_redhat_00014.1.el8eap.src",
"product_id": "eap7-jboss-server-migration-0:1.10.0-15.Final_redhat_00014.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration@1.10.0-15.Final_redhat_00014.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-0:7.4.4-3.GA_redhat_00011.1.el8eap.src",
"product": {
"name": "eap7-wildfly-0:7.4.4-3.GA_redhat_00011.1.el8eap.src",
"product_id": "eap7-wildfly-0:7.4.4-3.GA_redhat_00011.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly@7.4.4-3.GA_redhat_00011.1.el8eap?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "eap7-jboss-xnio-base-0:3.8.6-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-jboss-xnio-base-0:3.8.6-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-jboss-xnio-base-0:3.8.6-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-xnio-base@3.8.6-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-xom-0:1.3.7-1.redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-xom-0:1.3.7-1.redhat_00001.1.el8eap.noarch",
"product_id": "eap7-xom-0:1.3.7-1.redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-xom@1.3.7-1.redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-hal-console-0:3.3.9-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-hal-console-0:3.3.9-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-hal-console-0:3.3.9-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hal-console@3.3.9-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-undertow-0:2.2.16-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-undertow-0:2.2.16-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-undertow-0:2.2.16-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-undertow@2.2.16-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-0:5.3.25-1.Final_redhat_00002.1.el8eap.noarch",
"product": {
"name": "eap7-hibernate-0:5.3.25-1.Final_redhat_00002.1.el8eap.noarch",
"product_id": "eap7-hibernate-0:5.3.25-1.Final_redhat_00002.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate@5.3.25-1.Final_redhat_00002.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-core-0:5.3.25-1.Final_redhat_00002.1.el8eap.noarch",
"product": {
"name": "eap7-hibernate-core-0:5.3.25-1.Final_redhat_00002.1.el8eap.noarch",
"product_id": "eap7-hibernate-core-0:5.3.25-1.Final_redhat_00002.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate-core@5.3.25-1.Final_redhat_00002.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-entitymanager-0:5.3.25-1.Final_redhat_00002.1.el8eap.noarch",
"product": {
"name": "eap7-hibernate-entitymanager-0:5.3.25-1.Final_redhat_00002.1.el8eap.noarch",
"product_id": "eap7-hibernate-entitymanager-0:5.3.25-1.Final_redhat_00002.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate-entitymanager@5.3.25-1.Final_redhat_00002.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-envers-0:5.3.25-1.Final_redhat_00002.1.el8eap.noarch",
"product": {
"name": "eap7-hibernate-envers-0:5.3.25-1.Final_redhat_00002.1.el8eap.noarch",
"product_id": "eap7-hibernate-envers-0:5.3.25-1.Final_redhat_00002.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate-envers@5.3.25-1.Final_redhat_00002.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-java8-0:5.3.25-1.Final_redhat_00002.1.el8eap.noarch",
"product": {
"name": "eap7-hibernate-java8-0:5.3.25-1.Final_redhat_00002.1.el8eap.noarch",
"product_id": "eap7-hibernate-java8-0:5.3.25-1.Final_redhat_00002.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate-java8@5.3.25-1.Final_redhat_00002.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-narayana-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-narayana-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-narayana-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-narayana@5.11.4-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-narayana-compensations-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-narayana-compensations-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-narayana-compensations-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-narayana-compensations@5.11.4-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-narayana-jbosstxbridge-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-narayana-jbosstxbridge-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-narayana-jbosstxbridge-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-narayana-jbosstxbridge@5.11.4-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-narayana-jbossxts-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-narayana-jbossxts-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-narayana-jbossxts-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-narayana-jbossxts@5.11.4-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-narayana-jts-idlj-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-narayana-jts-idlj-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-narayana-jts-idlj-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-narayana-jts-idlj@5.11.4-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-narayana-jts-integration-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-narayana-jts-integration-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-narayana-jts-integration-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-narayana-jts-integration@5.11.4-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-narayana-restat-api-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-narayana-restat-api-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-narayana-restat-api-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-narayana-restat-api@5.11.4-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-narayana-restat-bridge-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-narayana-restat-bridge-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-narayana-restat-bridge-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-narayana-restat-bridge@5.11.4-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-narayana-restat-integration-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-narayana-restat-integration-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-narayana-restat-integration-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-narayana-restat-integration@5.11.4-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-narayana-restat-util-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-narayana-restat-util-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-narayana-restat-util-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-narayana-restat-util@5.11.4-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-narayana-txframework-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-narayana-txframework-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-narayana-txframework-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-narayana-txframework@5.11.4-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"product": {
"name": "eap7-activemq-artemis-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"product_id": "eap7-activemq-artemis-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis@2.16.0-7.redhat_00034.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-cli-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"product": {
"name": "eap7-activemq-artemis-cli-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"product_id": "eap7-activemq-artemis-cli-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-cli@2.16.0-7.redhat_00034.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-commons-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"product": {
"name": "eap7-activemq-artemis-commons-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"product_id": "eap7-activemq-artemis-commons-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-commons@2.16.0-7.redhat_00034.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-core-client-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"product": {
"name": "eap7-activemq-artemis-core-client-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"product_id": "eap7-activemq-artemis-core-client-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-core-client@2.16.0-7.redhat_00034.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-dto-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"product": {
"name": "eap7-activemq-artemis-dto-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"product_id": "eap7-activemq-artemis-dto-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-dto@2.16.0-7.redhat_00034.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-hornetq-protocol-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"product": {
"name": "eap7-activemq-artemis-hornetq-protocol-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"product_id": "eap7-activemq-artemis-hornetq-protocol-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-hornetq-protocol@2.16.0-7.redhat_00034.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-hqclient-protocol-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"product": {
"name": "eap7-activemq-artemis-hqclient-protocol-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"product_id": "eap7-activemq-artemis-hqclient-protocol-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-hqclient-protocol@2.16.0-7.redhat_00034.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-jdbc-store-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"product": {
"name": "eap7-activemq-artemis-jdbc-store-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"product_id": "eap7-activemq-artemis-jdbc-store-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-jdbc-store@2.16.0-7.redhat_00034.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-jms-client-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"product": {
"name": "eap7-activemq-artemis-jms-client-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"product_id": "eap7-activemq-artemis-jms-client-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-jms-client@2.16.0-7.redhat_00034.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-jms-server-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"product": {
"name": "eap7-activemq-artemis-jms-server-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"product_id": "eap7-activemq-artemis-jms-server-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-jms-server@2.16.0-7.redhat_00034.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-journal-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"product": {
"name": "eap7-activemq-artemis-journal-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"product_id": "eap7-activemq-artemis-journal-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-journal@2.16.0-7.redhat_00034.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-ra-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"product": {
"name": "eap7-activemq-artemis-ra-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"product_id": "eap7-activemq-artemis-ra-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-ra@2.16.0-7.redhat_00034.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-selector-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"product": {
"name": "eap7-activemq-artemis-selector-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"product_id": "eap7-activemq-artemis-selector-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-selector@2.16.0-7.redhat_00034.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-server-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"product": {
"name": "eap7-activemq-artemis-server-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"product_id": "eap7-activemq-artemis-server-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-server@2.16.0-7.redhat_00034.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-service-extensions-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"product": {
"name": "eap7-activemq-artemis-service-extensions-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"product_id": "eap7-activemq-artemis-service-extensions-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-service-extensions@2.16.0-7.redhat_00034.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-tools-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"product": {
"name": "eap7-activemq-artemis-tools-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"product_id": "eap7-activemq-artemis-tools-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-tools@2.16.0-7.redhat_00034.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-elytron-0:1.15.11-1.Final_redhat_00002.1.el8eap.noarch",
"product": {
"name": "eap7-wildfly-elytron-0:1.15.11-1.Final_redhat_00002.1.el8eap.noarch",
"product_id": "eap7-wildfly-elytron-0:1.15.11-1.Final_redhat_00002.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-elytron@1.15.11-1.Final_redhat_00002.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-elytron-tool-0:1.15.11-1.Final_redhat_00002.1.el8eap.noarch",
"product": {
"name": "eap7-wildfly-elytron-tool-0:1.15.11-1.Final_redhat_00002.1.el8eap.noarch",
"product_id": "eap7-wildfly-elytron-tool-0:1.15.11-1.Final_redhat_00002.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-elytron-tool@1.15.11-1.Final_redhat_00002.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-objectweb-asm-0:9.1.0-1.redhat_00002.1.el8eap.noarch",
"product": {
"name": "eap7-objectweb-asm-0:9.1.0-1.redhat_00002.1.el8eap.noarch",
"product_id": "eap7-objectweb-asm-0:9.1.0-1.redhat_00002.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-objectweb-asm@9.1.0-1.redhat_00002.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-infinispan-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-infinispan-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-infinispan-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-infinispan@11.0.15-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-infinispan-cachestore-jdbc-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-infinispan-cachestore-jdbc-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-infinispan-cachestore-jdbc-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-infinispan-cachestore-jdbc@11.0.15-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-infinispan-cachestore-remote-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-infinispan-cachestore-remote-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-infinispan-cachestore-remote-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-infinispan-cachestore-remote@11.0.15-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-infinispan-client-hotrod-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-infinispan-client-hotrod-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-infinispan-client-hotrod-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-infinispan-client-hotrod@11.0.15-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-infinispan-commons-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-infinispan-commons-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-infinispan-commons-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-infinispan-commons@11.0.15-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-infinispan-component-annotations-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-infinispan-component-annotations-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-infinispan-component-annotations-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-infinispan-component-annotations@11.0.15-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-infinispan-core-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-infinispan-core-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-infinispan-core-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-infinispan-core@11.0.15-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-infinispan-hibernate-cache-commons-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-infinispan-hibernate-cache-commons-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-infinispan-hibernate-cache-commons-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-infinispan-hibernate-cache-commons@11.0.15-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-infinispan-hibernate-cache-spi-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-infinispan-hibernate-cache-spi-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-infinispan-hibernate-cache-spi-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-infinispan-hibernate-cache-spi@11.0.15-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-infinispan-hibernate-cache-v53-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-infinispan-hibernate-cache-v53-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-infinispan-hibernate-cache-v53-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-infinispan-hibernate-cache-v53@11.0.15-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-log4j-0:2.17.1-1.redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-log4j-0:2.17.1-1.redhat_00001.1.el8eap.noarch",
"product_id": "eap7-log4j-0:2.17.1-1.redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-log4j@2.17.1-1.redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-vfs-0:3.2.16-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-jboss-vfs-0:3.2.16-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-jboss-vfs-0:3.2.16-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-vfs@3.2.16-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-yasson-0:1.0.10-1.redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-yasson-0:1.0.10-1.redhat_00001.1.el8eap.noarch",
"product_id": "eap7-yasson-0:1.0.10-1.redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-yasson@1.0.10-1.redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ecj-1:3.26.0-1.redhat_00002.1.el8eap.noarch",
"product": {
"name": "eap7-ecj-1:3.26.0-1.redhat_00002.1.el8eap.noarch",
"product_id": "eap7-ecj-1:3.26.0-1.redhat_00002.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ecj@3.26.0-1.redhat_00002.1.el8eap?arch=noarch\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "eap7-jbossws-cxf-0:5.4.4-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-jbossws-cxf-0:5.4.4-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-jbossws-cxf-0:5.4.4-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jbossws-cxf@5.4.4-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-openssl-0:2.2.0-3.Final_redhat_00002.1.el8eap.noarch",
"product": {
"name": "eap7-wildfly-openssl-0:2.2.0-3.Final_redhat_00002.1.el8eap.noarch",
"product_id": "eap7-wildfly-openssl-0:2.2.0-3.Final_redhat_00002.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-openssl@2.2.0-3.Final_redhat_00002.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-openssl-java-0:2.2.0-3.Final_redhat_00002.1.el8eap.noarch",
"product": {
"name": "eap7-wildfly-openssl-java-0:2.2.0-3.Final_redhat_00002.1.el8eap.noarch",
"product_id": "eap7-wildfly-openssl-java-0:2.2.0-3.Final_redhat_00002.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-openssl-java@2.2.0-3.Final_redhat_00002.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-0:1.10.0-15.Final_redhat_00014.1.el8eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-0:1.10.0-15.Final_redhat_00014.1.el8eap.noarch",
"product_id": "eap7-jboss-server-migration-0:1.10.0-15.Final_redhat_00014.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration@1.10.0-15.Final_redhat_00014.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-cli-0:1.10.0-15.Final_redhat_00014.1.el8eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-cli-0:1.10.0-15.Final_redhat_00014.1.el8eap.noarch",
"product_id": "eap7-jboss-server-migration-cli-0:1.10.0-15.Final_redhat_00014.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-cli@1.10.0-15.Final_redhat_00014.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-core-0:1.10.0-15.Final_redhat_00014.1.el8eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-core-0:1.10.0-15.Final_redhat_00014.1.el8eap.noarch",
"product_id": "eap7-jboss-server-migration-core-0:1.10.0-15.Final_redhat_00014.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-core@1.10.0-15.Final_redhat_00014.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-0:7.4.4-3.GA_redhat_00011.1.el8eap.noarch",
"product": {
"name": "eap7-wildfly-0:7.4.4-3.GA_redhat_00011.1.el8eap.noarch",
"product_id": "eap7-wildfly-0:7.4.4-3.GA_redhat_00011.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly@7.4.4-3.GA_redhat_00011.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-javadocs-0:7.4.4-3.GA_redhat_00011.1.el8eap.noarch",
"product": {
"name": "eap7-wildfly-javadocs-0:7.4.4-3.GA_redhat_00011.1.el8eap.noarch",
"product_id": "eap7-wildfly-javadocs-0:7.4.4-3.GA_redhat_00011.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-javadocs@7.4.4-3.GA_redhat_00011.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-modules-0:7.4.4-3.GA_redhat_00011.1.el8eap.noarch",
"product": {
"name": "eap7-wildfly-modules-0:7.4.4-3.GA_redhat_00011.1.el8eap.noarch",
"product_id": "eap7-wildfly-modules-0:7.4.4-3.GA_redhat_00011.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-modules@7.4.4-3.GA_redhat_00011.1.el8eap?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "eap7-wildfly-openssl-el8-x86_64-0:2.2.0-2.Final_redhat_00002.1.el8eap.x86_64",
"product": {
"name": "eap7-wildfly-openssl-el8-x86_64-0:2.2.0-2.Final_redhat_00002.1.el8eap.x86_64",
"product_id": "eap7-wildfly-openssl-el8-x86_64-0:2.2.0-2.Final_redhat_00002.1.el8eap.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-openssl-el8-x86_64@2.2.0-2.Final_redhat_00002.1.el8eap?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-openssl-el8-x86_64-debuginfo-0:2.2.0-2.Final_redhat_00002.1.el8eap.x86_64",
"product": {
"name": "eap7-wildfly-openssl-el8-x86_64-debuginfo-0:2.2.0-2.Final_redhat_00002.1.el8eap.x86_64",
"product_id": "eap7-wildfly-openssl-el8-x86_64-debuginfo-0:2.2.0-2.Final_redhat_00002.1.el8eap.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-openssl-el8-x86_64-debuginfo@2.2.0-2.Final_redhat_00002.1.el8eap?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-0:2.16.0-7.redhat_00034.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-7.redhat_00034.1.el8eap.noarch"
},
"product_reference": "eap7-activemq-artemis-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-0:2.16.0-7.redhat_00034.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-7.redhat_00034.1.el8eap.src"
},
"product_reference": "eap7-activemq-artemis-0:2.16.0-7.redhat_00034.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-cli-0:2.16.0-7.redhat_00034.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-7.redhat_00034.1.el8eap.noarch"
},
"product_reference": "eap7-activemq-artemis-cli-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-commons-0:2.16.0-7.redhat_00034.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-7.redhat_00034.1.el8eap.noarch"
},
"product_reference": "eap7-activemq-artemis-commons-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-core-client-0:2.16.0-7.redhat_00034.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-7.redhat_00034.1.el8eap.noarch"
},
"product_reference": "eap7-activemq-artemis-core-client-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-dto-0:2.16.0-7.redhat_00034.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-7.redhat_00034.1.el8eap.noarch"
},
"product_reference": "eap7-activemq-artemis-dto-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-hornetq-protocol-0:2.16.0-7.redhat_00034.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-7.redhat_00034.1.el8eap.noarch"
},
"product_reference": "eap7-activemq-artemis-hornetq-protocol-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-hqclient-protocol-0:2.16.0-7.redhat_00034.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-7.redhat_00034.1.el8eap.noarch"
},
"product_reference": "eap7-activemq-artemis-hqclient-protocol-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-jdbc-store-0:2.16.0-7.redhat_00034.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-7.redhat_00034.1.el8eap.noarch"
},
"product_reference": "eap7-activemq-artemis-jdbc-store-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-jms-client-0:2.16.0-7.redhat_00034.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-7.redhat_00034.1.el8eap.noarch"
},
"product_reference": "eap7-activemq-artemis-jms-client-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-jms-server-0:2.16.0-7.redhat_00034.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-7.redhat_00034.1.el8eap.noarch"
},
"product_reference": "eap7-activemq-artemis-jms-server-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-journal-0:2.16.0-7.redhat_00034.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-7.redhat_00034.1.el8eap.noarch"
},
"product_reference": "eap7-activemq-artemis-journal-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-ra-0:2.16.0-7.redhat_00034.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-7.redhat_00034.1.el8eap.noarch"
},
"product_reference": "eap7-activemq-artemis-ra-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-selector-0:2.16.0-7.redhat_00034.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-7.redhat_00034.1.el8eap.noarch"
},
"product_reference": "eap7-activemq-artemis-selector-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-server-0:2.16.0-7.redhat_00034.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-7.redhat_00034.1.el8eap.noarch"
},
"product_reference": "eap7-activemq-artemis-server-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-service-extensions-0:2.16.0-7.redhat_00034.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-7.redhat_00034.1.el8eap.noarch"
},
"product_reference": "eap7-activemq-artemis-service-extensions-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-tools-0:2.16.0-7.redhat_00034.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-7.redhat_00034.1.el8eap.noarch"
},
"product_reference": "eap7-activemq-artemis-tools-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ecj-1:3.26.0-1.redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-ecj-1:3.26.0-1.redhat_00002.1.el8eap.noarch"
},
"product_reference": "eap7-ecj-1:3.26.0-1.redhat_00002.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ecj-1:3.26.0-1.redhat_00002.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-ecj-1:3.26.0-1.redhat_00002.1.el8eap.src"
},
"product_reference": "eap7-ecj-1:3.26.0-1.redhat_00002.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hal-console-0:3.3.9-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-hal-console-0:3.3.9-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-hal-console-0:3.3.9-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hal-console-0:3.3.9-1.Final_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-hal-console-0:3.3.9-1.Final_redhat_00001.1.el8eap.src"
},
"product_reference": "eap7-hal-console-0:3.3.9-1.Final_redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-0:5.3.25-1.Final_redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-hibernate-0:5.3.25-1.Final_redhat_00002.1.el8eap.noarch"
},
"product_reference": "eap7-hibernate-0:5.3.25-1.Final_redhat_00002.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-0:5.3.25-1.Final_redhat_00002.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-hibernate-0:5.3.25-1.Final_redhat_00002.1.el8eap.src"
},
"product_reference": "eap7-hibernate-0:5.3.25-1.Final_redhat_00002.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-core-0:5.3.25-1.Final_redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.25-1.Final_redhat_00002.1.el8eap.noarch"
},
"product_reference": "eap7-hibernate-core-0:5.3.25-1.Final_redhat_00002.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-entitymanager-0:5.3.25-1.Final_redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.25-1.Final_redhat_00002.1.el8eap.noarch"
},
"product_reference": "eap7-hibernate-entitymanager-0:5.3.25-1.Final_redhat_00002.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-envers-0:5.3.25-1.Final_redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.25-1.Final_redhat_00002.1.el8eap.noarch"
},
"product_reference": "eap7-hibernate-envers-0:5.3.25-1.Final_redhat_00002.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-java8-0:5.3.25-1.Final_redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-hibernate-java8-0:5.3.25-1.Final_redhat_00002.1.el8eap.noarch"
},
"product_reference": "eap7-hibernate-java8-0:5.3.25-1.Final_redhat_00002.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-infinispan-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-infinispan-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-infinispan-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-infinispan-0:11.0.15-1.Final_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-infinispan-0:11.0.15-1.Final_redhat_00001.1.el8eap.src"
},
"product_reference": "eap7-infinispan-0:11.0.15-1.Final_redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-infinispan-cachestore-jdbc-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-infinispan-cachestore-jdbc-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-infinispan-cachestore-remote-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-infinispan-cachestore-remote-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-infinispan-client-hotrod-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-infinispan-client-hotrod-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-infinispan-commons-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-infinispan-commons-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-infinispan-commons-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-infinispan-component-annotations-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-infinispan-component-annotations-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-infinispan-core-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-infinispan-core-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-infinispan-core-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-infinispan-hibernate-cache-commons-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-infinispan-hibernate-cache-commons-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-infinispan-hibernate-cache-spi-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-infinispan-hibernate-cache-spi-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-infinispan-hibernate-cache-v53-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-infinispan-hibernate-cache-v53-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-0:1.10.0-15.Final_redhat_00014.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-15.Final_redhat_00014.1.el8eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-0:1.10.0-15.Final_redhat_00014.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-0:1.10.0-15.Final_redhat_00014.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-15.Final_redhat_00014.1.el8eap.src"
},
"product_reference": "eap7-jboss-server-migration-0:1.10.0-15.Final_redhat_00014.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-cli-0:1.10.0-15.Final_redhat_00014.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-15.Final_redhat_00014.1.el8eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-cli-0:1.10.0-15.Final_redhat_00014.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-core-0:1.10.0-15.Final_redhat_00014.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-15.Final_redhat_00014.1.el8eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-core-0:1.10.0-15.Final_redhat_00014.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-vfs-0:3.2.16-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-jboss-vfs-0:3.2.16-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-jboss-vfs-0:3.2.16-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-vfs-0:3.2.16-1.Final_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-jboss-vfs-0:3.2.16-1.Final_redhat_00001.1.el8eap.src"
},
"product_reference": "eap7-jboss-vfs-0:3.2.16-1.Final_redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-xnio-base-0:3.8.6-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.6-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-jboss-xnio-base-0:3.8.6-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-xnio-base-0:3.8.6-1.Final_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.6-1.Final_redhat_00001.1.el8eap.src"
},
"product_reference": "eap7-jboss-xnio-base-0:3.8.6-1.Final_redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jbossws-cxf-0:5.4.4-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.4-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-jbossws-cxf-0:5.4.4-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jbossws-cxf-0:5.4.4-1.Final_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.4-1.Final_redhat_00001.1.el8eap.src"
},
"product_reference": "eap7-jbossws-cxf-0:5.4.4-1.Final_redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-log4j-0:2.17.1-1.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-log4j-0:2.17.1-1.redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-log4j-0:2.17.1-1.redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-log4j-0:2.17.1-1.redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-log4j-0:2.17.1-1.redhat_00001.1.el8eap.src"
},
"product_reference": "eap7-log4j-0:2.17.1-1.redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-narayana-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-narayana-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-narayana-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-narayana-0:5.11.4-1.Final_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-narayana-0:5.11.4-1.Final_redhat_00001.1.el8eap.src"
},
"product_reference": "eap7-narayana-0:5.11.4-1.Final_redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-narayana-compensations-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-narayana-compensations-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-narayana-compensations-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-narayana-jbosstxbridge-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-narayana-jbosstxbridge-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-narayana-jbosstxbridge-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-narayana-jbossxts-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-narayana-jbossxts-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-narayana-jbossxts-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-narayana-jts-idlj-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-narayana-jts-idlj-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-narayana-jts-idlj-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-narayana-jts-integration-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-narayana-jts-integration-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-narayana-jts-integration-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-narayana-restat-api-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-narayana-restat-api-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-narayana-restat-api-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-narayana-restat-bridge-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-narayana-restat-bridge-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-narayana-restat-bridge-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-narayana-restat-integration-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-narayana-restat-integration-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-narayana-restat-integration-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-narayana-restat-util-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-narayana-restat-util-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-narayana-restat-util-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-narayana-txframework-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-narayana-txframework-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-narayana-txframework-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-objectweb-asm-0:9.1.0-1.redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-objectweb-asm-0:9.1.0-1.redhat_00002.1.el8eap.noarch"
},
"product_reference": "eap7-objectweb-asm-0:9.1.0-1.redhat_00002.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-objectweb-asm-0:9.1.0-1.redhat_00002.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-objectweb-asm-0:9.1.0-1.redhat_00002.1.el8eap.src"
},
"product_reference": "eap7-objectweb-asm-0:9.1.0-1.redhat_00002.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-undertow-0:2.2.16-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-undertow-0:2.2.16-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-undertow-0:2.2.16-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-undertow-0:2.2.16-1.Final_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-undertow-0:2.2.16-1.Final_redhat_00001.1.el8eap.src"
},
"product_reference": "eap7-undertow-0:2.2.16-1.Final_redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-0:7.4.4-3.GA_redhat_00011.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.4-3.GA_redhat_00011.1.el8eap.noarch"
},
"product_reference": "eap7-wildfly-0:7.4.4-3.GA_redhat_00011.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-0:7.4.4-3.GA_redhat_00011.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.4-3.GA_redhat_00011.1.el8eap.src"
},
"product_reference": "eap7-wildfly-0:7.4.4-3.GA_redhat_00011.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-elytron-0:1.15.11-1.Final_redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.11-1.Final_redhat_00002.1.el8eap.noarch"
},
"product_reference": "eap7-wildfly-elytron-0:1.15.11-1.Final_redhat_00002.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-elytron-0:1.15.11-1.Final_redhat_00002.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.11-1.Final_redhat_00002.1.el8eap.src"
},
"product_reference": "eap7-wildfly-elytron-0:1.15.11-1.Final_redhat_00002.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-elytron-tool-0:1.15.11-1.Final_redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.11-1.Final_redhat_00002.1.el8eap.noarch"
},
"product_reference": "eap7-wildfly-elytron-tool-0:1.15.11-1.Final_redhat_00002.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-javadocs-0:7.4.4-3.GA_redhat_00011.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.4-3.GA_redhat_00011.1.el8eap.noarch"
},
"product_reference": "eap7-wildfly-javadocs-0:7.4.4-3.GA_redhat_00011.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-modules-0:7.4.4-3.GA_redhat_00011.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.4-3.GA_redhat_00011.1.el8eap.noarch"
},
"product_reference": "eap7-wildfly-modules-0:7.4.4-3.GA_redhat_00011.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-openssl-0:2.2.0-3.Final_redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-wildfly-openssl-0:2.2.0-3.Final_redhat_00002.1.el8eap.noarch"
},
"product_reference": "eap7-wildfly-openssl-0:2.2.0-3.Final_redhat_00002.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-openssl-0:2.2.0-3.Final_redhat_00002.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-wildfly-openssl-0:2.2.0-3.Final_redhat_00002.1.el8eap.src"
},
"product_reference": "eap7-wildfly-openssl-0:2.2.0-3.Final_redhat_00002.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-openssl-el8-x86_64-0:2.2.0-2.Final_redhat_00002.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-wildfly-openssl-el8-x86_64-0:2.2.0-2.Final_redhat_00002.1.el8eap.src"
},
"product_reference": "eap7-wildfly-openssl-el8-x86_64-0:2.2.0-2.Final_redhat_00002.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-openssl-el8-x86_64-0:2.2.0-2.Final_redhat_00002.1.el8eap.x86_64 as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-wildfly-openssl-el8-x86_64-0:2.2.0-2.Final_redhat_00002.1.el8eap.x86_64"
},
"product_reference": "eap7-wildfly-openssl-el8-x86_64-0:2.2.0-2.Final_redhat_00002.1.el8eap.x86_64",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-openssl-el8-x86_64-debuginfo-0:2.2.0-2.Final_redhat_00002.1.el8eap.x86_64 as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-wildfly-openssl-el8-x86_64-debuginfo-0:2.2.0-2.Final_redhat_00002.1.el8eap.x86_64"
},
"product_reference": "eap7-wildfly-openssl-el8-x86_64-debuginfo-0:2.2.0-2.Final_redhat_00002.1.el8eap.x86_64",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-openssl-java-0:2.2.0-3.Final_redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-wildfly-openssl-java-0:2.2.0-3.Final_redhat_00002.1.el8eap.noarch"
},
"product_reference": "eap7-wildfly-openssl-java-0:2.2.0-3.Final_redhat_00002.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-xom-0:1.3.7-1.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-xom-0:1.3.7-1.redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-xom-0:1.3.7-1.redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-xom-0:1.3.7-1.redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-xom-0:1.3.7-1.redhat_00001.1.el8eap.src"
},
"product_reference": "eap7-xom-0:1.3.7-1.redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-yasson-0:1.0.10-1.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-yasson-0:1.0.10-1.redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-yasson-0:1.0.10-1.redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-yasson-0:1.0.10-1.redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-yasson-0:1.0.10-1.redhat_00001.1.el8eap.src"
},
"product_reference": "eap7-yasson-0:1.0.10-1.redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.4"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-4104",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2021-12-13T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-7.redhat_00034.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ecj-1:3.26.0-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ecj-1:3.26.0-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.9-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.9-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-0:5.3.25-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-0:5.3.25-1.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.25-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.25-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.25-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-java8-0:5.3.25-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-0:11.0.15-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-commons-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-core-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-15.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-15.Final_redhat_00014.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-15.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-15.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-vfs-0:3.2.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-vfs-0:3.2.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.6-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.4-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-narayana-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-0:5.11.4-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-narayana-compensations-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-jbosstxbridge-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-jbossxts-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-jts-idlj-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-jts-integration-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-restat-api-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-restat-bridge-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-restat-integration-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-restat-util-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-txframework-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-objectweb-asm-0:9.1.0-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-objectweb-asm-0:9.1.0-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.4-3.GA_redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.4-3.GA_redhat_00011.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.11-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.11-1.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.11-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.4-3.GA_redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.4-3.GA_redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-openssl-0:2.2.0-3.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-openssl-0:2.2.0-3.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-openssl-el8-x86_64-0:2.2.0-2.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-openssl-el8-x86_64-0:2.2.0-2.Final_redhat_00002.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-wildfly-openssl-el8-x86_64-debuginfo-0:2.2.0-2.Final_redhat_00002.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-wildfly-openssl-java-0:2.2.0-3.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-xom-0:1.3.7-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-xom-0:1.3.7-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-yasson-0:1.0.10-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-yasson-0:1.0.10-1.redhat_00001.1.el8eap.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2031667"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Java logging library Apache Log4j in version 1.x. JMSAppender in Log4j 1.x is vulnerable to deserialization of untrusted data. This allows a remote attacker to execute code on the server if the deployed application is configured to use JMSAppender and to the attacker\u0027s JNDI LDAP endpoint.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "log4j: Remote code execution in Log4j 1.x when application is configured to use JMSAppender",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Based on the conditions to be exploitable (see details below), the risk is much lower than Log4j 2.x and Red Hat has assessed this to be Moderate severity. This flaw has been filed for Log4j 1.x, and the corresponding flaw information for Log4j 2.x is available at: https://access.redhat.com/security/cve/CVE-2021-44228\n\nNote this flaw ONLY affects applications which are specifically configured to use JMSAppender, which is not the default, or when the attacker has write access to the Log4j configuration for adding JMSAppender to the attacker\u0027s JNDI LDAP endpoint. \n\nIf the Log4j configuration is set TopicBindingName or TopicConnectionFactoryBindingName configurations allowing JMSAppender to perform JNDI requests that result in remote code execution in a similar fashion to CVE-2021-44228 Log4j 2.x, Log4j 1.x is vulnerable. However, the attack vector is reduced as it depends on having write access, which is not a standard configuration rather than untrusted user input. These are sufficient factors beyond the attacker\u0027s control.\n\nThe tomcat package shipped with Red Hat Enterprise Linux does not include log4j but it does include a default configuration for log4j, log4j.properties, which could be used with tomcat if users choose to install and configure the library. The JMSAppender is not enabled by default, and the permissions of the file can only be modified as root.\n\nRed Hat Virtualization ships log4j12-1.2.17, but it is used and configured in a way which makes this flaw not possible to exploit. Therefore impact is rated Low.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-JBEAP-7.4:eap7-log4j-0:2.17.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-log4j-0:2.17.1-1.redhat_00001.1.el8eap.src"
],
"known_not_affected": [
"8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-7.redhat_00034.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ecj-1:3.26.0-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ecj-1:3.26.0-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.9-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.9-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-0:5.3.25-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-0:5.3.25-1.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.25-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.25-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.25-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-java8-0:5.3.25-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-0:11.0.15-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-commons-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-core-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-15.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-15.Final_redhat_00014.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-15.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-15.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-vfs-0:3.2.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-vfs-0:3.2.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.6-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.4-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-narayana-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-0:5.11.4-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-narayana-compensations-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-jbosstxbridge-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-jbossxts-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-jts-idlj-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-jts-integration-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-restat-api-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-restat-bridge-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-restat-integration-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-restat-util-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-txframework-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-objectweb-asm-0:9.1.0-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-objectweb-asm-0:9.1.0-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.4-3.GA_redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.4-3.GA_redhat_00011.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.11-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.11-1.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.11-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.4-3.GA_redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.4-3.GA_redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-openssl-0:2.2.0-3.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-openssl-0:2.2.0-3.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-openssl-el8-x86_64-0:2.2.0-2.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-openssl-el8-x86_64-0:2.2.0-2.Final_redhat_00002.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-wildfly-openssl-el8-x86_64-debuginfo-0:2.2.0-2.Final_redhat_00002.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-wildfly-openssl-java-0:2.2.0-3.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-xom-0:1.3.7-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-xom-0:1.3.7-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-yasson-0:1.0.10-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-yasson-0:1.0.10-1.redhat_00001.1.el8eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-4104"
},
{
"category": "external",
"summary": "RHBZ#2031667",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2031667"
},
{
"category": "external",
"summary": "RHSB-2021-009",
"url": "https://access.redhat.com/security/vulnerabilities/RHSB-2021-009"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-4104",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-4104"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-4104",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-4104"
},
{
"category": "external",
"summary": "https://github.com/apache/logging-log4j2/pull/608#issuecomment-990494126",
"url": "https://github.com/apache/logging-log4j2/pull/608#issuecomment-990494126"
},
{
"category": "external",
"summary": "https://github.com/apache/logging-log4j2/pull/608#issuecomment-991723301",
"url": "https://github.com/apache/logging-log4j2/pull/608#issuecomment-991723301"
},
{
"category": "external",
"summary": "https://lists.apache.org/thread/0x4zvtq92yggdgvwfgsftqrj4xx5w0nx",
"url": "https://lists.apache.org/thread/0x4zvtq92yggdgvwfgsftqrj4xx5w0nx"
},
{
"category": "external",
"summary": "https://www.openwall.com/lists/oss-security/2021/12/13/1",
"url": "https://www.openwall.com/lists/oss-security/2021/12/13/1"
}
],
"release_date": "2021-12-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-04-11T13:00:18+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-JBEAP-7.4:eap7-log4j-0:2.17.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-log4j-0:2.17.1-1.redhat_00001.1.el8eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:1297"
},
{
"category": "workaround",
"details": "These are the possible mitigations for this flaw for releases version 1.x:\n\n- Comment out or remove JMSAppender in the Log4j configuration if it is used\n- Remove the JMSAppender class from the classpath. For example:\n```\nzip -q -d log4j-*.jar org/apache/log4j/net/JMSAppender.class\n```\n- Restrict access for the OS user on the platform running the application to prevent modifying the Log4j configuration by the attacker.",
"product_ids": [
"8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-7.redhat_00034.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ecj-1:3.26.0-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ecj-1:3.26.0-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.9-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.9-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-0:5.3.25-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-0:5.3.25-1.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.25-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.25-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.25-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-java8-0:5.3.25-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-0:11.0.15-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-commons-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-core-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-15.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-15.Final_redhat_00014.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-15.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-15.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-vfs-0:3.2.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-vfs-0:3.2.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.6-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.4-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-log4j-0:2.17.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-log4j-0:2.17.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-narayana-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-0:5.11.4-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-narayana-compensations-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-jbosstxbridge-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-jbossxts-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-jts-idlj-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-jts-integration-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-restat-api-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-restat-bridge-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-restat-integration-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-restat-util-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-txframework-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-objectweb-asm-0:9.1.0-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-objectweb-asm-0:9.1.0-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.4-3.GA_redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.4-3.GA_redhat_00011.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.11-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.11-1.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.11-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.4-3.GA_redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.4-3.GA_redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-openssl-0:2.2.0-3.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-openssl-0:2.2.0-3.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-openssl-el8-x86_64-0:2.2.0-2.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-openssl-el8-x86_64-0:2.2.0-2.Final_redhat_00002.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-wildfly-openssl-el8-x86_64-debuginfo-0:2.2.0-2.Final_redhat_00002.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-wildfly-openssl-java-0:2.2.0-3.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-xom-0:1.3.7-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-xom-0:1.3.7-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-yasson-0:1.0.10-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-yasson-0:1.0.10-1.redhat_00001.1.el8eap.src"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-7.redhat_00034.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ecj-1:3.26.0-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ecj-1:3.26.0-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.9-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.9-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-0:5.3.25-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-0:5.3.25-1.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.25-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.25-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.25-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-java8-0:5.3.25-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-0:11.0.15-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-commons-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-core-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-15.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-15.Final_redhat_00014.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-15.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-15.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-vfs-0:3.2.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-vfs-0:3.2.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.6-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.4-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-log4j-0:2.17.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-log4j-0:2.17.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-narayana-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-0:5.11.4-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-narayana-compensations-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-jbosstxbridge-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-jbossxts-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-jts-idlj-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-jts-integration-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-restat-api-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-restat-bridge-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-restat-integration-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-restat-util-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-txframework-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-objectweb-asm-0:9.1.0-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-objectweb-asm-0:9.1.0-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.4-3.GA_redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.4-3.GA_redhat_00011.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.11-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.11-1.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.11-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.4-3.GA_redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.4-3.GA_redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-openssl-0:2.2.0-3.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-openssl-0:2.2.0-3.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-openssl-el8-x86_64-0:2.2.0-2.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-openssl-el8-x86_64-0:2.2.0-2.Final_redhat_00002.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-wildfly-openssl-el8-x86_64-debuginfo-0:2.2.0-2.Final_redhat_00002.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-wildfly-openssl-java-0:2.2.0-3.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-xom-0:1.3.7-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-xom-0:1.3.7-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-yasson-0:1.0.10-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-yasson-0:1.0.10-1.redhat_00001.1.el8eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "log4j: Remote code execution in Log4j 1.x when application is configured to use JMSAppender"
},
{
"cve": "CVE-2021-44832",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2021-12-28T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-7.redhat_00034.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ecj-1:3.26.0-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ecj-1:3.26.0-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.9-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.9-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-0:5.3.25-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-0:5.3.25-1.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.25-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.25-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.25-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-java8-0:5.3.25-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-0:11.0.15-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-commons-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-core-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-15.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-15.Final_redhat_00014.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-15.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-15.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-vfs-0:3.2.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-vfs-0:3.2.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.6-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.4-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-narayana-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-0:5.11.4-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-narayana-compensations-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-jbosstxbridge-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-jbossxts-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-jts-idlj-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-jts-integration-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-restat-api-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-restat-bridge-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-restat-integration-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-restat-util-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-txframework-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-objectweb-asm-0:9.1.0-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-objectweb-asm-0:9.1.0-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.4-3.GA_redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.4-3.GA_redhat_00011.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.11-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.11-1.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.11-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.4-3.GA_redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.4-3.GA_redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-openssl-0:2.2.0-3.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-openssl-0:2.2.0-3.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-openssl-el8-x86_64-0:2.2.0-2.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-openssl-el8-x86_64-0:2.2.0-2.Final_redhat_00002.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-wildfly-openssl-el8-x86_64-debuginfo-0:2.2.0-2.Final_redhat_00002.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-wildfly-openssl-java-0:2.2.0-3.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-xom-0:1.3.7-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-xom-0:1.3.7-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-yasson-0:1.0.10-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-yasson-0:1.0.10-1.redhat_00001.1.el8eap.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2035951"
}
],
"notes": [
{
"category": "description",
"text": "Apache Log4j2 versions 2.0-beta7 through 2.17.0 (excluding security fix releases 2.3.2 and 2.12.4) are vulnerable to a remote code execution (RCE) attack where an attacker with permission to modify the logging configuration file can construct a malicious configuration using a JDBC Appender with a data source referencing a JNDI URI which can execute remote code. This issue is fixed by limiting JNDI data source names to the java protocol in Log4j2 versions 2.17.1, 2.12.4, and 2.3.2.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "log4j-core: remote code execution via JDBC Appender",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Log4j 1.x is not impacted by this vulnerability. Therefore versions of log4j shipped with Red Hat Enterprise Linux are NOT affected by this flaw.\n\nFor Elasticsearch, as shipped in OpenShift Container Platform and OpenShift Logging, access to the log4j2.properties configuration is limited only to the cluster administrators and exploitation requires cluster logging changes, what reduced the impact of this vulnerability significantly [0].\n\n[0] https://discuss.elastic.co/t/apache-log4j2-remote-code-execution-rce-vulnerability-cve-2021-44228-esa-2021-31/291476#update-jan-6-5",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-JBEAP-7.4:eap7-log4j-0:2.17.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-log4j-0:2.17.1-1.redhat_00001.1.el8eap.src"
],
"known_not_affected": [
"8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-7.redhat_00034.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ecj-1:3.26.0-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ecj-1:3.26.0-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.9-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.9-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-0:5.3.25-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-0:5.3.25-1.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.25-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.25-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.25-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-java8-0:5.3.25-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-0:11.0.15-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-commons-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-core-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-15.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-15.Final_redhat_00014.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-15.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-15.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-vfs-0:3.2.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-vfs-0:3.2.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.6-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.4-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-narayana-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-0:5.11.4-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-narayana-compensations-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-jbosstxbridge-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-jbossxts-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-jts-idlj-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-jts-integration-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-restat-api-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-restat-bridge-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-restat-integration-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-restat-util-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-txframework-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-objectweb-asm-0:9.1.0-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-objectweb-asm-0:9.1.0-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.4-3.GA_redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.4-3.GA_redhat_00011.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.11-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.11-1.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.11-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.4-3.GA_redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.4-3.GA_redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-openssl-0:2.2.0-3.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-openssl-0:2.2.0-3.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-openssl-el8-x86_64-0:2.2.0-2.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-openssl-el8-x86_64-0:2.2.0-2.Final_redhat_00002.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-wildfly-openssl-el8-x86_64-debuginfo-0:2.2.0-2.Final_redhat_00002.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-wildfly-openssl-java-0:2.2.0-3.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-xom-0:1.3.7-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-xom-0:1.3.7-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-yasson-0:1.0.10-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-yasson-0:1.0.10-1.redhat_00001.1.el8eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-44832"
},
{
"category": "external",
"summary": "RHBZ#2035951",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2035951"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-44832",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44832"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-44832",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-44832"
},
{
"category": "external",
"summary": "https://issues.apache.org/jira/browse/LOG4J2-3293",
"url": "https://issues.apache.org/jira/browse/LOG4J2-3293"
}
],
"release_date": "2021-12-28T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-04-11T13:00:18+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-JBEAP-7.4:eap7-log4j-0:2.17.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-log4j-0:2.17.1-1.redhat_00001.1.el8eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:1297"
},
{
"category": "workaround",
"details": "As per upstream:\n- In prior releases confirm that if the JDBC Appender is being used it is not configured to use any protocol other than Java.\n- Note that only the log4j-core JAR file is impacted by this vulnerability. Applications using only the log4j-api JAR file without the log4j-core JAR file are not impacted by this vulnerability.",
"product_ids": [
"8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-7.redhat_00034.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ecj-1:3.26.0-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ecj-1:3.26.0-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.9-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.9-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-0:5.3.25-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-0:5.3.25-1.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.25-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.25-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.25-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-java8-0:5.3.25-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-0:11.0.15-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-commons-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-core-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-15.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-15.Final_redhat_00014.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-15.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-15.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-vfs-0:3.2.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-vfs-0:3.2.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.6-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.4-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-log4j-0:2.17.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-log4j-0:2.17.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-narayana-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-0:5.11.4-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-narayana-compensations-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-jbosstxbridge-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-jbossxts-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-jts-idlj-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-jts-integration-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-restat-api-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-restat-bridge-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-restat-integration-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-restat-util-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-txframework-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-objectweb-asm-0:9.1.0-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-objectweb-asm-0:9.1.0-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.4-3.GA_redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.4-3.GA_redhat_00011.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.11-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.11-1.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.11-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.4-3.GA_redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.4-3.GA_redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-openssl-0:2.2.0-3.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-openssl-0:2.2.0-3.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-openssl-el8-x86_64-0:2.2.0-2.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-openssl-el8-x86_64-0:2.2.0-2.Final_redhat_00002.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-wildfly-openssl-el8-x86_64-debuginfo-0:2.2.0-2.Final_redhat_00002.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-wildfly-openssl-java-0:2.2.0-3.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-xom-0:1.3.7-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-xom-0:1.3.7-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-yasson-0:1.0.10-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-yasson-0:1.0.10-1.redhat_00001.1.el8eap.src"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-7.redhat_00034.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ecj-1:3.26.0-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ecj-1:3.26.0-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.9-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.9-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-0:5.3.25-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-0:5.3.25-1.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.25-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.25-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.25-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-java8-0:5.3.25-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-0:11.0.15-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-commons-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-core-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-15.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-15.Final_redhat_00014.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-15.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-15.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-vfs-0:3.2.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-vfs-0:3.2.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.6-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.4-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-log4j-0:2.17.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-log4j-0:2.17.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-narayana-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-0:5.11.4-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-narayana-compensations-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-jbosstxbridge-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-jbossxts-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-jts-idlj-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-jts-integration-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-restat-api-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-restat-bridge-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-restat-integration-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-restat-util-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-txframework-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-objectweb-asm-0:9.1.0-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-objectweb-asm-0:9.1.0-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.4-3.GA_redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.4-3.GA_redhat_00011.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.11-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.11-1.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.11-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.4-3.GA_redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.4-3.GA_redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-openssl-0:2.2.0-3.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-openssl-0:2.2.0-3.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-openssl-el8-x86_64-0:2.2.0-2.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-openssl-el8-x86_64-0:2.2.0-2.Final_redhat_00002.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-wildfly-openssl-el8-x86_64-debuginfo-0:2.2.0-2.Final_redhat_00002.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-wildfly-openssl-java-0:2.2.0-3.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-xom-0:1.3.7-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-xom-0:1.3.7-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-yasson-0:1.0.10-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-yasson-0:1.0.10-1.redhat_00001.1.el8eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "log4j-core: remote code execution via JDBC Appender"
},
{
"cve": "CVE-2021-45046",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2021-12-14T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-7.redhat_00034.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ecj-1:3.26.0-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ecj-1:3.26.0-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.9-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.9-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-0:5.3.25-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-0:5.3.25-1.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.25-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.25-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.25-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-java8-0:5.3.25-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-0:11.0.15-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-commons-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-core-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-15.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-15.Final_redhat_00014.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-15.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-15.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-vfs-0:3.2.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-vfs-0:3.2.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.6-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.4-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-narayana-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-0:5.11.4-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-narayana-compensations-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-jbosstxbridge-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-jbossxts-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-jts-idlj-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-jts-integration-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-restat-api-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-restat-bridge-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-restat-integration-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-restat-util-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-txframework-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-objectweb-asm-0:9.1.0-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-objectweb-asm-0:9.1.0-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.4-3.GA_redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.4-3.GA_redhat_00011.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.11-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.11-1.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.11-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.4-3.GA_redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.4-3.GA_redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-openssl-0:2.2.0-3.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-openssl-0:2.2.0-3.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-openssl-el8-x86_64-0:2.2.0-2.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-openssl-el8-x86_64-0:2.2.0-2.Final_redhat_00002.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-wildfly-openssl-el8-x86_64-debuginfo-0:2.2.0-2.Final_redhat_00002.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-wildfly-openssl-java-0:2.2.0-3.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-xom-0:1.3.7-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-xom-0:1.3.7-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-yasson-0:1.0.10-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-yasson-0:1.0.10-1.redhat_00001.1.el8eap.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2032580"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Apache Log4j logging library in versions from 2.0.0 and before 2.16.0. A remote attacker with control over Thread Context Map (MDC) input data could craft malicious input using a JNDI Lookup pattern resulting in remote code execution (RCE) in a limited number of environments.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "log4j-core: DoS in log4j 2.x with thread context message pattern and context lookup pattern (incomplete fix for CVE-2021-44228)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Although we have matched Apache\u0027s CVSS score, with the exception of the scope metric which will remain unaltered at \"unchanged\"; as we believe code execution would be at the permission levels of the running JVM and not exceeding that of the original CVE-2021-44228 flaw.\n \nWe have given this vulnerability an impact rating of Moderate, this is because of the unlikely nature of log4j lookup mapping values being derived from attacker controlled values. This is not the default configuration for end-applications using log4j 2.x and would require explicit action from a privileged user (a developer or administrator) to access the vulnerability. \nIn certain non-default configurations, it was found that the fix to address CVE-2021-44228 in Apache Log4j 2.15.0 was insufficient.\n\nThis issue affects the log4j version between 2.0 and 2.15. Log4j 1.x is NOT impacted by this vulnerability. \n\nPrerequisites to exploit this flaw are :\n\n- A remotely accessible endpoint with any protocol (HTTP, TCP, etc) that allows an attacker to send arbitrary data,\n- A log statement in the endpoint that logs the attacker controlled data.\n- Log4j configuration file should be explicitly configured to use a non-default Pattern Layout with a Context Lookup eg. ($${ctx:loginId}) \n\nIn most cases, the mitigation suggested for CVE-2021-44228 (i.e. to set the system property `log4j2.noFormatMsgLookup` to `true) does NOT mitigate this specific vulnerability. \nLog4j 2.16.0 fixes this issue by removing support for message lookup patterns and disabling JNDI functionality by default.\n\nFor Elasticsearch, as shipped in OpenShift 3.11, the \"log4j2.formatMsgNoLookups=true\" system property mitigation is sufficient as there are no included non-standard configurations that allow for exploitation:\n\nhttps://github.com/openshift/openshift-ansible/blob/release-3.11/roles/openshift_logging_elasticsearch/templates/log4j2.properties.j2\n\nhttps://discuss.elastic.co/t/apache-log4j2-remote-code-execution-rce-vulnerability-cve-2021-44228-esa-2021-31/291476\n\nFor CodeReady Studio the fix for this flaw is available on CodeReady Studio 12.21.3 and above versions.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-JBEAP-7.4:eap7-log4j-0:2.17.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-log4j-0:2.17.1-1.redhat_00001.1.el8eap.src"
],
"known_not_affected": [
"8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-7.redhat_00034.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ecj-1:3.26.0-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ecj-1:3.26.0-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.9-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.9-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-0:5.3.25-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-0:5.3.25-1.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.25-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.25-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.25-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-java8-0:5.3.25-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-0:11.0.15-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-commons-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-core-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-15.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-15.Final_redhat_00014.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-15.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-15.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-vfs-0:3.2.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-vfs-0:3.2.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.6-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.4-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-narayana-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-0:5.11.4-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-narayana-compensations-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-jbosstxbridge-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-jbossxts-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-jts-idlj-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-jts-integration-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-restat-api-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-restat-bridge-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-restat-integration-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-restat-util-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-txframework-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-objectweb-asm-0:9.1.0-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-objectweb-asm-0:9.1.0-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.4-3.GA_redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.4-3.GA_redhat_00011.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.11-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.11-1.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.11-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.4-3.GA_redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.4-3.GA_redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-openssl-0:2.2.0-3.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-openssl-0:2.2.0-3.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-openssl-el8-x86_64-0:2.2.0-2.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-openssl-el8-x86_64-0:2.2.0-2.Final_redhat_00002.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-wildfly-openssl-el8-x86_64-debuginfo-0:2.2.0-2.Final_redhat_00002.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-wildfly-openssl-java-0:2.2.0-3.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-xom-0:1.3.7-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-xom-0:1.3.7-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-yasson-0:1.0.10-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-yasson-0:1.0.10-1.redhat_00001.1.el8eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-45046"
},
{
"category": "external",
"summary": "RHBZ#2032580",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2032580"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-45046",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-45046"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-45046",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-45046"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2021-44228",
"url": "https://access.redhat.com/security/cve/CVE-2021-44228"
},
{
"category": "external",
"summary": "https://logging.apache.org/log4j/2.x/security.html",
"url": "https://logging.apache.org/log4j/2.x/security.html"
},
{
"category": "external",
"summary": "https://www.openwall.com/lists/oss-security/2021/12/14/4",
"url": "https://www.openwall.com/lists/oss-security/2021/12/14/4"
},
{
"category": "external",
"summary": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog",
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
}
],
"release_date": "2021-12-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-04-11T13:00:18+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-JBEAP-7.4:eap7-log4j-0:2.17.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-log4j-0:2.17.1-1.redhat_00001.1.el8eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:1297"
},
{
"category": "workaround",
"details": "For Log4j versions up to and including 2.15.0, this issue can be mitigated by removing the JndiLookup class from the classpath (example: zip -q -d log4j-core-*.jar org/apache/logging/log4j/core/lookup/JndiLookup.class).",
"product_ids": [
"8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-7.redhat_00034.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ecj-1:3.26.0-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ecj-1:3.26.0-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.9-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.9-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-0:5.3.25-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-0:5.3.25-1.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.25-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.25-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.25-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-java8-0:5.3.25-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-0:11.0.15-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-commons-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-core-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-15.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-15.Final_redhat_00014.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-15.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-15.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-vfs-0:3.2.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-vfs-0:3.2.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.6-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.4-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-log4j-0:2.17.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-log4j-0:2.17.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-narayana-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-0:5.11.4-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-narayana-compensations-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-jbosstxbridge-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-jbossxts-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-jts-idlj-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-jts-integration-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-restat-api-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-restat-bridge-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-restat-integration-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-restat-util-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-txframework-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-objectweb-asm-0:9.1.0-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-objectweb-asm-0:9.1.0-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.4-3.GA_redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.4-3.GA_redhat_00011.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.11-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.11-1.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.11-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.4-3.GA_redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.4-3.GA_redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-openssl-0:2.2.0-3.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-openssl-0:2.2.0-3.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-openssl-el8-x86_64-0:2.2.0-2.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-openssl-el8-x86_64-0:2.2.0-2.Final_redhat_00002.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-wildfly-openssl-el8-x86_64-debuginfo-0:2.2.0-2.Final_redhat_00002.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-wildfly-openssl-java-0:2.2.0-3.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-xom-0:1.3.7-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-xom-0:1.3.7-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-yasson-0:1.0.10-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-yasson-0:1.0.10-1.redhat_00001.1.el8eap.src"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-7.redhat_00034.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ecj-1:3.26.0-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ecj-1:3.26.0-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.9-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.9-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-0:5.3.25-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-0:5.3.25-1.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.25-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.25-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.25-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-java8-0:5.3.25-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-0:11.0.15-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-commons-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-core-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-15.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-15.Final_redhat_00014.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-15.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-15.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-vfs-0:3.2.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-vfs-0:3.2.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.6-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.4-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-log4j-0:2.17.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-log4j-0:2.17.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-narayana-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-0:5.11.4-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-narayana-compensations-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-jbosstxbridge-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-jbossxts-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-jts-idlj-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-jts-integration-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-restat-api-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-restat-bridge-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-restat-integration-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-restat-util-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-txframework-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-objectweb-asm-0:9.1.0-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-objectweb-asm-0:9.1.0-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.4-3.GA_redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.4-3.GA_redhat_00011.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.11-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.11-1.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.11-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.4-3.GA_redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.4-3.GA_redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-openssl-0:2.2.0-3.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-openssl-0:2.2.0-3.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-openssl-el8-x86_64-0:2.2.0-2.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-openssl-el8-x86_64-0:2.2.0-2.Final_redhat_00002.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-wildfly-openssl-el8-x86_64-debuginfo-0:2.2.0-2.Final_redhat_00002.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-wildfly-openssl-java-0:2.2.0-3.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-xom-0:1.3.7-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-xom-0:1.3.7-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-yasson-0:1.0.10-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-yasson-0:1.0.10-1.redhat_00001.1.el8eap.src"
]
}
],
"threats": [
{
"category": "exploit_status",
"date": "2023-05-01T00:00:00+00:00",
"details": "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
},
{
"category": "impact",
"details": "Low"
}
],
"title": "log4j-core: DoS in log4j 2.x with thread context message pattern and context lookup pattern (incomplete fix for CVE-2021-44228)"
},
{
"cve": "CVE-2021-45105",
"cwe": {
"id": "CWE-674",
"name": "Uncontrolled Recursion"
},
"discovery_date": "2021-12-19T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-7.redhat_00034.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ecj-1:3.26.0-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ecj-1:3.26.0-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.9-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.9-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-0:5.3.25-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-0:5.3.25-1.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.25-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.25-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.25-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-java8-0:5.3.25-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-0:11.0.15-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-commons-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-core-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-15.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-15.Final_redhat_00014.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-15.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-15.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-vfs-0:3.2.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-vfs-0:3.2.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.6-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.4-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-narayana-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-0:5.11.4-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-narayana-compensations-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-jbosstxbridge-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-jbossxts-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-jts-idlj-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-jts-integration-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-restat-api-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-restat-bridge-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-restat-integration-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-restat-util-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-txframework-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-objectweb-asm-0:9.1.0-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-objectweb-asm-0:9.1.0-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.4-3.GA_redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.4-3.GA_redhat_00011.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.11-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.11-1.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.11-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.4-3.GA_redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.4-3.GA_redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-openssl-0:2.2.0-3.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-openssl-0:2.2.0-3.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-openssl-el8-x86_64-0:2.2.0-2.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-openssl-el8-x86_64-0:2.2.0-2.Final_redhat_00002.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-wildfly-openssl-el8-x86_64-debuginfo-0:2.2.0-2.Final_redhat_00002.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-wildfly-openssl-java-0:2.2.0-3.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-xom-0:1.3.7-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-xom-0:1.3.7-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-yasson-0:1.0.10-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-yasson-0:1.0.10-1.redhat_00001.1.el8eap.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2034067"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Apache Log4j logging library 2.x. when the logging configuration uses a non-default Pattern Layout with a Context Lookup. Attackers with control over Thread Context Map (MDC) input data can craft malicious input data that contains a recursive lookup and can cause Denial of Service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "log4j-core: DoS in log4j 2.x with Thread Context Map (MDC) input data contains a recursive lookup and context lookup pattern",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Product Security has performed an analysis of this flaw and has classified the Attack Complexity(AC) as High because there are multiple factors involved which are beyond attacker\u0027s control:\n\n- The application has to use the logging configuration using a Context Map Lookup (for example, $${ctx:loginId}) which is a non-default Pattern Layout.\n- The application developer has to use the map org.apache.logging.log4j.ThreadContext in the application code and save at-least one key (for example, ThreadContext.put(\"loginId\", \"myId\");) in the ThreadContext map object.\n- Attackers must also know this saved key name in order to exploit this flaw.\n\nNote that saving keys in this map is a non-essential usage of log4j and just an optional feature provided. Refer to https://logging.apache.org/log4j/2.x/manual/lookups.html#ContextMapLookup to know more about the Context Map Lookup feature of Log4j.\n\nLog4j 1.x is not impacted by this vulnerability. Note that only the log4j-core JAR file is impacted by this vulnerability. Applications using ONLY the log4j-api JAR file without the log4j-core JAR file are NOT impacted by this vulnerability.\n\n\nDespite including a vulnerable version of Log4j 2.x, this vulnerability is not exploitable in Elasticsearch[0], as shipped in OpenShift Container Platform and OpenShift Logging. OpenShift 3.11 specifically does not contain any context lookups:\n\nhttps://github.com/openshift/openshift-ansible/blob/release-3.11/roles/openshift_logging_elasticsearch/templates/log4j2.properties.j2\n\nThis vulnerability is therefore rated Low for Elasticsearch in OpenShift Container Platform and OpenShift Logging.\n\n[0] https://discuss.elastic.co/t/apache-log4j2-remote-code-execution-rce-vulnerability-cve-2021-44228-esa-2021-31/291476#update-december-18-4",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-JBEAP-7.4:eap7-log4j-0:2.17.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-log4j-0:2.17.1-1.redhat_00001.1.el8eap.src"
],
"known_not_affected": [
"8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-7.redhat_00034.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ecj-1:3.26.0-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ecj-1:3.26.0-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.9-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.9-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-0:5.3.25-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-0:5.3.25-1.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.25-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.25-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.25-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-java8-0:5.3.25-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-0:11.0.15-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-commons-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-core-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-15.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-15.Final_redhat_00014.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-15.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-15.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-vfs-0:3.2.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-vfs-0:3.2.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.6-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.4-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-narayana-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-0:5.11.4-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-narayana-compensations-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-jbosstxbridge-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-jbossxts-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-jts-idlj-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-jts-integration-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-restat-api-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-restat-bridge-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-restat-integration-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-restat-util-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-txframework-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-objectweb-asm-0:9.1.0-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-objectweb-asm-0:9.1.0-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.4-3.GA_redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.4-3.GA_redhat_00011.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.11-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.11-1.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.11-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.4-3.GA_redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.4-3.GA_redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-openssl-0:2.2.0-3.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-openssl-0:2.2.0-3.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-openssl-el8-x86_64-0:2.2.0-2.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-openssl-el8-x86_64-0:2.2.0-2.Final_redhat_00002.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-wildfly-openssl-el8-x86_64-debuginfo-0:2.2.0-2.Final_redhat_00002.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-wildfly-openssl-java-0:2.2.0-3.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-xom-0:1.3.7-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-xom-0:1.3.7-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-yasson-0:1.0.10-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-yasson-0:1.0.10-1.redhat_00001.1.el8eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-45105"
},
{
"category": "external",
"summary": "RHBZ#2034067",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2034067"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-45105",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-45105"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-45105",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-45105"
},
{
"category": "external",
"summary": "https://issues.apache.org/jira/browse/LOG4J2-3230",
"url": "https://issues.apache.org/jira/browse/LOG4J2-3230"
},
{
"category": "external",
"summary": "https://logging.apache.org/log4j/2.x/security.html",
"url": "https://logging.apache.org/log4j/2.x/security.html"
},
{
"category": "external",
"summary": "https://www.openwall.com/lists/oss-security/2021/12/19/1",
"url": "https://www.openwall.com/lists/oss-security/2021/12/19/1"
}
],
"release_date": "2021-12-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-04-11T13:00:18+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-JBEAP-7.4:eap7-log4j-0:2.17.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-log4j-0:2.17.1-1.redhat_00001.1.el8eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:1297"
},
{
"category": "workaround",
"details": "For Log4j 2 versions up to and including 2.16.0, this flaw can be mitigated by:\n- In PatternLayout in the Log4j logging configuration, replace Context Lookups like ${ctx:loginId} or $${ctx:loginId} with Thread Context Map patterns (%X, %mdc, or %MDC) like %X{loginId}.\n- Otherwise, in the Log4j logging configuration, remove references to Context Lookups like ${ctx:loginId} or $${ctx:loginId} where they originate from sources external to the application such as HTTP headers or user input.",
"product_ids": [
"8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-7.redhat_00034.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ecj-1:3.26.0-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ecj-1:3.26.0-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.9-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.9-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-0:5.3.25-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-0:5.3.25-1.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.25-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.25-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.25-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-java8-0:5.3.25-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-0:11.0.15-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-commons-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-core-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-15.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-15.Final_redhat_00014.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-15.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-15.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-vfs-0:3.2.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-vfs-0:3.2.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.6-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.4-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-log4j-0:2.17.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-log4j-0:2.17.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-narayana-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-0:5.11.4-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-narayana-compensations-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-jbosstxbridge-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-jbossxts-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-jts-idlj-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-jts-integration-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-restat-api-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-restat-bridge-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-restat-integration-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-restat-util-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-txframework-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-objectweb-asm-0:9.1.0-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-objectweb-asm-0:9.1.0-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.4-3.GA_redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.4-3.GA_redhat_00011.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.11-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.11-1.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.11-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.4-3.GA_redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.4-3.GA_redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-openssl-0:2.2.0-3.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-openssl-0:2.2.0-3.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-openssl-el8-x86_64-0:2.2.0-2.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-openssl-el8-x86_64-0:2.2.0-2.Final_redhat_00002.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-wildfly-openssl-el8-x86_64-debuginfo-0:2.2.0-2.Final_redhat_00002.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-wildfly-openssl-java-0:2.2.0-3.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-xom-0:1.3.7-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-xom-0:1.3.7-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-yasson-0:1.0.10-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-yasson-0:1.0.10-1.redhat_00001.1.el8eap.src"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-7.redhat_00034.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ecj-1:3.26.0-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ecj-1:3.26.0-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.9-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.9-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-0:5.3.25-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-0:5.3.25-1.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.25-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.25-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.25-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-java8-0:5.3.25-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-0:11.0.15-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-commons-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-core-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-15.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-15.Final_redhat_00014.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-15.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-15.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-vfs-0:3.2.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-vfs-0:3.2.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.6-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.4-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-log4j-0:2.17.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-log4j-0:2.17.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-narayana-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-0:5.11.4-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-narayana-compensations-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-jbosstxbridge-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-jbossxts-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-jts-idlj-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-jts-integration-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-restat-api-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-restat-bridge-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-restat-integration-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-restat-util-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-txframework-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-objectweb-asm-0:9.1.0-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-objectweb-asm-0:9.1.0-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.4-3.GA_redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.4-3.GA_redhat_00011.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.11-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.11-1.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.11-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.4-3.GA_redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.4-3.GA_redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-openssl-0:2.2.0-3.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-openssl-0:2.2.0-3.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-openssl-el8-x86_64-0:2.2.0-2.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-openssl-el8-x86_64-0:2.2.0-2.Final_redhat_00002.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-wildfly-openssl-el8-x86_64-debuginfo-0:2.2.0-2.Final_redhat_00002.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-wildfly-openssl-java-0:2.2.0-3.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-xom-0:1.3.7-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-xom-0:1.3.7-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-yasson-0:1.0.10-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-yasson-0:1.0.10-1.redhat_00001.1.el8eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "log4j-core: DoS in log4j 2.x with Thread Context Map (MDC) input data contains a recursive lookup and context lookup pattern"
},
{
"cve": "CVE-2022-23302",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2022-01-18T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-7.redhat_00034.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ecj-1:3.26.0-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ecj-1:3.26.0-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.9-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.9-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-0:5.3.25-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-0:5.3.25-1.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.25-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.25-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.25-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-java8-0:5.3.25-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-0:11.0.15-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-commons-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-core-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-15.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-15.Final_redhat_00014.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-15.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-15.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-vfs-0:3.2.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-vfs-0:3.2.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.6-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.4-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-narayana-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-0:5.11.4-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-narayana-compensations-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-jbosstxbridge-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-jbossxts-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-jts-idlj-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-jts-integration-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-restat-api-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-restat-bridge-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-restat-integration-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-restat-util-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-txframework-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-objectweb-asm-0:9.1.0-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-objectweb-asm-0:9.1.0-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.4-3.GA_redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.4-3.GA_redhat_00011.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.11-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.11-1.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.11-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.4-3.GA_redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.4-3.GA_redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-openssl-0:2.2.0-3.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-openssl-0:2.2.0-3.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-openssl-el8-x86_64-0:2.2.0-2.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-openssl-el8-x86_64-0:2.2.0-2.Final_redhat_00002.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-wildfly-openssl-el8-x86_64-debuginfo-0:2.2.0-2.Final_redhat_00002.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-wildfly-openssl-java-0:2.2.0-3.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-xom-0:1.3.7-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-xom-0:1.3.7-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-yasson-0:1.0.10-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-yasson-0:1.0.10-1.redhat_00001.1.el8eap.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2041949"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Java logging library Apache Log4j in version 1.x. JMSSink in Log4j 1.x is vulnerable to deserialization of untrusted data. This allows a remote attacker to execute code on the server if JMSSink is deployed and has been configured to perform JNDI requests.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "log4j: Remote code execution in Log4j 1.x when application is configured to use JMSSink",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Note this flaw ONLY affects applications which are specifically configured to use JMSSink, which is not the default, or when the attacker has write access to the Log4j configuration for adding JMSSink to the attacker\u0027s JNDI LDAP endpoint.\n\nRed Hat Satellite bundles log4j-over-slf4j with Candlepin, however, product is not affected as it uses logback framework for logging.\n\nRed Hat Virtualization and OpenShift Container Platform in the OCP Metering stack (the Hive/Presto/Hadoop components) ship a vulnerable version of the log4j package, however JMSSink is not used. Therefore the impact of this vulnerability for these products is rated Low.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-JBEAP-7.4:eap7-log4j-0:2.17.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-log4j-0:2.17.1-1.redhat_00001.1.el8eap.src"
],
"known_not_affected": [
"8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-7.redhat_00034.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ecj-1:3.26.0-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ecj-1:3.26.0-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.9-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.9-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-0:5.3.25-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-0:5.3.25-1.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.25-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.25-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.25-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-java8-0:5.3.25-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-0:11.0.15-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-commons-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-core-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-15.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-15.Final_redhat_00014.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-15.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-15.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-vfs-0:3.2.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-vfs-0:3.2.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.6-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.4-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-narayana-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-0:5.11.4-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-narayana-compensations-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-jbosstxbridge-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-jbossxts-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-jts-idlj-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-jts-integration-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-restat-api-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-restat-bridge-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-restat-integration-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-restat-util-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-txframework-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-objectweb-asm-0:9.1.0-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-objectweb-asm-0:9.1.0-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.4-3.GA_redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.4-3.GA_redhat_00011.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.11-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.11-1.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.11-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.4-3.GA_redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.4-3.GA_redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-openssl-0:2.2.0-3.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-openssl-0:2.2.0-3.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-openssl-el8-x86_64-0:2.2.0-2.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-openssl-el8-x86_64-0:2.2.0-2.Final_redhat_00002.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-wildfly-openssl-el8-x86_64-debuginfo-0:2.2.0-2.Final_redhat_00002.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-wildfly-openssl-java-0:2.2.0-3.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-xom-0:1.3.7-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-xom-0:1.3.7-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-yasson-0:1.0.10-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-yasson-0:1.0.10-1.redhat_00001.1.el8eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-23302"
},
{
"category": "external",
"summary": "RHBZ#2041949",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2041949"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-23302",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23302"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-23302",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-23302"
},
{
"category": "external",
"summary": "https://www.openwall.com/lists/oss-security/2022/01/18/3",
"url": "https://www.openwall.com/lists/oss-security/2022/01/18/3"
}
],
"release_date": "2022-01-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-04-11T13:00:18+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-JBEAP-7.4:eap7-log4j-0:2.17.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-log4j-0:2.17.1-1.redhat_00001.1.el8eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:1297"
},
{
"category": "workaround",
"details": "These are the possible mitigations for this flaw for releases version 1.x:\n\n- Comment out or remove JMSSink in the Log4j configuration if it is used\n- Remove the JMSSink class from the server\u0027s jar files. For example:\n```\nzip -q -d log4j-*.jar org/apache/log4j/net/JMSSink.class\n```\n- Restrict access for the OS user on the platform running the application to prevent modifying the Log4j configuration by the attacker.",
"product_ids": [
"8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-7.redhat_00034.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ecj-1:3.26.0-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ecj-1:3.26.0-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.9-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.9-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-0:5.3.25-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-0:5.3.25-1.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.25-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.25-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.25-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-java8-0:5.3.25-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-0:11.0.15-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-commons-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-core-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-15.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-15.Final_redhat_00014.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-15.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-15.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-vfs-0:3.2.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-vfs-0:3.2.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.6-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.4-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-log4j-0:2.17.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-log4j-0:2.17.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-narayana-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-0:5.11.4-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-narayana-compensations-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-jbosstxbridge-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-jbossxts-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-jts-idlj-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-jts-integration-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-restat-api-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-restat-bridge-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-restat-integration-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-restat-util-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-txframework-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-objectweb-asm-0:9.1.0-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-objectweb-asm-0:9.1.0-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.4-3.GA_redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.4-3.GA_redhat_00011.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.11-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.11-1.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.11-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.4-3.GA_redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.4-3.GA_redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-openssl-0:2.2.0-3.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-openssl-0:2.2.0-3.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-openssl-el8-x86_64-0:2.2.0-2.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-openssl-el8-x86_64-0:2.2.0-2.Final_redhat_00002.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-wildfly-openssl-el8-x86_64-debuginfo-0:2.2.0-2.Final_redhat_00002.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-wildfly-openssl-java-0:2.2.0-3.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-xom-0:1.3.7-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-xom-0:1.3.7-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-yasson-0:1.0.10-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-yasson-0:1.0.10-1.redhat_00001.1.el8eap.src"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-7.redhat_00034.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ecj-1:3.26.0-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ecj-1:3.26.0-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.9-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.9-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-0:5.3.25-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-0:5.3.25-1.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.25-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.25-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.25-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-java8-0:5.3.25-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-0:11.0.15-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-commons-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-core-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-15.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-15.Final_redhat_00014.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-15.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-15.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-vfs-0:3.2.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-vfs-0:3.2.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.6-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.4-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-log4j-0:2.17.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-log4j-0:2.17.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-narayana-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-0:5.11.4-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-narayana-compensations-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-jbosstxbridge-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-jbossxts-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-jts-idlj-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-jts-integration-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-restat-api-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-restat-bridge-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-restat-integration-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-restat-util-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-txframework-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-objectweb-asm-0:9.1.0-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-objectweb-asm-0:9.1.0-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.4-3.GA_redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.4-3.GA_redhat_00011.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.11-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.11-1.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.11-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.4-3.GA_redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.4-3.GA_redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-openssl-0:2.2.0-3.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-openssl-0:2.2.0-3.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-openssl-el8-x86_64-0:2.2.0-2.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-openssl-el8-x86_64-0:2.2.0-2.Final_redhat_00002.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-wildfly-openssl-el8-x86_64-debuginfo-0:2.2.0-2.Final_redhat_00002.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-wildfly-openssl-java-0:2.2.0-3.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-xom-0:1.3.7-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-xom-0:1.3.7-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-yasson-0:1.0.10-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-yasson-0:1.0.10-1.redhat_00001.1.el8eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "log4j: Remote code execution in Log4j 1.x when application is configured to use JMSSink"
},
{
"cve": "CVE-2022-23305",
"cwe": {
"id": "CWE-89",
"name": "Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)"
},
"discovery_date": "2022-01-18T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-7.redhat_00034.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ecj-1:3.26.0-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ecj-1:3.26.0-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.9-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.9-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-0:5.3.25-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-0:5.3.25-1.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.25-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.25-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.25-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-java8-0:5.3.25-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-0:11.0.15-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-commons-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-core-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-15.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-15.Final_redhat_00014.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-15.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-15.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-vfs-0:3.2.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-vfs-0:3.2.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.6-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.4-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-narayana-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-0:5.11.4-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-narayana-compensations-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-jbosstxbridge-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-jbossxts-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-jts-idlj-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-jts-integration-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-restat-api-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-restat-bridge-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-restat-integration-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-restat-util-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-txframework-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-objectweb-asm-0:9.1.0-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-objectweb-asm-0:9.1.0-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.4-3.GA_redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.4-3.GA_redhat_00011.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.11-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.11-1.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.11-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.4-3.GA_redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.4-3.GA_redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-openssl-0:2.2.0-3.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-openssl-0:2.2.0-3.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-openssl-el8-x86_64-0:2.2.0-2.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-openssl-el8-x86_64-0:2.2.0-2.Final_redhat_00002.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-wildfly-openssl-el8-x86_64-debuginfo-0:2.2.0-2.Final_redhat_00002.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-wildfly-openssl-java-0:2.2.0-3.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-xom-0:1.3.7-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-xom-0:1.3.7-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-yasson-0:1.0.10-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-yasson-0:1.0.10-1.redhat_00001.1.el8eap.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2041959"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Java logging library Apache Log4j in version 1.x. JDBCAppender in Log4j 1.x is vulnerable to SQL injection in untrusted data. This allows a remote attacker to run SQL statements in the database if the deployed application is configured to use JDBCAppender with certain interpolation tokens.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "log4j: SQL injection in Log4j 1.x when application is configured to use JDBCAppender",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Note this issue only affects Log4j 1.x when specifically configured to use the JDBCAppender, which is not the default.\n\nRed Hat Satellite bundles log4j-over-slf4j with Candlepin, however, product is not affected as it uses logback framework for logging.\n\nRed Hat Virtualization and OpenShift Container Platform in the OCP Metering stack (the Hive/Presto/Hadoop components) ship a vulnerable version of the log4j package, however JDBCAppender is not used. Therefore the impact of this vulnerability for these products is rated Low.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-JBEAP-7.4:eap7-log4j-0:2.17.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-log4j-0:2.17.1-1.redhat_00001.1.el8eap.src"
],
"known_not_affected": [
"8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-7.redhat_00034.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ecj-1:3.26.0-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ecj-1:3.26.0-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.9-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.9-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-0:5.3.25-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-0:5.3.25-1.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.25-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.25-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.25-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-java8-0:5.3.25-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-0:11.0.15-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-commons-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-core-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-15.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-15.Final_redhat_00014.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-15.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-15.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-vfs-0:3.2.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-vfs-0:3.2.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.6-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.4-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-narayana-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-0:5.11.4-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-narayana-compensations-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-jbosstxbridge-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-jbossxts-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-jts-idlj-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-jts-integration-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-restat-api-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-restat-bridge-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-restat-integration-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-restat-util-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-txframework-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-objectweb-asm-0:9.1.0-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-objectweb-asm-0:9.1.0-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.4-3.GA_redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.4-3.GA_redhat_00011.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.11-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.11-1.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.11-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.4-3.GA_redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.4-3.GA_redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-openssl-0:2.2.0-3.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-openssl-0:2.2.0-3.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-openssl-el8-x86_64-0:2.2.0-2.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-openssl-el8-x86_64-0:2.2.0-2.Final_redhat_00002.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-wildfly-openssl-el8-x86_64-debuginfo-0:2.2.0-2.Final_redhat_00002.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-wildfly-openssl-java-0:2.2.0-3.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-xom-0:1.3.7-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-xom-0:1.3.7-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-yasson-0:1.0.10-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-yasson-0:1.0.10-1.redhat_00001.1.el8eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-23305"
},
{
"category": "external",
"summary": "RHBZ#2041959",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2041959"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-23305",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23305"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-23305",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-23305"
},
{
"category": "external",
"summary": "https://www.openwall.com/lists/oss-security/2022/01/18/4",
"url": "https://www.openwall.com/lists/oss-security/2022/01/18/4"
}
],
"release_date": "2022-01-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-04-11T13:00:18+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-JBEAP-7.4:eap7-log4j-0:2.17.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-log4j-0:2.17.1-1.redhat_00001.1.el8eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:1297"
},
{
"category": "workaround",
"details": "These are the possible mitigations for this flaw for releases version 1.x:\n\n- Comment out or remove JDBCAppender in the Log4j configuration if it is used\n- Remove the JDBCAppender class from the server\u0027s jar files. For example:\n```\nzip -q -d log4j-*.jar org/apache/log4j/jdbc/JDBCAppender.class\n```",
"product_ids": [
"8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-7.redhat_00034.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ecj-1:3.26.0-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ecj-1:3.26.0-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.9-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.9-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-0:5.3.25-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-0:5.3.25-1.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.25-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.25-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.25-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-java8-0:5.3.25-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-0:11.0.15-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-commons-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-core-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-15.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-15.Final_redhat_00014.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-15.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-15.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-vfs-0:3.2.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-vfs-0:3.2.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.6-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.4-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-log4j-0:2.17.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-log4j-0:2.17.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-narayana-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-0:5.11.4-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-narayana-compensations-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-jbosstxbridge-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-jbossxts-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-jts-idlj-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-jts-integration-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-restat-api-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-restat-bridge-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-restat-integration-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-restat-util-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-txframework-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-objectweb-asm-0:9.1.0-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-objectweb-asm-0:9.1.0-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.4-3.GA_redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.4-3.GA_redhat_00011.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.11-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.11-1.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.11-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.4-3.GA_redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.4-3.GA_redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-openssl-0:2.2.0-3.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-openssl-0:2.2.0-3.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-openssl-el8-x86_64-0:2.2.0-2.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-openssl-el8-x86_64-0:2.2.0-2.Final_redhat_00002.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-wildfly-openssl-el8-x86_64-debuginfo-0:2.2.0-2.Final_redhat_00002.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-wildfly-openssl-java-0:2.2.0-3.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-xom-0:1.3.7-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-xom-0:1.3.7-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-yasson-0:1.0.10-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-yasson-0:1.0.10-1.redhat_00001.1.el8eap.src"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-7.redhat_00034.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ecj-1:3.26.0-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ecj-1:3.26.0-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.9-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.9-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-0:5.3.25-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-0:5.3.25-1.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.25-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.25-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.25-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-java8-0:5.3.25-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-0:11.0.15-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-commons-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-core-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-15.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-15.Final_redhat_00014.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-15.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-15.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-vfs-0:3.2.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-vfs-0:3.2.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.6-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.4-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-log4j-0:2.17.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-log4j-0:2.17.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-narayana-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-0:5.11.4-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-narayana-compensations-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-jbosstxbridge-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-jbossxts-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-jts-idlj-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-jts-integration-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-restat-api-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-restat-bridge-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-restat-integration-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-restat-util-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-txframework-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-objectweb-asm-0:9.1.0-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-objectweb-asm-0:9.1.0-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.4-3.GA_redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.4-3.GA_redhat_00011.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.11-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.11-1.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.11-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.4-3.GA_redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.4-3.GA_redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-openssl-0:2.2.0-3.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-openssl-0:2.2.0-3.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-openssl-el8-x86_64-0:2.2.0-2.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-openssl-el8-x86_64-0:2.2.0-2.Final_redhat_00002.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-wildfly-openssl-el8-x86_64-debuginfo-0:2.2.0-2.Final_redhat_00002.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-wildfly-openssl-java-0:2.2.0-3.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-xom-0:1.3.7-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-xom-0:1.3.7-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-yasson-0:1.0.10-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-yasson-0:1.0.10-1.redhat_00001.1.el8eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "log4j: SQL injection in Log4j 1.x when application is configured to use JDBCAppender"
},
{
"cve": "CVE-2022-23307",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2022-01-18T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-7.redhat_00034.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ecj-1:3.26.0-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ecj-1:3.26.0-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.9-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.9-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-0:5.3.25-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-0:5.3.25-1.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.25-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.25-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.25-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-java8-0:5.3.25-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-0:11.0.15-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-commons-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-core-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-15.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-15.Final_redhat_00014.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-15.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-15.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-vfs-0:3.2.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-vfs-0:3.2.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.6-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.4-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-narayana-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-0:5.11.4-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-narayana-compensations-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-jbosstxbridge-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-jbossxts-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-jts-idlj-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-jts-integration-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-restat-api-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-restat-bridge-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-restat-integration-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-restat-util-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-txframework-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-objectweb-asm-0:9.1.0-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-objectweb-asm-0:9.1.0-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.4-3.GA_redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.4-3.GA_redhat_00011.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.11-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.11-1.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.11-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.4-3.GA_redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.4-3.GA_redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-openssl-0:2.2.0-3.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-openssl-0:2.2.0-3.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-openssl-el8-x86_64-0:2.2.0-2.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-openssl-el8-x86_64-0:2.2.0-2.Final_redhat_00002.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-wildfly-openssl-el8-x86_64-debuginfo-0:2.2.0-2.Final_redhat_00002.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-wildfly-openssl-java-0:2.2.0-3.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-xom-0:1.3.7-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-xom-0:1.3.7-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-yasson-0:1.0.10-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-yasson-0:1.0.10-1.redhat_00001.1.el8eap.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2041967"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the log4j 1.x chainsaw component, where the contents of certain log entries are deserialized and possibly permit code execution. This flaw allows an attacker to send a malicious request with serialized data to the server to be deserialized when the chainsaw component is run.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "log4j: Unsafe deserialization flaw in Chainsaw log viewer",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Chainsaw is a standalone graphical user interface for viewing log entries in log4j. This flaw may be bypassed by using other available means to access log entries.\n\nRed Hat Satellite bundles log4j-over-slf4j with Candlepin, however, product is not affected as it uses logback framework for logging.\n\nRed Hat Virtualization ships a vulnerable version of the log4j package, however chainsaw is not part of typical use cases. An attacker looking to exploit this would need to not only be able to generate a malicious log entry, but also have the necessary access and permissions to start chainsaw on the engine node. Therefore the impact of this vulnerability for Red Hat Virtualization is rated Low.\n\nSimilar to Red Hat Virtualization in OpenShift Container Platform (OCP), the Hive/Presto/Hadoop components that comprise the OCP Metering stack, ship the vulnerable version of log4j package, however vulnerable chainsaw component is not used by default. Therefore the impact to OCP is reduced to Low.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-JBEAP-7.4:eap7-log4j-0:2.17.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-log4j-0:2.17.1-1.redhat_00001.1.el8eap.src"
],
"known_not_affected": [
"8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-7.redhat_00034.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ecj-1:3.26.0-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ecj-1:3.26.0-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.9-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.9-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-0:5.3.25-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-0:5.3.25-1.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.25-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.25-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.25-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-java8-0:5.3.25-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-0:11.0.15-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-commons-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-core-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-15.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-15.Final_redhat_00014.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-15.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-15.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-vfs-0:3.2.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-vfs-0:3.2.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.6-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.4-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-narayana-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-0:5.11.4-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-narayana-compensations-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-jbosstxbridge-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-jbossxts-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-jts-idlj-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-jts-integration-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-restat-api-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-restat-bridge-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-restat-integration-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-restat-util-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-txframework-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-objectweb-asm-0:9.1.0-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-objectweb-asm-0:9.1.0-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.4-3.GA_redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.4-3.GA_redhat_00011.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.11-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.11-1.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.11-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.4-3.GA_redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.4-3.GA_redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-openssl-0:2.2.0-3.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-openssl-0:2.2.0-3.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-openssl-el8-x86_64-0:2.2.0-2.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-openssl-el8-x86_64-0:2.2.0-2.Final_redhat_00002.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-wildfly-openssl-el8-x86_64-debuginfo-0:2.2.0-2.Final_redhat_00002.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-wildfly-openssl-java-0:2.2.0-3.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-xom-0:1.3.7-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-xom-0:1.3.7-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-yasson-0:1.0.10-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-yasson-0:1.0.10-1.redhat_00001.1.el8eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-23307"
},
{
"category": "external",
"summary": "RHBZ#2041967",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2041967"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-23307",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23307"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-23307",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-23307"
},
{
"category": "external",
"summary": "https://www.openwall.com/lists/oss-security/2022/01/18/5",
"url": "https://www.openwall.com/lists/oss-security/2022/01/18/5"
}
],
"release_date": "2022-01-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-04-11T13:00:18+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-JBEAP-7.4:eap7-log4j-0:2.17.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-log4j-0:2.17.1-1.redhat_00001.1.el8eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:1297"
},
{
"category": "workaround",
"details": "These are the mitigations available for this flaw for log4j 1.x:\n- Avoid using Chainsaw to view logs, and instead use some other utility, especially if there is a log view available within the product itself.\n- Remove the Chainsaw classes from the log4j jar files. For example:\n```\nzip -q -d log4j-*.jar org/apache/log4j/chainsaw/*\n```\n(log4j jars may be nested in zip archives within product)",
"product_ids": [
"8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-7.redhat_00034.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ecj-1:3.26.0-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ecj-1:3.26.0-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.9-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.9-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-0:5.3.25-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-0:5.3.25-1.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.25-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.25-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.25-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-java8-0:5.3.25-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-0:11.0.15-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-commons-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-core-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-15.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-15.Final_redhat_00014.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-15.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-15.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-vfs-0:3.2.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-vfs-0:3.2.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.6-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.4-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-log4j-0:2.17.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-log4j-0:2.17.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-narayana-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-0:5.11.4-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-narayana-compensations-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-jbosstxbridge-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-jbossxts-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-jts-idlj-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-jts-integration-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-restat-api-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-restat-bridge-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-restat-integration-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-restat-util-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-txframework-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-objectweb-asm-0:9.1.0-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-objectweb-asm-0:9.1.0-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.4-3.GA_redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.4-3.GA_redhat_00011.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.11-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.11-1.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.11-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.4-3.GA_redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.4-3.GA_redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-openssl-0:2.2.0-3.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-openssl-0:2.2.0-3.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-openssl-el8-x86_64-0:2.2.0-2.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-openssl-el8-x86_64-0:2.2.0-2.Final_redhat_00002.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-wildfly-openssl-el8-x86_64-debuginfo-0:2.2.0-2.Final_redhat_00002.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-wildfly-openssl-java-0:2.2.0-3.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-xom-0:1.3.7-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-xom-0:1.3.7-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-yasson-0:1.0.10-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-yasson-0:1.0.10-1.redhat_00001.1.el8eap.src"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-7.redhat_00034.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-7.redhat_00034.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ecj-1:3.26.0-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ecj-1:3.26.0-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.9-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.9-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-0:5.3.25-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-0:5.3.25-1.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.25-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.25-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.25-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-java8-0:5.3.25-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-0:11.0.15-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-commons-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-core-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-15.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-15.Final_redhat_00014.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-15.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-15.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-vfs-0:3.2.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-vfs-0:3.2.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.6-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.4-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-log4j-0:2.17.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-log4j-0:2.17.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-narayana-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-0:5.11.4-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-narayana-compensations-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-jbosstxbridge-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-jbossxts-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-jts-idlj-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-jts-integration-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-restat-api-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-restat-bridge-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-restat-integration-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-restat-util-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-narayana-txframework-0:5.11.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-objectweb-asm-0:9.1.0-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-objectweb-asm-0:9.1.0-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.4-3.GA_redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.4-3.GA_redhat_00011.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.11-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.11-1.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.11-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.4-3.GA_redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.4-3.GA_redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-openssl-0:2.2.0-3.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-openssl-0:2.2.0-3.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-openssl-el8-x86_64-0:2.2.0-2.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-openssl-el8-x86_64-0:2.2.0-2.Final_redhat_00002.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-wildfly-openssl-el8-x86_64-debuginfo-0:2.2.0-2.Final_redhat_00002.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-wildfly-openssl-java-0:2.2.0-3.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-xom-0:1.3.7-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-xom-0:1.3.7-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-yasson-0:1.0.10-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-yasson-0:1.0.10-1.redhat_00001.1.el8eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "log4j: Unsafe deserialization flaw in Chainsaw log viewer"
}
]
}
RHSA-2022_0083
Vulnerability from csaf_redhat - Published: 2022-01-20 12:12 - Updated: 2024-11-24 21:30Summary
Red Hat Security Advisory: Red Hat build of Eclipse Vert.x 4.1.8 security update
Notes
Topic
An update is now available for Red Hat build of Eclipse Vert.x.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability. For more information, see the CVE pages listed in the References section.
Details
This release of Red Hat build of Eclipse Vert.x 4.1.8 GA includes security updates. For more information, see the release notes listed in the References section.
Security Fix(es):
* log4j-core: remote code execution via JDBC Appender (CVE-2021-44832)
* log4j-core: DoS in log4j 2.x with thread context message pattern and context lookup pattern (incomplete fix for CVE-2021-44228) (CVE-2021-45046)
* log4j-core: DoS in log4j 2.x with Thread Context Map (MDC) input data contains a recursive lookup and context lookup pattern (CVE-2021-45105)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update is now available for Red Hat build of Eclipse Vert.x.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability. For more information, see the CVE pages listed in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "This release of Red Hat build of Eclipse Vert.x 4.1.8 GA includes security updates. For more information, see the release notes listed in the References section.\n\nSecurity Fix(es):\n\n* log4j-core: remote code execution via JDBC Appender (CVE-2021-44832)\n\n* log4j-core: DoS in log4j 2.x with thread context message pattern and context lookup pattern (incomplete fix for CVE-2021-44228) (CVE-2021-45046)\n\n* log4j-core: DoS in log4j 2.x with Thread Context Map (MDC) input data contains a recursive lookup and context lookup pattern (CVE-2021-45105)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2022:0083",
"url": "https://access.redhat.com/errata/RHSA-2022:0083"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=distributions\u0026product=catRhoar.eclipse.vertx\u0026version=4.1.8",
"url": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=distributions\u0026product=catRhoar.eclipse.vertx\u0026version=4.1.8"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_build_of_eclipse_vert.x/4.1/html/release_notes_for_eclipse_vert.x_4.1/index",
"url": "https://access.redhat.com/documentation/en-us/red_hat_build_of_eclipse_vert.x/4.1/html/release_notes_for_eclipse_vert.x_4.1/index"
},
{
"category": "external",
"summary": "2032580",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2032580"
},
{
"category": "external",
"summary": "2034067",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2034067"
},
{
"category": "external",
"summary": "2035951",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2035951"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2022/rhsa-2022_0083.json"
}
],
"title": "Red Hat Security Advisory: Red Hat build of Eclipse Vert.x 4.1.8 security update",
"tracking": {
"current_release_date": "2024-11-24T21:30:53+00:00",
"generator": {
"date": "2024-11-24T21:30:53+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.1"
}
},
"id": "RHSA-2022:0083",
"initial_release_date": "2022-01-20T12:12:50+00:00",
"revision_history": [
{
"date": "2022-01-20T12:12:50+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2022-01-20T12:12:50+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-24T21:30:53+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Vert.x 4.1.8",
"product": {
"name": "Vert.x 4.1.8",
"product_id": "Vert.x 4.1.8",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift_application_runtimes:1.0"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenShift Application Runtimes"
}
],
"category": "vendor",
"name": "Red Hat"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-44832",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2021-12-28T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2035951"
}
],
"notes": [
{
"category": "description",
"text": "Apache Log4j2 versions 2.0-beta7 through 2.17.0 (excluding security fix releases 2.3.2 and 2.12.4) are vulnerable to a remote code execution (RCE) attack where an attacker with permission to modify the logging configuration file can construct a malicious configuration using a JDBC Appender with a data source referencing a JNDI URI which can execute remote code. This issue is fixed by limiting JNDI data source names to the java protocol in Log4j2 versions 2.17.1, 2.12.4, and 2.3.2.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "log4j-core: remote code execution via JDBC Appender",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Log4j 1.x is not impacted by this vulnerability. Therefore versions of log4j shipped with Red Hat Enterprise Linux are NOT affected by this flaw.\n\nFor Elasticsearch, as shipped in OpenShift Container Platform and OpenShift Logging, access to the log4j2.properties configuration is limited only to the cluster administrators and exploitation requires cluster logging changes, what reduced the impact of this vulnerability significantly [0].\n\n[0] https://discuss.elastic.co/t/apache-log4j2-remote-code-execution-rce-vulnerability-cve-2021-44228-esa-2021-31/291476#update-jan-6-5",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Vert.x 4.1.8"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-44832"
},
{
"category": "external",
"summary": "RHBZ#2035951",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2035951"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-44832",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44832"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-44832",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-44832"
},
{
"category": "external",
"summary": "https://issues.apache.org/jira/browse/LOG4J2-3293",
"url": "https://issues.apache.org/jira/browse/LOG4J2-3293"
}
],
"release_date": "2021-12-28T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-01-20T12:12:50+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link for the update. You must be logged in to download the update.",
"product_ids": [
"Vert.x 4.1.8"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:0083"
},
{
"category": "workaround",
"details": "As per upstream:\n- In prior releases confirm that if the JDBC Appender is being used it is not configured to use any protocol other than Java.\n- Note that only the log4j-core JAR file is impacted by this vulnerability. Applications using only the log4j-api JAR file without the log4j-core JAR file are not impacted by this vulnerability.",
"product_ids": [
"Vert.x 4.1.8"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Vert.x 4.1.8"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "log4j-core: remote code execution via JDBC Appender"
},
{
"cve": "CVE-2021-45046",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2021-12-14T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2032580"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Apache Log4j logging library in versions from 2.0.0 and before 2.16.0. A remote attacker with control over Thread Context Map (MDC) input data could craft malicious input using a JNDI Lookup pattern resulting in remote code execution (RCE) in a limited number of environments.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "log4j-core: DoS in log4j 2.x with thread context message pattern and context lookup pattern (incomplete fix for CVE-2021-44228)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Although we have matched Apache\u0027s CVSS score, with the exception of the scope metric which will remain unaltered at \"unchanged\"; as we believe code execution would be at the permission levels of the running JVM and not exceeding that of the original CVE-2021-44228 flaw.\n \nWe have given this vulnerability an impact rating of Moderate, this is because of the unlikely nature of log4j lookup mapping values being derived from attacker controlled values. This is not the default configuration for end-applications using log4j 2.x and would require explicit action from a privileged user (a developer or administrator) to access the vulnerability. \nIn certain non-default configurations, it was found that the fix to address CVE-2021-44228 in Apache Log4j 2.15.0 was insufficient.\n\nThis issue affects the log4j version between 2.0 and 2.15. Log4j 1.x is NOT impacted by this vulnerability. \n\nPrerequisites to exploit this flaw are :\n\n- A remotely accessible endpoint with any protocol (HTTP, TCP, etc) that allows an attacker to send arbitrary data,\n- A log statement in the endpoint that logs the attacker controlled data.\n- Log4j configuration file should be explicitly configured to use a non-default Pattern Layout with a Context Lookup eg. ($${ctx:loginId}) \n\nIn most cases, the mitigation suggested for CVE-2021-44228 (i.e. to set the system property `log4j2.noFormatMsgLookup` to `true) does NOT mitigate this specific vulnerability. \nLog4j 2.16.0 fixes this issue by removing support for message lookup patterns and disabling JNDI functionality by default.\n\nFor Elasticsearch, as shipped in OpenShift 3.11, the \"log4j2.formatMsgNoLookups=true\" system property mitigation is sufficient as there are no included non-standard configurations that allow for exploitation:\n\nhttps://github.com/openshift/openshift-ansible/blob/release-3.11/roles/openshift_logging_elasticsearch/templates/log4j2.properties.j2\n\nhttps://discuss.elastic.co/t/apache-log4j2-remote-code-execution-rce-vulnerability-cve-2021-44228-esa-2021-31/291476\n\nFor CodeReady Studio the fix for this flaw is available on CodeReady Studio 12.21.3 and above versions.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Vert.x 4.1.8"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-45046"
},
{
"category": "external",
"summary": "RHBZ#2032580",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2032580"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-45046",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-45046"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-45046",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-45046"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2021-44228",
"url": "https://access.redhat.com/security/cve/CVE-2021-44228"
},
{
"category": "external",
"summary": "https://logging.apache.org/log4j/2.x/security.html",
"url": "https://logging.apache.org/log4j/2.x/security.html"
},
{
"category": "external",
"summary": "https://www.openwall.com/lists/oss-security/2021/12/14/4",
"url": "https://www.openwall.com/lists/oss-security/2021/12/14/4"
},
{
"category": "external",
"summary": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog",
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
}
],
"release_date": "2021-12-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-01-20T12:12:50+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link for the update. You must be logged in to download the update.",
"product_ids": [
"Vert.x 4.1.8"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:0083"
},
{
"category": "workaround",
"details": "For Log4j versions up to and including 2.15.0, this issue can be mitigated by removing the JndiLookup class from the classpath (example: zip -q -d log4j-core-*.jar org/apache/logging/log4j/core/lookup/JndiLookup.class).",
"product_ids": [
"Vert.x 4.1.8"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Vert.x 4.1.8"
]
}
],
"threats": [
{
"category": "exploit_status",
"date": "2023-05-01T00:00:00+00:00",
"details": "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
},
{
"category": "impact",
"details": "Moderate"
}
],
"title": "log4j-core: DoS in log4j 2.x with thread context message pattern and context lookup pattern (incomplete fix for CVE-2021-44228)"
},
{
"cve": "CVE-2021-45105",
"cwe": {
"id": "CWE-674",
"name": "Uncontrolled Recursion"
},
"discovery_date": "2021-12-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2034067"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Apache Log4j logging library 2.x. when the logging configuration uses a non-default Pattern Layout with a Context Lookup. Attackers with control over Thread Context Map (MDC) input data can craft malicious input data that contains a recursive lookup and can cause Denial of Service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "log4j-core: DoS in log4j 2.x with Thread Context Map (MDC) input data contains a recursive lookup and context lookup pattern",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Product Security has performed an analysis of this flaw and has classified the Attack Complexity(AC) as High because there are multiple factors involved which are beyond attacker\u0027s control:\n\n- The application has to use the logging configuration using a Context Map Lookup (for example, $${ctx:loginId}) which is a non-default Pattern Layout.\n- The application developer has to use the map org.apache.logging.log4j.ThreadContext in the application code and save at-least one key (for example, ThreadContext.put(\"loginId\", \"myId\");) in the ThreadContext map object.\n- Attackers must also know this saved key name in order to exploit this flaw.\n\nNote that saving keys in this map is a non-essential usage of log4j and just an optional feature provided. Refer to https://logging.apache.org/log4j/2.x/manual/lookups.html#ContextMapLookup to know more about the Context Map Lookup feature of Log4j.\n\nLog4j 1.x is not impacted by this vulnerability. Note that only the log4j-core JAR file is impacted by this vulnerability. Applications using ONLY the log4j-api JAR file without the log4j-core JAR file are NOT impacted by this vulnerability.\n\n\nDespite including a vulnerable version of Log4j 2.x, this vulnerability is not exploitable in Elasticsearch[0], as shipped in OpenShift Container Platform and OpenShift Logging. OpenShift 3.11 specifically does not contain any context lookups:\n\nhttps://github.com/openshift/openshift-ansible/blob/release-3.11/roles/openshift_logging_elasticsearch/templates/log4j2.properties.j2\n\nThis vulnerability is therefore rated Low for Elasticsearch in OpenShift Container Platform and OpenShift Logging.\n\n[0] https://discuss.elastic.co/t/apache-log4j2-remote-code-execution-rce-vulnerability-cve-2021-44228-esa-2021-31/291476#update-december-18-4",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Vert.x 4.1.8"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-45105"
},
{
"category": "external",
"summary": "RHBZ#2034067",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2034067"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-45105",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-45105"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-45105",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-45105"
},
{
"category": "external",
"summary": "https://issues.apache.org/jira/browse/LOG4J2-3230",
"url": "https://issues.apache.org/jira/browse/LOG4J2-3230"
},
{
"category": "external",
"summary": "https://logging.apache.org/log4j/2.x/security.html",
"url": "https://logging.apache.org/log4j/2.x/security.html"
},
{
"category": "external",
"summary": "https://www.openwall.com/lists/oss-security/2021/12/19/1",
"url": "https://www.openwall.com/lists/oss-security/2021/12/19/1"
}
],
"release_date": "2021-12-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-01-20T12:12:50+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link for the update. You must be logged in to download the update.",
"product_ids": [
"Vert.x 4.1.8"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:0083"
},
{
"category": "workaround",
"details": "For Log4j 2 versions up to and including 2.16.0, this flaw can be mitigated by:\n- In PatternLayout in the Log4j logging configuration, replace Context Lookups like ${ctx:loginId} or $${ctx:loginId} with Thread Context Map patterns (%X, %mdc, or %MDC) like %X{loginId}.\n- Otherwise, in the Log4j logging configuration, remove references to Context Lookups like ${ctx:loginId} or $${ctx:loginId} where they originate from sources external to the application such as HTTP headers or user input.",
"product_ids": [
"Vert.x 4.1.8"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Vert.x 4.1.8"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "log4j-core: DoS in log4j 2.x with Thread Context Map (MDC) input data contains a recursive lookup and context lookup pattern"
}
]
}
RHSA-2022_0493
Vulnerability from csaf_redhat - Published: 2022-02-16 11:29 - Updated: 2024-11-25 10:49Summary
Red Hat Security Advisory: OpenShift Container Platform 4.7.43 security update
Notes
Topic
Red Hat OpenShift Container Platform release 4.7.43 is now available with
updates to packages and images that fix several bugs and add enhancements.
This release includes a security update for Red Hat OpenShift Container Platform 4.7.
Red Hat Product Security has rated this update as having a security impact
of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
gives a detailed severity rating, is available for each vulnerability from
the CVE link(s) in the References section.
Details
Red Hat OpenShift Container Platform is Red Hat's cloud computing
Kubernetes application platform solution designed for on-premise or private
cloud deployments.
This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.7.43. See the following advisory for the container images for this release:
https://access.redhat.com/errata/RHSA-2022:0492
Security Fix(es):
* log4j-core: remote code execution via JDBC Appender (CVE-2021-44832)
For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.
All OpenShift Container Platform 4.7 users are advised to upgrade to these updated packages and images when they are available in the appropriate release channel. To check for available updates, use the OpenShift Console or the CLI oc command. Instructions for upgrading a cluster are available at https://docs.openshift.com/container-platform/4.7/updating/updating-cluster-cli.html
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Red Hat OpenShift Container Platform release 4.7.43 is now available with\nupdates to packages and images that fix several bugs and add enhancements.\n\nThis release includes a security update for Red Hat OpenShift Container Platform 4.7.\n\nRed Hat Product Security has rated this update as having a security impact\nof Moderate. A Common Vulnerability Scoring System (CVSS) base score, which\ngives a detailed severity rating, is available for each vulnerability from\nthe CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat OpenShift Container Platform is Red Hat\u0027s cloud computing\nKubernetes application platform solution designed for on-premise or private\ncloud deployments.\n\nThis advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.7.43. See the following advisory for the container images for this release:\n\nhttps://access.redhat.com/errata/RHSA-2022:0492\n\nSecurity Fix(es):\n\n* log4j-core: remote code execution via JDBC Appender (CVE-2021-44832)\n\nFor more details about the security issue(s), including the impact, a CVSS\nscore, acknowledgments, and other related information, refer to the CVE\npage(s) listed in the References section.\n\nAll OpenShift Container Platform 4.7 users are advised to upgrade to these updated packages and images when they are available in the appropriate release channel. To check for available updates, use the OpenShift Console or the CLI oc command. Instructions for upgrading a cluster are available at https://docs.openshift.com/container-platform/4.7/updating/updating-cluster-cli.html",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2022:0493",
"url": "https://access.redhat.com/errata/RHSA-2022:0493"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "2035951",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2035951"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2022/rhsa-2022_0493.json"
}
],
"title": "Red Hat Security Advisory: OpenShift Container Platform 4.7.43 security update",
"tracking": {
"current_release_date": "2024-11-25T10:49:17+00:00",
"generator": {
"date": "2024-11-25T10:49:17+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.1"
}
},
"id": "RHSA-2022:0493",
"initial_release_date": "2022-02-16T11:29:57+00:00",
"revision_history": [
{
"date": "2022-02-16T11:29:57+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2022-02-16T11:29:57+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-25T10:49:17+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat OpenShift Container Platform 4.7",
"product": {
"name": "Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift:4.7::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenShift Enterprise"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift4/ose-descheduler@sha256:2ba655f44e0e59c914c40274fb956f1d1f13aff731bafa8553342fae507069ee_s390x",
"product": {
"name": "openshift4/ose-descheduler@sha256:2ba655f44e0e59c914c40274fb956f1d1f13aff731bafa8553342fae507069ee_s390x",
"product_id": "openshift4/ose-descheduler@sha256:2ba655f44e0e59c914c40274fb956f1d1f13aff731bafa8553342fae507069ee_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-descheduler@sha256:2ba655f44e0e59c914c40274fb956f1d1f13aff731bafa8553342fae507069ee?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-descheduler\u0026tag=v4.7.0-202201261123.p0.g7295089.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-node-problem-detector-rhel8@sha256:9819ce4cec57a67c73ef7c806328079eeb697657d22b0205de48f887883d4263_s390x",
"product": {
"name": "openshift4/ose-node-problem-detector-rhel8@sha256:9819ce4cec57a67c73ef7c806328079eeb697657d22b0205de48f887883d4263_s390x",
"product_id": "openshift4/ose-node-problem-detector-rhel8@sha256:9819ce4cec57a67c73ef7c806328079eeb697657d22b0205de48f887883d4263_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-node-problem-detector-rhel8@sha256:9819ce4cec57a67c73ef7c806328079eeb697657d22b0205de48f887883d4263?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-node-problem-detector-rhel8\u0026tag=v4.7.0-202201261123.p0.g1acc3dd.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-cluster-nfd-operator@sha256:e9a8c656f1eed7c0e45cd42b7107bdd9c36d0877749ea707caea2834e2ff7853_s390x",
"product": {
"name": "openshift4/ose-cluster-nfd-operator@sha256:e9a8c656f1eed7c0e45cd42b7107bdd9c36d0877749ea707caea2834e2ff7853_s390x",
"product_id": "openshift4/ose-cluster-nfd-operator@sha256:e9a8c656f1eed7c0e45cd42b7107bdd9c36d0877749ea707caea2834e2ff7853_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-cluster-nfd-operator@sha256:e9a8c656f1eed7c0e45cd42b7107bdd9c36d0877749ea707caea2834e2ff7853?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-cluster-nfd-operator\u0026tag=v4.7.0-202201261123.p0.ga500af3.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-sriov-infiniband-cni@sha256:dc869987220178fda24dd3f7fbe66a910e353519bcda4484ecf91f34e018cadc_s390x",
"product": {
"name": "openshift4/ose-sriov-infiniband-cni@sha256:dc869987220178fda24dd3f7fbe66a910e353519bcda4484ecf91f34e018cadc_s390x",
"product_id": "openshift4/ose-sriov-infiniband-cni@sha256:dc869987220178fda24dd3f7fbe66a910e353519bcda4484ecf91f34e018cadc_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-sriov-infiniband-cni@sha256:dc869987220178fda24dd3f7fbe66a910e353519bcda4484ecf91f34e018cadc?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-sriov-infiniband-cni\u0026tag=v4.7.0-202201261123.p0.g3a0d90c.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-local-storage-diskmaker@sha256:eb94c3891e7b187019e21e01a0c0c51c356de2e52d328cb7cd201ccaf084649a_s390x",
"product": {
"name": "openshift4/ose-local-storage-diskmaker@sha256:eb94c3891e7b187019e21e01a0c0c51c356de2e52d328cb7cd201ccaf084649a_s390x",
"product_id": "openshift4/ose-local-storage-diskmaker@sha256:eb94c3891e7b187019e21e01a0c0c51c356de2e52d328cb7cd201ccaf084649a_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-local-storage-diskmaker@sha256:eb94c3891e7b187019e21e01a0c0c51c356de2e52d328cb7cd201ccaf084649a?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-local-storage-diskmaker\u0026tag=v4.7.0-202201261123.p0.g56eb729.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-local-storage-operator@sha256:1de35e9908b4037e251d5940d6d7832add15438babbd787a8799b97d077bdb51_s390x",
"product": {
"name": "openshift4/ose-local-storage-operator@sha256:1de35e9908b4037e251d5940d6d7832add15438babbd787a8799b97d077bdb51_s390x",
"product_id": "openshift4/ose-local-storage-operator@sha256:1de35e9908b4037e251d5940d6d7832add15438babbd787a8799b97d077bdb51_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-local-storage-operator@sha256:1de35e9908b4037e251d5940d6d7832add15438babbd787a8799b97d077bdb51?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-local-storage-operator\u0026tag=v4.7.0-202201261123.p0.g56eb729.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-local-storage-static-provisioner@sha256:1b9840fca41b1a98bccf81f13d1cf97599098417d44464e516cea6b26c8d96ad_s390x",
"product": {
"name": "openshift4/ose-local-storage-static-provisioner@sha256:1b9840fca41b1a98bccf81f13d1cf97599098417d44464e516cea6b26c8d96ad_s390x",
"product_id": "openshift4/ose-local-storage-static-provisioner@sha256:1b9840fca41b1a98bccf81f13d1cf97599098417d44464e516cea6b26c8d96ad_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-local-storage-static-provisioner@sha256:1b9840fca41b1a98bccf81f13d1cf97599098417d44464e516cea6b26c8d96ad?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-local-storage-static-provisioner\u0026tag=v4.7.0-202201261123.p0.ga054523.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-node-feature-discovery@sha256:b60199d0dbf4727ac8ae61fec173120db88b061ea102f9f814b77da3fdf0cb8d_s390x",
"product": {
"name": "openshift4/ose-node-feature-discovery@sha256:b60199d0dbf4727ac8ae61fec173120db88b061ea102f9f814b77da3fdf0cb8d_s390x",
"product_id": "openshift4/ose-node-feature-discovery@sha256:b60199d0dbf4727ac8ae61fec173120db88b061ea102f9f814b77da3fdf0cb8d_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-node-feature-discovery@sha256:b60199d0dbf4727ac8ae61fec173120db88b061ea102f9f814b77da3fdf0cb8d?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-node-feature-discovery\u0026tag=v4.7.0-202201261123.p0.g5b1bc4f.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-ansible-operator@sha256:61e72a2b6727e2a7b18e433254dade6c341a658c8e5db1c7db76e63201cba68d_s390x",
"product": {
"name": "openshift4/ose-ansible-operator@sha256:61e72a2b6727e2a7b18e433254dade6c341a658c8e5db1c7db76e63201cba68d_s390x",
"product_id": "openshift4/ose-ansible-operator@sha256:61e72a2b6727e2a7b18e433254dade6c341a658c8e5db1c7db76e63201cba68d_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-ansible-operator@sha256:61e72a2b6727e2a7b18e433254dade6c341a658c8e5db1c7db76e63201cba68d?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-ansible-operator\u0026tag=v4.7.0-202201261123.p0.g2cd576d.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-cluster-capacity@sha256:dc6a4807b1a79fae9510fbd85adbfa24ef6390414255688ab5e081a78209cfd1_s390x",
"product": {
"name": "openshift4/ose-cluster-capacity@sha256:dc6a4807b1a79fae9510fbd85adbfa24ef6390414255688ab5e081a78209cfd1_s390x",
"product_id": "openshift4/ose-cluster-capacity@sha256:dc6a4807b1a79fae9510fbd85adbfa24ef6390414255688ab5e081a78209cfd1_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-cluster-capacity@sha256:dc6a4807b1a79fae9510fbd85adbfa24ef6390414255688ab5e081a78209cfd1?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-cluster-capacity\u0026tag=v4.7.0-202201261123.p0.g32653a9.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-egress-dns-proxy@sha256:2b193ab81fa02031e79917fd5c938a0e4ad529c74bdb3ed067140ac66584de75_s390x",
"product": {
"name": "openshift4/ose-egress-dns-proxy@sha256:2b193ab81fa02031e79917fd5c938a0e4ad529c74bdb3ed067140ac66584de75_s390x",
"product_id": "openshift4/ose-egress-dns-proxy@sha256:2b193ab81fa02031e79917fd5c938a0e4ad529c74bdb3ed067140ac66584de75_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-egress-dns-proxy@sha256:2b193ab81fa02031e79917fd5c938a0e4ad529c74bdb3ed067140ac66584de75?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-egress-dns-proxy\u0026tag=v4.7.0-202201261123.p0.g0e45f63.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-egress-router@sha256:342350d595c18a630c6f6bb100e8e2eaa397008d3467757431e81a54cab0fe87_s390x",
"product": {
"name": "openshift4/ose-egress-router@sha256:342350d595c18a630c6f6bb100e8e2eaa397008d3467757431e81a54cab0fe87_s390x",
"product_id": "openshift4/ose-egress-router@sha256:342350d595c18a630c6f6bb100e8e2eaa397008d3467757431e81a54cab0fe87_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-egress-router@sha256:342350d595c18a630c6f6bb100e8e2eaa397008d3467757431e81a54cab0fe87?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-egress-router\u0026tag=v4.7.0-202201261123.p0.g0e45f63.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-helm-operator@sha256:31c0209cce395067e11a47c6ccad47d2b61fdc9cbfb9a678957cc89e51166d12_s390x",
"product": {
"name": "openshift4/ose-helm-operator@sha256:31c0209cce395067e11a47c6ccad47d2b61fdc9cbfb9a678957cc89e51166d12_s390x",
"product_id": "openshift4/ose-helm-operator@sha256:31c0209cce395067e11a47c6ccad47d2b61fdc9cbfb9a678957cc89e51166d12_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-helm-operator@sha256:31c0209cce395067e11a47c6ccad47d2b61fdc9cbfb9a678957cc89e51166d12?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-helm-operator\u0026tag=v4.7.0-202201261123.p0.g2cd576d.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-operator-sdk-rhel8@sha256:b82b5e624823731165f46003fd321a21be8978b048dbcb7c894a8b0f4a4689db_s390x",
"product": {
"name": "openshift4/ose-operator-sdk-rhel8@sha256:b82b5e624823731165f46003fd321a21be8978b048dbcb7c894a8b0f4a4689db_s390x",
"product_id": "openshift4/ose-operator-sdk-rhel8@sha256:b82b5e624823731165f46003fd321a21be8978b048dbcb7c894a8b0f4a4689db_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-operator-sdk-rhel8@sha256:b82b5e624823731165f46003fd321a21be8978b048dbcb7c894a8b0f4a4689db?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-operator-sdk-rhel8\u0026tag=v4.7.0-202201261123.p0.g2cd576d.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-service-idler-rhel8@sha256:867ac586b25cc3587dde454f2419127dbcf610e85b07daa6bcb0f9a18e77c828_s390x",
"product": {
"name": "openshift4/ose-service-idler-rhel8@sha256:867ac586b25cc3587dde454f2419127dbcf610e85b07daa6bcb0f9a18e77c828_s390x",
"product_id": "openshift4/ose-service-idler-rhel8@sha256:867ac586b25cc3587dde454f2419127dbcf610e85b07daa6bcb0f9a18e77c828_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-service-idler-rhel8@sha256:867ac586b25cc3587dde454f2419127dbcf610e85b07daa6bcb0f9a18e77c828?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-service-idler-rhel8\u0026tag=v4.7.0-202201261123.p0.g39cfc66.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-kubernetes-nmstate-handler-rhel8@sha256:33118718e753a7e63c7427e3b2bfec0bb7bf440d9ee5a0b3bff3b13a08023731_s390x",
"product": {
"name": "openshift4/ose-kubernetes-nmstate-handler-rhel8@sha256:33118718e753a7e63c7427e3b2bfec0bb7bf440d9ee5a0b3bff3b13a08023731_s390x",
"product_id": "openshift4/ose-kubernetes-nmstate-handler-rhel8@sha256:33118718e753a7e63c7427e3b2bfec0bb7bf440d9ee5a0b3bff3b13a08023731_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-kubernetes-nmstate-handler-rhel8@sha256:33118718e753a7e63c7427e3b2bfec0bb7bf440d9ee5a0b3bff3b13a08023731?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-kubernetes-nmstate-handler-rhel8\u0026tag=v4.7.0-202201261123.p0.g1987544.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-cluster-kube-descheduler-operator@sha256:c1d2a7d34d240089b8122cbee1acabd687e1175f19f725c4dade1d73bd5b5c25_s390x",
"product": {
"name": "openshift4/ose-cluster-kube-descheduler-operator@sha256:c1d2a7d34d240089b8122cbee1acabd687e1175f19f725c4dade1d73bd5b5c25_s390x",
"product_id": "openshift4/ose-cluster-kube-descheduler-operator@sha256:c1d2a7d34d240089b8122cbee1acabd687e1175f19f725c4dade1d73bd5b5c25_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-cluster-kube-descheduler-operator@sha256:c1d2a7d34d240089b8122cbee1acabd687e1175f19f725c4dade1d73bd5b5c25?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-cluster-kube-descheduler-operator\u0026tag=v4.7.0-202201261123.p0.g3787d15.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:c1d2a7d34d240089b8122cbee1acabd687e1175f19f725c4dade1d73bd5b5c25_s390x",
"product": {
"name": "openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:c1d2a7d34d240089b8122cbee1acabd687e1175f19f725c4dade1d73bd5b5c25_s390x",
"product_id": "openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:c1d2a7d34d240089b8122cbee1acabd687e1175f19f725c4dade1d73bd5b5c25_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-cluster-kube-descheduler-rhel8-operator@sha256:c1d2a7d34d240089b8122cbee1acabd687e1175f19f725c4dade1d73bd5b5c25?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-cluster-kube-descheduler-rhel8-operator\u0026tag=v4.7.0-202201261123.p0.g3787d15.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-clusterresourceoverride-rhel8@sha256:b297025d05f3b5898e97bcd4c79151338605848a32028e4bf2a8e20d46a9a0e6_s390x",
"product": {
"name": "openshift4/ose-clusterresourceoverride-rhel8@sha256:b297025d05f3b5898e97bcd4c79151338605848a32028e4bf2a8e20d46a9a0e6_s390x",
"product_id": "openshift4/ose-clusterresourceoverride-rhel8@sha256:b297025d05f3b5898e97bcd4c79151338605848a32028e4bf2a8e20d46a9a0e6_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-clusterresourceoverride-rhel8@sha256:b297025d05f3b5898e97bcd4c79151338605848a32028e4bf2a8e20d46a9a0e6?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-clusterresourceoverride-rhel8\u0026tag=v4.7.0-202201261123.p0.gd12134c.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:4af4402195c6da600602a0870a9ca8f2913637ab9b4adaca731ce1f514bfb71d_s390x",
"product": {
"name": "openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:4af4402195c6da600602a0870a9ca8f2913637ab9b4adaca731ce1f514bfb71d_s390x",
"product_id": "openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:4af4402195c6da600602a0870a9ca8f2913637ab9b4adaca731ce1f514bfb71d_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-clusterresourceoverride-rhel8-operator@sha256:4af4402195c6da600602a0870a9ca8f2913637ab9b4adaca731ce1f514bfb71d?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-clusterresourceoverride-rhel8-operator\u0026tag=v4.7.0-202201261123.p0.g2945596.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-egress-http-proxy@sha256:11fdd61a55cc06e6b4d1a8aefdf762bf2db21e351962285e26f2ab3d95a8460e_s390x",
"product": {
"name": "openshift4/ose-egress-http-proxy@sha256:11fdd61a55cc06e6b4d1a8aefdf762bf2db21e351962285e26f2ab3d95a8460e_s390x",
"product_id": "openshift4/ose-egress-http-proxy@sha256:11fdd61a55cc06e6b4d1a8aefdf762bf2db21e351962285e26f2ab3d95a8460e_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-egress-http-proxy@sha256:11fdd61a55cc06e6b4d1a8aefdf762bf2db21e351962285e26f2ab3d95a8460e?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-egress-http-proxy\u0026tag=v4.7.0-202201261123.p0.g0e45f63.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:ee09644f92a405a9d847d4f183b30208987c9afb61c15dea10175ac0b08bf5a6_s390x",
"product": {
"name": "openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:ee09644f92a405a9d847d4f183b30208987c9afb61c15dea10175ac0b08bf5a6_s390x",
"product_id": "openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:ee09644f92a405a9d847d4f183b30208987c9afb61c15dea10175ac0b08bf5a6_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-jenkins-agent-nodejs-10-rhel8@sha256:ee09644f92a405a9d847d4f183b30208987c9afb61c15dea10175ac0b08bf5a6?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-jenkins-agent-nodejs-10-rhel8\u0026tag=v4.7.0-202202020525.p0.g1383028.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/kubernetes-nmstate-rhel8-operator@sha256:a03a81188cbb41a6b947e213054834503ff0b138790657e7bcfb89ac76db7e2f_s390x",
"product": {
"name": "openshift4/kubernetes-nmstate-rhel8-operator@sha256:a03a81188cbb41a6b947e213054834503ff0b138790657e7bcfb89ac76db7e2f_s390x",
"product_id": "openshift4/kubernetes-nmstate-rhel8-operator@sha256:a03a81188cbb41a6b947e213054834503ff0b138790657e7bcfb89ac76db7e2f_s390x",
"product_identification_helper": {
"purl": "pkg:oci/kubernetes-nmstate-rhel8-operator@sha256:a03a81188cbb41a6b947e213054834503ff0b138790657e7bcfb89ac76db7e2f?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/kubernetes-nmstate-rhel8-operator\u0026tag=v4.7.0-202201261123.p0.g1987544.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-ptp@sha256:8a59f23dd45f1b7f8149711cd2f4420795c3e29a800c9bcfe53413cd519e3d84_s390x",
"product": {
"name": "openshift4/ose-ptp@sha256:8a59f23dd45f1b7f8149711cd2f4420795c3e29a800c9bcfe53413cd519e3d84_s390x",
"product_id": "openshift4/ose-ptp@sha256:8a59f23dd45f1b7f8149711cd2f4420795c3e29a800c9bcfe53413cd519e3d84_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-ptp@sha256:8a59f23dd45f1b7f8149711cd2f4420795c3e29a800c9bcfe53413cd519e3d84?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-ptp\u0026tag=v4.7.0-202201261123.p0.g6602684.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-local-storage-mustgather-rhel8@sha256:a172fc08b88d93cfacedd5c7a70a187dcbc4709413e200f26498558ec1d0b93a_s390x",
"product": {
"name": "openshift4/ose-local-storage-mustgather-rhel8@sha256:a172fc08b88d93cfacedd5c7a70a187dcbc4709413e200f26498558ec1d0b93a_s390x",
"product_id": "openshift4/ose-local-storage-mustgather-rhel8@sha256:a172fc08b88d93cfacedd5c7a70a187dcbc4709413e200f26498558ec1d0b93a_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-local-storage-mustgather-rhel8@sha256:a172fc08b88d93cfacedd5c7a70a187dcbc4709413e200f26498558ec1d0b93a?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-local-storage-mustgather-rhel8\u0026tag=v4.7.0-202201261537.p0.g56eb729.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-metering-helm-container-rhel8@sha256:d412d15d2538f1c8cda65219aa518627c14c7d1124246b96c71ee9b806fc6509_s390x",
"product": {
"name": "openshift4/ose-metering-helm-container-rhel8@sha256:d412d15d2538f1c8cda65219aa518627c14c7d1124246b96c71ee9b806fc6509_s390x",
"product_id": "openshift4/ose-metering-helm-container-rhel8@sha256:d412d15d2538f1c8cda65219aa518627c14c7d1124246b96c71ee9b806fc6509_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-metering-helm-container-rhel8@sha256:d412d15d2538f1c8cda65219aa518627c14c7d1124246b96c71ee9b806fc6509?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-metering-helm-container-rhel8\u0026tag=v4.7.0-202201261123.p0.gdccc202.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/network-tools-rhel8@sha256:d5c128fb34258594b23210743a46f22ec0efd9178011d749c6e93365fa482470_s390x",
"product": {
"name": "openshift4/network-tools-rhel8@sha256:d5c128fb34258594b23210743a46f22ec0efd9178011d749c6e93365fa482470_s390x",
"product_id": "openshift4/network-tools-rhel8@sha256:d5c128fb34258594b23210743a46f22ec0efd9178011d749c6e93365fa482470_s390x",
"product_identification_helper": {
"purl": "pkg:oci/network-tools-rhel8@sha256:d5c128fb34258594b23210743a46f22ec0efd9178011d749c6e93365fa482470?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/network-tools-rhel8\u0026tag=v4.7.0-202202011649.p0.g70c7f85.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-ptp-operator@sha256:3c4cca09987bb6030b6519394465469b7180c2a042854d38044f5cc3f7d2b30b_s390x",
"product": {
"name": "openshift4/ose-ptp-operator@sha256:3c4cca09987bb6030b6519394465469b7180c2a042854d38044f5cc3f7d2b30b_s390x",
"product_id": "openshift4/ose-ptp-operator@sha256:3c4cca09987bb6030b6519394465469b7180c2a042854d38044f5cc3f7d2b30b_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-ptp-operator@sha256:3c4cca09987bb6030b6519394465469b7180c2a042854d38044f5cc3f7d2b30b?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-ptp-operator\u0026tag=v4.7.0-202201261123.p0.g0853bcd.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:5d67547980eca90abba55217671e141a5211b188fde220a7738d00c492719a90_s390x",
"product": {
"name": "openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:5d67547980eca90abba55217671e141a5211b188fde220a7738d00c492719a90_s390x",
"product_id": "openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:5d67547980eca90abba55217671e141a5211b188fde220a7738d00c492719a90_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-vertical-pod-autoscaler-rhel8@sha256:5d67547980eca90abba55217671e141a5211b188fde220a7738d00c492719a90?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-vertical-pod-autoscaler-rhel8\u0026tag=v4.7.0-202201261123.p0.g8b2e494.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:29b1accb1927eed49cc610fde0d6510c4e4c50e691a09e6d756ae01fa09e0931_s390x",
"product": {
"name": "openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:29b1accb1927eed49cc610fde0d6510c4e4c50e691a09e6d756ae01fa09e0931_s390x",
"product_id": "openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:29b1accb1927eed49cc610fde0d6510c4e4c50e691a09e6d756ae01fa09e0931_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-vertical-pod-autoscaler-rhel8-operator@sha256:29b1accb1927eed49cc610fde0d6510c4e4c50e691a09e6d756ae01fa09e0931?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-vertical-pod-autoscaler-rhel8-operator\u0026tag=v4.7.0-202201261123.p0.g49937fc.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ptp-must-gather-rhel8@sha256:6a109b85e3bf018b10fa79b0fdbfc60342ceef50f3b481b52f775fc64e9ca749_s390x",
"product": {
"name": "openshift4/ptp-must-gather-rhel8@sha256:6a109b85e3bf018b10fa79b0fdbfc60342ceef50f3b481b52f775fc64e9ca749_s390x",
"product_id": "openshift4/ptp-must-gather-rhel8@sha256:6a109b85e3bf018b10fa79b0fdbfc60342ceef50f3b481b52f775fc64e9ca749_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ptp-must-gather-rhel8@sha256:6a109b85e3bf018b10fa79b0fdbfc60342ceef50f3b481b52f775fc64e9ca749?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ptp-must-gather-rhel8\u0026tag=v4.7.0-202201261123.p0.g0853bcd.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-sriov-cni@sha256:81a5d568bcc8c8f6eb387df1d437b6d0500b891c3caeb84b27858034f3de603c_s390x",
"product": {
"name": "openshift4/ose-sriov-cni@sha256:81a5d568bcc8c8f6eb387df1d437b6d0500b891c3caeb84b27858034f3de603c_s390x",
"product_id": "openshift4/ose-sriov-cni@sha256:81a5d568bcc8c8f6eb387df1d437b6d0500b891c3caeb84b27858034f3de603c_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-sriov-cni@sha256:81a5d568bcc8c8f6eb387df1d437b6d0500b891c3caeb84b27858034f3de603c?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-sriov-cni\u0026tag=v4.7.0-202201261123.p0.g2ad0912.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-sriov-dp-admission-controller@sha256:1645377753534108e3efeb01f6140a26ec53137041ff02a1284352c3e273fd0c_s390x",
"product": {
"name": "openshift4/ose-sriov-dp-admission-controller@sha256:1645377753534108e3efeb01f6140a26ec53137041ff02a1284352c3e273fd0c_s390x",
"product_id": "openshift4/ose-sriov-dp-admission-controller@sha256:1645377753534108e3efeb01f6140a26ec53137041ff02a1284352c3e273fd0c_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-sriov-dp-admission-controller@sha256:1645377753534108e3efeb01f6140a26ec53137041ff02a1284352c3e273fd0c?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-sriov-dp-admission-controller\u0026tag=v4.7.0-202201261123.p0.g552c314.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-sriov-network-config-daemon@sha256:1f79da5009c02e53f313b417025d3ffc7e5c54e6428013c5d8c240d95295018b_s390x",
"product": {
"name": "openshift4/ose-sriov-network-config-daemon@sha256:1f79da5009c02e53f313b417025d3ffc7e5c54e6428013c5d8c240d95295018b_s390x",
"product_id": "openshift4/ose-sriov-network-config-daemon@sha256:1f79da5009c02e53f313b417025d3ffc7e5c54e6428013c5d8c240d95295018b_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-sriov-network-config-daemon@sha256:1f79da5009c02e53f313b417025d3ffc7e5c54e6428013c5d8c240d95295018b?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-sriov-network-config-daemon\u0026tag=v4.7.0-202201261123.p0.gf6c2ccd.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-sriov-network-device-plugin@sha256:697a084e5a30a0c6ca7e77ce5c77ada9deb5f109decc0f164a9378b40134ed82_s390x",
"product": {
"name": "openshift4/ose-sriov-network-device-plugin@sha256:697a084e5a30a0c6ca7e77ce5c77ada9deb5f109decc0f164a9378b40134ed82_s390x",
"product_id": "openshift4/ose-sriov-network-device-plugin@sha256:697a084e5a30a0c6ca7e77ce5c77ada9deb5f109decc0f164a9378b40134ed82_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-sriov-network-device-plugin@sha256:697a084e5a30a0c6ca7e77ce5c77ada9deb5f109decc0f164a9378b40134ed82?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-sriov-network-device-plugin\u0026tag=v4.7.0-202201261123.p0.g6d9de39.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-sriov-operator-must-gather@sha256:a270a26fe3257c4ab4020975e8ceb88ed223457497fd7bc11849ce96a0075c1c_s390x",
"product": {
"name": "openshift4/ose-sriov-operator-must-gather@sha256:a270a26fe3257c4ab4020975e8ceb88ed223457497fd7bc11849ce96a0075c1c_s390x",
"product_id": "openshift4/ose-sriov-operator-must-gather@sha256:a270a26fe3257c4ab4020975e8ceb88ed223457497fd7bc11849ce96a0075c1c_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-sriov-operator-must-gather@sha256:a270a26fe3257c4ab4020975e8ceb88ed223457497fd7bc11849ce96a0075c1c?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-sriov-operator-must-gather\u0026tag=v4.7.0-202201261123.p0.gf6c2ccd.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-sriov-network-operator@sha256:74f269f0228b727f77e87c39fd5eeb02345fb44eeef235e3b30decb8142a6cf5_s390x",
"product": {
"name": "openshift4/ose-sriov-network-operator@sha256:74f269f0228b727f77e87c39fd5eeb02345fb44eeef235e3b30decb8142a6cf5_s390x",
"product_id": "openshift4/ose-sriov-network-operator@sha256:74f269f0228b727f77e87c39fd5eeb02345fb44eeef235e3b30decb8142a6cf5_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-sriov-network-operator@sha256:74f269f0228b727f77e87c39fd5eeb02345fb44eeef235e3b30decb8142a6cf5?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-sriov-network-operator\u0026tag=v4.7.0-202201261123.p0.gf6c2ccd.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-sriov-network-webhook@sha256:6eb41f6dcfbdfbefcd12827661e676155758ea3c29f5df868c4bd27b2f323cb3_s390x",
"product": {
"name": "openshift4/ose-sriov-network-webhook@sha256:6eb41f6dcfbdfbefcd12827661e676155758ea3c29f5df868c4bd27b2f323cb3_s390x",
"product_id": "openshift4/ose-sriov-network-webhook@sha256:6eb41f6dcfbdfbefcd12827661e676155758ea3c29f5df868c4bd27b2f323cb3_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-sriov-network-webhook@sha256:6eb41f6dcfbdfbefcd12827661e676155758ea3c29f5df868c4bd27b2f323cb3?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-sriov-network-webhook\u0026tag=v4.7.0-202201261123.p0.gf6c2ccd.assembly.stream"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift4/ose-descheduler@sha256:3a04d4a7f569a1f029ee9e4720f8eabd96bdf1ab848bf0a996b7f449181919d6_amd64",
"product": {
"name": "openshift4/ose-descheduler@sha256:3a04d4a7f569a1f029ee9e4720f8eabd96bdf1ab848bf0a996b7f449181919d6_amd64",
"product_id": "openshift4/ose-descheduler@sha256:3a04d4a7f569a1f029ee9e4720f8eabd96bdf1ab848bf0a996b7f449181919d6_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-descheduler@sha256:3a04d4a7f569a1f029ee9e4720f8eabd96bdf1ab848bf0a996b7f449181919d6?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-descheduler\u0026tag=v4.7.0-202201261123.p0.g7295089.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-node-problem-detector-rhel8@sha256:7a6eb4ee386df0f8f8a1d34c84efe6c895c9f24e3f0e0845016bb845b11f03d3_amd64",
"product": {
"name": "openshift4/ose-node-problem-detector-rhel8@sha256:7a6eb4ee386df0f8f8a1d34c84efe6c895c9f24e3f0e0845016bb845b11f03d3_amd64",
"product_id": "openshift4/ose-node-problem-detector-rhel8@sha256:7a6eb4ee386df0f8f8a1d34c84efe6c895c9f24e3f0e0845016bb845b11f03d3_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-node-problem-detector-rhel8@sha256:7a6eb4ee386df0f8f8a1d34c84efe6c895c9f24e3f0e0845016bb845b11f03d3?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-node-problem-detector-rhel8\u0026tag=v4.7.0-202201261123.p0.g1acc3dd.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-cluster-nfd-operator@sha256:97621545cd74e2810fbc88883c52635e957ab7bb985545660b4848790de078e4_amd64",
"product": {
"name": "openshift4/ose-cluster-nfd-operator@sha256:97621545cd74e2810fbc88883c52635e957ab7bb985545660b4848790de078e4_amd64",
"product_id": "openshift4/ose-cluster-nfd-operator@sha256:97621545cd74e2810fbc88883c52635e957ab7bb985545660b4848790de078e4_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-cluster-nfd-operator@sha256:97621545cd74e2810fbc88883c52635e957ab7bb985545660b4848790de078e4?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-cluster-nfd-operator\u0026tag=v4.7.0-202201261123.p0.ga500af3.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-ghostunnel@sha256:571ced638d5cb907342143c6a515e482c428f3f3729f247ac7d86cf7acebe64d_amd64",
"product": {
"name": "openshift4/ose-ghostunnel@sha256:571ced638d5cb907342143c6a515e482c428f3f3729f247ac7d86cf7acebe64d_amd64",
"product_id": "openshift4/ose-ghostunnel@sha256:571ced638d5cb907342143c6a515e482c428f3f3729f247ac7d86cf7acebe64d_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-ghostunnel@sha256:571ced638d5cb907342143c6a515e482c428f3f3729f247ac7d86cf7acebe64d?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-ghostunnel\u0026tag=v4.7.0-202201261123.p0.g7907399.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-metering-hadoop@sha256:16df368c03c18909eeba85f81ef3427a0df32364a91faf88669cc69c5cee54db_amd64",
"product": {
"name": "openshift4/ose-metering-hadoop@sha256:16df368c03c18909eeba85f81ef3427a0df32364a91faf88669cc69c5cee54db_amd64",
"product_id": "openshift4/ose-metering-hadoop@sha256:16df368c03c18909eeba85f81ef3427a0df32364a91faf88669cc69c5cee54db_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-metering-hadoop@sha256:16df368c03c18909eeba85f81ef3427a0df32364a91faf88669cc69c5cee54db?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-metering-hadoop\u0026tag=v4.7.0-202201271626.p0.g6046504.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-metering-hive@sha256:c41e848a2663da5fc9820eadb880cb2ab456c104977b35fe67b8c34993d79edc_amd64",
"product": {
"name": "openshift4/ose-metering-hive@sha256:c41e848a2663da5fc9820eadb880cb2ab456c104977b35fe67b8c34993d79edc_amd64",
"product_id": "openshift4/ose-metering-hive@sha256:c41e848a2663da5fc9820eadb880cb2ab456c104977b35fe67b8c34993d79edc_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-metering-hive@sha256:c41e848a2663da5fc9820eadb880cb2ab456c104977b35fe67b8c34993d79edc?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-metering-hive\u0026tag=v4.7.0-202201271626.p0.g12e974d.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-sriov-infiniband-cni@sha256:44186335cae56b10b649766841da6ec9cf87105289e64fab69a274e3bee2e822_amd64",
"product": {
"name": "openshift4/ose-sriov-infiniband-cni@sha256:44186335cae56b10b649766841da6ec9cf87105289e64fab69a274e3bee2e822_amd64",
"product_id": "openshift4/ose-sriov-infiniband-cni@sha256:44186335cae56b10b649766841da6ec9cf87105289e64fab69a274e3bee2e822_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-sriov-infiniband-cni@sha256:44186335cae56b10b649766841da6ec9cf87105289e64fab69a274e3bee2e822?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-sriov-infiniband-cni\u0026tag=v4.7.0-202201261123.p0.g3a0d90c.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-local-storage-diskmaker@sha256:14f5cc593403a32b0d3aea18b4c916b92d73bd29a784de330f2055fc549144a8_amd64",
"product": {
"name": "openshift4/ose-local-storage-diskmaker@sha256:14f5cc593403a32b0d3aea18b4c916b92d73bd29a784de330f2055fc549144a8_amd64",
"product_id": "openshift4/ose-local-storage-diskmaker@sha256:14f5cc593403a32b0d3aea18b4c916b92d73bd29a784de330f2055fc549144a8_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-local-storage-diskmaker@sha256:14f5cc593403a32b0d3aea18b4c916b92d73bd29a784de330f2055fc549144a8?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-local-storage-diskmaker\u0026tag=v4.7.0-202201261123.p0.g56eb729.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-local-storage-operator@sha256:7ad09f547291f527313ef62a42f32cd1e28d922abbf4d3faf1a62316fc138835_amd64",
"product": {
"name": "openshift4/ose-local-storage-operator@sha256:7ad09f547291f527313ef62a42f32cd1e28d922abbf4d3faf1a62316fc138835_amd64",
"product_id": "openshift4/ose-local-storage-operator@sha256:7ad09f547291f527313ef62a42f32cd1e28d922abbf4d3faf1a62316fc138835_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-local-storage-operator@sha256:7ad09f547291f527313ef62a42f32cd1e28d922abbf4d3faf1a62316fc138835?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-local-storage-operator\u0026tag=v4.7.0-202201261123.p0.g56eb729.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-local-storage-static-provisioner@sha256:a51abc91479ae86fb2767c3bf333cd0a4a4a0b04c77cc0e134d60583d81b251f_amd64",
"product": {
"name": "openshift4/ose-local-storage-static-provisioner@sha256:a51abc91479ae86fb2767c3bf333cd0a4a4a0b04c77cc0e134d60583d81b251f_amd64",
"product_id": "openshift4/ose-local-storage-static-provisioner@sha256:a51abc91479ae86fb2767c3bf333cd0a4a4a0b04c77cc0e134d60583d81b251f_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-local-storage-static-provisioner@sha256:a51abc91479ae86fb2767c3bf333cd0a4a4a0b04c77cc0e134d60583d81b251f?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-local-storage-static-provisioner\u0026tag=v4.7.0-202201261123.p0.ga054523.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-node-feature-discovery@sha256:a1ea240b21b03823fcce770b5f1268e5ba864a95449ab58fb1b1cce320ef31af_amd64",
"product": {
"name": "openshift4/ose-node-feature-discovery@sha256:a1ea240b21b03823fcce770b5f1268e5ba864a95449ab58fb1b1cce320ef31af_amd64",
"product_id": "openshift4/ose-node-feature-discovery@sha256:a1ea240b21b03823fcce770b5f1268e5ba864a95449ab58fb1b1cce320ef31af_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-node-feature-discovery@sha256:a1ea240b21b03823fcce770b5f1268e5ba864a95449ab58fb1b1cce320ef31af?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-node-feature-discovery\u0026tag=v4.7.0-202201261123.p0.g5b1bc4f.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-ansible-operator@sha256:1c211dc19b7c4d691af7b3b0462082a6a9adab75482e695b0d3bff57c56a27e8_amd64",
"product": {
"name": "openshift4/ose-ansible-operator@sha256:1c211dc19b7c4d691af7b3b0462082a6a9adab75482e695b0d3bff57c56a27e8_amd64",
"product_id": "openshift4/ose-ansible-operator@sha256:1c211dc19b7c4d691af7b3b0462082a6a9adab75482e695b0d3bff57c56a27e8_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-ansible-operator@sha256:1c211dc19b7c4d691af7b3b0462082a6a9adab75482e695b0d3bff57c56a27e8?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-ansible-operator\u0026tag=v4.7.0-202201261123.p0.g2cd576d.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-cluster-capacity@sha256:6eb914575b695cda5e32e67bbc0d94d7a9528d0d84d6e830ab9a652c55d8324b_amd64",
"product": {
"name": "openshift4/ose-cluster-capacity@sha256:6eb914575b695cda5e32e67bbc0d94d7a9528d0d84d6e830ab9a652c55d8324b_amd64",
"product_id": "openshift4/ose-cluster-capacity@sha256:6eb914575b695cda5e32e67bbc0d94d7a9528d0d84d6e830ab9a652c55d8324b_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-cluster-capacity@sha256:6eb914575b695cda5e32e67bbc0d94d7a9528d0d84d6e830ab9a652c55d8324b?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-cluster-capacity\u0026tag=v4.7.0-202201261123.p0.g32653a9.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-egress-dns-proxy@sha256:bcf54c517a897f4db420359d9358df078507a8af7270e3354fba68afc74097bf_amd64",
"product": {
"name": "openshift4/ose-egress-dns-proxy@sha256:bcf54c517a897f4db420359d9358df078507a8af7270e3354fba68afc74097bf_amd64",
"product_id": "openshift4/ose-egress-dns-proxy@sha256:bcf54c517a897f4db420359d9358df078507a8af7270e3354fba68afc74097bf_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-egress-dns-proxy@sha256:bcf54c517a897f4db420359d9358df078507a8af7270e3354fba68afc74097bf?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-egress-dns-proxy\u0026tag=v4.7.0-202201261123.p0.g0e45f63.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-egress-router@sha256:8a4af7c5b461ebe67f0773dcafbcd68fa1e80488d8588747530fc1e7cbe49052_amd64",
"product": {
"name": "openshift4/ose-egress-router@sha256:8a4af7c5b461ebe67f0773dcafbcd68fa1e80488d8588747530fc1e7cbe49052_amd64",
"product_id": "openshift4/ose-egress-router@sha256:8a4af7c5b461ebe67f0773dcafbcd68fa1e80488d8588747530fc1e7cbe49052_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-egress-router@sha256:8a4af7c5b461ebe67f0773dcafbcd68fa1e80488d8588747530fc1e7cbe49052?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-egress-router\u0026tag=v4.7.0-202201261123.p0.g0e45f63.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-helm-operator@sha256:1604de3c8644d2fda88838dd2490efac87f5c9b4447177c4f11327ccf08ddc87_amd64",
"product": {
"name": "openshift4/ose-helm-operator@sha256:1604de3c8644d2fda88838dd2490efac87f5c9b4447177c4f11327ccf08ddc87_amd64",
"product_id": "openshift4/ose-helm-operator@sha256:1604de3c8644d2fda88838dd2490efac87f5c9b4447177c4f11327ccf08ddc87_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-helm-operator@sha256:1604de3c8644d2fda88838dd2490efac87f5c9b4447177c4f11327ccf08ddc87?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-helm-operator\u0026tag=v4.7.0-202201261123.p0.g2cd576d.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-operator-sdk-rhel8@sha256:a4222e6b92e1ede8ea7504723860c0555ba7702db0813024a36936916ac84658_amd64",
"product": {
"name": "openshift4/ose-operator-sdk-rhel8@sha256:a4222e6b92e1ede8ea7504723860c0555ba7702db0813024a36936916ac84658_amd64",
"product_id": "openshift4/ose-operator-sdk-rhel8@sha256:a4222e6b92e1ede8ea7504723860c0555ba7702db0813024a36936916ac84658_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-operator-sdk-rhel8@sha256:a4222e6b92e1ede8ea7504723860c0555ba7702db0813024a36936916ac84658?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-operator-sdk-rhel8\u0026tag=v4.7.0-202201261123.p0.g2cd576d.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-service-idler-rhel8@sha256:452674002f3d1b77096b76c8d682a09112ff7a5201ce3b4ab8c7893c66325c06_amd64",
"product": {
"name": "openshift4/ose-service-idler-rhel8@sha256:452674002f3d1b77096b76c8d682a09112ff7a5201ce3b4ab8c7893c66325c06_amd64",
"product_id": "openshift4/ose-service-idler-rhel8@sha256:452674002f3d1b77096b76c8d682a09112ff7a5201ce3b4ab8c7893c66325c06_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-service-idler-rhel8@sha256:452674002f3d1b77096b76c8d682a09112ff7a5201ce3b4ab8c7893c66325c06?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-service-idler-rhel8\u0026tag=v4.7.0-202201261123.p0.g39cfc66.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-kubernetes-nmstate-handler-rhel8@sha256:f222c80234892103ad4bafc8b93f931cb84aff4589737041c390e9ff0c544834_amd64",
"product": {
"name": "openshift4/ose-kubernetes-nmstate-handler-rhel8@sha256:f222c80234892103ad4bafc8b93f931cb84aff4589737041c390e9ff0c544834_amd64",
"product_id": "openshift4/ose-kubernetes-nmstate-handler-rhel8@sha256:f222c80234892103ad4bafc8b93f931cb84aff4589737041c390e9ff0c544834_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-kubernetes-nmstate-handler-rhel8@sha256:f222c80234892103ad4bafc8b93f931cb84aff4589737041c390e9ff0c544834?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-kubernetes-nmstate-handler-rhel8\u0026tag=v4.7.0-202201261123.p0.g1987544.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-cluster-kube-descheduler-operator@sha256:d24fb0b4f5c74f0af84fc77322f44ada95d171ced1bebbcf815c046a56d7a7ba_amd64",
"product": {
"name": "openshift4/ose-cluster-kube-descheduler-operator@sha256:d24fb0b4f5c74f0af84fc77322f44ada95d171ced1bebbcf815c046a56d7a7ba_amd64",
"product_id": "openshift4/ose-cluster-kube-descheduler-operator@sha256:d24fb0b4f5c74f0af84fc77322f44ada95d171ced1bebbcf815c046a56d7a7ba_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-cluster-kube-descheduler-operator@sha256:d24fb0b4f5c74f0af84fc77322f44ada95d171ced1bebbcf815c046a56d7a7ba?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-cluster-kube-descheduler-operator\u0026tag=v4.7.0-202201261123.p0.g3787d15.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:d24fb0b4f5c74f0af84fc77322f44ada95d171ced1bebbcf815c046a56d7a7ba_amd64",
"product": {
"name": "openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:d24fb0b4f5c74f0af84fc77322f44ada95d171ced1bebbcf815c046a56d7a7ba_amd64",
"product_id": "openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:d24fb0b4f5c74f0af84fc77322f44ada95d171ced1bebbcf815c046a56d7a7ba_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-cluster-kube-descheduler-rhel8-operator@sha256:d24fb0b4f5c74f0af84fc77322f44ada95d171ced1bebbcf815c046a56d7a7ba?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-cluster-kube-descheduler-rhel8-operator\u0026tag=v4.7.0-202201261123.p0.g3787d15.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-clusterresourceoverride-rhel8@sha256:911cdf7fda86a0eb3b675127d13002bcd67793599f265dfcf40747974aa2b428_amd64",
"product": {
"name": "openshift4/ose-clusterresourceoverride-rhel8@sha256:911cdf7fda86a0eb3b675127d13002bcd67793599f265dfcf40747974aa2b428_amd64",
"product_id": "openshift4/ose-clusterresourceoverride-rhel8@sha256:911cdf7fda86a0eb3b675127d13002bcd67793599f265dfcf40747974aa2b428_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-clusterresourceoverride-rhel8@sha256:911cdf7fda86a0eb3b675127d13002bcd67793599f265dfcf40747974aa2b428?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-clusterresourceoverride-rhel8\u0026tag=v4.7.0-202201261123.p0.gd12134c.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:25e98ea642c5b444e0779f12c86d12ad1eb536e758f82411a836273aaec103a6_amd64",
"product": {
"name": "openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:25e98ea642c5b444e0779f12c86d12ad1eb536e758f82411a836273aaec103a6_amd64",
"product_id": "openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:25e98ea642c5b444e0779f12c86d12ad1eb536e758f82411a836273aaec103a6_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-clusterresourceoverride-rhel8-operator@sha256:25e98ea642c5b444e0779f12c86d12ad1eb536e758f82411a836273aaec103a6?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-clusterresourceoverride-rhel8-operator\u0026tag=v4.7.0-202201261123.p0.g2945596.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-egress-http-proxy@sha256:f6ff58f2d35b430ef267ba99264dd27a985b97863f1fe2c77a97f30493a901ac_amd64",
"product": {
"name": "openshift4/ose-egress-http-proxy@sha256:f6ff58f2d35b430ef267ba99264dd27a985b97863f1fe2c77a97f30493a901ac_amd64",
"product_id": "openshift4/ose-egress-http-proxy@sha256:f6ff58f2d35b430ef267ba99264dd27a985b97863f1fe2c77a97f30493a901ac_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-egress-http-proxy@sha256:f6ff58f2d35b430ef267ba99264dd27a985b97863f1fe2c77a97f30493a901ac?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-egress-http-proxy\u0026tag=v4.7.0-202201261123.p0.g0e45f63.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:2e9e8c76769c6008cf50790781c2b2501304ed8badf62fb1d7ff3d3b03ce5266_amd64",
"product": {
"name": "openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:2e9e8c76769c6008cf50790781c2b2501304ed8badf62fb1d7ff3d3b03ce5266_amd64",
"product_id": "openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:2e9e8c76769c6008cf50790781c2b2501304ed8badf62fb1d7ff3d3b03ce5266_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-jenkins-agent-nodejs-10-rhel8@sha256:2e9e8c76769c6008cf50790781c2b2501304ed8badf62fb1d7ff3d3b03ce5266?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-jenkins-agent-nodejs-10-rhel8\u0026tag=v4.7.0-202202020525.p0.g1383028.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/kubernetes-nmstate-rhel8-operator@sha256:22aa9ccb0b12f4bdc935a7b3cc228a8d1a1f6d890da2e52d5df1889bc405f438_amd64",
"product": {
"name": "openshift4/kubernetes-nmstate-rhel8-operator@sha256:22aa9ccb0b12f4bdc935a7b3cc228a8d1a1f6d890da2e52d5df1889bc405f438_amd64",
"product_id": "openshift4/kubernetes-nmstate-rhel8-operator@sha256:22aa9ccb0b12f4bdc935a7b3cc228a8d1a1f6d890da2e52d5df1889bc405f438_amd64",
"product_identification_helper": {
"purl": "pkg:oci/kubernetes-nmstate-rhel8-operator@sha256:22aa9ccb0b12f4bdc935a7b3cc228a8d1a1f6d890da2e52d5df1889bc405f438?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/kubernetes-nmstate-rhel8-operator\u0026tag=v4.7.0-202201261123.p0.g1987544.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-ptp@sha256:84bc727ebee42779a3ae701eb5b1a8c39d9643efea3b072088f2ecc28574c9e6_amd64",
"product": {
"name": "openshift4/ose-ptp@sha256:84bc727ebee42779a3ae701eb5b1a8c39d9643efea3b072088f2ecc28574c9e6_amd64",
"product_id": "openshift4/ose-ptp@sha256:84bc727ebee42779a3ae701eb5b1a8c39d9643efea3b072088f2ecc28574c9e6_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-ptp@sha256:84bc727ebee42779a3ae701eb5b1a8c39d9643efea3b072088f2ecc28574c9e6?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-ptp\u0026tag=v4.7.0-202201261123.p0.g6602684.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-local-storage-mustgather-rhel8@sha256:44e10acf9603002364f4a6a85863946f8381297a50b0181514420511ebea80c8_amd64",
"product": {
"name": "openshift4/ose-local-storage-mustgather-rhel8@sha256:44e10acf9603002364f4a6a85863946f8381297a50b0181514420511ebea80c8_amd64",
"product_id": "openshift4/ose-local-storage-mustgather-rhel8@sha256:44e10acf9603002364f4a6a85863946f8381297a50b0181514420511ebea80c8_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-local-storage-mustgather-rhel8@sha256:44e10acf9603002364f4a6a85863946f8381297a50b0181514420511ebea80c8?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-local-storage-mustgather-rhel8\u0026tag=v4.7.0-202201261537.p0.g56eb729.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-metering-ansible-operator@sha256:6adbba804c49204290251bf308f23377ba59ca878cc347450c8251cd8f9c6fec_amd64",
"product": {
"name": "openshift4/ose-metering-ansible-operator@sha256:6adbba804c49204290251bf308f23377ba59ca878cc347450c8251cd8f9c6fec_amd64",
"product_id": "openshift4/ose-metering-ansible-operator@sha256:6adbba804c49204290251bf308f23377ba59ca878cc347450c8251cd8f9c6fec_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-metering-ansible-operator@sha256:6adbba804c49204290251bf308f23377ba59ca878cc347450c8251cd8f9c6fec?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-metering-ansible-operator\u0026tag=v4.7.0-202201271626.p0.g3959be4.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-metering-helm-container-rhel8@sha256:bc0841525bba0fea0a26b23b22cb41401284b9a458aa6fe9e112eab641b092b0_amd64",
"product": {
"name": "openshift4/ose-metering-helm-container-rhel8@sha256:bc0841525bba0fea0a26b23b22cb41401284b9a458aa6fe9e112eab641b092b0_amd64",
"product_id": "openshift4/ose-metering-helm-container-rhel8@sha256:bc0841525bba0fea0a26b23b22cb41401284b9a458aa6fe9e112eab641b092b0_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-metering-helm-container-rhel8@sha256:bc0841525bba0fea0a26b23b22cb41401284b9a458aa6fe9e112eab641b092b0?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-metering-helm-container-rhel8\u0026tag=v4.7.0-202201261123.p0.gdccc202.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-metering-reporting-operator@sha256:a8f402ad94c4b46a3cd073d82f98c10e449a7d167ad4ed279ba8339e4c7fa411_amd64",
"product": {
"name": "openshift4/ose-metering-reporting-operator@sha256:a8f402ad94c4b46a3cd073d82f98c10e449a7d167ad4ed279ba8339e4c7fa411_amd64",
"product_id": "openshift4/ose-metering-reporting-operator@sha256:a8f402ad94c4b46a3cd073d82f98c10e449a7d167ad4ed279ba8339e4c7fa411_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-metering-reporting-operator@sha256:a8f402ad94c4b46a3cd073d82f98c10e449a7d167ad4ed279ba8339e4c7fa411?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-metering-reporting-operator\u0026tag=v4.7.0-202201261123.p0.g3959be4.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/network-tools-rhel8@sha256:c2dff29f5402be6ab1ed05f970df2095885bb0c6ce301999d1978ab2f6bd10dc_amd64",
"product": {
"name": "openshift4/network-tools-rhel8@sha256:c2dff29f5402be6ab1ed05f970df2095885bb0c6ce301999d1978ab2f6bd10dc_amd64",
"product_id": "openshift4/network-tools-rhel8@sha256:c2dff29f5402be6ab1ed05f970df2095885bb0c6ce301999d1978ab2f6bd10dc_amd64",
"product_identification_helper": {
"purl": "pkg:oci/network-tools-rhel8@sha256:c2dff29f5402be6ab1ed05f970df2095885bb0c6ce301999d1978ab2f6bd10dc?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/network-tools-rhel8\u0026tag=v4.7.0-202202011649.p0.g70c7f85.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-ptp-operator@sha256:fecc5f0d5387857fe8bbc0be5de85038fa81fff05d68b8c9a7f17d69b9744a90_amd64",
"product": {
"name": "openshift4/ose-ptp-operator@sha256:fecc5f0d5387857fe8bbc0be5de85038fa81fff05d68b8c9a7f17d69b9744a90_amd64",
"product_id": "openshift4/ose-ptp-operator@sha256:fecc5f0d5387857fe8bbc0be5de85038fa81fff05d68b8c9a7f17d69b9744a90_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-ptp-operator@sha256:fecc5f0d5387857fe8bbc0be5de85038fa81fff05d68b8c9a7f17d69b9744a90?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-ptp-operator\u0026tag=v4.7.0-202201261123.p0.g0853bcd.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:4e8d3b120530fe8d18d06aaca7792ef537fc92c2db6afaf7c3069dd55f844da9_amd64",
"product": {
"name": "openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:4e8d3b120530fe8d18d06aaca7792ef537fc92c2db6afaf7c3069dd55f844da9_amd64",
"product_id": "openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:4e8d3b120530fe8d18d06aaca7792ef537fc92c2db6afaf7c3069dd55f844da9_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-vertical-pod-autoscaler-rhel8@sha256:4e8d3b120530fe8d18d06aaca7792ef537fc92c2db6afaf7c3069dd55f844da9?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-vertical-pod-autoscaler-rhel8\u0026tag=v4.7.0-202201261123.p0.g8b2e494.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:60bfdb1ee8a9c42dd8b63a60411136ac85ab728b99e92e79c9035dc95eab88cb_amd64",
"product": {
"name": "openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:60bfdb1ee8a9c42dd8b63a60411136ac85ab728b99e92e79c9035dc95eab88cb_amd64",
"product_id": "openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:60bfdb1ee8a9c42dd8b63a60411136ac85ab728b99e92e79c9035dc95eab88cb_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-vertical-pod-autoscaler-rhel8-operator@sha256:60bfdb1ee8a9c42dd8b63a60411136ac85ab728b99e92e79c9035dc95eab88cb?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-vertical-pod-autoscaler-rhel8-operator\u0026tag=v4.7.0-202201261123.p0.g49937fc.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-metering-presto@sha256:894b27ab5d6b96679083bcc1fa1af97cce3211dab3c4c2801b97155a90f8e022_amd64",
"product": {
"name": "openshift4/ose-metering-presto@sha256:894b27ab5d6b96679083bcc1fa1af97cce3211dab3c4c2801b97155a90f8e022_amd64",
"product_id": "openshift4/ose-metering-presto@sha256:894b27ab5d6b96679083bcc1fa1af97cce3211dab3c4c2801b97155a90f8e022_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-metering-presto@sha256:894b27ab5d6b96679083bcc1fa1af97cce3211dab3c4c2801b97155a90f8e022?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-metering-presto\u0026tag=v4.7.0-202201271626.p0.g2155d34.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ptp-must-gather-rhel8@sha256:a513ce618ce42f1cd4b3b3eb4d075cc229f6b2f829c355be8de29c1910d6138d_amd64",
"product": {
"name": "openshift4/ptp-must-gather-rhel8@sha256:a513ce618ce42f1cd4b3b3eb4d075cc229f6b2f829c355be8de29c1910d6138d_amd64",
"product_id": "openshift4/ptp-must-gather-rhel8@sha256:a513ce618ce42f1cd4b3b3eb4d075cc229f6b2f829c355be8de29c1910d6138d_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ptp-must-gather-rhel8@sha256:a513ce618ce42f1cd4b3b3eb4d075cc229f6b2f829c355be8de29c1910d6138d?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ptp-must-gather-rhel8\u0026tag=v4.7.0-202201261123.p0.g0853bcd.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-sriov-cni@sha256:82e46f02c6f0c88139dc1e20a1b61510d3ee2d42ed65118669def44a83735595_amd64",
"product": {
"name": "openshift4/ose-sriov-cni@sha256:82e46f02c6f0c88139dc1e20a1b61510d3ee2d42ed65118669def44a83735595_amd64",
"product_id": "openshift4/ose-sriov-cni@sha256:82e46f02c6f0c88139dc1e20a1b61510d3ee2d42ed65118669def44a83735595_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-sriov-cni@sha256:82e46f02c6f0c88139dc1e20a1b61510d3ee2d42ed65118669def44a83735595?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-sriov-cni\u0026tag=v4.7.0-202201261123.p0.g2ad0912.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-sriov-dp-admission-controller@sha256:e9d74ba6c5c8e863288bc2543e57ac1119c4e47ee9a4f355dfc99b24fc831f82_amd64",
"product": {
"name": "openshift4/ose-sriov-dp-admission-controller@sha256:e9d74ba6c5c8e863288bc2543e57ac1119c4e47ee9a4f355dfc99b24fc831f82_amd64",
"product_id": "openshift4/ose-sriov-dp-admission-controller@sha256:e9d74ba6c5c8e863288bc2543e57ac1119c4e47ee9a4f355dfc99b24fc831f82_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-sriov-dp-admission-controller@sha256:e9d74ba6c5c8e863288bc2543e57ac1119c4e47ee9a4f355dfc99b24fc831f82?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-sriov-dp-admission-controller\u0026tag=v4.7.0-202201261123.p0.g552c314.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-sriov-network-config-daemon@sha256:726e97cc553dec762030d19e37ceace8398bb6ea2bea5d2853fab9d21a830b87_amd64",
"product": {
"name": "openshift4/ose-sriov-network-config-daemon@sha256:726e97cc553dec762030d19e37ceace8398bb6ea2bea5d2853fab9d21a830b87_amd64",
"product_id": "openshift4/ose-sriov-network-config-daemon@sha256:726e97cc553dec762030d19e37ceace8398bb6ea2bea5d2853fab9d21a830b87_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-sriov-network-config-daemon@sha256:726e97cc553dec762030d19e37ceace8398bb6ea2bea5d2853fab9d21a830b87?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-sriov-network-config-daemon\u0026tag=v4.7.0-202201261123.p0.gf6c2ccd.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-sriov-network-device-plugin@sha256:31a390e00f9a2f992508f586e6fce8c0ce046760b553ea007feee1d80c221dee_amd64",
"product": {
"name": "openshift4/ose-sriov-network-device-plugin@sha256:31a390e00f9a2f992508f586e6fce8c0ce046760b553ea007feee1d80c221dee_amd64",
"product_id": "openshift4/ose-sriov-network-device-plugin@sha256:31a390e00f9a2f992508f586e6fce8c0ce046760b553ea007feee1d80c221dee_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-sriov-network-device-plugin@sha256:31a390e00f9a2f992508f586e6fce8c0ce046760b553ea007feee1d80c221dee?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-sriov-network-device-plugin\u0026tag=v4.7.0-202201261123.p0.g6d9de39.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-sriov-operator-must-gather@sha256:7cc7dc4a8aa0785fcb60e17b2aa51629f4bbdf3584b6f87250417ad57d2424ea_amd64",
"product": {
"name": "openshift4/ose-sriov-operator-must-gather@sha256:7cc7dc4a8aa0785fcb60e17b2aa51629f4bbdf3584b6f87250417ad57d2424ea_amd64",
"product_id": "openshift4/ose-sriov-operator-must-gather@sha256:7cc7dc4a8aa0785fcb60e17b2aa51629f4bbdf3584b6f87250417ad57d2424ea_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-sriov-operator-must-gather@sha256:7cc7dc4a8aa0785fcb60e17b2aa51629f4bbdf3584b6f87250417ad57d2424ea?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-sriov-operator-must-gather\u0026tag=v4.7.0-202201261123.p0.gf6c2ccd.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-sriov-network-operator@sha256:a601452298527b60417ce4bc1cd70578fe3e6c08e5b7206a44135e87dae22fee_amd64",
"product": {
"name": "openshift4/ose-sriov-network-operator@sha256:a601452298527b60417ce4bc1cd70578fe3e6c08e5b7206a44135e87dae22fee_amd64",
"product_id": "openshift4/ose-sriov-network-operator@sha256:a601452298527b60417ce4bc1cd70578fe3e6c08e5b7206a44135e87dae22fee_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-sriov-network-operator@sha256:a601452298527b60417ce4bc1cd70578fe3e6c08e5b7206a44135e87dae22fee?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-sriov-network-operator\u0026tag=v4.7.0-202201261123.p0.gf6c2ccd.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-sriov-network-webhook@sha256:c600df4806eabd40e14611aba4ca4d71f5b72aff2de914736999a67115b14f51_amd64",
"product": {
"name": "openshift4/ose-sriov-network-webhook@sha256:c600df4806eabd40e14611aba4ca4d71f5b72aff2de914736999a67115b14f51_amd64",
"product_id": "openshift4/ose-sriov-network-webhook@sha256:c600df4806eabd40e14611aba4ca4d71f5b72aff2de914736999a67115b14f51_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-sriov-network-webhook@sha256:c600df4806eabd40e14611aba4ca4d71f5b72aff2de914736999a67115b14f51?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-sriov-network-webhook\u0026tag=v4.7.0-202201261123.p0.gf6c2ccd.assembly.stream"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift4/ose-descheduler@sha256:2fab7094181d5d9fd26137131018543e248d6db6b3564f29fa9dcf971384d600_ppc64le",
"product": {
"name": "openshift4/ose-descheduler@sha256:2fab7094181d5d9fd26137131018543e248d6db6b3564f29fa9dcf971384d600_ppc64le",
"product_id": "openshift4/ose-descheduler@sha256:2fab7094181d5d9fd26137131018543e248d6db6b3564f29fa9dcf971384d600_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-descheduler@sha256:2fab7094181d5d9fd26137131018543e248d6db6b3564f29fa9dcf971384d600?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-descheduler\u0026tag=v4.7.0-202201261123.p0.g7295089.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-node-problem-detector-rhel8@sha256:177cd65fe97f3a2c2c3951471e53f26e00d662e7f948b36b50bf90dee48fa5f2_ppc64le",
"product": {
"name": "openshift4/ose-node-problem-detector-rhel8@sha256:177cd65fe97f3a2c2c3951471e53f26e00d662e7f948b36b50bf90dee48fa5f2_ppc64le",
"product_id": "openshift4/ose-node-problem-detector-rhel8@sha256:177cd65fe97f3a2c2c3951471e53f26e00d662e7f948b36b50bf90dee48fa5f2_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-node-problem-detector-rhel8@sha256:177cd65fe97f3a2c2c3951471e53f26e00d662e7f948b36b50bf90dee48fa5f2?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-node-problem-detector-rhel8\u0026tag=v4.7.0-202201261123.p0.g1acc3dd.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-cluster-nfd-operator@sha256:1a482262a43445c6e56a8ed1c68f50a23241038e7bed6fb5b1ac860093ffd711_ppc64le",
"product": {
"name": "openshift4/ose-cluster-nfd-operator@sha256:1a482262a43445c6e56a8ed1c68f50a23241038e7bed6fb5b1ac860093ffd711_ppc64le",
"product_id": "openshift4/ose-cluster-nfd-operator@sha256:1a482262a43445c6e56a8ed1c68f50a23241038e7bed6fb5b1ac860093ffd711_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-cluster-nfd-operator@sha256:1a482262a43445c6e56a8ed1c68f50a23241038e7bed6fb5b1ac860093ffd711?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-cluster-nfd-operator\u0026tag=v4.7.0-202201261123.p0.ga500af3.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-sriov-infiniband-cni@sha256:25b8e51cedf57a5cd5d84685711e4f46c06b9d3f521bac76b00fbe2fc35310b9_ppc64le",
"product": {
"name": "openshift4/ose-sriov-infiniband-cni@sha256:25b8e51cedf57a5cd5d84685711e4f46c06b9d3f521bac76b00fbe2fc35310b9_ppc64le",
"product_id": "openshift4/ose-sriov-infiniband-cni@sha256:25b8e51cedf57a5cd5d84685711e4f46c06b9d3f521bac76b00fbe2fc35310b9_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-sriov-infiniband-cni@sha256:25b8e51cedf57a5cd5d84685711e4f46c06b9d3f521bac76b00fbe2fc35310b9?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-sriov-infiniband-cni\u0026tag=v4.7.0-202201261123.p0.g3a0d90c.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-local-storage-diskmaker@sha256:72a04abe499e3821465b46b97095c1fb9a085ea65893996ff88429540f9bca62_ppc64le",
"product": {
"name": "openshift4/ose-local-storage-diskmaker@sha256:72a04abe499e3821465b46b97095c1fb9a085ea65893996ff88429540f9bca62_ppc64le",
"product_id": "openshift4/ose-local-storage-diskmaker@sha256:72a04abe499e3821465b46b97095c1fb9a085ea65893996ff88429540f9bca62_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-local-storage-diskmaker@sha256:72a04abe499e3821465b46b97095c1fb9a085ea65893996ff88429540f9bca62?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-local-storage-diskmaker\u0026tag=v4.7.0-202201261123.p0.g56eb729.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-local-storage-operator@sha256:c0c355248008651fc862cfef2300b4a4e31de396ef3c356d576b78ae8d086606_ppc64le",
"product": {
"name": "openshift4/ose-local-storage-operator@sha256:c0c355248008651fc862cfef2300b4a4e31de396ef3c356d576b78ae8d086606_ppc64le",
"product_id": "openshift4/ose-local-storage-operator@sha256:c0c355248008651fc862cfef2300b4a4e31de396ef3c356d576b78ae8d086606_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-local-storage-operator@sha256:c0c355248008651fc862cfef2300b4a4e31de396ef3c356d576b78ae8d086606?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-local-storage-operator\u0026tag=v4.7.0-202201261123.p0.g56eb729.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-local-storage-static-provisioner@sha256:a69a74c4d1851ce45b09dbed28ebf0ea623aa882fb2f90de8fb3e167c2e6ec95_ppc64le",
"product": {
"name": "openshift4/ose-local-storage-static-provisioner@sha256:a69a74c4d1851ce45b09dbed28ebf0ea623aa882fb2f90de8fb3e167c2e6ec95_ppc64le",
"product_id": "openshift4/ose-local-storage-static-provisioner@sha256:a69a74c4d1851ce45b09dbed28ebf0ea623aa882fb2f90de8fb3e167c2e6ec95_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-local-storage-static-provisioner@sha256:a69a74c4d1851ce45b09dbed28ebf0ea623aa882fb2f90de8fb3e167c2e6ec95?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-local-storage-static-provisioner\u0026tag=v4.7.0-202201261123.p0.ga054523.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-node-feature-discovery@sha256:8131f6aa3f829be60efa523e46a207f0d0d54801655d27ddea615e2a0d965e67_ppc64le",
"product": {
"name": "openshift4/ose-node-feature-discovery@sha256:8131f6aa3f829be60efa523e46a207f0d0d54801655d27ddea615e2a0d965e67_ppc64le",
"product_id": "openshift4/ose-node-feature-discovery@sha256:8131f6aa3f829be60efa523e46a207f0d0d54801655d27ddea615e2a0d965e67_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-node-feature-discovery@sha256:8131f6aa3f829be60efa523e46a207f0d0d54801655d27ddea615e2a0d965e67?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-node-feature-discovery\u0026tag=v4.7.0-202201261123.p0.g5b1bc4f.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-ansible-operator@sha256:4624acfc582f366d2b871b528037535a6ef8800409fd2060e7e170912ea3e366_ppc64le",
"product": {
"name": "openshift4/ose-ansible-operator@sha256:4624acfc582f366d2b871b528037535a6ef8800409fd2060e7e170912ea3e366_ppc64le",
"product_id": "openshift4/ose-ansible-operator@sha256:4624acfc582f366d2b871b528037535a6ef8800409fd2060e7e170912ea3e366_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-ansible-operator@sha256:4624acfc582f366d2b871b528037535a6ef8800409fd2060e7e170912ea3e366?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-ansible-operator\u0026tag=v4.7.0-202201261123.p0.g2cd576d.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-cluster-capacity@sha256:755b11a5f0283bd40aca158cba01dc52acc86a0f89c2286f35be1ce1526822c5_ppc64le",
"product": {
"name": "openshift4/ose-cluster-capacity@sha256:755b11a5f0283bd40aca158cba01dc52acc86a0f89c2286f35be1ce1526822c5_ppc64le",
"product_id": "openshift4/ose-cluster-capacity@sha256:755b11a5f0283bd40aca158cba01dc52acc86a0f89c2286f35be1ce1526822c5_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-cluster-capacity@sha256:755b11a5f0283bd40aca158cba01dc52acc86a0f89c2286f35be1ce1526822c5?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-cluster-capacity\u0026tag=v4.7.0-202201261123.p0.g32653a9.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-egress-dns-proxy@sha256:423ebfcd7b5ee5866d9a48748d6ff6cf86ad513debc426ca2f837dad077e6ba9_ppc64le",
"product": {
"name": "openshift4/ose-egress-dns-proxy@sha256:423ebfcd7b5ee5866d9a48748d6ff6cf86ad513debc426ca2f837dad077e6ba9_ppc64le",
"product_id": "openshift4/ose-egress-dns-proxy@sha256:423ebfcd7b5ee5866d9a48748d6ff6cf86ad513debc426ca2f837dad077e6ba9_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-egress-dns-proxy@sha256:423ebfcd7b5ee5866d9a48748d6ff6cf86ad513debc426ca2f837dad077e6ba9?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-egress-dns-proxy\u0026tag=v4.7.0-202201261123.p0.g0e45f63.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-egress-router@sha256:9741b74b0deb3ef44186a0d98a58db45995b2bd404db445621d27d74c02e971f_ppc64le",
"product": {
"name": "openshift4/ose-egress-router@sha256:9741b74b0deb3ef44186a0d98a58db45995b2bd404db445621d27d74c02e971f_ppc64le",
"product_id": "openshift4/ose-egress-router@sha256:9741b74b0deb3ef44186a0d98a58db45995b2bd404db445621d27d74c02e971f_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-egress-router@sha256:9741b74b0deb3ef44186a0d98a58db45995b2bd404db445621d27d74c02e971f?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-egress-router\u0026tag=v4.7.0-202201261123.p0.g0e45f63.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-helm-operator@sha256:edf4456768f7777ac29ace329c391fdd6a6b214c8e747863ca009b13f4d0e4b9_ppc64le",
"product": {
"name": "openshift4/ose-helm-operator@sha256:edf4456768f7777ac29ace329c391fdd6a6b214c8e747863ca009b13f4d0e4b9_ppc64le",
"product_id": "openshift4/ose-helm-operator@sha256:edf4456768f7777ac29ace329c391fdd6a6b214c8e747863ca009b13f4d0e4b9_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-helm-operator@sha256:edf4456768f7777ac29ace329c391fdd6a6b214c8e747863ca009b13f4d0e4b9?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-helm-operator\u0026tag=v4.7.0-202201261123.p0.g2cd576d.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-operator-sdk-rhel8@sha256:048df6fb0114e1337a8187779b9cb02de9f0afefe150a9606f33e50dcdf450f0_ppc64le",
"product": {
"name": "openshift4/ose-operator-sdk-rhel8@sha256:048df6fb0114e1337a8187779b9cb02de9f0afefe150a9606f33e50dcdf450f0_ppc64le",
"product_id": "openshift4/ose-operator-sdk-rhel8@sha256:048df6fb0114e1337a8187779b9cb02de9f0afefe150a9606f33e50dcdf450f0_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-operator-sdk-rhel8@sha256:048df6fb0114e1337a8187779b9cb02de9f0afefe150a9606f33e50dcdf450f0?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-operator-sdk-rhel8\u0026tag=v4.7.0-202201261123.p0.g2cd576d.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-service-idler-rhel8@sha256:41bba8ae933de9d4b23cddc011d71365e4cdabdc9ffcb0de585990e5fbb62cd8_ppc64le",
"product": {
"name": "openshift4/ose-service-idler-rhel8@sha256:41bba8ae933de9d4b23cddc011d71365e4cdabdc9ffcb0de585990e5fbb62cd8_ppc64le",
"product_id": "openshift4/ose-service-idler-rhel8@sha256:41bba8ae933de9d4b23cddc011d71365e4cdabdc9ffcb0de585990e5fbb62cd8_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-service-idler-rhel8@sha256:41bba8ae933de9d4b23cddc011d71365e4cdabdc9ffcb0de585990e5fbb62cd8?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-service-idler-rhel8\u0026tag=v4.7.0-202201261123.p0.g39cfc66.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-kubernetes-nmstate-handler-rhel8@sha256:dca4deaed3dd64e477cb506978fedf04605565b721917b86574ecfe0fe192bf0_ppc64le",
"product": {
"name": "openshift4/ose-kubernetes-nmstate-handler-rhel8@sha256:dca4deaed3dd64e477cb506978fedf04605565b721917b86574ecfe0fe192bf0_ppc64le",
"product_id": "openshift4/ose-kubernetes-nmstate-handler-rhel8@sha256:dca4deaed3dd64e477cb506978fedf04605565b721917b86574ecfe0fe192bf0_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-kubernetes-nmstate-handler-rhel8@sha256:dca4deaed3dd64e477cb506978fedf04605565b721917b86574ecfe0fe192bf0?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-kubernetes-nmstate-handler-rhel8\u0026tag=v4.7.0-202201261123.p0.g1987544.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-cluster-kube-descheduler-operator@sha256:ee09043cbe40994c13a502aa1c0b1d8f5f845c5662e20660afef223f578b1172_ppc64le",
"product": {
"name": "openshift4/ose-cluster-kube-descheduler-operator@sha256:ee09043cbe40994c13a502aa1c0b1d8f5f845c5662e20660afef223f578b1172_ppc64le",
"product_id": "openshift4/ose-cluster-kube-descheduler-operator@sha256:ee09043cbe40994c13a502aa1c0b1d8f5f845c5662e20660afef223f578b1172_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-cluster-kube-descheduler-operator@sha256:ee09043cbe40994c13a502aa1c0b1d8f5f845c5662e20660afef223f578b1172?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-cluster-kube-descheduler-operator\u0026tag=v4.7.0-202201261123.p0.g3787d15.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:ee09043cbe40994c13a502aa1c0b1d8f5f845c5662e20660afef223f578b1172_ppc64le",
"product": {
"name": "openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:ee09043cbe40994c13a502aa1c0b1d8f5f845c5662e20660afef223f578b1172_ppc64le",
"product_id": "openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:ee09043cbe40994c13a502aa1c0b1d8f5f845c5662e20660afef223f578b1172_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-cluster-kube-descheduler-rhel8-operator@sha256:ee09043cbe40994c13a502aa1c0b1d8f5f845c5662e20660afef223f578b1172?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-cluster-kube-descheduler-rhel8-operator\u0026tag=v4.7.0-202201261123.p0.g3787d15.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-clusterresourceoverride-rhel8@sha256:fa7304d3cb390015ff664a2b2301591fb83216a0db95ac325289134f6cb001ff_ppc64le",
"product": {
"name": "openshift4/ose-clusterresourceoverride-rhel8@sha256:fa7304d3cb390015ff664a2b2301591fb83216a0db95ac325289134f6cb001ff_ppc64le",
"product_id": "openshift4/ose-clusterresourceoverride-rhel8@sha256:fa7304d3cb390015ff664a2b2301591fb83216a0db95ac325289134f6cb001ff_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-clusterresourceoverride-rhel8@sha256:fa7304d3cb390015ff664a2b2301591fb83216a0db95ac325289134f6cb001ff?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-clusterresourceoverride-rhel8\u0026tag=v4.7.0-202201261123.p0.gd12134c.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:02722e2b4b20f5ce75f49283b93577642ac94d21fb3c7bc3f2345dc1cae006c4_ppc64le",
"product": {
"name": "openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:02722e2b4b20f5ce75f49283b93577642ac94d21fb3c7bc3f2345dc1cae006c4_ppc64le",
"product_id": "openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:02722e2b4b20f5ce75f49283b93577642ac94d21fb3c7bc3f2345dc1cae006c4_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-clusterresourceoverride-rhel8-operator@sha256:02722e2b4b20f5ce75f49283b93577642ac94d21fb3c7bc3f2345dc1cae006c4?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-clusterresourceoverride-rhel8-operator\u0026tag=v4.7.0-202201261123.p0.g2945596.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-egress-http-proxy@sha256:76fba817c4e8556e58494c54fba0186ac7f607f871355816c3a8051cf0b98143_ppc64le",
"product": {
"name": "openshift4/ose-egress-http-proxy@sha256:76fba817c4e8556e58494c54fba0186ac7f607f871355816c3a8051cf0b98143_ppc64le",
"product_id": "openshift4/ose-egress-http-proxy@sha256:76fba817c4e8556e58494c54fba0186ac7f607f871355816c3a8051cf0b98143_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-egress-http-proxy@sha256:76fba817c4e8556e58494c54fba0186ac7f607f871355816c3a8051cf0b98143?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-egress-http-proxy\u0026tag=v4.7.0-202201261123.p0.g0e45f63.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:7b1da7f58a151e9a92ce088264eded20ddd5e99c6ed91811ab875c8584a32d42_ppc64le",
"product": {
"name": "openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:7b1da7f58a151e9a92ce088264eded20ddd5e99c6ed91811ab875c8584a32d42_ppc64le",
"product_id": "openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:7b1da7f58a151e9a92ce088264eded20ddd5e99c6ed91811ab875c8584a32d42_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-jenkins-agent-nodejs-10-rhel8@sha256:7b1da7f58a151e9a92ce088264eded20ddd5e99c6ed91811ab875c8584a32d42?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-jenkins-agent-nodejs-10-rhel8\u0026tag=v4.7.0-202202020525.p0.g1383028.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/kubernetes-nmstate-rhel8-operator@sha256:d9d6d79fb09b6bcf8b9cd9aa4db5660f00861c1be51a0739d1814a6d6b555269_ppc64le",
"product": {
"name": "openshift4/kubernetes-nmstate-rhel8-operator@sha256:d9d6d79fb09b6bcf8b9cd9aa4db5660f00861c1be51a0739d1814a6d6b555269_ppc64le",
"product_id": "openshift4/kubernetes-nmstate-rhel8-operator@sha256:d9d6d79fb09b6bcf8b9cd9aa4db5660f00861c1be51a0739d1814a6d6b555269_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/kubernetes-nmstate-rhel8-operator@sha256:d9d6d79fb09b6bcf8b9cd9aa4db5660f00861c1be51a0739d1814a6d6b555269?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/kubernetes-nmstate-rhel8-operator\u0026tag=v4.7.0-202201261123.p0.g1987544.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-ptp@sha256:7b80bfd84618e2ca174c68cac564a89a29d85b2882ed0232e83fb2b94e01045b_ppc64le",
"product": {
"name": "openshift4/ose-ptp@sha256:7b80bfd84618e2ca174c68cac564a89a29d85b2882ed0232e83fb2b94e01045b_ppc64le",
"product_id": "openshift4/ose-ptp@sha256:7b80bfd84618e2ca174c68cac564a89a29d85b2882ed0232e83fb2b94e01045b_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-ptp@sha256:7b80bfd84618e2ca174c68cac564a89a29d85b2882ed0232e83fb2b94e01045b?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-ptp\u0026tag=v4.7.0-202201261123.p0.g6602684.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-local-storage-mustgather-rhel8@sha256:dd567cbaa78320859d956551673d37d21ebff9ef231908ccdd402ff85a82a106_ppc64le",
"product": {
"name": "openshift4/ose-local-storage-mustgather-rhel8@sha256:dd567cbaa78320859d956551673d37d21ebff9ef231908ccdd402ff85a82a106_ppc64le",
"product_id": "openshift4/ose-local-storage-mustgather-rhel8@sha256:dd567cbaa78320859d956551673d37d21ebff9ef231908ccdd402ff85a82a106_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-local-storage-mustgather-rhel8@sha256:dd567cbaa78320859d956551673d37d21ebff9ef231908ccdd402ff85a82a106?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-local-storage-mustgather-rhel8\u0026tag=v4.7.0-202201261537.p0.g56eb729.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-metering-helm-container-rhel8@sha256:8ef0d8b296fd6cf92b335759b0ae69e2d27b0febcfd7b8039a2a285d6872af24_ppc64le",
"product": {
"name": "openshift4/ose-metering-helm-container-rhel8@sha256:8ef0d8b296fd6cf92b335759b0ae69e2d27b0febcfd7b8039a2a285d6872af24_ppc64le",
"product_id": "openshift4/ose-metering-helm-container-rhel8@sha256:8ef0d8b296fd6cf92b335759b0ae69e2d27b0febcfd7b8039a2a285d6872af24_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-metering-helm-container-rhel8@sha256:8ef0d8b296fd6cf92b335759b0ae69e2d27b0febcfd7b8039a2a285d6872af24?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-metering-helm-container-rhel8\u0026tag=v4.7.0-202201261123.p0.gdccc202.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/network-tools-rhel8@sha256:fcf96da33bcea8e56d9d3edf5da10b2acbf77445c60d4f4d9a220b5c5ff564da_ppc64le",
"product": {
"name": "openshift4/network-tools-rhel8@sha256:fcf96da33bcea8e56d9d3edf5da10b2acbf77445c60d4f4d9a220b5c5ff564da_ppc64le",
"product_id": "openshift4/network-tools-rhel8@sha256:fcf96da33bcea8e56d9d3edf5da10b2acbf77445c60d4f4d9a220b5c5ff564da_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/network-tools-rhel8@sha256:fcf96da33bcea8e56d9d3edf5da10b2acbf77445c60d4f4d9a220b5c5ff564da?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/network-tools-rhel8\u0026tag=v4.7.0-202202011649.p0.g70c7f85.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-ptp-operator@sha256:26e7b07274177e86ef6ec8a96188e7957e4f68f73a1420e196702922094417ae_ppc64le",
"product": {
"name": "openshift4/ose-ptp-operator@sha256:26e7b07274177e86ef6ec8a96188e7957e4f68f73a1420e196702922094417ae_ppc64le",
"product_id": "openshift4/ose-ptp-operator@sha256:26e7b07274177e86ef6ec8a96188e7957e4f68f73a1420e196702922094417ae_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-ptp-operator@sha256:26e7b07274177e86ef6ec8a96188e7957e4f68f73a1420e196702922094417ae?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-ptp-operator\u0026tag=v4.7.0-202201261123.p0.g0853bcd.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:0694a70fe7b9d8dda2efc2776c045b5bfcf5a7592515d93d2c8c8eb4ac3e4be8_ppc64le",
"product": {
"name": "openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:0694a70fe7b9d8dda2efc2776c045b5bfcf5a7592515d93d2c8c8eb4ac3e4be8_ppc64le",
"product_id": "openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:0694a70fe7b9d8dda2efc2776c045b5bfcf5a7592515d93d2c8c8eb4ac3e4be8_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-vertical-pod-autoscaler-rhel8@sha256:0694a70fe7b9d8dda2efc2776c045b5bfcf5a7592515d93d2c8c8eb4ac3e4be8?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-vertical-pod-autoscaler-rhel8\u0026tag=v4.7.0-202201261123.p0.g8b2e494.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:7cda510767be34b8ac3b808aace4ab2d61107042daa98f620993a667852b9a1c_ppc64le",
"product": {
"name": "openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:7cda510767be34b8ac3b808aace4ab2d61107042daa98f620993a667852b9a1c_ppc64le",
"product_id": "openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:7cda510767be34b8ac3b808aace4ab2d61107042daa98f620993a667852b9a1c_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-vertical-pod-autoscaler-rhel8-operator@sha256:7cda510767be34b8ac3b808aace4ab2d61107042daa98f620993a667852b9a1c?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-vertical-pod-autoscaler-rhel8-operator\u0026tag=v4.7.0-202201261123.p0.g49937fc.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ptp-must-gather-rhel8@sha256:b59208db40a37fd3111a6d41e9588a157b4188d3e303fec225d6e7ae2b94b724_ppc64le",
"product": {
"name": "openshift4/ptp-must-gather-rhel8@sha256:b59208db40a37fd3111a6d41e9588a157b4188d3e303fec225d6e7ae2b94b724_ppc64le",
"product_id": "openshift4/ptp-must-gather-rhel8@sha256:b59208db40a37fd3111a6d41e9588a157b4188d3e303fec225d6e7ae2b94b724_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ptp-must-gather-rhel8@sha256:b59208db40a37fd3111a6d41e9588a157b4188d3e303fec225d6e7ae2b94b724?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ptp-must-gather-rhel8\u0026tag=v4.7.0-202201261123.p0.g0853bcd.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-sriov-cni@sha256:51b4b6163d3a296d598330e2119c7f12c41c15a3ea81b15c59774ab71a4052ea_ppc64le",
"product": {
"name": "openshift4/ose-sriov-cni@sha256:51b4b6163d3a296d598330e2119c7f12c41c15a3ea81b15c59774ab71a4052ea_ppc64le",
"product_id": "openshift4/ose-sriov-cni@sha256:51b4b6163d3a296d598330e2119c7f12c41c15a3ea81b15c59774ab71a4052ea_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-sriov-cni@sha256:51b4b6163d3a296d598330e2119c7f12c41c15a3ea81b15c59774ab71a4052ea?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-sriov-cni\u0026tag=v4.7.0-202201261123.p0.g2ad0912.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-sriov-dp-admission-controller@sha256:85d3feec1f6c23752bcf1e20de47cd83dc4171295c922b2962cca31f52fdcc99_ppc64le",
"product": {
"name": "openshift4/ose-sriov-dp-admission-controller@sha256:85d3feec1f6c23752bcf1e20de47cd83dc4171295c922b2962cca31f52fdcc99_ppc64le",
"product_id": "openshift4/ose-sriov-dp-admission-controller@sha256:85d3feec1f6c23752bcf1e20de47cd83dc4171295c922b2962cca31f52fdcc99_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-sriov-dp-admission-controller@sha256:85d3feec1f6c23752bcf1e20de47cd83dc4171295c922b2962cca31f52fdcc99?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-sriov-dp-admission-controller\u0026tag=v4.7.0-202201261123.p0.g552c314.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-sriov-network-config-daemon@sha256:282eb59274ebf8c9b1d4df18957fe016a1276851504febfa7d0a82b3ff123b46_ppc64le",
"product": {
"name": "openshift4/ose-sriov-network-config-daemon@sha256:282eb59274ebf8c9b1d4df18957fe016a1276851504febfa7d0a82b3ff123b46_ppc64le",
"product_id": "openshift4/ose-sriov-network-config-daemon@sha256:282eb59274ebf8c9b1d4df18957fe016a1276851504febfa7d0a82b3ff123b46_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-sriov-network-config-daemon@sha256:282eb59274ebf8c9b1d4df18957fe016a1276851504febfa7d0a82b3ff123b46?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-sriov-network-config-daemon\u0026tag=v4.7.0-202201261123.p0.gf6c2ccd.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-sriov-network-device-plugin@sha256:27bc5f7d3785dc55ae6b56a1abdd724f1b071f18070d8fd1be93710425f63fee_ppc64le",
"product": {
"name": "openshift4/ose-sriov-network-device-plugin@sha256:27bc5f7d3785dc55ae6b56a1abdd724f1b071f18070d8fd1be93710425f63fee_ppc64le",
"product_id": "openshift4/ose-sriov-network-device-plugin@sha256:27bc5f7d3785dc55ae6b56a1abdd724f1b071f18070d8fd1be93710425f63fee_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-sriov-network-device-plugin@sha256:27bc5f7d3785dc55ae6b56a1abdd724f1b071f18070d8fd1be93710425f63fee?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-sriov-network-device-plugin\u0026tag=v4.7.0-202201261123.p0.g6d9de39.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-sriov-operator-must-gather@sha256:852ec914338080ae0b0a0d80cc1f8776c69904f7aa481073124f7e30f66ea701_ppc64le",
"product": {
"name": "openshift4/ose-sriov-operator-must-gather@sha256:852ec914338080ae0b0a0d80cc1f8776c69904f7aa481073124f7e30f66ea701_ppc64le",
"product_id": "openshift4/ose-sriov-operator-must-gather@sha256:852ec914338080ae0b0a0d80cc1f8776c69904f7aa481073124f7e30f66ea701_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-sriov-operator-must-gather@sha256:852ec914338080ae0b0a0d80cc1f8776c69904f7aa481073124f7e30f66ea701?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-sriov-operator-must-gather\u0026tag=v4.7.0-202201261123.p0.gf6c2ccd.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-sriov-network-operator@sha256:74535f528ddf08eace2d38a42cdbdc2cc34f2e918b1ea1137aba44150404f034_ppc64le",
"product": {
"name": "openshift4/ose-sriov-network-operator@sha256:74535f528ddf08eace2d38a42cdbdc2cc34f2e918b1ea1137aba44150404f034_ppc64le",
"product_id": "openshift4/ose-sriov-network-operator@sha256:74535f528ddf08eace2d38a42cdbdc2cc34f2e918b1ea1137aba44150404f034_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-sriov-network-operator@sha256:74535f528ddf08eace2d38a42cdbdc2cc34f2e918b1ea1137aba44150404f034?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-sriov-network-operator\u0026tag=v4.7.0-202201261123.p0.gf6c2ccd.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-sriov-network-webhook@sha256:e8766c5b017e1d13b5da871db07511834fefa46e5fafe3d98ad128d5d9adbdaa_ppc64le",
"product": {
"name": "openshift4/ose-sriov-network-webhook@sha256:e8766c5b017e1d13b5da871db07511834fefa46e5fafe3d98ad128d5d9adbdaa_ppc64le",
"product_id": "openshift4/ose-sriov-network-webhook@sha256:e8766c5b017e1d13b5da871db07511834fefa46e5fafe3d98ad128d5d9adbdaa_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-sriov-network-webhook@sha256:e8766c5b017e1d13b5da871db07511834fefa46e5fafe3d98ad128d5d9adbdaa?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-sriov-network-webhook\u0026tag=v4.7.0-202201261123.p0.gf6c2ccd.assembly.stream"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/kubernetes-nmstate-rhel8-operator@sha256:22aa9ccb0b12f4bdc935a7b3cc228a8d1a1f6d890da2e52d5df1889bc405f438_amd64 as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/kubernetes-nmstate-rhel8-operator@sha256:22aa9ccb0b12f4bdc935a7b3cc228a8d1a1f6d890da2e52d5df1889bc405f438_amd64"
},
"product_reference": "openshift4/kubernetes-nmstate-rhel8-operator@sha256:22aa9ccb0b12f4bdc935a7b3cc228a8d1a1f6d890da2e52d5df1889bc405f438_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/kubernetes-nmstate-rhel8-operator@sha256:a03a81188cbb41a6b947e213054834503ff0b138790657e7bcfb89ac76db7e2f_s390x as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/kubernetes-nmstate-rhel8-operator@sha256:a03a81188cbb41a6b947e213054834503ff0b138790657e7bcfb89ac76db7e2f_s390x"
},
"product_reference": "openshift4/kubernetes-nmstate-rhel8-operator@sha256:a03a81188cbb41a6b947e213054834503ff0b138790657e7bcfb89ac76db7e2f_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/kubernetes-nmstate-rhel8-operator@sha256:d9d6d79fb09b6bcf8b9cd9aa4db5660f00861c1be51a0739d1814a6d6b555269_ppc64le as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/kubernetes-nmstate-rhel8-operator@sha256:d9d6d79fb09b6bcf8b9cd9aa4db5660f00861c1be51a0739d1814a6d6b555269_ppc64le"
},
"product_reference": "openshift4/kubernetes-nmstate-rhel8-operator@sha256:d9d6d79fb09b6bcf8b9cd9aa4db5660f00861c1be51a0739d1814a6d6b555269_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/network-tools-rhel8@sha256:c2dff29f5402be6ab1ed05f970df2095885bb0c6ce301999d1978ab2f6bd10dc_amd64 as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/network-tools-rhel8@sha256:c2dff29f5402be6ab1ed05f970df2095885bb0c6ce301999d1978ab2f6bd10dc_amd64"
},
"product_reference": "openshift4/network-tools-rhel8@sha256:c2dff29f5402be6ab1ed05f970df2095885bb0c6ce301999d1978ab2f6bd10dc_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/network-tools-rhel8@sha256:d5c128fb34258594b23210743a46f22ec0efd9178011d749c6e93365fa482470_s390x as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/network-tools-rhel8@sha256:d5c128fb34258594b23210743a46f22ec0efd9178011d749c6e93365fa482470_s390x"
},
"product_reference": "openshift4/network-tools-rhel8@sha256:d5c128fb34258594b23210743a46f22ec0efd9178011d749c6e93365fa482470_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/network-tools-rhel8@sha256:fcf96da33bcea8e56d9d3edf5da10b2acbf77445c60d4f4d9a220b5c5ff564da_ppc64le as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/network-tools-rhel8@sha256:fcf96da33bcea8e56d9d3edf5da10b2acbf77445c60d4f4d9a220b5c5ff564da_ppc64le"
},
"product_reference": "openshift4/network-tools-rhel8@sha256:fcf96da33bcea8e56d9d3edf5da10b2acbf77445c60d4f4d9a220b5c5ff564da_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-ansible-operator@sha256:1c211dc19b7c4d691af7b3b0462082a6a9adab75482e695b0d3bff57c56a27e8_amd64 as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-ansible-operator@sha256:1c211dc19b7c4d691af7b3b0462082a6a9adab75482e695b0d3bff57c56a27e8_amd64"
},
"product_reference": "openshift4/ose-ansible-operator@sha256:1c211dc19b7c4d691af7b3b0462082a6a9adab75482e695b0d3bff57c56a27e8_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-ansible-operator@sha256:4624acfc582f366d2b871b528037535a6ef8800409fd2060e7e170912ea3e366_ppc64le as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-ansible-operator@sha256:4624acfc582f366d2b871b528037535a6ef8800409fd2060e7e170912ea3e366_ppc64le"
},
"product_reference": "openshift4/ose-ansible-operator@sha256:4624acfc582f366d2b871b528037535a6ef8800409fd2060e7e170912ea3e366_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-ansible-operator@sha256:61e72a2b6727e2a7b18e433254dade6c341a658c8e5db1c7db76e63201cba68d_s390x as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-ansible-operator@sha256:61e72a2b6727e2a7b18e433254dade6c341a658c8e5db1c7db76e63201cba68d_s390x"
},
"product_reference": "openshift4/ose-ansible-operator@sha256:61e72a2b6727e2a7b18e433254dade6c341a658c8e5db1c7db76e63201cba68d_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cluster-capacity@sha256:6eb914575b695cda5e32e67bbc0d94d7a9528d0d84d6e830ab9a652c55d8324b_amd64 as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-cluster-capacity@sha256:6eb914575b695cda5e32e67bbc0d94d7a9528d0d84d6e830ab9a652c55d8324b_amd64"
},
"product_reference": "openshift4/ose-cluster-capacity@sha256:6eb914575b695cda5e32e67bbc0d94d7a9528d0d84d6e830ab9a652c55d8324b_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cluster-capacity@sha256:755b11a5f0283bd40aca158cba01dc52acc86a0f89c2286f35be1ce1526822c5_ppc64le as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-cluster-capacity@sha256:755b11a5f0283bd40aca158cba01dc52acc86a0f89c2286f35be1ce1526822c5_ppc64le"
},
"product_reference": "openshift4/ose-cluster-capacity@sha256:755b11a5f0283bd40aca158cba01dc52acc86a0f89c2286f35be1ce1526822c5_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cluster-capacity@sha256:dc6a4807b1a79fae9510fbd85adbfa24ef6390414255688ab5e081a78209cfd1_s390x as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-cluster-capacity@sha256:dc6a4807b1a79fae9510fbd85adbfa24ef6390414255688ab5e081a78209cfd1_s390x"
},
"product_reference": "openshift4/ose-cluster-capacity@sha256:dc6a4807b1a79fae9510fbd85adbfa24ef6390414255688ab5e081a78209cfd1_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cluster-kube-descheduler-operator@sha256:c1d2a7d34d240089b8122cbee1acabd687e1175f19f725c4dade1d73bd5b5c25_s390x as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-cluster-kube-descheduler-operator@sha256:c1d2a7d34d240089b8122cbee1acabd687e1175f19f725c4dade1d73bd5b5c25_s390x"
},
"product_reference": "openshift4/ose-cluster-kube-descheduler-operator@sha256:c1d2a7d34d240089b8122cbee1acabd687e1175f19f725c4dade1d73bd5b5c25_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cluster-kube-descheduler-operator@sha256:d24fb0b4f5c74f0af84fc77322f44ada95d171ced1bebbcf815c046a56d7a7ba_amd64 as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-cluster-kube-descheduler-operator@sha256:d24fb0b4f5c74f0af84fc77322f44ada95d171ced1bebbcf815c046a56d7a7ba_amd64"
},
"product_reference": "openshift4/ose-cluster-kube-descheduler-operator@sha256:d24fb0b4f5c74f0af84fc77322f44ada95d171ced1bebbcf815c046a56d7a7ba_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cluster-kube-descheduler-operator@sha256:ee09043cbe40994c13a502aa1c0b1d8f5f845c5662e20660afef223f578b1172_ppc64le as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-cluster-kube-descheduler-operator@sha256:ee09043cbe40994c13a502aa1c0b1d8f5f845c5662e20660afef223f578b1172_ppc64le"
},
"product_reference": "openshift4/ose-cluster-kube-descheduler-operator@sha256:ee09043cbe40994c13a502aa1c0b1d8f5f845c5662e20660afef223f578b1172_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:c1d2a7d34d240089b8122cbee1acabd687e1175f19f725c4dade1d73bd5b5c25_s390x as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:c1d2a7d34d240089b8122cbee1acabd687e1175f19f725c4dade1d73bd5b5c25_s390x"
},
"product_reference": "openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:c1d2a7d34d240089b8122cbee1acabd687e1175f19f725c4dade1d73bd5b5c25_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:d24fb0b4f5c74f0af84fc77322f44ada95d171ced1bebbcf815c046a56d7a7ba_amd64 as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:d24fb0b4f5c74f0af84fc77322f44ada95d171ced1bebbcf815c046a56d7a7ba_amd64"
},
"product_reference": "openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:d24fb0b4f5c74f0af84fc77322f44ada95d171ced1bebbcf815c046a56d7a7ba_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:ee09043cbe40994c13a502aa1c0b1d8f5f845c5662e20660afef223f578b1172_ppc64le as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:ee09043cbe40994c13a502aa1c0b1d8f5f845c5662e20660afef223f578b1172_ppc64le"
},
"product_reference": "openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:ee09043cbe40994c13a502aa1c0b1d8f5f845c5662e20660afef223f578b1172_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cluster-nfd-operator@sha256:1a482262a43445c6e56a8ed1c68f50a23241038e7bed6fb5b1ac860093ffd711_ppc64le as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-cluster-nfd-operator@sha256:1a482262a43445c6e56a8ed1c68f50a23241038e7bed6fb5b1ac860093ffd711_ppc64le"
},
"product_reference": "openshift4/ose-cluster-nfd-operator@sha256:1a482262a43445c6e56a8ed1c68f50a23241038e7bed6fb5b1ac860093ffd711_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cluster-nfd-operator@sha256:97621545cd74e2810fbc88883c52635e957ab7bb985545660b4848790de078e4_amd64 as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-cluster-nfd-operator@sha256:97621545cd74e2810fbc88883c52635e957ab7bb985545660b4848790de078e4_amd64"
},
"product_reference": "openshift4/ose-cluster-nfd-operator@sha256:97621545cd74e2810fbc88883c52635e957ab7bb985545660b4848790de078e4_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cluster-nfd-operator@sha256:e9a8c656f1eed7c0e45cd42b7107bdd9c36d0877749ea707caea2834e2ff7853_s390x as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-cluster-nfd-operator@sha256:e9a8c656f1eed7c0e45cd42b7107bdd9c36d0877749ea707caea2834e2ff7853_s390x"
},
"product_reference": "openshift4/ose-cluster-nfd-operator@sha256:e9a8c656f1eed7c0e45cd42b7107bdd9c36d0877749ea707caea2834e2ff7853_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:02722e2b4b20f5ce75f49283b93577642ac94d21fb3c7bc3f2345dc1cae006c4_ppc64le as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:02722e2b4b20f5ce75f49283b93577642ac94d21fb3c7bc3f2345dc1cae006c4_ppc64le"
},
"product_reference": "openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:02722e2b4b20f5ce75f49283b93577642ac94d21fb3c7bc3f2345dc1cae006c4_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:25e98ea642c5b444e0779f12c86d12ad1eb536e758f82411a836273aaec103a6_amd64 as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:25e98ea642c5b444e0779f12c86d12ad1eb536e758f82411a836273aaec103a6_amd64"
},
"product_reference": "openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:25e98ea642c5b444e0779f12c86d12ad1eb536e758f82411a836273aaec103a6_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:4af4402195c6da600602a0870a9ca8f2913637ab9b4adaca731ce1f514bfb71d_s390x as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:4af4402195c6da600602a0870a9ca8f2913637ab9b4adaca731ce1f514bfb71d_s390x"
},
"product_reference": "openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:4af4402195c6da600602a0870a9ca8f2913637ab9b4adaca731ce1f514bfb71d_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-clusterresourceoverride-rhel8@sha256:911cdf7fda86a0eb3b675127d13002bcd67793599f265dfcf40747974aa2b428_amd64 as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-clusterresourceoverride-rhel8@sha256:911cdf7fda86a0eb3b675127d13002bcd67793599f265dfcf40747974aa2b428_amd64"
},
"product_reference": "openshift4/ose-clusterresourceoverride-rhel8@sha256:911cdf7fda86a0eb3b675127d13002bcd67793599f265dfcf40747974aa2b428_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-clusterresourceoverride-rhel8@sha256:b297025d05f3b5898e97bcd4c79151338605848a32028e4bf2a8e20d46a9a0e6_s390x as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-clusterresourceoverride-rhel8@sha256:b297025d05f3b5898e97bcd4c79151338605848a32028e4bf2a8e20d46a9a0e6_s390x"
},
"product_reference": "openshift4/ose-clusterresourceoverride-rhel8@sha256:b297025d05f3b5898e97bcd4c79151338605848a32028e4bf2a8e20d46a9a0e6_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-clusterresourceoverride-rhel8@sha256:fa7304d3cb390015ff664a2b2301591fb83216a0db95ac325289134f6cb001ff_ppc64le as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-clusterresourceoverride-rhel8@sha256:fa7304d3cb390015ff664a2b2301591fb83216a0db95ac325289134f6cb001ff_ppc64le"
},
"product_reference": "openshift4/ose-clusterresourceoverride-rhel8@sha256:fa7304d3cb390015ff664a2b2301591fb83216a0db95ac325289134f6cb001ff_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-descheduler@sha256:2ba655f44e0e59c914c40274fb956f1d1f13aff731bafa8553342fae507069ee_s390x as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-descheduler@sha256:2ba655f44e0e59c914c40274fb956f1d1f13aff731bafa8553342fae507069ee_s390x"
},
"product_reference": "openshift4/ose-descheduler@sha256:2ba655f44e0e59c914c40274fb956f1d1f13aff731bafa8553342fae507069ee_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-descheduler@sha256:2fab7094181d5d9fd26137131018543e248d6db6b3564f29fa9dcf971384d600_ppc64le as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-descheduler@sha256:2fab7094181d5d9fd26137131018543e248d6db6b3564f29fa9dcf971384d600_ppc64le"
},
"product_reference": "openshift4/ose-descheduler@sha256:2fab7094181d5d9fd26137131018543e248d6db6b3564f29fa9dcf971384d600_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-descheduler@sha256:3a04d4a7f569a1f029ee9e4720f8eabd96bdf1ab848bf0a996b7f449181919d6_amd64 as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-descheduler@sha256:3a04d4a7f569a1f029ee9e4720f8eabd96bdf1ab848bf0a996b7f449181919d6_amd64"
},
"product_reference": "openshift4/ose-descheduler@sha256:3a04d4a7f569a1f029ee9e4720f8eabd96bdf1ab848bf0a996b7f449181919d6_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-egress-dns-proxy@sha256:2b193ab81fa02031e79917fd5c938a0e4ad529c74bdb3ed067140ac66584de75_s390x as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-egress-dns-proxy@sha256:2b193ab81fa02031e79917fd5c938a0e4ad529c74bdb3ed067140ac66584de75_s390x"
},
"product_reference": "openshift4/ose-egress-dns-proxy@sha256:2b193ab81fa02031e79917fd5c938a0e4ad529c74bdb3ed067140ac66584de75_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-egress-dns-proxy@sha256:423ebfcd7b5ee5866d9a48748d6ff6cf86ad513debc426ca2f837dad077e6ba9_ppc64le as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-egress-dns-proxy@sha256:423ebfcd7b5ee5866d9a48748d6ff6cf86ad513debc426ca2f837dad077e6ba9_ppc64le"
},
"product_reference": "openshift4/ose-egress-dns-proxy@sha256:423ebfcd7b5ee5866d9a48748d6ff6cf86ad513debc426ca2f837dad077e6ba9_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-egress-dns-proxy@sha256:bcf54c517a897f4db420359d9358df078507a8af7270e3354fba68afc74097bf_amd64 as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-egress-dns-proxy@sha256:bcf54c517a897f4db420359d9358df078507a8af7270e3354fba68afc74097bf_amd64"
},
"product_reference": "openshift4/ose-egress-dns-proxy@sha256:bcf54c517a897f4db420359d9358df078507a8af7270e3354fba68afc74097bf_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-egress-http-proxy@sha256:11fdd61a55cc06e6b4d1a8aefdf762bf2db21e351962285e26f2ab3d95a8460e_s390x as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-egress-http-proxy@sha256:11fdd61a55cc06e6b4d1a8aefdf762bf2db21e351962285e26f2ab3d95a8460e_s390x"
},
"product_reference": "openshift4/ose-egress-http-proxy@sha256:11fdd61a55cc06e6b4d1a8aefdf762bf2db21e351962285e26f2ab3d95a8460e_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-egress-http-proxy@sha256:76fba817c4e8556e58494c54fba0186ac7f607f871355816c3a8051cf0b98143_ppc64le as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-egress-http-proxy@sha256:76fba817c4e8556e58494c54fba0186ac7f607f871355816c3a8051cf0b98143_ppc64le"
},
"product_reference": "openshift4/ose-egress-http-proxy@sha256:76fba817c4e8556e58494c54fba0186ac7f607f871355816c3a8051cf0b98143_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-egress-http-proxy@sha256:f6ff58f2d35b430ef267ba99264dd27a985b97863f1fe2c77a97f30493a901ac_amd64 as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-egress-http-proxy@sha256:f6ff58f2d35b430ef267ba99264dd27a985b97863f1fe2c77a97f30493a901ac_amd64"
},
"product_reference": "openshift4/ose-egress-http-proxy@sha256:f6ff58f2d35b430ef267ba99264dd27a985b97863f1fe2c77a97f30493a901ac_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-egress-router@sha256:342350d595c18a630c6f6bb100e8e2eaa397008d3467757431e81a54cab0fe87_s390x as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-egress-router@sha256:342350d595c18a630c6f6bb100e8e2eaa397008d3467757431e81a54cab0fe87_s390x"
},
"product_reference": "openshift4/ose-egress-router@sha256:342350d595c18a630c6f6bb100e8e2eaa397008d3467757431e81a54cab0fe87_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-egress-router@sha256:8a4af7c5b461ebe67f0773dcafbcd68fa1e80488d8588747530fc1e7cbe49052_amd64 as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-egress-router@sha256:8a4af7c5b461ebe67f0773dcafbcd68fa1e80488d8588747530fc1e7cbe49052_amd64"
},
"product_reference": "openshift4/ose-egress-router@sha256:8a4af7c5b461ebe67f0773dcafbcd68fa1e80488d8588747530fc1e7cbe49052_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-egress-router@sha256:9741b74b0deb3ef44186a0d98a58db45995b2bd404db445621d27d74c02e971f_ppc64le as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-egress-router@sha256:9741b74b0deb3ef44186a0d98a58db45995b2bd404db445621d27d74c02e971f_ppc64le"
},
"product_reference": "openshift4/ose-egress-router@sha256:9741b74b0deb3ef44186a0d98a58db45995b2bd404db445621d27d74c02e971f_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-ghostunnel@sha256:571ced638d5cb907342143c6a515e482c428f3f3729f247ac7d86cf7acebe64d_amd64 as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-ghostunnel@sha256:571ced638d5cb907342143c6a515e482c428f3f3729f247ac7d86cf7acebe64d_amd64"
},
"product_reference": "openshift4/ose-ghostunnel@sha256:571ced638d5cb907342143c6a515e482c428f3f3729f247ac7d86cf7acebe64d_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-helm-operator@sha256:1604de3c8644d2fda88838dd2490efac87f5c9b4447177c4f11327ccf08ddc87_amd64 as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-helm-operator@sha256:1604de3c8644d2fda88838dd2490efac87f5c9b4447177c4f11327ccf08ddc87_amd64"
},
"product_reference": "openshift4/ose-helm-operator@sha256:1604de3c8644d2fda88838dd2490efac87f5c9b4447177c4f11327ccf08ddc87_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-helm-operator@sha256:31c0209cce395067e11a47c6ccad47d2b61fdc9cbfb9a678957cc89e51166d12_s390x as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-helm-operator@sha256:31c0209cce395067e11a47c6ccad47d2b61fdc9cbfb9a678957cc89e51166d12_s390x"
},
"product_reference": "openshift4/ose-helm-operator@sha256:31c0209cce395067e11a47c6ccad47d2b61fdc9cbfb9a678957cc89e51166d12_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-helm-operator@sha256:edf4456768f7777ac29ace329c391fdd6a6b214c8e747863ca009b13f4d0e4b9_ppc64le as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-helm-operator@sha256:edf4456768f7777ac29ace329c391fdd6a6b214c8e747863ca009b13f4d0e4b9_ppc64le"
},
"product_reference": "openshift4/ose-helm-operator@sha256:edf4456768f7777ac29ace329c391fdd6a6b214c8e747863ca009b13f4d0e4b9_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:2e9e8c76769c6008cf50790781c2b2501304ed8badf62fb1d7ff3d3b03ce5266_amd64 as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:2e9e8c76769c6008cf50790781c2b2501304ed8badf62fb1d7ff3d3b03ce5266_amd64"
},
"product_reference": "openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:2e9e8c76769c6008cf50790781c2b2501304ed8badf62fb1d7ff3d3b03ce5266_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:7b1da7f58a151e9a92ce088264eded20ddd5e99c6ed91811ab875c8584a32d42_ppc64le as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:7b1da7f58a151e9a92ce088264eded20ddd5e99c6ed91811ab875c8584a32d42_ppc64le"
},
"product_reference": "openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:7b1da7f58a151e9a92ce088264eded20ddd5e99c6ed91811ab875c8584a32d42_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:ee09644f92a405a9d847d4f183b30208987c9afb61c15dea10175ac0b08bf5a6_s390x as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:ee09644f92a405a9d847d4f183b30208987c9afb61c15dea10175ac0b08bf5a6_s390x"
},
"product_reference": "openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:ee09644f92a405a9d847d4f183b30208987c9afb61c15dea10175ac0b08bf5a6_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-kubernetes-nmstate-handler-rhel8@sha256:33118718e753a7e63c7427e3b2bfec0bb7bf440d9ee5a0b3bff3b13a08023731_s390x as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-kubernetes-nmstate-handler-rhel8@sha256:33118718e753a7e63c7427e3b2bfec0bb7bf440d9ee5a0b3bff3b13a08023731_s390x"
},
"product_reference": "openshift4/ose-kubernetes-nmstate-handler-rhel8@sha256:33118718e753a7e63c7427e3b2bfec0bb7bf440d9ee5a0b3bff3b13a08023731_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-kubernetes-nmstate-handler-rhel8@sha256:dca4deaed3dd64e477cb506978fedf04605565b721917b86574ecfe0fe192bf0_ppc64le as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-kubernetes-nmstate-handler-rhel8@sha256:dca4deaed3dd64e477cb506978fedf04605565b721917b86574ecfe0fe192bf0_ppc64le"
},
"product_reference": "openshift4/ose-kubernetes-nmstate-handler-rhel8@sha256:dca4deaed3dd64e477cb506978fedf04605565b721917b86574ecfe0fe192bf0_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-kubernetes-nmstate-handler-rhel8@sha256:f222c80234892103ad4bafc8b93f931cb84aff4589737041c390e9ff0c544834_amd64 as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-kubernetes-nmstate-handler-rhel8@sha256:f222c80234892103ad4bafc8b93f931cb84aff4589737041c390e9ff0c544834_amd64"
},
"product_reference": "openshift4/ose-kubernetes-nmstate-handler-rhel8@sha256:f222c80234892103ad4bafc8b93f931cb84aff4589737041c390e9ff0c544834_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-local-storage-diskmaker@sha256:14f5cc593403a32b0d3aea18b4c916b92d73bd29a784de330f2055fc549144a8_amd64 as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-local-storage-diskmaker@sha256:14f5cc593403a32b0d3aea18b4c916b92d73bd29a784de330f2055fc549144a8_amd64"
},
"product_reference": "openshift4/ose-local-storage-diskmaker@sha256:14f5cc593403a32b0d3aea18b4c916b92d73bd29a784de330f2055fc549144a8_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-local-storage-diskmaker@sha256:72a04abe499e3821465b46b97095c1fb9a085ea65893996ff88429540f9bca62_ppc64le as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-local-storage-diskmaker@sha256:72a04abe499e3821465b46b97095c1fb9a085ea65893996ff88429540f9bca62_ppc64le"
},
"product_reference": "openshift4/ose-local-storage-diskmaker@sha256:72a04abe499e3821465b46b97095c1fb9a085ea65893996ff88429540f9bca62_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-local-storage-diskmaker@sha256:eb94c3891e7b187019e21e01a0c0c51c356de2e52d328cb7cd201ccaf084649a_s390x as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-local-storage-diskmaker@sha256:eb94c3891e7b187019e21e01a0c0c51c356de2e52d328cb7cd201ccaf084649a_s390x"
},
"product_reference": "openshift4/ose-local-storage-diskmaker@sha256:eb94c3891e7b187019e21e01a0c0c51c356de2e52d328cb7cd201ccaf084649a_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-local-storage-mustgather-rhel8@sha256:44e10acf9603002364f4a6a85863946f8381297a50b0181514420511ebea80c8_amd64 as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-local-storage-mustgather-rhel8@sha256:44e10acf9603002364f4a6a85863946f8381297a50b0181514420511ebea80c8_amd64"
},
"product_reference": "openshift4/ose-local-storage-mustgather-rhel8@sha256:44e10acf9603002364f4a6a85863946f8381297a50b0181514420511ebea80c8_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-local-storage-mustgather-rhel8@sha256:a172fc08b88d93cfacedd5c7a70a187dcbc4709413e200f26498558ec1d0b93a_s390x as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-local-storage-mustgather-rhel8@sha256:a172fc08b88d93cfacedd5c7a70a187dcbc4709413e200f26498558ec1d0b93a_s390x"
},
"product_reference": "openshift4/ose-local-storage-mustgather-rhel8@sha256:a172fc08b88d93cfacedd5c7a70a187dcbc4709413e200f26498558ec1d0b93a_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-local-storage-mustgather-rhel8@sha256:dd567cbaa78320859d956551673d37d21ebff9ef231908ccdd402ff85a82a106_ppc64le as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-local-storage-mustgather-rhel8@sha256:dd567cbaa78320859d956551673d37d21ebff9ef231908ccdd402ff85a82a106_ppc64le"
},
"product_reference": "openshift4/ose-local-storage-mustgather-rhel8@sha256:dd567cbaa78320859d956551673d37d21ebff9ef231908ccdd402ff85a82a106_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-local-storage-operator@sha256:1de35e9908b4037e251d5940d6d7832add15438babbd787a8799b97d077bdb51_s390x as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-local-storage-operator@sha256:1de35e9908b4037e251d5940d6d7832add15438babbd787a8799b97d077bdb51_s390x"
},
"product_reference": "openshift4/ose-local-storage-operator@sha256:1de35e9908b4037e251d5940d6d7832add15438babbd787a8799b97d077bdb51_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-local-storage-operator@sha256:7ad09f547291f527313ef62a42f32cd1e28d922abbf4d3faf1a62316fc138835_amd64 as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-local-storage-operator@sha256:7ad09f547291f527313ef62a42f32cd1e28d922abbf4d3faf1a62316fc138835_amd64"
},
"product_reference": "openshift4/ose-local-storage-operator@sha256:7ad09f547291f527313ef62a42f32cd1e28d922abbf4d3faf1a62316fc138835_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-local-storage-operator@sha256:c0c355248008651fc862cfef2300b4a4e31de396ef3c356d576b78ae8d086606_ppc64le as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-local-storage-operator@sha256:c0c355248008651fc862cfef2300b4a4e31de396ef3c356d576b78ae8d086606_ppc64le"
},
"product_reference": "openshift4/ose-local-storage-operator@sha256:c0c355248008651fc862cfef2300b4a4e31de396ef3c356d576b78ae8d086606_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-local-storage-static-provisioner@sha256:1b9840fca41b1a98bccf81f13d1cf97599098417d44464e516cea6b26c8d96ad_s390x as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-local-storage-static-provisioner@sha256:1b9840fca41b1a98bccf81f13d1cf97599098417d44464e516cea6b26c8d96ad_s390x"
},
"product_reference": "openshift4/ose-local-storage-static-provisioner@sha256:1b9840fca41b1a98bccf81f13d1cf97599098417d44464e516cea6b26c8d96ad_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-local-storage-static-provisioner@sha256:a51abc91479ae86fb2767c3bf333cd0a4a4a0b04c77cc0e134d60583d81b251f_amd64 as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-local-storage-static-provisioner@sha256:a51abc91479ae86fb2767c3bf333cd0a4a4a0b04c77cc0e134d60583d81b251f_amd64"
},
"product_reference": "openshift4/ose-local-storage-static-provisioner@sha256:a51abc91479ae86fb2767c3bf333cd0a4a4a0b04c77cc0e134d60583d81b251f_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-local-storage-static-provisioner@sha256:a69a74c4d1851ce45b09dbed28ebf0ea623aa882fb2f90de8fb3e167c2e6ec95_ppc64le as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-local-storage-static-provisioner@sha256:a69a74c4d1851ce45b09dbed28ebf0ea623aa882fb2f90de8fb3e167c2e6ec95_ppc64le"
},
"product_reference": "openshift4/ose-local-storage-static-provisioner@sha256:a69a74c4d1851ce45b09dbed28ebf0ea623aa882fb2f90de8fb3e167c2e6ec95_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-metering-ansible-operator@sha256:6adbba804c49204290251bf308f23377ba59ca878cc347450c8251cd8f9c6fec_amd64 as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-metering-ansible-operator@sha256:6adbba804c49204290251bf308f23377ba59ca878cc347450c8251cd8f9c6fec_amd64"
},
"product_reference": "openshift4/ose-metering-ansible-operator@sha256:6adbba804c49204290251bf308f23377ba59ca878cc347450c8251cd8f9c6fec_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-metering-hadoop@sha256:16df368c03c18909eeba85f81ef3427a0df32364a91faf88669cc69c5cee54db_amd64 as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-metering-hadoop@sha256:16df368c03c18909eeba85f81ef3427a0df32364a91faf88669cc69c5cee54db_amd64"
},
"product_reference": "openshift4/ose-metering-hadoop@sha256:16df368c03c18909eeba85f81ef3427a0df32364a91faf88669cc69c5cee54db_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-metering-helm-container-rhel8@sha256:8ef0d8b296fd6cf92b335759b0ae69e2d27b0febcfd7b8039a2a285d6872af24_ppc64le as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-metering-helm-container-rhel8@sha256:8ef0d8b296fd6cf92b335759b0ae69e2d27b0febcfd7b8039a2a285d6872af24_ppc64le"
},
"product_reference": "openshift4/ose-metering-helm-container-rhel8@sha256:8ef0d8b296fd6cf92b335759b0ae69e2d27b0febcfd7b8039a2a285d6872af24_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-metering-helm-container-rhel8@sha256:bc0841525bba0fea0a26b23b22cb41401284b9a458aa6fe9e112eab641b092b0_amd64 as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-metering-helm-container-rhel8@sha256:bc0841525bba0fea0a26b23b22cb41401284b9a458aa6fe9e112eab641b092b0_amd64"
},
"product_reference": "openshift4/ose-metering-helm-container-rhel8@sha256:bc0841525bba0fea0a26b23b22cb41401284b9a458aa6fe9e112eab641b092b0_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-metering-helm-container-rhel8@sha256:d412d15d2538f1c8cda65219aa518627c14c7d1124246b96c71ee9b806fc6509_s390x as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-metering-helm-container-rhel8@sha256:d412d15d2538f1c8cda65219aa518627c14c7d1124246b96c71ee9b806fc6509_s390x"
},
"product_reference": "openshift4/ose-metering-helm-container-rhel8@sha256:d412d15d2538f1c8cda65219aa518627c14c7d1124246b96c71ee9b806fc6509_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-metering-hive@sha256:c41e848a2663da5fc9820eadb880cb2ab456c104977b35fe67b8c34993d79edc_amd64 as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-metering-hive@sha256:c41e848a2663da5fc9820eadb880cb2ab456c104977b35fe67b8c34993d79edc_amd64"
},
"product_reference": "openshift4/ose-metering-hive@sha256:c41e848a2663da5fc9820eadb880cb2ab456c104977b35fe67b8c34993d79edc_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-metering-presto@sha256:894b27ab5d6b96679083bcc1fa1af97cce3211dab3c4c2801b97155a90f8e022_amd64 as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-metering-presto@sha256:894b27ab5d6b96679083bcc1fa1af97cce3211dab3c4c2801b97155a90f8e022_amd64"
},
"product_reference": "openshift4/ose-metering-presto@sha256:894b27ab5d6b96679083bcc1fa1af97cce3211dab3c4c2801b97155a90f8e022_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-metering-reporting-operator@sha256:a8f402ad94c4b46a3cd073d82f98c10e449a7d167ad4ed279ba8339e4c7fa411_amd64 as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-metering-reporting-operator@sha256:a8f402ad94c4b46a3cd073d82f98c10e449a7d167ad4ed279ba8339e4c7fa411_amd64"
},
"product_reference": "openshift4/ose-metering-reporting-operator@sha256:a8f402ad94c4b46a3cd073d82f98c10e449a7d167ad4ed279ba8339e4c7fa411_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-node-feature-discovery@sha256:8131f6aa3f829be60efa523e46a207f0d0d54801655d27ddea615e2a0d965e67_ppc64le as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-node-feature-discovery@sha256:8131f6aa3f829be60efa523e46a207f0d0d54801655d27ddea615e2a0d965e67_ppc64le"
},
"product_reference": "openshift4/ose-node-feature-discovery@sha256:8131f6aa3f829be60efa523e46a207f0d0d54801655d27ddea615e2a0d965e67_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-node-feature-discovery@sha256:a1ea240b21b03823fcce770b5f1268e5ba864a95449ab58fb1b1cce320ef31af_amd64 as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-node-feature-discovery@sha256:a1ea240b21b03823fcce770b5f1268e5ba864a95449ab58fb1b1cce320ef31af_amd64"
},
"product_reference": "openshift4/ose-node-feature-discovery@sha256:a1ea240b21b03823fcce770b5f1268e5ba864a95449ab58fb1b1cce320ef31af_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-node-feature-discovery@sha256:b60199d0dbf4727ac8ae61fec173120db88b061ea102f9f814b77da3fdf0cb8d_s390x as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-node-feature-discovery@sha256:b60199d0dbf4727ac8ae61fec173120db88b061ea102f9f814b77da3fdf0cb8d_s390x"
},
"product_reference": "openshift4/ose-node-feature-discovery@sha256:b60199d0dbf4727ac8ae61fec173120db88b061ea102f9f814b77da3fdf0cb8d_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-node-problem-detector-rhel8@sha256:177cd65fe97f3a2c2c3951471e53f26e00d662e7f948b36b50bf90dee48fa5f2_ppc64le as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-node-problem-detector-rhel8@sha256:177cd65fe97f3a2c2c3951471e53f26e00d662e7f948b36b50bf90dee48fa5f2_ppc64le"
},
"product_reference": "openshift4/ose-node-problem-detector-rhel8@sha256:177cd65fe97f3a2c2c3951471e53f26e00d662e7f948b36b50bf90dee48fa5f2_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-node-problem-detector-rhel8@sha256:7a6eb4ee386df0f8f8a1d34c84efe6c895c9f24e3f0e0845016bb845b11f03d3_amd64 as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-node-problem-detector-rhel8@sha256:7a6eb4ee386df0f8f8a1d34c84efe6c895c9f24e3f0e0845016bb845b11f03d3_amd64"
},
"product_reference": "openshift4/ose-node-problem-detector-rhel8@sha256:7a6eb4ee386df0f8f8a1d34c84efe6c895c9f24e3f0e0845016bb845b11f03d3_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-node-problem-detector-rhel8@sha256:9819ce4cec57a67c73ef7c806328079eeb697657d22b0205de48f887883d4263_s390x as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-node-problem-detector-rhel8@sha256:9819ce4cec57a67c73ef7c806328079eeb697657d22b0205de48f887883d4263_s390x"
},
"product_reference": "openshift4/ose-node-problem-detector-rhel8@sha256:9819ce4cec57a67c73ef7c806328079eeb697657d22b0205de48f887883d4263_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-operator-sdk-rhel8@sha256:048df6fb0114e1337a8187779b9cb02de9f0afefe150a9606f33e50dcdf450f0_ppc64le as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-operator-sdk-rhel8@sha256:048df6fb0114e1337a8187779b9cb02de9f0afefe150a9606f33e50dcdf450f0_ppc64le"
},
"product_reference": "openshift4/ose-operator-sdk-rhel8@sha256:048df6fb0114e1337a8187779b9cb02de9f0afefe150a9606f33e50dcdf450f0_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-operator-sdk-rhel8@sha256:a4222e6b92e1ede8ea7504723860c0555ba7702db0813024a36936916ac84658_amd64 as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-operator-sdk-rhel8@sha256:a4222e6b92e1ede8ea7504723860c0555ba7702db0813024a36936916ac84658_amd64"
},
"product_reference": "openshift4/ose-operator-sdk-rhel8@sha256:a4222e6b92e1ede8ea7504723860c0555ba7702db0813024a36936916ac84658_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-operator-sdk-rhel8@sha256:b82b5e624823731165f46003fd321a21be8978b048dbcb7c894a8b0f4a4689db_s390x as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-operator-sdk-rhel8@sha256:b82b5e624823731165f46003fd321a21be8978b048dbcb7c894a8b0f4a4689db_s390x"
},
"product_reference": "openshift4/ose-operator-sdk-rhel8@sha256:b82b5e624823731165f46003fd321a21be8978b048dbcb7c894a8b0f4a4689db_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-ptp-operator@sha256:26e7b07274177e86ef6ec8a96188e7957e4f68f73a1420e196702922094417ae_ppc64le as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-ptp-operator@sha256:26e7b07274177e86ef6ec8a96188e7957e4f68f73a1420e196702922094417ae_ppc64le"
},
"product_reference": "openshift4/ose-ptp-operator@sha256:26e7b07274177e86ef6ec8a96188e7957e4f68f73a1420e196702922094417ae_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-ptp-operator@sha256:3c4cca09987bb6030b6519394465469b7180c2a042854d38044f5cc3f7d2b30b_s390x as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-ptp-operator@sha256:3c4cca09987bb6030b6519394465469b7180c2a042854d38044f5cc3f7d2b30b_s390x"
},
"product_reference": "openshift4/ose-ptp-operator@sha256:3c4cca09987bb6030b6519394465469b7180c2a042854d38044f5cc3f7d2b30b_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-ptp-operator@sha256:fecc5f0d5387857fe8bbc0be5de85038fa81fff05d68b8c9a7f17d69b9744a90_amd64 as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-ptp-operator@sha256:fecc5f0d5387857fe8bbc0be5de85038fa81fff05d68b8c9a7f17d69b9744a90_amd64"
},
"product_reference": "openshift4/ose-ptp-operator@sha256:fecc5f0d5387857fe8bbc0be5de85038fa81fff05d68b8c9a7f17d69b9744a90_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-ptp@sha256:7b80bfd84618e2ca174c68cac564a89a29d85b2882ed0232e83fb2b94e01045b_ppc64le as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-ptp@sha256:7b80bfd84618e2ca174c68cac564a89a29d85b2882ed0232e83fb2b94e01045b_ppc64le"
},
"product_reference": "openshift4/ose-ptp@sha256:7b80bfd84618e2ca174c68cac564a89a29d85b2882ed0232e83fb2b94e01045b_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-ptp@sha256:84bc727ebee42779a3ae701eb5b1a8c39d9643efea3b072088f2ecc28574c9e6_amd64 as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-ptp@sha256:84bc727ebee42779a3ae701eb5b1a8c39d9643efea3b072088f2ecc28574c9e6_amd64"
},
"product_reference": "openshift4/ose-ptp@sha256:84bc727ebee42779a3ae701eb5b1a8c39d9643efea3b072088f2ecc28574c9e6_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-ptp@sha256:8a59f23dd45f1b7f8149711cd2f4420795c3e29a800c9bcfe53413cd519e3d84_s390x as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-ptp@sha256:8a59f23dd45f1b7f8149711cd2f4420795c3e29a800c9bcfe53413cd519e3d84_s390x"
},
"product_reference": "openshift4/ose-ptp@sha256:8a59f23dd45f1b7f8149711cd2f4420795c3e29a800c9bcfe53413cd519e3d84_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-service-idler-rhel8@sha256:41bba8ae933de9d4b23cddc011d71365e4cdabdc9ffcb0de585990e5fbb62cd8_ppc64le as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-service-idler-rhel8@sha256:41bba8ae933de9d4b23cddc011d71365e4cdabdc9ffcb0de585990e5fbb62cd8_ppc64le"
},
"product_reference": "openshift4/ose-service-idler-rhel8@sha256:41bba8ae933de9d4b23cddc011d71365e4cdabdc9ffcb0de585990e5fbb62cd8_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-service-idler-rhel8@sha256:452674002f3d1b77096b76c8d682a09112ff7a5201ce3b4ab8c7893c66325c06_amd64 as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-service-idler-rhel8@sha256:452674002f3d1b77096b76c8d682a09112ff7a5201ce3b4ab8c7893c66325c06_amd64"
},
"product_reference": "openshift4/ose-service-idler-rhel8@sha256:452674002f3d1b77096b76c8d682a09112ff7a5201ce3b4ab8c7893c66325c06_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-service-idler-rhel8@sha256:867ac586b25cc3587dde454f2419127dbcf610e85b07daa6bcb0f9a18e77c828_s390x as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-service-idler-rhel8@sha256:867ac586b25cc3587dde454f2419127dbcf610e85b07daa6bcb0f9a18e77c828_s390x"
},
"product_reference": "openshift4/ose-service-idler-rhel8@sha256:867ac586b25cc3587dde454f2419127dbcf610e85b07daa6bcb0f9a18e77c828_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-sriov-cni@sha256:51b4b6163d3a296d598330e2119c7f12c41c15a3ea81b15c59774ab71a4052ea_ppc64le as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-sriov-cni@sha256:51b4b6163d3a296d598330e2119c7f12c41c15a3ea81b15c59774ab71a4052ea_ppc64le"
},
"product_reference": "openshift4/ose-sriov-cni@sha256:51b4b6163d3a296d598330e2119c7f12c41c15a3ea81b15c59774ab71a4052ea_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-sriov-cni@sha256:81a5d568bcc8c8f6eb387df1d437b6d0500b891c3caeb84b27858034f3de603c_s390x as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-sriov-cni@sha256:81a5d568bcc8c8f6eb387df1d437b6d0500b891c3caeb84b27858034f3de603c_s390x"
},
"product_reference": "openshift4/ose-sriov-cni@sha256:81a5d568bcc8c8f6eb387df1d437b6d0500b891c3caeb84b27858034f3de603c_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-sriov-cni@sha256:82e46f02c6f0c88139dc1e20a1b61510d3ee2d42ed65118669def44a83735595_amd64 as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-sriov-cni@sha256:82e46f02c6f0c88139dc1e20a1b61510d3ee2d42ed65118669def44a83735595_amd64"
},
"product_reference": "openshift4/ose-sriov-cni@sha256:82e46f02c6f0c88139dc1e20a1b61510d3ee2d42ed65118669def44a83735595_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-sriov-dp-admission-controller@sha256:1645377753534108e3efeb01f6140a26ec53137041ff02a1284352c3e273fd0c_s390x as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-sriov-dp-admission-controller@sha256:1645377753534108e3efeb01f6140a26ec53137041ff02a1284352c3e273fd0c_s390x"
},
"product_reference": "openshift4/ose-sriov-dp-admission-controller@sha256:1645377753534108e3efeb01f6140a26ec53137041ff02a1284352c3e273fd0c_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-sriov-dp-admission-controller@sha256:85d3feec1f6c23752bcf1e20de47cd83dc4171295c922b2962cca31f52fdcc99_ppc64le as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-sriov-dp-admission-controller@sha256:85d3feec1f6c23752bcf1e20de47cd83dc4171295c922b2962cca31f52fdcc99_ppc64le"
},
"product_reference": "openshift4/ose-sriov-dp-admission-controller@sha256:85d3feec1f6c23752bcf1e20de47cd83dc4171295c922b2962cca31f52fdcc99_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-sriov-dp-admission-controller@sha256:e9d74ba6c5c8e863288bc2543e57ac1119c4e47ee9a4f355dfc99b24fc831f82_amd64 as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-sriov-dp-admission-controller@sha256:e9d74ba6c5c8e863288bc2543e57ac1119c4e47ee9a4f355dfc99b24fc831f82_amd64"
},
"product_reference": "openshift4/ose-sriov-dp-admission-controller@sha256:e9d74ba6c5c8e863288bc2543e57ac1119c4e47ee9a4f355dfc99b24fc831f82_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-sriov-infiniband-cni@sha256:25b8e51cedf57a5cd5d84685711e4f46c06b9d3f521bac76b00fbe2fc35310b9_ppc64le as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-sriov-infiniband-cni@sha256:25b8e51cedf57a5cd5d84685711e4f46c06b9d3f521bac76b00fbe2fc35310b9_ppc64le"
},
"product_reference": "openshift4/ose-sriov-infiniband-cni@sha256:25b8e51cedf57a5cd5d84685711e4f46c06b9d3f521bac76b00fbe2fc35310b9_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-sriov-infiniband-cni@sha256:44186335cae56b10b649766841da6ec9cf87105289e64fab69a274e3bee2e822_amd64 as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-sriov-infiniband-cni@sha256:44186335cae56b10b649766841da6ec9cf87105289e64fab69a274e3bee2e822_amd64"
},
"product_reference": "openshift4/ose-sriov-infiniband-cni@sha256:44186335cae56b10b649766841da6ec9cf87105289e64fab69a274e3bee2e822_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-sriov-infiniband-cni@sha256:dc869987220178fda24dd3f7fbe66a910e353519bcda4484ecf91f34e018cadc_s390x as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-sriov-infiniband-cni@sha256:dc869987220178fda24dd3f7fbe66a910e353519bcda4484ecf91f34e018cadc_s390x"
},
"product_reference": "openshift4/ose-sriov-infiniband-cni@sha256:dc869987220178fda24dd3f7fbe66a910e353519bcda4484ecf91f34e018cadc_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-sriov-network-config-daemon@sha256:1f79da5009c02e53f313b417025d3ffc7e5c54e6428013c5d8c240d95295018b_s390x as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-sriov-network-config-daemon@sha256:1f79da5009c02e53f313b417025d3ffc7e5c54e6428013c5d8c240d95295018b_s390x"
},
"product_reference": "openshift4/ose-sriov-network-config-daemon@sha256:1f79da5009c02e53f313b417025d3ffc7e5c54e6428013c5d8c240d95295018b_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-sriov-network-config-daemon@sha256:282eb59274ebf8c9b1d4df18957fe016a1276851504febfa7d0a82b3ff123b46_ppc64le as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-sriov-network-config-daemon@sha256:282eb59274ebf8c9b1d4df18957fe016a1276851504febfa7d0a82b3ff123b46_ppc64le"
},
"product_reference": "openshift4/ose-sriov-network-config-daemon@sha256:282eb59274ebf8c9b1d4df18957fe016a1276851504febfa7d0a82b3ff123b46_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-sriov-network-config-daemon@sha256:726e97cc553dec762030d19e37ceace8398bb6ea2bea5d2853fab9d21a830b87_amd64 as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-sriov-network-config-daemon@sha256:726e97cc553dec762030d19e37ceace8398bb6ea2bea5d2853fab9d21a830b87_amd64"
},
"product_reference": "openshift4/ose-sriov-network-config-daemon@sha256:726e97cc553dec762030d19e37ceace8398bb6ea2bea5d2853fab9d21a830b87_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-sriov-network-device-plugin@sha256:27bc5f7d3785dc55ae6b56a1abdd724f1b071f18070d8fd1be93710425f63fee_ppc64le as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-sriov-network-device-plugin@sha256:27bc5f7d3785dc55ae6b56a1abdd724f1b071f18070d8fd1be93710425f63fee_ppc64le"
},
"product_reference": "openshift4/ose-sriov-network-device-plugin@sha256:27bc5f7d3785dc55ae6b56a1abdd724f1b071f18070d8fd1be93710425f63fee_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-sriov-network-device-plugin@sha256:31a390e00f9a2f992508f586e6fce8c0ce046760b553ea007feee1d80c221dee_amd64 as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-sriov-network-device-plugin@sha256:31a390e00f9a2f992508f586e6fce8c0ce046760b553ea007feee1d80c221dee_amd64"
},
"product_reference": "openshift4/ose-sriov-network-device-plugin@sha256:31a390e00f9a2f992508f586e6fce8c0ce046760b553ea007feee1d80c221dee_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-sriov-network-device-plugin@sha256:697a084e5a30a0c6ca7e77ce5c77ada9deb5f109decc0f164a9378b40134ed82_s390x as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-sriov-network-device-plugin@sha256:697a084e5a30a0c6ca7e77ce5c77ada9deb5f109decc0f164a9378b40134ed82_s390x"
},
"product_reference": "openshift4/ose-sriov-network-device-plugin@sha256:697a084e5a30a0c6ca7e77ce5c77ada9deb5f109decc0f164a9378b40134ed82_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-sriov-network-operator@sha256:74535f528ddf08eace2d38a42cdbdc2cc34f2e918b1ea1137aba44150404f034_ppc64le as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-sriov-network-operator@sha256:74535f528ddf08eace2d38a42cdbdc2cc34f2e918b1ea1137aba44150404f034_ppc64le"
},
"product_reference": "openshift4/ose-sriov-network-operator@sha256:74535f528ddf08eace2d38a42cdbdc2cc34f2e918b1ea1137aba44150404f034_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-sriov-network-operator@sha256:74f269f0228b727f77e87c39fd5eeb02345fb44eeef235e3b30decb8142a6cf5_s390x as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-sriov-network-operator@sha256:74f269f0228b727f77e87c39fd5eeb02345fb44eeef235e3b30decb8142a6cf5_s390x"
},
"product_reference": "openshift4/ose-sriov-network-operator@sha256:74f269f0228b727f77e87c39fd5eeb02345fb44eeef235e3b30decb8142a6cf5_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-sriov-network-operator@sha256:a601452298527b60417ce4bc1cd70578fe3e6c08e5b7206a44135e87dae22fee_amd64 as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-sriov-network-operator@sha256:a601452298527b60417ce4bc1cd70578fe3e6c08e5b7206a44135e87dae22fee_amd64"
},
"product_reference": "openshift4/ose-sriov-network-operator@sha256:a601452298527b60417ce4bc1cd70578fe3e6c08e5b7206a44135e87dae22fee_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-sriov-network-webhook@sha256:6eb41f6dcfbdfbefcd12827661e676155758ea3c29f5df868c4bd27b2f323cb3_s390x as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-sriov-network-webhook@sha256:6eb41f6dcfbdfbefcd12827661e676155758ea3c29f5df868c4bd27b2f323cb3_s390x"
},
"product_reference": "openshift4/ose-sriov-network-webhook@sha256:6eb41f6dcfbdfbefcd12827661e676155758ea3c29f5df868c4bd27b2f323cb3_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-sriov-network-webhook@sha256:c600df4806eabd40e14611aba4ca4d71f5b72aff2de914736999a67115b14f51_amd64 as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-sriov-network-webhook@sha256:c600df4806eabd40e14611aba4ca4d71f5b72aff2de914736999a67115b14f51_amd64"
},
"product_reference": "openshift4/ose-sriov-network-webhook@sha256:c600df4806eabd40e14611aba4ca4d71f5b72aff2de914736999a67115b14f51_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-sriov-network-webhook@sha256:e8766c5b017e1d13b5da871db07511834fefa46e5fafe3d98ad128d5d9adbdaa_ppc64le as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-sriov-network-webhook@sha256:e8766c5b017e1d13b5da871db07511834fefa46e5fafe3d98ad128d5d9adbdaa_ppc64le"
},
"product_reference": "openshift4/ose-sriov-network-webhook@sha256:e8766c5b017e1d13b5da871db07511834fefa46e5fafe3d98ad128d5d9adbdaa_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-sriov-operator-must-gather@sha256:7cc7dc4a8aa0785fcb60e17b2aa51629f4bbdf3584b6f87250417ad57d2424ea_amd64 as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-sriov-operator-must-gather@sha256:7cc7dc4a8aa0785fcb60e17b2aa51629f4bbdf3584b6f87250417ad57d2424ea_amd64"
},
"product_reference": "openshift4/ose-sriov-operator-must-gather@sha256:7cc7dc4a8aa0785fcb60e17b2aa51629f4bbdf3584b6f87250417ad57d2424ea_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-sriov-operator-must-gather@sha256:852ec914338080ae0b0a0d80cc1f8776c69904f7aa481073124f7e30f66ea701_ppc64le as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-sriov-operator-must-gather@sha256:852ec914338080ae0b0a0d80cc1f8776c69904f7aa481073124f7e30f66ea701_ppc64le"
},
"product_reference": "openshift4/ose-sriov-operator-must-gather@sha256:852ec914338080ae0b0a0d80cc1f8776c69904f7aa481073124f7e30f66ea701_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-sriov-operator-must-gather@sha256:a270a26fe3257c4ab4020975e8ceb88ed223457497fd7bc11849ce96a0075c1c_s390x as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-sriov-operator-must-gather@sha256:a270a26fe3257c4ab4020975e8ceb88ed223457497fd7bc11849ce96a0075c1c_s390x"
},
"product_reference": "openshift4/ose-sriov-operator-must-gather@sha256:a270a26fe3257c4ab4020975e8ceb88ed223457497fd7bc11849ce96a0075c1c_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:29b1accb1927eed49cc610fde0d6510c4e4c50e691a09e6d756ae01fa09e0931_s390x as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:29b1accb1927eed49cc610fde0d6510c4e4c50e691a09e6d756ae01fa09e0931_s390x"
},
"product_reference": "openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:29b1accb1927eed49cc610fde0d6510c4e4c50e691a09e6d756ae01fa09e0931_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:60bfdb1ee8a9c42dd8b63a60411136ac85ab728b99e92e79c9035dc95eab88cb_amd64 as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:60bfdb1ee8a9c42dd8b63a60411136ac85ab728b99e92e79c9035dc95eab88cb_amd64"
},
"product_reference": "openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:60bfdb1ee8a9c42dd8b63a60411136ac85ab728b99e92e79c9035dc95eab88cb_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:7cda510767be34b8ac3b808aace4ab2d61107042daa98f620993a667852b9a1c_ppc64le as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:7cda510767be34b8ac3b808aace4ab2d61107042daa98f620993a667852b9a1c_ppc64le"
},
"product_reference": "openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:7cda510767be34b8ac3b808aace4ab2d61107042daa98f620993a667852b9a1c_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:0694a70fe7b9d8dda2efc2776c045b5bfcf5a7592515d93d2c8c8eb4ac3e4be8_ppc64le as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:0694a70fe7b9d8dda2efc2776c045b5bfcf5a7592515d93d2c8c8eb4ac3e4be8_ppc64le"
},
"product_reference": "openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:0694a70fe7b9d8dda2efc2776c045b5bfcf5a7592515d93d2c8c8eb4ac3e4be8_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:4e8d3b120530fe8d18d06aaca7792ef537fc92c2db6afaf7c3069dd55f844da9_amd64 as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:4e8d3b120530fe8d18d06aaca7792ef537fc92c2db6afaf7c3069dd55f844da9_amd64"
},
"product_reference": "openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:4e8d3b120530fe8d18d06aaca7792ef537fc92c2db6afaf7c3069dd55f844da9_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:5d67547980eca90abba55217671e141a5211b188fde220a7738d00c492719a90_s390x as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:5d67547980eca90abba55217671e141a5211b188fde220a7738d00c492719a90_s390x"
},
"product_reference": "openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:5d67547980eca90abba55217671e141a5211b188fde220a7738d00c492719a90_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ptp-must-gather-rhel8@sha256:6a109b85e3bf018b10fa79b0fdbfc60342ceef50f3b481b52f775fc64e9ca749_s390x as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ptp-must-gather-rhel8@sha256:6a109b85e3bf018b10fa79b0fdbfc60342ceef50f3b481b52f775fc64e9ca749_s390x"
},
"product_reference": "openshift4/ptp-must-gather-rhel8@sha256:6a109b85e3bf018b10fa79b0fdbfc60342ceef50f3b481b52f775fc64e9ca749_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ptp-must-gather-rhel8@sha256:a513ce618ce42f1cd4b3b3eb4d075cc229f6b2f829c355be8de29c1910d6138d_amd64 as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ptp-must-gather-rhel8@sha256:a513ce618ce42f1cd4b3b3eb4d075cc229f6b2f829c355be8de29c1910d6138d_amd64"
},
"product_reference": "openshift4/ptp-must-gather-rhel8@sha256:a513ce618ce42f1cd4b3b3eb4d075cc229f6b2f829c355be8de29c1910d6138d_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ptp-must-gather-rhel8@sha256:b59208db40a37fd3111a6d41e9588a157b4188d3e303fec225d6e7ae2b94b724_ppc64le as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ptp-must-gather-rhel8@sha256:b59208db40a37fd3111a6d41e9588a157b4188d3e303fec225d6e7ae2b94b724_ppc64le"
},
"product_reference": "openshift4/ptp-must-gather-rhel8@sha256:b59208db40a37fd3111a6d41e9588a157b4188d3e303fec225d6e7ae2b94b724_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.7"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-44832",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2021-12-28T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHOSE-4.7:openshift4/kubernetes-nmstate-rhel8-operator@sha256:22aa9ccb0b12f4bdc935a7b3cc228a8d1a1f6d890da2e52d5df1889bc405f438_amd64",
"8Base-RHOSE-4.7:openshift4/kubernetes-nmstate-rhel8-operator@sha256:a03a81188cbb41a6b947e213054834503ff0b138790657e7bcfb89ac76db7e2f_s390x",
"8Base-RHOSE-4.7:openshift4/kubernetes-nmstate-rhel8-operator@sha256:d9d6d79fb09b6bcf8b9cd9aa4db5660f00861c1be51a0739d1814a6d6b555269_ppc64le",
"8Base-RHOSE-4.7:openshift4/network-tools-rhel8@sha256:c2dff29f5402be6ab1ed05f970df2095885bb0c6ce301999d1978ab2f6bd10dc_amd64",
"8Base-RHOSE-4.7:openshift4/network-tools-rhel8@sha256:d5c128fb34258594b23210743a46f22ec0efd9178011d749c6e93365fa482470_s390x",
"8Base-RHOSE-4.7:openshift4/network-tools-rhel8@sha256:fcf96da33bcea8e56d9d3edf5da10b2acbf77445c60d4f4d9a220b5c5ff564da_ppc64le",
"8Base-RHOSE-4.7:openshift4/ose-ansible-operator@sha256:1c211dc19b7c4d691af7b3b0462082a6a9adab75482e695b0d3bff57c56a27e8_amd64",
"8Base-RHOSE-4.7:openshift4/ose-ansible-operator@sha256:4624acfc582f366d2b871b528037535a6ef8800409fd2060e7e170912ea3e366_ppc64le",
"8Base-RHOSE-4.7:openshift4/ose-ansible-operator@sha256:61e72a2b6727e2a7b18e433254dade6c341a658c8e5db1c7db76e63201cba68d_s390x",
"8Base-RHOSE-4.7:openshift4/ose-cluster-capacity@sha256:6eb914575b695cda5e32e67bbc0d94d7a9528d0d84d6e830ab9a652c55d8324b_amd64",
"8Base-RHOSE-4.7:openshift4/ose-cluster-capacity@sha256:755b11a5f0283bd40aca158cba01dc52acc86a0f89c2286f35be1ce1526822c5_ppc64le",
"8Base-RHOSE-4.7:openshift4/ose-cluster-capacity@sha256:dc6a4807b1a79fae9510fbd85adbfa24ef6390414255688ab5e081a78209cfd1_s390x",
"8Base-RHOSE-4.7:openshift4/ose-cluster-kube-descheduler-operator@sha256:c1d2a7d34d240089b8122cbee1acabd687e1175f19f725c4dade1d73bd5b5c25_s390x",
"8Base-RHOSE-4.7:openshift4/ose-cluster-kube-descheduler-operator@sha256:d24fb0b4f5c74f0af84fc77322f44ada95d171ced1bebbcf815c046a56d7a7ba_amd64",
"8Base-RHOSE-4.7:openshift4/ose-cluster-kube-descheduler-operator@sha256:ee09043cbe40994c13a502aa1c0b1d8f5f845c5662e20660afef223f578b1172_ppc64le",
"8Base-RHOSE-4.7:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:c1d2a7d34d240089b8122cbee1acabd687e1175f19f725c4dade1d73bd5b5c25_s390x",
"8Base-RHOSE-4.7:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:d24fb0b4f5c74f0af84fc77322f44ada95d171ced1bebbcf815c046a56d7a7ba_amd64",
"8Base-RHOSE-4.7:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:ee09043cbe40994c13a502aa1c0b1d8f5f845c5662e20660afef223f578b1172_ppc64le",
"8Base-RHOSE-4.7:openshift4/ose-cluster-nfd-operator@sha256:1a482262a43445c6e56a8ed1c68f50a23241038e7bed6fb5b1ac860093ffd711_ppc64le",
"8Base-RHOSE-4.7:openshift4/ose-cluster-nfd-operator@sha256:97621545cd74e2810fbc88883c52635e957ab7bb985545660b4848790de078e4_amd64",
"8Base-RHOSE-4.7:openshift4/ose-cluster-nfd-operator@sha256:e9a8c656f1eed7c0e45cd42b7107bdd9c36d0877749ea707caea2834e2ff7853_s390x",
"8Base-RHOSE-4.7:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:02722e2b4b20f5ce75f49283b93577642ac94d21fb3c7bc3f2345dc1cae006c4_ppc64le",
"8Base-RHOSE-4.7:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:25e98ea642c5b444e0779f12c86d12ad1eb536e758f82411a836273aaec103a6_amd64",
"8Base-RHOSE-4.7:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:4af4402195c6da600602a0870a9ca8f2913637ab9b4adaca731ce1f514bfb71d_s390x",
"8Base-RHOSE-4.7:openshift4/ose-clusterresourceoverride-rhel8@sha256:911cdf7fda86a0eb3b675127d13002bcd67793599f265dfcf40747974aa2b428_amd64",
"8Base-RHOSE-4.7:openshift4/ose-clusterresourceoverride-rhel8@sha256:b297025d05f3b5898e97bcd4c79151338605848a32028e4bf2a8e20d46a9a0e6_s390x",
"8Base-RHOSE-4.7:openshift4/ose-clusterresourceoverride-rhel8@sha256:fa7304d3cb390015ff664a2b2301591fb83216a0db95ac325289134f6cb001ff_ppc64le",
"8Base-RHOSE-4.7:openshift4/ose-descheduler@sha256:2ba655f44e0e59c914c40274fb956f1d1f13aff731bafa8553342fae507069ee_s390x",
"8Base-RHOSE-4.7:openshift4/ose-descheduler@sha256:2fab7094181d5d9fd26137131018543e248d6db6b3564f29fa9dcf971384d600_ppc64le",
"8Base-RHOSE-4.7:openshift4/ose-descheduler@sha256:3a04d4a7f569a1f029ee9e4720f8eabd96bdf1ab848bf0a996b7f449181919d6_amd64",
"8Base-RHOSE-4.7:openshift4/ose-egress-dns-proxy@sha256:2b193ab81fa02031e79917fd5c938a0e4ad529c74bdb3ed067140ac66584de75_s390x",
"8Base-RHOSE-4.7:openshift4/ose-egress-dns-proxy@sha256:423ebfcd7b5ee5866d9a48748d6ff6cf86ad513debc426ca2f837dad077e6ba9_ppc64le",
"8Base-RHOSE-4.7:openshift4/ose-egress-dns-proxy@sha256:bcf54c517a897f4db420359d9358df078507a8af7270e3354fba68afc74097bf_amd64",
"8Base-RHOSE-4.7:openshift4/ose-egress-http-proxy@sha256:11fdd61a55cc06e6b4d1a8aefdf762bf2db21e351962285e26f2ab3d95a8460e_s390x",
"8Base-RHOSE-4.7:openshift4/ose-egress-http-proxy@sha256:76fba817c4e8556e58494c54fba0186ac7f607f871355816c3a8051cf0b98143_ppc64le",
"8Base-RHOSE-4.7:openshift4/ose-egress-http-proxy@sha256:f6ff58f2d35b430ef267ba99264dd27a985b97863f1fe2c77a97f30493a901ac_amd64",
"8Base-RHOSE-4.7:openshift4/ose-egress-router@sha256:342350d595c18a630c6f6bb100e8e2eaa397008d3467757431e81a54cab0fe87_s390x",
"8Base-RHOSE-4.7:openshift4/ose-egress-router@sha256:8a4af7c5b461ebe67f0773dcafbcd68fa1e80488d8588747530fc1e7cbe49052_amd64",
"8Base-RHOSE-4.7:openshift4/ose-egress-router@sha256:9741b74b0deb3ef44186a0d98a58db45995b2bd404db445621d27d74c02e971f_ppc64le",
"8Base-RHOSE-4.7:openshift4/ose-ghostunnel@sha256:571ced638d5cb907342143c6a515e482c428f3f3729f247ac7d86cf7acebe64d_amd64",
"8Base-RHOSE-4.7:openshift4/ose-helm-operator@sha256:1604de3c8644d2fda88838dd2490efac87f5c9b4447177c4f11327ccf08ddc87_amd64",
"8Base-RHOSE-4.7:openshift4/ose-helm-operator@sha256:31c0209cce395067e11a47c6ccad47d2b61fdc9cbfb9a678957cc89e51166d12_s390x",
"8Base-RHOSE-4.7:openshift4/ose-helm-operator@sha256:edf4456768f7777ac29ace329c391fdd6a6b214c8e747863ca009b13f4d0e4b9_ppc64le",
"8Base-RHOSE-4.7:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:2e9e8c76769c6008cf50790781c2b2501304ed8badf62fb1d7ff3d3b03ce5266_amd64",
"8Base-RHOSE-4.7:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:7b1da7f58a151e9a92ce088264eded20ddd5e99c6ed91811ab875c8584a32d42_ppc64le",
"8Base-RHOSE-4.7:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:ee09644f92a405a9d847d4f183b30208987c9afb61c15dea10175ac0b08bf5a6_s390x",
"8Base-RHOSE-4.7:openshift4/ose-kubernetes-nmstate-handler-rhel8@sha256:33118718e753a7e63c7427e3b2bfec0bb7bf440d9ee5a0b3bff3b13a08023731_s390x",
"8Base-RHOSE-4.7:openshift4/ose-kubernetes-nmstate-handler-rhel8@sha256:dca4deaed3dd64e477cb506978fedf04605565b721917b86574ecfe0fe192bf0_ppc64le",
"8Base-RHOSE-4.7:openshift4/ose-kubernetes-nmstate-handler-rhel8@sha256:f222c80234892103ad4bafc8b93f931cb84aff4589737041c390e9ff0c544834_amd64",
"8Base-RHOSE-4.7:openshift4/ose-local-storage-diskmaker@sha256:14f5cc593403a32b0d3aea18b4c916b92d73bd29a784de330f2055fc549144a8_amd64",
"8Base-RHOSE-4.7:openshift4/ose-local-storage-diskmaker@sha256:72a04abe499e3821465b46b97095c1fb9a085ea65893996ff88429540f9bca62_ppc64le",
"8Base-RHOSE-4.7:openshift4/ose-local-storage-diskmaker@sha256:eb94c3891e7b187019e21e01a0c0c51c356de2e52d328cb7cd201ccaf084649a_s390x",
"8Base-RHOSE-4.7:openshift4/ose-local-storage-mustgather-rhel8@sha256:44e10acf9603002364f4a6a85863946f8381297a50b0181514420511ebea80c8_amd64",
"8Base-RHOSE-4.7:openshift4/ose-local-storage-mustgather-rhel8@sha256:a172fc08b88d93cfacedd5c7a70a187dcbc4709413e200f26498558ec1d0b93a_s390x",
"8Base-RHOSE-4.7:openshift4/ose-local-storage-mustgather-rhel8@sha256:dd567cbaa78320859d956551673d37d21ebff9ef231908ccdd402ff85a82a106_ppc64le",
"8Base-RHOSE-4.7:openshift4/ose-local-storage-operator@sha256:1de35e9908b4037e251d5940d6d7832add15438babbd787a8799b97d077bdb51_s390x",
"8Base-RHOSE-4.7:openshift4/ose-local-storage-operator@sha256:7ad09f547291f527313ef62a42f32cd1e28d922abbf4d3faf1a62316fc138835_amd64",
"8Base-RHOSE-4.7:openshift4/ose-local-storage-operator@sha256:c0c355248008651fc862cfef2300b4a4e31de396ef3c356d576b78ae8d086606_ppc64le",
"8Base-RHOSE-4.7:openshift4/ose-local-storage-static-provisioner@sha256:1b9840fca41b1a98bccf81f13d1cf97599098417d44464e516cea6b26c8d96ad_s390x",
"8Base-RHOSE-4.7:openshift4/ose-local-storage-static-provisioner@sha256:a51abc91479ae86fb2767c3bf333cd0a4a4a0b04c77cc0e134d60583d81b251f_amd64",
"8Base-RHOSE-4.7:openshift4/ose-local-storage-static-provisioner@sha256:a69a74c4d1851ce45b09dbed28ebf0ea623aa882fb2f90de8fb3e167c2e6ec95_ppc64le",
"8Base-RHOSE-4.7:openshift4/ose-metering-ansible-operator@sha256:6adbba804c49204290251bf308f23377ba59ca878cc347450c8251cd8f9c6fec_amd64",
"8Base-RHOSE-4.7:openshift4/ose-metering-hadoop@sha256:16df368c03c18909eeba85f81ef3427a0df32364a91faf88669cc69c5cee54db_amd64",
"8Base-RHOSE-4.7:openshift4/ose-metering-helm-container-rhel8@sha256:8ef0d8b296fd6cf92b335759b0ae69e2d27b0febcfd7b8039a2a285d6872af24_ppc64le",
"8Base-RHOSE-4.7:openshift4/ose-metering-helm-container-rhel8@sha256:bc0841525bba0fea0a26b23b22cb41401284b9a458aa6fe9e112eab641b092b0_amd64",
"8Base-RHOSE-4.7:openshift4/ose-metering-helm-container-rhel8@sha256:d412d15d2538f1c8cda65219aa518627c14c7d1124246b96c71ee9b806fc6509_s390x",
"8Base-RHOSE-4.7:openshift4/ose-metering-reporting-operator@sha256:a8f402ad94c4b46a3cd073d82f98c10e449a7d167ad4ed279ba8339e4c7fa411_amd64",
"8Base-RHOSE-4.7:openshift4/ose-node-feature-discovery@sha256:8131f6aa3f829be60efa523e46a207f0d0d54801655d27ddea615e2a0d965e67_ppc64le",
"8Base-RHOSE-4.7:openshift4/ose-node-feature-discovery@sha256:a1ea240b21b03823fcce770b5f1268e5ba864a95449ab58fb1b1cce320ef31af_amd64",
"8Base-RHOSE-4.7:openshift4/ose-node-feature-discovery@sha256:b60199d0dbf4727ac8ae61fec173120db88b061ea102f9f814b77da3fdf0cb8d_s390x",
"8Base-RHOSE-4.7:openshift4/ose-node-problem-detector-rhel8@sha256:177cd65fe97f3a2c2c3951471e53f26e00d662e7f948b36b50bf90dee48fa5f2_ppc64le",
"8Base-RHOSE-4.7:openshift4/ose-node-problem-detector-rhel8@sha256:7a6eb4ee386df0f8f8a1d34c84efe6c895c9f24e3f0e0845016bb845b11f03d3_amd64",
"8Base-RHOSE-4.7:openshift4/ose-node-problem-detector-rhel8@sha256:9819ce4cec57a67c73ef7c806328079eeb697657d22b0205de48f887883d4263_s390x",
"8Base-RHOSE-4.7:openshift4/ose-operator-sdk-rhel8@sha256:048df6fb0114e1337a8187779b9cb02de9f0afefe150a9606f33e50dcdf450f0_ppc64le",
"8Base-RHOSE-4.7:openshift4/ose-operator-sdk-rhel8@sha256:a4222e6b92e1ede8ea7504723860c0555ba7702db0813024a36936916ac84658_amd64",
"8Base-RHOSE-4.7:openshift4/ose-operator-sdk-rhel8@sha256:b82b5e624823731165f46003fd321a21be8978b048dbcb7c894a8b0f4a4689db_s390x",
"8Base-RHOSE-4.7:openshift4/ose-ptp-operator@sha256:26e7b07274177e86ef6ec8a96188e7957e4f68f73a1420e196702922094417ae_ppc64le",
"8Base-RHOSE-4.7:openshift4/ose-ptp-operator@sha256:3c4cca09987bb6030b6519394465469b7180c2a042854d38044f5cc3f7d2b30b_s390x",
"8Base-RHOSE-4.7:openshift4/ose-ptp-operator@sha256:fecc5f0d5387857fe8bbc0be5de85038fa81fff05d68b8c9a7f17d69b9744a90_amd64",
"8Base-RHOSE-4.7:openshift4/ose-ptp@sha256:7b80bfd84618e2ca174c68cac564a89a29d85b2882ed0232e83fb2b94e01045b_ppc64le",
"8Base-RHOSE-4.7:openshift4/ose-ptp@sha256:84bc727ebee42779a3ae701eb5b1a8c39d9643efea3b072088f2ecc28574c9e6_amd64",
"8Base-RHOSE-4.7:openshift4/ose-ptp@sha256:8a59f23dd45f1b7f8149711cd2f4420795c3e29a800c9bcfe53413cd519e3d84_s390x",
"8Base-RHOSE-4.7:openshift4/ose-service-idler-rhel8@sha256:41bba8ae933de9d4b23cddc011d71365e4cdabdc9ffcb0de585990e5fbb62cd8_ppc64le",
"8Base-RHOSE-4.7:openshift4/ose-service-idler-rhel8@sha256:452674002f3d1b77096b76c8d682a09112ff7a5201ce3b4ab8c7893c66325c06_amd64",
"8Base-RHOSE-4.7:openshift4/ose-service-idler-rhel8@sha256:867ac586b25cc3587dde454f2419127dbcf610e85b07daa6bcb0f9a18e77c828_s390x",
"8Base-RHOSE-4.7:openshift4/ose-sriov-cni@sha256:51b4b6163d3a296d598330e2119c7f12c41c15a3ea81b15c59774ab71a4052ea_ppc64le",
"8Base-RHOSE-4.7:openshift4/ose-sriov-cni@sha256:81a5d568bcc8c8f6eb387df1d437b6d0500b891c3caeb84b27858034f3de603c_s390x",
"8Base-RHOSE-4.7:openshift4/ose-sriov-cni@sha256:82e46f02c6f0c88139dc1e20a1b61510d3ee2d42ed65118669def44a83735595_amd64",
"8Base-RHOSE-4.7:openshift4/ose-sriov-dp-admission-controller@sha256:1645377753534108e3efeb01f6140a26ec53137041ff02a1284352c3e273fd0c_s390x",
"8Base-RHOSE-4.7:openshift4/ose-sriov-dp-admission-controller@sha256:85d3feec1f6c23752bcf1e20de47cd83dc4171295c922b2962cca31f52fdcc99_ppc64le",
"8Base-RHOSE-4.7:openshift4/ose-sriov-dp-admission-controller@sha256:e9d74ba6c5c8e863288bc2543e57ac1119c4e47ee9a4f355dfc99b24fc831f82_amd64",
"8Base-RHOSE-4.7:openshift4/ose-sriov-infiniband-cni@sha256:25b8e51cedf57a5cd5d84685711e4f46c06b9d3f521bac76b00fbe2fc35310b9_ppc64le",
"8Base-RHOSE-4.7:openshift4/ose-sriov-infiniband-cni@sha256:44186335cae56b10b649766841da6ec9cf87105289e64fab69a274e3bee2e822_amd64",
"8Base-RHOSE-4.7:openshift4/ose-sriov-infiniband-cni@sha256:dc869987220178fda24dd3f7fbe66a910e353519bcda4484ecf91f34e018cadc_s390x",
"8Base-RHOSE-4.7:openshift4/ose-sriov-network-config-daemon@sha256:1f79da5009c02e53f313b417025d3ffc7e5c54e6428013c5d8c240d95295018b_s390x",
"8Base-RHOSE-4.7:openshift4/ose-sriov-network-config-daemon@sha256:282eb59274ebf8c9b1d4df18957fe016a1276851504febfa7d0a82b3ff123b46_ppc64le",
"8Base-RHOSE-4.7:openshift4/ose-sriov-network-config-daemon@sha256:726e97cc553dec762030d19e37ceace8398bb6ea2bea5d2853fab9d21a830b87_amd64",
"8Base-RHOSE-4.7:openshift4/ose-sriov-network-device-plugin@sha256:27bc5f7d3785dc55ae6b56a1abdd724f1b071f18070d8fd1be93710425f63fee_ppc64le",
"8Base-RHOSE-4.7:openshift4/ose-sriov-network-device-plugin@sha256:31a390e00f9a2f992508f586e6fce8c0ce046760b553ea007feee1d80c221dee_amd64",
"8Base-RHOSE-4.7:openshift4/ose-sriov-network-device-plugin@sha256:697a084e5a30a0c6ca7e77ce5c77ada9deb5f109decc0f164a9378b40134ed82_s390x",
"8Base-RHOSE-4.7:openshift4/ose-sriov-network-operator@sha256:74535f528ddf08eace2d38a42cdbdc2cc34f2e918b1ea1137aba44150404f034_ppc64le",
"8Base-RHOSE-4.7:openshift4/ose-sriov-network-operator@sha256:74f269f0228b727f77e87c39fd5eeb02345fb44eeef235e3b30decb8142a6cf5_s390x",
"8Base-RHOSE-4.7:openshift4/ose-sriov-network-operator@sha256:a601452298527b60417ce4bc1cd70578fe3e6c08e5b7206a44135e87dae22fee_amd64",
"8Base-RHOSE-4.7:openshift4/ose-sriov-network-webhook@sha256:6eb41f6dcfbdfbefcd12827661e676155758ea3c29f5df868c4bd27b2f323cb3_s390x",
"8Base-RHOSE-4.7:openshift4/ose-sriov-network-webhook@sha256:c600df4806eabd40e14611aba4ca4d71f5b72aff2de914736999a67115b14f51_amd64",
"8Base-RHOSE-4.7:openshift4/ose-sriov-network-webhook@sha256:e8766c5b017e1d13b5da871db07511834fefa46e5fafe3d98ad128d5d9adbdaa_ppc64le",
"8Base-RHOSE-4.7:openshift4/ose-sriov-operator-must-gather@sha256:7cc7dc4a8aa0785fcb60e17b2aa51629f4bbdf3584b6f87250417ad57d2424ea_amd64",
"8Base-RHOSE-4.7:openshift4/ose-sriov-operator-must-gather@sha256:852ec914338080ae0b0a0d80cc1f8776c69904f7aa481073124f7e30f66ea701_ppc64le",
"8Base-RHOSE-4.7:openshift4/ose-sriov-operator-must-gather@sha256:a270a26fe3257c4ab4020975e8ceb88ed223457497fd7bc11849ce96a0075c1c_s390x",
"8Base-RHOSE-4.7:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:29b1accb1927eed49cc610fde0d6510c4e4c50e691a09e6d756ae01fa09e0931_s390x",
"8Base-RHOSE-4.7:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:60bfdb1ee8a9c42dd8b63a60411136ac85ab728b99e92e79c9035dc95eab88cb_amd64",
"8Base-RHOSE-4.7:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:7cda510767be34b8ac3b808aace4ab2d61107042daa98f620993a667852b9a1c_ppc64le",
"8Base-RHOSE-4.7:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:0694a70fe7b9d8dda2efc2776c045b5bfcf5a7592515d93d2c8c8eb4ac3e4be8_ppc64le",
"8Base-RHOSE-4.7:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:4e8d3b120530fe8d18d06aaca7792ef537fc92c2db6afaf7c3069dd55f844da9_amd64",
"8Base-RHOSE-4.7:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:5d67547980eca90abba55217671e141a5211b188fde220a7738d00c492719a90_s390x",
"8Base-RHOSE-4.7:openshift4/ptp-must-gather-rhel8@sha256:6a109b85e3bf018b10fa79b0fdbfc60342ceef50f3b481b52f775fc64e9ca749_s390x",
"8Base-RHOSE-4.7:openshift4/ptp-must-gather-rhel8@sha256:a513ce618ce42f1cd4b3b3eb4d075cc229f6b2f829c355be8de29c1910d6138d_amd64",
"8Base-RHOSE-4.7:openshift4/ptp-must-gather-rhel8@sha256:b59208db40a37fd3111a6d41e9588a157b4188d3e303fec225d6e7ae2b94b724_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2035951"
}
],
"notes": [
{
"category": "description",
"text": "Apache Log4j2 versions 2.0-beta7 through 2.17.0 (excluding security fix releases 2.3.2 and 2.12.4) are vulnerable to a remote code execution (RCE) attack where an attacker with permission to modify the logging configuration file can construct a malicious configuration using a JDBC Appender with a data source referencing a JNDI URI which can execute remote code. This issue is fixed by limiting JNDI data source names to the java protocol in Log4j2 versions 2.17.1, 2.12.4, and 2.3.2.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "log4j-core: remote code execution via JDBC Appender",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Log4j 1.x is not impacted by this vulnerability. Therefore versions of log4j shipped with Red Hat Enterprise Linux are NOT affected by this flaw.\n\nFor Elasticsearch, as shipped in OpenShift Container Platform and OpenShift Logging, access to the log4j2.properties configuration is limited only to the cluster administrators and exploitation requires cluster logging changes, what reduced the impact of this vulnerability significantly [0].\n\n[0] https://discuss.elastic.co/t/apache-log4j2-remote-code-execution-rce-vulnerability-cve-2021-44228-esa-2021-31/291476#update-jan-6-5",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-4.7:openshift4/ose-metering-hive@sha256:c41e848a2663da5fc9820eadb880cb2ab456c104977b35fe67b8c34993d79edc_amd64",
"8Base-RHOSE-4.7:openshift4/ose-metering-presto@sha256:894b27ab5d6b96679083bcc1fa1af97cce3211dab3c4c2801b97155a90f8e022_amd64"
],
"known_not_affected": [
"8Base-RHOSE-4.7:openshift4/kubernetes-nmstate-rhel8-operator@sha256:22aa9ccb0b12f4bdc935a7b3cc228a8d1a1f6d890da2e52d5df1889bc405f438_amd64",
"8Base-RHOSE-4.7:openshift4/kubernetes-nmstate-rhel8-operator@sha256:a03a81188cbb41a6b947e213054834503ff0b138790657e7bcfb89ac76db7e2f_s390x",
"8Base-RHOSE-4.7:openshift4/kubernetes-nmstate-rhel8-operator@sha256:d9d6d79fb09b6bcf8b9cd9aa4db5660f00861c1be51a0739d1814a6d6b555269_ppc64le",
"8Base-RHOSE-4.7:openshift4/network-tools-rhel8@sha256:c2dff29f5402be6ab1ed05f970df2095885bb0c6ce301999d1978ab2f6bd10dc_amd64",
"8Base-RHOSE-4.7:openshift4/network-tools-rhel8@sha256:d5c128fb34258594b23210743a46f22ec0efd9178011d749c6e93365fa482470_s390x",
"8Base-RHOSE-4.7:openshift4/network-tools-rhel8@sha256:fcf96da33bcea8e56d9d3edf5da10b2acbf77445c60d4f4d9a220b5c5ff564da_ppc64le",
"8Base-RHOSE-4.7:openshift4/ose-ansible-operator@sha256:1c211dc19b7c4d691af7b3b0462082a6a9adab75482e695b0d3bff57c56a27e8_amd64",
"8Base-RHOSE-4.7:openshift4/ose-ansible-operator@sha256:4624acfc582f366d2b871b528037535a6ef8800409fd2060e7e170912ea3e366_ppc64le",
"8Base-RHOSE-4.7:openshift4/ose-ansible-operator@sha256:61e72a2b6727e2a7b18e433254dade6c341a658c8e5db1c7db76e63201cba68d_s390x",
"8Base-RHOSE-4.7:openshift4/ose-cluster-capacity@sha256:6eb914575b695cda5e32e67bbc0d94d7a9528d0d84d6e830ab9a652c55d8324b_amd64",
"8Base-RHOSE-4.7:openshift4/ose-cluster-capacity@sha256:755b11a5f0283bd40aca158cba01dc52acc86a0f89c2286f35be1ce1526822c5_ppc64le",
"8Base-RHOSE-4.7:openshift4/ose-cluster-capacity@sha256:dc6a4807b1a79fae9510fbd85adbfa24ef6390414255688ab5e081a78209cfd1_s390x",
"8Base-RHOSE-4.7:openshift4/ose-cluster-kube-descheduler-operator@sha256:c1d2a7d34d240089b8122cbee1acabd687e1175f19f725c4dade1d73bd5b5c25_s390x",
"8Base-RHOSE-4.7:openshift4/ose-cluster-kube-descheduler-operator@sha256:d24fb0b4f5c74f0af84fc77322f44ada95d171ced1bebbcf815c046a56d7a7ba_amd64",
"8Base-RHOSE-4.7:openshift4/ose-cluster-kube-descheduler-operator@sha256:ee09043cbe40994c13a502aa1c0b1d8f5f845c5662e20660afef223f578b1172_ppc64le",
"8Base-RHOSE-4.7:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:c1d2a7d34d240089b8122cbee1acabd687e1175f19f725c4dade1d73bd5b5c25_s390x",
"8Base-RHOSE-4.7:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:d24fb0b4f5c74f0af84fc77322f44ada95d171ced1bebbcf815c046a56d7a7ba_amd64",
"8Base-RHOSE-4.7:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:ee09043cbe40994c13a502aa1c0b1d8f5f845c5662e20660afef223f578b1172_ppc64le",
"8Base-RHOSE-4.7:openshift4/ose-cluster-nfd-operator@sha256:1a482262a43445c6e56a8ed1c68f50a23241038e7bed6fb5b1ac860093ffd711_ppc64le",
"8Base-RHOSE-4.7:openshift4/ose-cluster-nfd-operator@sha256:97621545cd74e2810fbc88883c52635e957ab7bb985545660b4848790de078e4_amd64",
"8Base-RHOSE-4.7:openshift4/ose-cluster-nfd-operator@sha256:e9a8c656f1eed7c0e45cd42b7107bdd9c36d0877749ea707caea2834e2ff7853_s390x",
"8Base-RHOSE-4.7:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:02722e2b4b20f5ce75f49283b93577642ac94d21fb3c7bc3f2345dc1cae006c4_ppc64le",
"8Base-RHOSE-4.7:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:25e98ea642c5b444e0779f12c86d12ad1eb536e758f82411a836273aaec103a6_amd64",
"8Base-RHOSE-4.7:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:4af4402195c6da600602a0870a9ca8f2913637ab9b4adaca731ce1f514bfb71d_s390x",
"8Base-RHOSE-4.7:openshift4/ose-clusterresourceoverride-rhel8@sha256:911cdf7fda86a0eb3b675127d13002bcd67793599f265dfcf40747974aa2b428_amd64",
"8Base-RHOSE-4.7:openshift4/ose-clusterresourceoverride-rhel8@sha256:b297025d05f3b5898e97bcd4c79151338605848a32028e4bf2a8e20d46a9a0e6_s390x",
"8Base-RHOSE-4.7:openshift4/ose-clusterresourceoverride-rhel8@sha256:fa7304d3cb390015ff664a2b2301591fb83216a0db95ac325289134f6cb001ff_ppc64le",
"8Base-RHOSE-4.7:openshift4/ose-descheduler@sha256:2ba655f44e0e59c914c40274fb956f1d1f13aff731bafa8553342fae507069ee_s390x",
"8Base-RHOSE-4.7:openshift4/ose-descheduler@sha256:2fab7094181d5d9fd26137131018543e248d6db6b3564f29fa9dcf971384d600_ppc64le",
"8Base-RHOSE-4.7:openshift4/ose-descheduler@sha256:3a04d4a7f569a1f029ee9e4720f8eabd96bdf1ab848bf0a996b7f449181919d6_amd64",
"8Base-RHOSE-4.7:openshift4/ose-egress-dns-proxy@sha256:2b193ab81fa02031e79917fd5c938a0e4ad529c74bdb3ed067140ac66584de75_s390x",
"8Base-RHOSE-4.7:openshift4/ose-egress-dns-proxy@sha256:423ebfcd7b5ee5866d9a48748d6ff6cf86ad513debc426ca2f837dad077e6ba9_ppc64le",
"8Base-RHOSE-4.7:openshift4/ose-egress-dns-proxy@sha256:bcf54c517a897f4db420359d9358df078507a8af7270e3354fba68afc74097bf_amd64",
"8Base-RHOSE-4.7:openshift4/ose-egress-http-proxy@sha256:11fdd61a55cc06e6b4d1a8aefdf762bf2db21e351962285e26f2ab3d95a8460e_s390x",
"8Base-RHOSE-4.7:openshift4/ose-egress-http-proxy@sha256:76fba817c4e8556e58494c54fba0186ac7f607f871355816c3a8051cf0b98143_ppc64le",
"8Base-RHOSE-4.7:openshift4/ose-egress-http-proxy@sha256:f6ff58f2d35b430ef267ba99264dd27a985b97863f1fe2c77a97f30493a901ac_amd64",
"8Base-RHOSE-4.7:openshift4/ose-egress-router@sha256:342350d595c18a630c6f6bb100e8e2eaa397008d3467757431e81a54cab0fe87_s390x",
"8Base-RHOSE-4.7:openshift4/ose-egress-router@sha256:8a4af7c5b461ebe67f0773dcafbcd68fa1e80488d8588747530fc1e7cbe49052_amd64",
"8Base-RHOSE-4.7:openshift4/ose-egress-router@sha256:9741b74b0deb3ef44186a0d98a58db45995b2bd404db445621d27d74c02e971f_ppc64le",
"8Base-RHOSE-4.7:openshift4/ose-ghostunnel@sha256:571ced638d5cb907342143c6a515e482c428f3f3729f247ac7d86cf7acebe64d_amd64",
"8Base-RHOSE-4.7:openshift4/ose-helm-operator@sha256:1604de3c8644d2fda88838dd2490efac87f5c9b4447177c4f11327ccf08ddc87_amd64",
"8Base-RHOSE-4.7:openshift4/ose-helm-operator@sha256:31c0209cce395067e11a47c6ccad47d2b61fdc9cbfb9a678957cc89e51166d12_s390x",
"8Base-RHOSE-4.7:openshift4/ose-helm-operator@sha256:edf4456768f7777ac29ace329c391fdd6a6b214c8e747863ca009b13f4d0e4b9_ppc64le",
"8Base-RHOSE-4.7:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:2e9e8c76769c6008cf50790781c2b2501304ed8badf62fb1d7ff3d3b03ce5266_amd64",
"8Base-RHOSE-4.7:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:7b1da7f58a151e9a92ce088264eded20ddd5e99c6ed91811ab875c8584a32d42_ppc64le",
"8Base-RHOSE-4.7:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:ee09644f92a405a9d847d4f183b30208987c9afb61c15dea10175ac0b08bf5a6_s390x",
"8Base-RHOSE-4.7:openshift4/ose-kubernetes-nmstate-handler-rhel8@sha256:33118718e753a7e63c7427e3b2bfec0bb7bf440d9ee5a0b3bff3b13a08023731_s390x",
"8Base-RHOSE-4.7:openshift4/ose-kubernetes-nmstate-handler-rhel8@sha256:dca4deaed3dd64e477cb506978fedf04605565b721917b86574ecfe0fe192bf0_ppc64le",
"8Base-RHOSE-4.7:openshift4/ose-kubernetes-nmstate-handler-rhel8@sha256:f222c80234892103ad4bafc8b93f931cb84aff4589737041c390e9ff0c544834_amd64",
"8Base-RHOSE-4.7:openshift4/ose-local-storage-diskmaker@sha256:14f5cc593403a32b0d3aea18b4c916b92d73bd29a784de330f2055fc549144a8_amd64",
"8Base-RHOSE-4.7:openshift4/ose-local-storage-diskmaker@sha256:72a04abe499e3821465b46b97095c1fb9a085ea65893996ff88429540f9bca62_ppc64le",
"8Base-RHOSE-4.7:openshift4/ose-local-storage-diskmaker@sha256:eb94c3891e7b187019e21e01a0c0c51c356de2e52d328cb7cd201ccaf084649a_s390x",
"8Base-RHOSE-4.7:openshift4/ose-local-storage-mustgather-rhel8@sha256:44e10acf9603002364f4a6a85863946f8381297a50b0181514420511ebea80c8_amd64",
"8Base-RHOSE-4.7:openshift4/ose-local-storage-mustgather-rhel8@sha256:a172fc08b88d93cfacedd5c7a70a187dcbc4709413e200f26498558ec1d0b93a_s390x",
"8Base-RHOSE-4.7:openshift4/ose-local-storage-mustgather-rhel8@sha256:dd567cbaa78320859d956551673d37d21ebff9ef231908ccdd402ff85a82a106_ppc64le",
"8Base-RHOSE-4.7:openshift4/ose-local-storage-operator@sha256:1de35e9908b4037e251d5940d6d7832add15438babbd787a8799b97d077bdb51_s390x",
"8Base-RHOSE-4.7:openshift4/ose-local-storage-operator@sha256:7ad09f547291f527313ef62a42f32cd1e28d922abbf4d3faf1a62316fc138835_amd64",
"8Base-RHOSE-4.7:openshift4/ose-local-storage-operator@sha256:c0c355248008651fc862cfef2300b4a4e31de396ef3c356d576b78ae8d086606_ppc64le",
"8Base-RHOSE-4.7:openshift4/ose-local-storage-static-provisioner@sha256:1b9840fca41b1a98bccf81f13d1cf97599098417d44464e516cea6b26c8d96ad_s390x",
"8Base-RHOSE-4.7:openshift4/ose-local-storage-static-provisioner@sha256:a51abc91479ae86fb2767c3bf333cd0a4a4a0b04c77cc0e134d60583d81b251f_amd64",
"8Base-RHOSE-4.7:openshift4/ose-local-storage-static-provisioner@sha256:a69a74c4d1851ce45b09dbed28ebf0ea623aa882fb2f90de8fb3e167c2e6ec95_ppc64le",
"8Base-RHOSE-4.7:openshift4/ose-metering-ansible-operator@sha256:6adbba804c49204290251bf308f23377ba59ca878cc347450c8251cd8f9c6fec_amd64",
"8Base-RHOSE-4.7:openshift4/ose-metering-hadoop@sha256:16df368c03c18909eeba85f81ef3427a0df32364a91faf88669cc69c5cee54db_amd64",
"8Base-RHOSE-4.7:openshift4/ose-metering-helm-container-rhel8@sha256:8ef0d8b296fd6cf92b335759b0ae69e2d27b0febcfd7b8039a2a285d6872af24_ppc64le",
"8Base-RHOSE-4.7:openshift4/ose-metering-helm-container-rhel8@sha256:bc0841525bba0fea0a26b23b22cb41401284b9a458aa6fe9e112eab641b092b0_amd64",
"8Base-RHOSE-4.7:openshift4/ose-metering-helm-container-rhel8@sha256:d412d15d2538f1c8cda65219aa518627c14c7d1124246b96c71ee9b806fc6509_s390x",
"8Base-RHOSE-4.7:openshift4/ose-metering-reporting-operator@sha256:a8f402ad94c4b46a3cd073d82f98c10e449a7d167ad4ed279ba8339e4c7fa411_amd64",
"8Base-RHOSE-4.7:openshift4/ose-node-feature-discovery@sha256:8131f6aa3f829be60efa523e46a207f0d0d54801655d27ddea615e2a0d965e67_ppc64le",
"8Base-RHOSE-4.7:openshift4/ose-node-feature-discovery@sha256:a1ea240b21b03823fcce770b5f1268e5ba864a95449ab58fb1b1cce320ef31af_amd64",
"8Base-RHOSE-4.7:openshift4/ose-node-feature-discovery@sha256:b60199d0dbf4727ac8ae61fec173120db88b061ea102f9f814b77da3fdf0cb8d_s390x",
"8Base-RHOSE-4.7:openshift4/ose-node-problem-detector-rhel8@sha256:177cd65fe97f3a2c2c3951471e53f26e00d662e7f948b36b50bf90dee48fa5f2_ppc64le",
"8Base-RHOSE-4.7:openshift4/ose-node-problem-detector-rhel8@sha256:7a6eb4ee386df0f8f8a1d34c84efe6c895c9f24e3f0e0845016bb845b11f03d3_amd64",
"8Base-RHOSE-4.7:openshift4/ose-node-problem-detector-rhel8@sha256:9819ce4cec57a67c73ef7c806328079eeb697657d22b0205de48f887883d4263_s390x",
"8Base-RHOSE-4.7:openshift4/ose-operator-sdk-rhel8@sha256:048df6fb0114e1337a8187779b9cb02de9f0afefe150a9606f33e50dcdf450f0_ppc64le",
"8Base-RHOSE-4.7:openshift4/ose-operator-sdk-rhel8@sha256:a4222e6b92e1ede8ea7504723860c0555ba7702db0813024a36936916ac84658_amd64",
"8Base-RHOSE-4.7:openshift4/ose-operator-sdk-rhel8@sha256:b82b5e624823731165f46003fd321a21be8978b048dbcb7c894a8b0f4a4689db_s390x",
"8Base-RHOSE-4.7:openshift4/ose-ptp-operator@sha256:26e7b07274177e86ef6ec8a96188e7957e4f68f73a1420e196702922094417ae_ppc64le",
"8Base-RHOSE-4.7:openshift4/ose-ptp-operator@sha256:3c4cca09987bb6030b6519394465469b7180c2a042854d38044f5cc3f7d2b30b_s390x",
"8Base-RHOSE-4.7:openshift4/ose-ptp-operator@sha256:fecc5f0d5387857fe8bbc0be5de85038fa81fff05d68b8c9a7f17d69b9744a90_amd64",
"8Base-RHOSE-4.7:openshift4/ose-ptp@sha256:7b80bfd84618e2ca174c68cac564a89a29d85b2882ed0232e83fb2b94e01045b_ppc64le",
"8Base-RHOSE-4.7:openshift4/ose-ptp@sha256:84bc727ebee42779a3ae701eb5b1a8c39d9643efea3b072088f2ecc28574c9e6_amd64",
"8Base-RHOSE-4.7:openshift4/ose-ptp@sha256:8a59f23dd45f1b7f8149711cd2f4420795c3e29a800c9bcfe53413cd519e3d84_s390x",
"8Base-RHOSE-4.7:openshift4/ose-service-idler-rhel8@sha256:41bba8ae933de9d4b23cddc011d71365e4cdabdc9ffcb0de585990e5fbb62cd8_ppc64le",
"8Base-RHOSE-4.7:openshift4/ose-service-idler-rhel8@sha256:452674002f3d1b77096b76c8d682a09112ff7a5201ce3b4ab8c7893c66325c06_amd64",
"8Base-RHOSE-4.7:openshift4/ose-service-idler-rhel8@sha256:867ac586b25cc3587dde454f2419127dbcf610e85b07daa6bcb0f9a18e77c828_s390x",
"8Base-RHOSE-4.7:openshift4/ose-sriov-cni@sha256:51b4b6163d3a296d598330e2119c7f12c41c15a3ea81b15c59774ab71a4052ea_ppc64le",
"8Base-RHOSE-4.7:openshift4/ose-sriov-cni@sha256:81a5d568bcc8c8f6eb387df1d437b6d0500b891c3caeb84b27858034f3de603c_s390x",
"8Base-RHOSE-4.7:openshift4/ose-sriov-cni@sha256:82e46f02c6f0c88139dc1e20a1b61510d3ee2d42ed65118669def44a83735595_amd64",
"8Base-RHOSE-4.7:openshift4/ose-sriov-dp-admission-controller@sha256:1645377753534108e3efeb01f6140a26ec53137041ff02a1284352c3e273fd0c_s390x",
"8Base-RHOSE-4.7:openshift4/ose-sriov-dp-admission-controller@sha256:85d3feec1f6c23752bcf1e20de47cd83dc4171295c922b2962cca31f52fdcc99_ppc64le",
"8Base-RHOSE-4.7:openshift4/ose-sriov-dp-admission-controller@sha256:e9d74ba6c5c8e863288bc2543e57ac1119c4e47ee9a4f355dfc99b24fc831f82_amd64",
"8Base-RHOSE-4.7:openshift4/ose-sriov-infiniband-cni@sha256:25b8e51cedf57a5cd5d84685711e4f46c06b9d3f521bac76b00fbe2fc35310b9_ppc64le",
"8Base-RHOSE-4.7:openshift4/ose-sriov-infiniband-cni@sha256:44186335cae56b10b649766841da6ec9cf87105289e64fab69a274e3bee2e822_amd64",
"8Base-RHOSE-4.7:openshift4/ose-sriov-infiniband-cni@sha256:dc869987220178fda24dd3f7fbe66a910e353519bcda4484ecf91f34e018cadc_s390x",
"8Base-RHOSE-4.7:openshift4/ose-sriov-network-config-daemon@sha256:1f79da5009c02e53f313b417025d3ffc7e5c54e6428013c5d8c240d95295018b_s390x",
"8Base-RHOSE-4.7:openshift4/ose-sriov-network-config-daemon@sha256:282eb59274ebf8c9b1d4df18957fe016a1276851504febfa7d0a82b3ff123b46_ppc64le",
"8Base-RHOSE-4.7:openshift4/ose-sriov-network-config-daemon@sha256:726e97cc553dec762030d19e37ceace8398bb6ea2bea5d2853fab9d21a830b87_amd64",
"8Base-RHOSE-4.7:openshift4/ose-sriov-network-device-plugin@sha256:27bc5f7d3785dc55ae6b56a1abdd724f1b071f18070d8fd1be93710425f63fee_ppc64le",
"8Base-RHOSE-4.7:openshift4/ose-sriov-network-device-plugin@sha256:31a390e00f9a2f992508f586e6fce8c0ce046760b553ea007feee1d80c221dee_amd64",
"8Base-RHOSE-4.7:openshift4/ose-sriov-network-device-plugin@sha256:697a084e5a30a0c6ca7e77ce5c77ada9deb5f109decc0f164a9378b40134ed82_s390x",
"8Base-RHOSE-4.7:openshift4/ose-sriov-network-operator@sha256:74535f528ddf08eace2d38a42cdbdc2cc34f2e918b1ea1137aba44150404f034_ppc64le",
"8Base-RHOSE-4.7:openshift4/ose-sriov-network-operator@sha256:74f269f0228b727f77e87c39fd5eeb02345fb44eeef235e3b30decb8142a6cf5_s390x",
"8Base-RHOSE-4.7:openshift4/ose-sriov-network-operator@sha256:a601452298527b60417ce4bc1cd70578fe3e6c08e5b7206a44135e87dae22fee_amd64",
"8Base-RHOSE-4.7:openshift4/ose-sriov-network-webhook@sha256:6eb41f6dcfbdfbefcd12827661e676155758ea3c29f5df868c4bd27b2f323cb3_s390x",
"8Base-RHOSE-4.7:openshift4/ose-sriov-network-webhook@sha256:c600df4806eabd40e14611aba4ca4d71f5b72aff2de914736999a67115b14f51_amd64",
"8Base-RHOSE-4.7:openshift4/ose-sriov-network-webhook@sha256:e8766c5b017e1d13b5da871db07511834fefa46e5fafe3d98ad128d5d9adbdaa_ppc64le",
"8Base-RHOSE-4.7:openshift4/ose-sriov-operator-must-gather@sha256:7cc7dc4a8aa0785fcb60e17b2aa51629f4bbdf3584b6f87250417ad57d2424ea_amd64",
"8Base-RHOSE-4.7:openshift4/ose-sriov-operator-must-gather@sha256:852ec914338080ae0b0a0d80cc1f8776c69904f7aa481073124f7e30f66ea701_ppc64le",
"8Base-RHOSE-4.7:openshift4/ose-sriov-operator-must-gather@sha256:a270a26fe3257c4ab4020975e8ceb88ed223457497fd7bc11849ce96a0075c1c_s390x",
"8Base-RHOSE-4.7:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:29b1accb1927eed49cc610fde0d6510c4e4c50e691a09e6d756ae01fa09e0931_s390x",
"8Base-RHOSE-4.7:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:60bfdb1ee8a9c42dd8b63a60411136ac85ab728b99e92e79c9035dc95eab88cb_amd64",
"8Base-RHOSE-4.7:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:7cda510767be34b8ac3b808aace4ab2d61107042daa98f620993a667852b9a1c_ppc64le",
"8Base-RHOSE-4.7:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:0694a70fe7b9d8dda2efc2776c045b5bfcf5a7592515d93d2c8c8eb4ac3e4be8_ppc64le",
"8Base-RHOSE-4.7:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:4e8d3b120530fe8d18d06aaca7792ef537fc92c2db6afaf7c3069dd55f844da9_amd64",
"8Base-RHOSE-4.7:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:5d67547980eca90abba55217671e141a5211b188fde220a7738d00c492719a90_s390x",
"8Base-RHOSE-4.7:openshift4/ptp-must-gather-rhel8@sha256:6a109b85e3bf018b10fa79b0fdbfc60342ceef50f3b481b52f775fc64e9ca749_s390x",
"8Base-RHOSE-4.7:openshift4/ptp-must-gather-rhel8@sha256:a513ce618ce42f1cd4b3b3eb4d075cc229f6b2f829c355be8de29c1910d6138d_amd64",
"8Base-RHOSE-4.7:openshift4/ptp-must-gather-rhel8@sha256:b59208db40a37fd3111a6d41e9588a157b4188d3e303fec225d6e7ae2b94b724_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-44832"
},
{
"category": "external",
"summary": "RHBZ#2035951",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2035951"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-44832",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44832"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-44832",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-44832"
},
{
"category": "external",
"summary": "https://issues.apache.org/jira/browse/LOG4J2-3293",
"url": "https://issues.apache.org/jira/browse/LOG4J2-3293"
}
],
"release_date": "2021-12-28T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-02-16T11:29:57+00:00",
"details": "For OpenShift Container Platform 4.7 see the following documentation, which\nwill be updated shortly for this release, for important instructions on how\nto upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.7/release_notes/ocp-4-7-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.7/updating/updating-cluster-cli.html",
"product_ids": [
"8Base-RHOSE-4.7:openshift4/ose-metering-hive@sha256:c41e848a2663da5fc9820eadb880cb2ab456c104977b35fe67b8c34993d79edc_amd64",
"8Base-RHOSE-4.7:openshift4/ose-metering-presto@sha256:894b27ab5d6b96679083bcc1fa1af97cce3211dab3c4c2801b97155a90f8e022_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:0493"
},
{
"category": "workaround",
"details": "As per upstream:\n- In prior releases confirm that if the JDBC Appender is being used it is not configured to use any protocol other than Java.\n- Note that only the log4j-core JAR file is impacted by this vulnerability. Applications using only the log4j-api JAR file without the log4j-core JAR file are not impacted by this vulnerability.",
"product_ids": [
"8Base-RHOSE-4.7:openshift4/kubernetes-nmstate-rhel8-operator@sha256:22aa9ccb0b12f4bdc935a7b3cc228a8d1a1f6d890da2e52d5df1889bc405f438_amd64",
"8Base-RHOSE-4.7:openshift4/kubernetes-nmstate-rhel8-operator@sha256:a03a81188cbb41a6b947e213054834503ff0b138790657e7bcfb89ac76db7e2f_s390x",
"8Base-RHOSE-4.7:openshift4/kubernetes-nmstate-rhel8-operator@sha256:d9d6d79fb09b6bcf8b9cd9aa4db5660f00861c1be51a0739d1814a6d6b555269_ppc64le",
"8Base-RHOSE-4.7:openshift4/network-tools-rhel8@sha256:c2dff29f5402be6ab1ed05f970df2095885bb0c6ce301999d1978ab2f6bd10dc_amd64",
"8Base-RHOSE-4.7:openshift4/network-tools-rhel8@sha256:d5c128fb34258594b23210743a46f22ec0efd9178011d749c6e93365fa482470_s390x",
"8Base-RHOSE-4.7:openshift4/network-tools-rhel8@sha256:fcf96da33bcea8e56d9d3edf5da10b2acbf77445c60d4f4d9a220b5c5ff564da_ppc64le",
"8Base-RHOSE-4.7:openshift4/ose-ansible-operator@sha256:1c211dc19b7c4d691af7b3b0462082a6a9adab75482e695b0d3bff57c56a27e8_amd64",
"8Base-RHOSE-4.7:openshift4/ose-ansible-operator@sha256:4624acfc582f366d2b871b528037535a6ef8800409fd2060e7e170912ea3e366_ppc64le",
"8Base-RHOSE-4.7:openshift4/ose-ansible-operator@sha256:61e72a2b6727e2a7b18e433254dade6c341a658c8e5db1c7db76e63201cba68d_s390x",
"8Base-RHOSE-4.7:openshift4/ose-cluster-capacity@sha256:6eb914575b695cda5e32e67bbc0d94d7a9528d0d84d6e830ab9a652c55d8324b_amd64",
"8Base-RHOSE-4.7:openshift4/ose-cluster-capacity@sha256:755b11a5f0283bd40aca158cba01dc52acc86a0f89c2286f35be1ce1526822c5_ppc64le",
"8Base-RHOSE-4.7:openshift4/ose-cluster-capacity@sha256:dc6a4807b1a79fae9510fbd85adbfa24ef6390414255688ab5e081a78209cfd1_s390x",
"8Base-RHOSE-4.7:openshift4/ose-cluster-kube-descheduler-operator@sha256:c1d2a7d34d240089b8122cbee1acabd687e1175f19f725c4dade1d73bd5b5c25_s390x",
"8Base-RHOSE-4.7:openshift4/ose-cluster-kube-descheduler-operator@sha256:d24fb0b4f5c74f0af84fc77322f44ada95d171ced1bebbcf815c046a56d7a7ba_amd64",
"8Base-RHOSE-4.7:openshift4/ose-cluster-kube-descheduler-operator@sha256:ee09043cbe40994c13a502aa1c0b1d8f5f845c5662e20660afef223f578b1172_ppc64le",
"8Base-RHOSE-4.7:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:c1d2a7d34d240089b8122cbee1acabd687e1175f19f725c4dade1d73bd5b5c25_s390x",
"8Base-RHOSE-4.7:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:d24fb0b4f5c74f0af84fc77322f44ada95d171ced1bebbcf815c046a56d7a7ba_amd64",
"8Base-RHOSE-4.7:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:ee09043cbe40994c13a502aa1c0b1d8f5f845c5662e20660afef223f578b1172_ppc64le",
"8Base-RHOSE-4.7:openshift4/ose-cluster-nfd-operator@sha256:1a482262a43445c6e56a8ed1c68f50a23241038e7bed6fb5b1ac860093ffd711_ppc64le",
"8Base-RHOSE-4.7:openshift4/ose-cluster-nfd-operator@sha256:97621545cd74e2810fbc88883c52635e957ab7bb985545660b4848790de078e4_amd64",
"8Base-RHOSE-4.7:openshift4/ose-cluster-nfd-operator@sha256:e9a8c656f1eed7c0e45cd42b7107bdd9c36d0877749ea707caea2834e2ff7853_s390x",
"8Base-RHOSE-4.7:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:02722e2b4b20f5ce75f49283b93577642ac94d21fb3c7bc3f2345dc1cae006c4_ppc64le",
"8Base-RHOSE-4.7:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:25e98ea642c5b444e0779f12c86d12ad1eb536e758f82411a836273aaec103a6_amd64",
"8Base-RHOSE-4.7:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:4af4402195c6da600602a0870a9ca8f2913637ab9b4adaca731ce1f514bfb71d_s390x",
"8Base-RHOSE-4.7:openshift4/ose-clusterresourceoverride-rhel8@sha256:911cdf7fda86a0eb3b675127d13002bcd67793599f265dfcf40747974aa2b428_amd64",
"8Base-RHOSE-4.7:openshift4/ose-clusterresourceoverride-rhel8@sha256:b297025d05f3b5898e97bcd4c79151338605848a32028e4bf2a8e20d46a9a0e6_s390x",
"8Base-RHOSE-4.7:openshift4/ose-clusterresourceoverride-rhel8@sha256:fa7304d3cb390015ff664a2b2301591fb83216a0db95ac325289134f6cb001ff_ppc64le",
"8Base-RHOSE-4.7:openshift4/ose-descheduler@sha256:2ba655f44e0e59c914c40274fb956f1d1f13aff731bafa8553342fae507069ee_s390x",
"8Base-RHOSE-4.7:openshift4/ose-descheduler@sha256:2fab7094181d5d9fd26137131018543e248d6db6b3564f29fa9dcf971384d600_ppc64le",
"8Base-RHOSE-4.7:openshift4/ose-descheduler@sha256:3a04d4a7f569a1f029ee9e4720f8eabd96bdf1ab848bf0a996b7f449181919d6_amd64",
"8Base-RHOSE-4.7:openshift4/ose-egress-dns-proxy@sha256:2b193ab81fa02031e79917fd5c938a0e4ad529c74bdb3ed067140ac66584de75_s390x",
"8Base-RHOSE-4.7:openshift4/ose-egress-dns-proxy@sha256:423ebfcd7b5ee5866d9a48748d6ff6cf86ad513debc426ca2f837dad077e6ba9_ppc64le",
"8Base-RHOSE-4.7:openshift4/ose-egress-dns-proxy@sha256:bcf54c517a897f4db420359d9358df078507a8af7270e3354fba68afc74097bf_amd64",
"8Base-RHOSE-4.7:openshift4/ose-egress-http-proxy@sha256:11fdd61a55cc06e6b4d1a8aefdf762bf2db21e351962285e26f2ab3d95a8460e_s390x",
"8Base-RHOSE-4.7:openshift4/ose-egress-http-proxy@sha256:76fba817c4e8556e58494c54fba0186ac7f607f871355816c3a8051cf0b98143_ppc64le",
"8Base-RHOSE-4.7:openshift4/ose-egress-http-proxy@sha256:f6ff58f2d35b430ef267ba99264dd27a985b97863f1fe2c77a97f30493a901ac_amd64",
"8Base-RHOSE-4.7:openshift4/ose-egress-router@sha256:342350d595c18a630c6f6bb100e8e2eaa397008d3467757431e81a54cab0fe87_s390x",
"8Base-RHOSE-4.7:openshift4/ose-egress-router@sha256:8a4af7c5b461ebe67f0773dcafbcd68fa1e80488d8588747530fc1e7cbe49052_amd64",
"8Base-RHOSE-4.7:openshift4/ose-egress-router@sha256:9741b74b0deb3ef44186a0d98a58db45995b2bd404db445621d27d74c02e971f_ppc64le",
"8Base-RHOSE-4.7:openshift4/ose-ghostunnel@sha256:571ced638d5cb907342143c6a515e482c428f3f3729f247ac7d86cf7acebe64d_amd64",
"8Base-RHOSE-4.7:openshift4/ose-helm-operator@sha256:1604de3c8644d2fda88838dd2490efac87f5c9b4447177c4f11327ccf08ddc87_amd64",
"8Base-RHOSE-4.7:openshift4/ose-helm-operator@sha256:31c0209cce395067e11a47c6ccad47d2b61fdc9cbfb9a678957cc89e51166d12_s390x",
"8Base-RHOSE-4.7:openshift4/ose-helm-operator@sha256:edf4456768f7777ac29ace329c391fdd6a6b214c8e747863ca009b13f4d0e4b9_ppc64le",
"8Base-RHOSE-4.7:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:2e9e8c76769c6008cf50790781c2b2501304ed8badf62fb1d7ff3d3b03ce5266_amd64",
"8Base-RHOSE-4.7:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:7b1da7f58a151e9a92ce088264eded20ddd5e99c6ed91811ab875c8584a32d42_ppc64le",
"8Base-RHOSE-4.7:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:ee09644f92a405a9d847d4f183b30208987c9afb61c15dea10175ac0b08bf5a6_s390x",
"8Base-RHOSE-4.7:openshift4/ose-kubernetes-nmstate-handler-rhel8@sha256:33118718e753a7e63c7427e3b2bfec0bb7bf440d9ee5a0b3bff3b13a08023731_s390x",
"8Base-RHOSE-4.7:openshift4/ose-kubernetes-nmstate-handler-rhel8@sha256:dca4deaed3dd64e477cb506978fedf04605565b721917b86574ecfe0fe192bf0_ppc64le",
"8Base-RHOSE-4.7:openshift4/ose-kubernetes-nmstate-handler-rhel8@sha256:f222c80234892103ad4bafc8b93f931cb84aff4589737041c390e9ff0c544834_amd64",
"8Base-RHOSE-4.7:openshift4/ose-local-storage-diskmaker@sha256:14f5cc593403a32b0d3aea18b4c916b92d73bd29a784de330f2055fc549144a8_amd64",
"8Base-RHOSE-4.7:openshift4/ose-local-storage-diskmaker@sha256:72a04abe499e3821465b46b97095c1fb9a085ea65893996ff88429540f9bca62_ppc64le",
"8Base-RHOSE-4.7:openshift4/ose-local-storage-diskmaker@sha256:eb94c3891e7b187019e21e01a0c0c51c356de2e52d328cb7cd201ccaf084649a_s390x",
"8Base-RHOSE-4.7:openshift4/ose-local-storage-mustgather-rhel8@sha256:44e10acf9603002364f4a6a85863946f8381297a50b0181514420511ebea80c8_amd64",
"8Base-RHOSE-4.7:openshift4/ose-local-storage-mustgather-rhel8@sha256:a172fc08b88d93cfacedd5c7a70a187dcbc4709413e200f26498558ec1d0b93a_s390x",
"8Base-RHOSE-4.7:openshift4/ose-local-storage-mustgather-rhel8@sha256:dd567cbaa78320859d956551673d37d21ebff9ef231908ccdd402ff85a82a106_ppc64le",
"8Base-RHOSE-4.7:openshift4/ose-local-storage-operator@sha256:1de35e9908b4037e251d5940d6d7832add15438babbd787a8799b97d077bdb51_s390x",
"8Base-RHOSE-4.7:openshift4/ose-local-storage-operator@sha256:7ad09f547291f527313ef62a42f32cd1e28d922abbf4d3faf1a62316fc138835_amd64",
"8Base-RHOSE-4.7:openshift4/ose-local-storage-operator@sha256:c0c355248008651fc862cfef2300b4a4e31de396ef3c356d576b78ae8d086606_ppc64le",
"8Base-RHOSE-4.7:openshift4/ose-local-storage-static-provisioner@sha256:1b9840fca41b1a98bccf81f13d1cf97599098417d44464e516cea6b26c8d96ad_s390x",
"8Base-RHOSE-4.7:openshift4/ose-local-storage-static-provisioner@sha256:a51abc91479ae86fb2767c3bf333cd0a4a4a0b04c77cc0e134d60583d81b251f_amd64",
"8Base-RHOSE-4.7:openshift4/ose-local-storage-static-provisioner@sha256:a69a74c4d1851ce45b09dbed28ebf0ea623aa882fb2f90de8fb3e167c2e6ec95_ppc64le",
"8Base-RHOSE-4.7:openshift4/ose-metering-ansible-operator@sha256:6adbba804c49204290251bf308f23377ba59ca878cc347450c8251cd8f9c6fec_amd64",
"8Base-RHOSE-4.7:openshift4/ose-metering-hadoop@sha256:16df368c03c18909eeba85f81ef3427a0df32364a91faf88669cc69c5cee54db_amd64",
"8Base-RHOSE-4.7:openshift4/ose-metering-helm-container-rhel8@sha256:8ef0d8b296fd6cf92b335759b0ae69e2d27b0febcfd7b8039a2a285d6872af24_ppc64le",
"8Base-RHOSE-4.7:openshift4/ose-metering-helm-container-rhel8@sha256:bc0841525bba0fea0a26b23b22cb41401284b9a458aa6fe9e112eab641b092b0_amd64",
"8Base-RHOSE-4.7:openshift4/ose-metering-helm-container-rhel8@sha256:d412d15d2538f1c8cda65219aa518627c14c7d1124246b96c71ee9b806fc6509_s390x",
"8Base-RHOSE-4.7:openshift4/ose-metering-hive@sha256:c41e848a2663da5fc9820eadb880cb2ab456c104977b35fe67b8c34993d79edc_amd64",
"8Base-RHOSE-4.7:openshift4/ose-metering-presto@sha256:894b27ab5d6b96679083bcc1fa1af97cce3211dab3c4c2801b97155a90f8e022_amd64",
"8Base-RHOSE-4.7:openshift4/ose-metering-reporting-operator@sha256:a8f402ad94c4b46a3cd073d82f98c10e449a7d167ad4ed279ba8339e4c7fa411_amd64",
"8Base-RHOSE-4.7:openshift4/ose-node-feature-discovery@sha256:8131f6aa3f829be60efa523e46a207f0d0d54801655d27ddea615e2a0d965e67_ppc64le",
"8Base-RHOSE-4.7:openshift4/ose-node-feature-discovery@sha256:a1ea240b21b03823fcce770b5f1268e5ba864a95449ab58fb1b1cce320ef31af_amd64",
"8Base-RHOSE-4.7:openshift4/ose-node-feature-discovery@sha256:b60199d0dbf4727ac8ae61fec173120db88b061ea102f9f814b77da3fdf0cb8d_s390x",
"8Base-RHOSE-4.7:openshift4/ose-node-problem-detector-rhel8@sha256:177cd65fe97f3a2c2c3951471e53f26e00d662e7f948b36b50bf90dee48fa5f2_ppc64le",
"8Base-RHOSE-4.7:openshift4/ose-node-problem-detector-rhel8@sha256:7a6eb4ee386df0f8f8a1d34c84efe6c895c9f24e3f0e0845016bb845b11f03d3_amd64",
"8Base-RHOSE-4.7:openshift4/ose-node-problem-detector-rhel8@sha256:9819ce4cec57a67c73ef7c806328079eeb697657d22b0205de48f887883d4263_s390x",
"8Base-RHOSE-4.7:openshift4/ose-operator-sdk-rhel8@sha256:048df6fb0114e1337a8187779b9cb02de9f0afefe150a9606f33e50dcdf450f0_ppc64le",
"8Base-RHOSE-4.7:openshift4/ose-operator-sdk-rhel8@sha256:a4222e6b92e1ede8ea7504723860c0555ba7702db0813024a36936916ac84658_amd64",
"8Base-RHOSE-4.7:openshift4/ose-operator-sdk-rhel8@sha256:b82b5e624823731165f46003fd321a21be8978b048dbcb7c894a8b0f4a4689db_s390x",
"8Base-RHOSE-4.7:openshift4/ose-ptp-operator@sha256:26e7b07274177e86ef6ec8a96188e7957e4f68f73a1420e196702922094417ae_ppc64le",
"8Base-RHOSE-4.7:openshift4/ose-ptp-operator@sha256:3c4cca09987bb6030b6519394465469b7180c2a042854d38044f5cc3f7d2b30b_s390x",
"8Base-RHOSE-4.7:openshift4/ose-ptp-operator@sha256:fecc5f0d5387857fe8bbc0be5de85038fa81fff05d68b8c9a7f17d69b9744a90_amd64",
"8Base-RHOSE-4.7:openshift4/ose-ptp@sha256:7b80bfd84618e2ca174c68cac564a89a29d85b2882ed0232e83fb2b94e01045b_ppc64le",
"8Base-RHOSE-4.7:openshift4/ose-ptp@sha256:84bc727ebee42779a3ae701eb5b1a8c39d9643efea3b072088f2ecc28574c9e6_amd64",
"8Base-RHOSE-4.7:openshift4/ose-ptp@sha256:8a59f23dd45f1b7f8149711cd2f4420795c3e29a800c9bcfe53413cd519e3d84_s390x",
"8Base-RHOSE-4.7:openshift4/ose-service-idler-rhel8@sha256:41bba8ae933de9d4b23cddc011d71365e4cdabdc9ffcb0de585990e5fbb62cd8_ppc64le",
"8Base-RHOSE-4.7:openshift4/ose-service-idler-rhel8@sha256:452674002f3d1b77096b76c8d682a09112ff7a5201ce3b4ab8c7893c66325c06_amd64",
"8Base-RHOSE-4.7:openshift4/ose-service-idler-rhel8@sha256:867ac586b25cc3587dde454f2419127dbcf610e85b07daa6bcb0f9a18e77c828_s390x",
"8Base-RHOSE-4.7:openshift4/ose-sriov-cni@sha256:51b4b6163d3a296d598330e2119c7f12c41c15a3ea81b15c59774ab71a4052ea_ppc64le",
"8Base-RHOSE-4.7:openshift4/ose-sriov-cni@sha256:81a5d568bcc8c8f6eb387df1d437b6d0500b891c3caeb84b27858034f3de603c_s390x",
"8Base-RHOSE-4.7:openshift4/ose-sriov-cni@sha256:82e46f02c6f0c88139dc1e20a1b61510d3ee2d42ed65118669def44a83735595_amd64",
"8Base-RHOSE-4.7:openshift4/ose-sriov-dp-admission-controller@sha256:1645377753534108e3efeb01f6140a26ec53137041ff02a1284352c3e273fd0c_s390x",
"8Base-RHOSE-4.7:openshift4/ose-sriov-dp-admission-controller@sha256:85d3feec1f6c23752bcf1e20de47cd83dc4171295c922b2962cca31f52fdcc99_ppc64le",
"8Base-RHOSE-4.7:openshift4/ose-sriov-dp-admission-controller@sha256:e9d74ba6c5c8e863288bc2543e57ac1119c4e47ee9a4f355dfc99b24fc831f82_amd64",
"8Base-RHOSE-4.7:openshift4/ose-sriov-infiniband-cni@sha256:25b8e51cedf57a5cd5d84685711e4f46c06b9d3f521bac76b00fbe2fc35310b9_ppc64le",
"8Base-RHOSE-4.7:openshift4/ose-sriov-infiniband-cni@sha256:44186335cae56b10b649766841da6ec9cf87105289e64fab69a274e3bee2e822_amd64",
"8Base-RHOSE-4.7:openshift4/ose-sriov-infiniband-cni@sha256:dc869987220178fda24dd3f7fbe66a910e353519bcda4484ecf91f34e018cadc_s390x",
"8Base-RHOSE-4.7:openshift4/ose-sriov-network-config-daemon@sha256:1f79da5009c02e53f313b417025d3ffc7e5c54e6428013c5d8c240d95295018b_s390x",
"8Base-RHOSE-4.7:openshift4/ose-sriov-network-config-daemon@sha256:282eb59274ebf8c9b1d4df18957fe016a1276851504febfa7d0a82b3ff123b46_ppc64le",
"8Base-RHOSE-4.7:openshift4/ose-sriov-network-config-daemon@sha256:726e97cc553dec762030d19e37ceace8398bb6ea2bea5d2853fab9d21a830b87_amd64",
"8Base-RHOSE-4.7:openshift4/ose-sriov-network-device-plugin@sha256:27bc5f7d3785dc55ae6b56a1abdd724f1b071f18070d8fd1be93710425f63fee_ppc64le",
"8Base-RHOSE-4.7:openshift4/ose-sriov-network-device-plugin@sha256:31a390e00f9a2f992508f586e6fce8c0ce046760b553ea007feee1d80c221dee_amd64",
"8Base-RHOSE-4.7:openshift4/ose-sriov-network-device-plugin@sha256:697a084e5a30a0c6ca7e77ce5c77ada9deb5f109decc0f164a9378b40134ed82_s390x",
"8Base-RHOSE-4.7:openshift4/ose-sriov-network-operator@sha256:74535f528ddf08eace2d38a42cdbdc2cc34f2e918b1ea1137aba44150404f034_ppc64le",
"8Base-RHOSE-4.7:openshift4/ose-sriov-network-operator@sha256:74f269f0228b727f77e87c39fd5eeb02345fb44eeef235e3b30decb8142a6cf5_s390x",
"8Base-RHOSE-4.7:openshift4/ose-sriov-network-operator@sha256:a601452298527b60417ce4bc1cd70578fe3e6c08e5b7206a44135e87dae22fee_amd64",
"8Base-RHOSE-4.7:openshift4/ose-sriov-network-webhook@sha256:6eb41f6dcfbdfbefcd12827661e676155758ea3c29f5df868c4bd27b2f323cb3_s390x",
"8Base-RHOSE-4.7:openshift4/ose-sriov-network-webhook@sha256:c600df4806eabd40e14611aba4ca4d71f5b72aff2de914736999a67115b14f51_amd64",
"8Base-RHOSE-4.7:openshift4/ose-sriov-network-webhook@sha256:e8766c5b017e1d13b5da871db07511834fefa46e5fafe3d98ad128d5d9adbdaa_ppc64le",
"8Base-RHOSE-4.7:openshift4/ose-sriov-operator-must-gather@sha256:7cc7dc4a8aa0785fcb60e17b2aa51629f4bbdf3584b6f87250417ad57d2424ea_amd64",
"8Base-RHOSE-4.7:openshift4/ose-sriov-operator-must-gather@sha256:852ec914338080ae0b0a0d80cc1f8776c69904f7aa481073124f7e30f66ea701_ppc64le",
"8Base-RHOSE-4.7:openshift4/ose-sriov-operator-must-gather@sha256:a270a26fe3257c4ab4020975e8ceb88ed223457497fd7bc11849ce96a0075c1c_s390x",
"8Base-RHOSE-4.7:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:29b1accb1927eed49cc610fde0d6510c4e4c50e691a09e6d756ae01fa09e0931_s390x",
"8Base-RHOSE-4.7:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:60bfdb1ee8a9c42dd8b63a60411136ac85ab728b99e92e79c9035dc95eab88cb_amd64",
"8Base-RHOSE-4.7:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:7cda510767be34b8ac3b808aace4ab2d61107042daa98f620993a667852b9a1c_ppc64le",
"8Base-RHOSE-4.7:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:0694a70fe7b9d8dda2efc2776c045b5bfcf5a7592515d93d2c8c8eb4ac3e4be8_ppc64le",
"8Base-RHOSE-4.7:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:4e8d3b120530fe8d18d06aaca7792ef537fc92c2db6afaf7c3069dd55f844da9_amd64",
"8Base-RHOSE-4.7:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:5d67547980eca90abba55217671e141a5211b188fde220a7738d00c492719a90_s390x",
"8Base-RHOSE-4.7:openshift4/ptp-must-gather-rhel8@sha256:6a109b85e3bf018b10fa79b0fdbfc60342ceef50f3b481b52f775fc64e9ca749_s390x",
"8Base-RHOSE-4.7:openshift4/ptp-must-gather-rhel8@sha256:a513ce618ce42f1cd4b3b3eb4d075cc229f6b2f829c355be8de29c1910d6138d_amd64",
"8Base-RHOSE-4.7:openshift4/ptp-must-gather-rhel8@sha256:b59208db40a37fd3111a6d41e9588a157b4188d3e303fec225d6e7ae2b94b724_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-RHOSE-4.7:openshift4/ose-metering-hive@sha256:c41e848a2663da5fc9820eadb880cb2ab456c104977b35fe67b8c34993d79edc_amd64",
"8Base-RHOSE-4.7:openshift4/ose-metering-presto@sha256:894b27ab5d6b96679083bcc1fa1af97cce3211dab3c4c2801b97155a90f8e022_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "log4j-core: remote code execution via JDBC Appender"
}
]
}
RHSA-2022:0236
Vulnerability from csaf_redhat - Published: 2022-01-25 15:25 - Updated: 2025-11-21 18:28Summary
Red Hat Security Advisory: OpenShift Container Platform 3.11.570 security update
Notes
Topic
Red Hat OpenShift Container Platform release 3.11.570 is now available with
updates to packages and images that fix several bugs and add enhancements.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat OpenShift Container Platform is Red Hat's cloud computing
Kubernetes application platform solution designed for on-premise or private
cloud deployments.
Security Fix(es):
* log4j-core: remote code execution via JDBC Appender (CVE-2021-44832)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Red Hat OpenShift Container Platform release 3.11.570 is now available with\nupdates to packages and images that fix several bugs and add enhancements.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat OpenShift Container Platform is Red Hat\u0027s cloud computing\nKubernetes application platform solution designed for on-premise or private\ncloud deployments.\n\nSecurity Fix(es):\n\n* log4j-core: remote code execution via JDBC Appender (CVE-2021-44832)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2022:0236",
"url": "https://access.redhat.com/errata/RHSA-2022:0236"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "2035951",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2035951"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2022/rhsa-2022_0236.json"
}
],
"title": "Red Hat Security Advisory: OpenShift Container Platform 3.11.570 security update",
"tracking": {
"current_release_date": "2025-11-21T18:28:05+00:00",
"generator": {
"date": "2025-11-21T18:28:05+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.12"
}
},
"id": "RHSA-2022:0236",
"initial_release_date": "2022-01-25T15:25:30+00:00",
"revision_history": [
{
"date": "2022-01-25T15:25:30+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2022-01-25T15:25:30+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-11-21T18:28:05+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat OpenShift Container Platform 3.11",
"product": {
"name": "Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift:3.11::el7"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenShift Enterprise"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift3/ose-logging-curator5@sha256:615464e77119620f0e248dc8702c790fc12e004393fcef65731b7ab0c8fe51ea_amd64",
"product": {
"name": "openshift3/ose-logging-curator5@sha256:615464e77119620f0e248dc8702c790fc12e004393fcef65731b7ab0c8fe51ea_amd64",
"product_id": "openshift3/ose-logging-curator5@sha256:615464e77119620f0e248dc8702c790fc12e004393fcef65731b7ab0c8fe51ea_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-logging-curator5@sha256:615464e77119620f0e248dc8702c790fc12e004393fcef65731b7ab0c8fe51ea?arch=amd64\u0026repository_url=registry.redhat.io/openshift3/ose-logging-curator5\u0026tag=v3.11.570-2.ge84e80c"
}
}
},
{
"category": "product_version",
"name": "openshift3/ose-logging-elasticsearch5@sha256:730f0aea1c470224fbe8a4c3e2ad0600bb213f39b79aa5b473146bae50a28b4f_amd64",
"product": {
"name": "openshift3/ose-logging-elasticsearch5@sha256:730f0aea1c470224fbe8a4c3e2ad0600bb213f39b79aa5b473146bae50a28b4f_amd64",
"product_id": "openshift3/ose-logging-elasticsearch5@sha256:730f0aea1c470224fbe8a4c3e2ad0600bb213f39b79aa5b473146bae50a28b4f_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-logging-elasticsearch5@sha256:730f0aea1c470224fbe8a4c3e2ad0600bb213f39b79aa5b473146bae50a28b4f?arch=amd64\u0026repository_url=registry.redhat.io/openshift3/ose-logging-elasticsearch5\u0026tag=v3.11.570-2.ge84e80c"
}
}
},
{
"category": "product_version",
"name": "openshift3/ose-logging-eventrouter@sha256:cc44602e7ec89f3c145288c4e65f0d3d418454fcf4147aa7a1deafeda9329209_amd64",
"product": {
"name": "openshift3/ose-logging-eventrouter@sha256:cc44602e7ec89f3c145288c4e65f0d3d418454fcf4147aa7a1deafeda9329209_amd64",
"product_id": "openshift3/ose-logging-eventrouter@sha256:cc44602e7ec89f3c145288c4e65f0d3d418454fcf4147aa7a1deafeda9329209_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-logging-eventrouter@sha256:cc44602e7ec89f3c145288c4e65f0d3d418454fcf4147aa7a1deafeda9329209?arch=amd64\u0026repository_url=registry.redhat.io/openshift3/ose-logging-eventrouter\u0026tag=v3.11.570-2"
}
}
},
{
"category": "product_version",
"name": "openshift3/ose-logging-fluentd@sha256:d8de79c838c86c85fba55880ff3b59cfb8c6f89b0e092d65e13833d10a949012_amd64",
"product": {
"name": "openshift3/ose-logging-fluentd@sha256:d8de79c838c86c85fba55880ff3b59cfb8c6f89b0e092d65e13833d10a949012_amd64",
"product_id": "openshift3/ose-logging-fluentd@sha256:d8de79c838c86c85fba55880ff3b59cfb8c6f89b0e092d65e13833d10a949012_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-logging-fluentd@sha256:d8de79c838c86c85fba55880ff3b59cfb8c6f89b0e092d65e13833d10a949012?arch=amd64\u0026repository_url=registry.redhat.io/openshift3/ose-logging-fluentd\u0026tag=v3.11.570-2.ge84e80c"
}
}
},
{
"category": "product_version",
"name": "openshift3/logging-fluentd@sha256:d8de79c838c86c85fba55880ff3b59cfb8c6f89b0e092d65e13833d10a949012_amd64",
"product": {
"name": "openshift3/logging-fluentd@sha256:d8de79c838c86c85fba55880ff3b59cfb8c6f89b0e092d65e13833d10a949012_amd64",
"product_id": "openshift3/logging-fluentd@sha256:d8de79c838c86c85fba55880ff3b59cfb8c6f89b0e092d65e13833d10a949012_amd64",
"product_identification_helper": {
"purl": "pkg:oci/logging-fluentd@sha256:d8de79c838c86c85fba55880ff3b59cfb8c6f89b0e092d65e13833d10a949012?arch=amd64\u0026repository_url=registry.redhat.io/openshift3/logging-fluentd\u0026tag=v3.11.570-2.ge84e80c"
}
}
},
{
"category": "product_version",
"name": "openshift3/ose-logging-kibana5@sha256:531d1444a26b4c38316fd7e46e7d619a519e7a2d1b0a78567949160eb0196860_amd64",
"product": {
"name": "openshift3/ose-logging-kibana5@sha256:531d1444a26b4c38316fd7e46e7d619a519e7a2d1b0a78567949160eb0196860_amd64",
"product_id": "openshift3/ose-logging-kibana5@sha256:531d1444a26b4c38316fd7e46e7d619a519e7a2d1b0a78567949160eb0196860_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-logging-kibana5@sha256:531d1444a26b4c38316fd7e46e7d619a519e7a2d1b0a78567949160eb0196860?arch=amd64\u0026repository_url=registry.redhat.io/openshift3/ose-logging-kibana5\u0026tag=v3.11.570-2.ge84e80c"
}
}
}
],
"category": "architecture",
"name": "amd64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift3/logging-fluentd@sha256:d8de79c838c86c85fba55880ff3b59cfb8c6f89b0e092d65e13833d10a949012_amd64 as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:openshift3/logging-fluentd@sha256:d8de79c838c86c85fba55880ff3b59cfb8c6f89b0e092d65e13833d10a949012_amd64"
},
"product_reference": "openshift3/logging-fluentd@sha256:d8de79c838c86c85fba55880ff3b59cfb8c6f89b0e092d65e13833d10a949012_amd64",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift3/ose-logging-curator5@sha256:615464e77119620f0e248dc8702c790fc12e004393fcef65731b7ab0c8fe51ea_amd64 as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:openshift3/ose-logging-curator5@sha256:615464e77119620f0e248dc8702c790fc12e004393fcef65731b7ab0c8fe51ea_amd64"
},
"product_reference": "openshift3/ose-logging-curator5@sha256:615464e77119620f0e248dc8702c790fc12e004393fcef65731b7ab0c8fe51ea_amd64",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift3/ose-logging-elasticsearch5@sha256:730f0aea1c470224fbe8a4c3e2ad0600bb213f39b79aa5b473146bae50a28b4f_amd64 as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:openshift3/ose-logging-elasticsearch5@sha256:730f0aea1c470224fbe8a4c3e2ad0600bb213f39b79aa5b473146bae50a28b4f_amd64"
},
"product_reference": "openshift3/ose-logging-elasticsearch5@sha256:730f0aea1c470224fbe8a4c3e2ad0600bb213f39b79aa5b473146bae50a28b4f_amd64",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift3/ose-logging-eventrouter@sha256:cc44602e7ec89f3c145288c4e65f0d3d418454fcf4147aa7a1deafeda9329209_amd64 as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:openshift3/ose-logging-eventrouter@sha256:cc44602e7ec89f3c145288c4e65f0d3d418454fcf4147aa7a1deafeda9329209_amd64"
},
"product_reference": "openshift3/ose-logging-eventrouter@sha256:cc44602e7ec89f3c145288c4e65f0d3d418454fcf4147aa7a1deafeda9329209_amd64",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift3/ose-logging-fluentd@sha256:d8de79c838c86c85fba55880ff3b59cfb8c6f89b0e092d65e13833d10a949012_amd64 as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:openshift3/ose-logging-fluentd@sha256:d8de79c838c86c85fba55880ff3b59cfb8c6f89b0e092d65e13833d10a949012_amd64"
},
"product_reference": "openshift3/ose-logging-fluentd@sha256:d8de79c838c86c85fba55880ff3b59cfb8c6f89b0e092d65e13833d10a949012_amd64",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift3/ose-logging-kibana5@sha256:531d1444a26b4c38316fd7e46e7d619a519e7a2d1b0a78567949160eb0196860_amd64 as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:openshift3/ose-logging-kibana5@sha256:531d1444a26b4c38316fd7e46e7d619a519e7a2d1b0a78567949160eb0196860_amd64"
},
"product_reference": "openshift3/ose-logging-kibana5@sha256:531d1444a26b4c38316fd7e46e7d619a519e7a2d1b0a78567949160eb0196860_amd64",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-44832",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2021-12-28T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"7Server-RH7-RHOSE-3.11:openshift3/logging-fluentd@sha256:d8de79c838c86c85fba55880ff3b59cfb8c6f89b0e092d65e13833d10a949012_amd64",
"7Server-RH7-RHOSE-3.11:openshift3/ose-logging-curator5@sha256:615464e77119620f0e248dc8702c790fc12e004393fcef65731b7ab0c8fe51ea_amd64",
"7Server-RH7-RHOSE-3.11:openshift3/ose-logging-eventrouter@sha256:cc44602e7ec89f3c145288c4e65f0d3d418454fcf4147aa7a1deafeda9329209_amd64",
"7Server-RH7-RHOSE-3.11:openshift3/ose-logging-fluentd@sha256:d8de79c838c86c85fba55880ff3b59cfb8c6f89b0e092d65e13833d10a949012_amd64",
"7Server-RH7-RHOSE-3.11:openshift3/ose-logging-kibana5@sha256:531d1444a26b4c38316fd7e46e7d619a519e7a2d1b0a78567949160eb0196860_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2035951"
}
],
"notes": [
{
"category": "description",
"text": "Apache Log4j2 versions 2.0-beta7 through 2.17.0 (excluding security fix releases 2.3.2 and 2.12.4) are vulnerable to a remote code execution (RCE) attack where an attacker with permission to modify the logging configuration file can construct a malicious configuration using a JDBC Appender with a data source referencing a JNDI URI which can execute remote code. This issue is fixed by limiting JNDI data source names to the java protocol in Log4j2 versions 2.17.1, 2.12.4, and 2.3.2.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "log4j-core: remote code execution via JDBC Appender",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Log4j 1.x is not impacted by this vulnerability. Therefore versions of log4j shipped with Red Hat Enterprise Linux are NOT affected by this flaw.\n\nFor Elasticsearch, as shipped in OpenShift Container Platform and OpenShift Logging, access to the log4j2.properties configuration is limited only to the cluster administrators and exploitation requires cluster logging changes, what reduced the impact of this vulnerability significantly [0].\n\n[0] https://discuss.elastic.co/t/apache-log4j2-remote-code-execution-rce-vulnerability-cve-2021-44228-esa-2021-31/291476#update-jan-6-5",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RH7-RHOSE-3.11:openshift3/ose-logging-elasticsearch5@sha256:730f0aea1c470224fbe8a4c3e2ad0600bb213f39b79aa5b473146bae50a28b4f_amd64"
],
"known_not_affected": [
"7Server-RH7-RHOSE-3.11:openshift3/logging-fluentd@sha256:d8de79c838c86c85fba55880ff3b59cfb8c6f89b0e092d65e13833d10a949012_amd64",
"7Server-RH7-RHOSE-3.11:openshift3/ose-logging-curator5@sha256:615464e77119620f0e248dc8702c790fc12e004393fcef65731b7ab0c8fe51ea_amd64",
"7Server-RH7-RHOSE-3.11:openshift3/ose-logging-eventrouter@sha256:cc44602e7ec89f3c145288c4e65f0d3d418454fcf4147aa7a1deafeda9329209_amd64",
"7Server-RH7-RHOSE-3.11:openshift3/ose-logging-fluentd@sha256:d8de79c838c86c85fba55880ff3b59cfb8c6f89b0e092d65e13833d10a949012_amd64",
"7Server-RH7-RHOSE-3.11:openshift3/ose-logging-kibana5@sha256:531d1444a26b4c38316fd7e46e7d619a519e7a2d1b0a78567949160eb0196860_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-44832"
},
{
"category": "external",
"summary": "RHBZ#2035951",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2035951"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-44832",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44832"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-44832",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-44832"
},
{
"category": "external",
"summary": "https://issues.apache.org/jira/browse/LOG4J2-3293",
"url": "https://issues.apache.org/jira/browse/LOG4J2-3293"
}
],
"release_date": "2021-12-28T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-01-25T15:25:30+00:00",
"details": "For OpenShift Container Platform 3.11 see the following documentation,\nwhich will be updated shortly for this release, for important instructions\non how to upgrade your cluster and fully apply this asynchronous errata\nupdate:\n\nhttps://docs.openshift.com/container-platform/3.11/release_notes/ocp_3_11_release_notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/3.11/upgrading/index.html",
"product_ids": [
"7Server-RH7-RHOSE-3.11:openshift3/ose-logging-elasticsearch5@sha256:730f0aea1c470224fbe8a4c3e2ad0600bb213f39b79aa5b473146bae50a28b4f_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:0236"
},
{
"category": "workaround",
"details": "As per upstream:\n- In prior releases confirm that if the JDBC Appender is being used it is not configured to use any protocol other than Java.\n- Note that only the log4j-core JAR file is impacted by this vulnerability. Applications using only the log4j-api JAR file without the log4j-core JAR file are not impacted by this vulnerability.",
"product_ids": [
"7Server-RH7-RHOSE-3.11:openshift3/logging-fluentd@sha256:d8de79c838c86c85fba55880ff3b59cfb8c6f89b0e092d65e13833d10a949012_amd64",
"7Server-RH7-RHOSE-3.11:openshift3/ose-logging-curator5@sha256:615464e77119620f0e248dc8702c790fc12e004393fcef65731b7ab0c8fe51ea_amd64",
"7Server-RH7-RHOSE-3.11:openshift3/ose-logging-elasticsearch5@sha256:730f0aea1c470224fbe8a4c3e2ad0600bb213f39b79aa5b473146bae50a28b4f_amd64",
"7Server-RH7-RHOSE-3.11:openshift3/ose-logging-eventrouter@sha256:cc44602e7ec89f3c145288c4e65f0d3d418454fcf4147aa7a1deafeda9329209_amd64",
"7Server-RH7-RHOSE-3.11:openshift3/ose-logging-fluentd@sha256:d8de79c838c86c85fba55880ff3b59cfb8c6f89b0e092d65e13833d10a949012_amd64",
"7Server-RH7-RHOSE-3.11:openshift3/ose-logging-kibana5@sha256:531d1444a26b4c38316fd7e46e7d619a519e7a2d1b0a78567949160eb0196860_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"7Server-RH7-RHOSE-3.11:openshift3/logging-fluentd@sha256:d8de79c838c86c85fba55880ff3b59cfb8c6f89b0e092d65e13833d10a949012_amd64",
"7Server-RH7-RHOSE-3.11:openshift3/ose-logging-curator5@sha256:615464e77119620f0e248dc8702c790fc12e004393fcef65731b7ab0c8fe51ea_amd64",
"7Server-RH7-RHOSE-3.11:openshift3/ose-logging-elasticsearch5@sha256:730f0aea1c470224fbe8a4c3e2ad0600bb213f39b79aa5b473146bae50a28b4f_amd64",
"7Server-RH7-RHOSE-3.11:openshift3/ose-logging-eventrouter@sha256:cc44602e7ec89f3c145288c4e65f0d3d418454fcf4147aa7a1deafeda9329209_amd64",
"7Server-RH7-RHOSE-3.11:openshift3/ose-logging-fluentd@sha256:d8de79c838c86c85fba55880ff3b59cfb8c6f89b0e092d65e13833d10a949012_amd64",
"7Server-RH7-RHOSE-3.11:openshift3/ose-logging-kibana5@sha256:531d1444a26b4c38316fd7e46e7d619a519e7a2d1b0a78567949160eb0196860_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "log4j-core: remote code execution via JDBC Appender"
}
]
}
RHSA-2022_0216
Vulnerability from csaf_redhat - Published: 2022-01-20 16:00 - Updated: 2024-11-24 21:31Summary
Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.4 security update
Notes
Topic
A security update is now available for Red Hat JBoss Enterprise Application Platform 7.4.
Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime.
This asynchronous patch is a security update for Red Hat JBoss Enterprise Application Platform 7.4.
Security Fix(es):
* log4j-core: remote code execution via JDBC Appender (CVE-2021-44832)
* log4j-core: DoS in log4j 2.x with thread context message pattern and context lookup pattern (incomplete fix for CVE-2021-44228) (CVE-2021-45046)
* log4j-core: DoS in log4j 2.x with Thread Context Map (MDC) input data contains a recursive lookup and context lookup pattern (CVE-2021-45105)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Low"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "A security update is now available for Red Hat JBoss Enterprise Application Platform 7.4.\n\nRed Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime.\n\nThis asynchronous patch is a security update for Red Hat JBoss Enterprise Application Platform 7.4.\n\nSecurity Fix(es):\n\n* log4j-core: remote code execution via JDBC Appender (CVE-2021-44832)\n\n* log4j-core: DoS in log4j 2.x with thread context message pattern and context lookup pattern (incomplete fix for CVE-2021-44228) (CVE-2021-45046)\n\n* log4j-core: DoS in log4j 2.x with Thread Context Map (MDC) input data contains a recursive lookup and context lookup pattern (CVE-2021-45105)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2022:0216",
"url": "https://access.redhat.com/errata/RHSA-2022:0216"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#low",
"url": "https://access.redhat.com/security/updates/classification/#low"
},
{
"category": "external",
"summary": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=securityPatches\u0026product=appplatform\u0026version=7.4",
"url": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=securityPatches\u0026product=appplatform\u0026version=7.4"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/vulnerabilities/RHSB-2021-009",
"url": "https://access.redhat.com/security/vulnerabilities/RHSB-2021-009"
},
{
"category": "external",
"summary": "https://access.redhat.com/solutions/6577421",
"url": "https://access.redhat.com/solutions/6577421"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.4/",
"url": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.4/"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.4/html-single/installation_guide/",
"url": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.4/html-single/installation_guide/"
},
{
"category": "external",
"summary": "2032580",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2032580"
},
{
"category": "external",
"summary": "2034067",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2034067"
},
{
"category": "external",
"summary": "2035951",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2035951"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2022/rhsa-2022_0216.json"
}
],
"title": "Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.4 security update",
"tracking": {
"current_release_date": "2024-11-24T21:31:04+00:00",
"generator": {
"date": "2024-11-24T21:31:04+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.1"
}
},
"id": "RHSA-2022:0216",
"initial_release_date": "2022-01-20T16:00:06+00:00",
"revision_history": [
{
"date": "2022-01-20T16:00:06+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2022-01-20T16:00:06+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-24T21:31:04+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "EAP 7.4 log4j async",
"product": {
"name": "EAP 7.4 log4j async",
"product_id": "EAP 7.4 log4j async",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4"
}
}
}
],
"category": "product_family",
"name": "Red Hat JBoss Enterprise Application Platform"
}
],
"category": "vendor",
"name": "Red Hat"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-44832",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2021-12-28T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2035951"
}
],
"notes": [
{
"category": "description",
"text": "Apache Log4j2 versions 2.0-beta7 through 2.17.0 (excluding security fix releases 2.3.2 and 2.12.4) are vulnerable to a remote code execution (RCE) attack where an attacker with permission to modify the logging configuration file can construct a malicious configuration using a JDBC Appender with a data source referencing a JNDI URI which can execute remote code. This issue is fixed by limiting JNDI data source names to the java protocol in Log4j2 versions 2.17.1, 2.12.4, and 2.3.2.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "log4j-core: remote code execution via JDBC Appender",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Log4j 1.x is not impacted by this vulnerability. Therefore versions of log4j shipped with Red Hat Enterprise Linux are NOT affected by this flaw.\n\nFor Elasticsearch, as shipped in OpenShift Container Platform and OpenShift Logging, access to the log4j2.properties configuration is limited only to the cluster administrators and exploitation requires cluster logging changes, what reduced the impact of this vulnerability significantly [0].\n\n[0] https://discuss.elastic.co/t/apache-log4j2-remote-code-execution-rce-vulnerability-cve-2021-44228-esa-2021-31/291476#update-jan-6-5",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"EAP 7.4 log4j async"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-44832"
},
{
"category": "external",
"summary": "RHBZ#2035951",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2035951"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-44832",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44832"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-44832",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-44832"
},
{
"category": "external",
"summary": "https://issues.apache.org/jira/browse/LOG4J2-3293",
"url": "https://issues.apache.org/jira/browse/LOG4J2-3293"
}
],
"release_date": "2021-12-28T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-01-20T16:00:06+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"EAP 7.4 log4j async"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:0216"
},
{
"category": "workaround",
"details": "As per upstream:\n- In prior releases confirm that if the JDBC Appender is being used it is not configured to use any protocol other than Java.\n- Note that only the log4j-core JAR file is impacted by this vulnerability. Applications using only the log4j-api JAR file without the log4j-core JAR file are not impacted by this vulnerability.",
"product_ids": [
"EAP 7.4 log4j async"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"EAP 7.4 log4j async"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "log4j-core: remote code execution via JDBC Appender"
},
{
"cve": "CVE-2021-45046",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2021-12-14T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2032580"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Apache Log4j logging library in versions from 2.0.0 and before 2.16.0. A remote attacker with control over Thread Context Map (MDC) input data could craft malicious input using a JNDI Lookup pattern resulting in remote code execution (RCE) in a limited number of environments.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "log4j-core: DoS in log4j 2.x with thread context message pattern and context lookup pattern (incomplete fix for CVE-2021-44228)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Although we have matched Apache\u0027s CVSS score, with the exception of the scope metric which will remain unaltered at \"unchanged\"; as we believe code execution would be at the permission levels of the running JVM and not exceeding that of the original CVE-2021-44228 flaw.\n \nWe have given this vulnerability an impact rating of Moderate, this is because of the unlikely nature of log4j lookup mapping values being derived from attacker controlled values. This is not the default configuration for end-applications using log4j 2.x and would require explicit action from a privileged user (a developer or administrator) to access the vulnerability. \nIn certain non-default configurations, it was found that the fix to address CVE-2021-44228 in Apache Log4j 2.15.0 was insufficient.\n\nThis issue affects the log4j version between 2.0 and 2.15. Log4j 1.x is NOT impacted by this vulnerability. \n\nPrerequisites to exploit this flaw are :\n\n- A remotely accessible endpoint with any protocol (HTTP, TCP, etc) that allows an attacker to send arbitrary data,\n- A log statement in the endpoint that logs the attacker controlled data.\n- Log4j configuration file should be explicitly configured to use a non-default Pattern Layout with a Context Lookup eg. ($${ctx:loginId}) \n\nIn most cases, the mitigation suggested for CVE-2021-44228 (i.e. to set the system property `log4j2.noFormatMsgLookup` to `true) does NOT mitigate this specific vulnerability. \nLog4j 2.16.0 fixes this issue by removing support for message lookup patterns and disabling JNDI functionality by default.\n\nFor Elasticsearch, as shipped in OpenShift 3.11, the \"log4j2.formatMsgNoLookups=true\" system property mitigation is sufficient as there are no included non-standard configurations that allow for exploitation:\n\nhttps://github.com/openshift/openshift-ansible/blob/release-3.11/roles/openshift_logging_elasticsearch/templates/log4j2.properties.j2\n\nhttps://discuss.elastic.co/t/apache-log4j2-remote-code-execution-rce-vulnerability-cve-2021-44228-esa-2021-31/291476\n\nFor CodeReady Studio the fix for this flaw is available on CodeReady Studio 12.21.3 and above versions.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"EAP 7.4 log4j async"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-45046"
},
{
"category": "external",
"summary": "RHBZ#2032580",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2032580"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-45046",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-45046"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-45046",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-45046"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2021-44228",
"url": "https://access.redhat.com/security/cve/CVE-2021-44228"
},
{
"category": "external",
"summary": "https://logging.apache.org/log4j/2.x/security.html",
"url": "https://logging.apache.org/log4j/2.x/security.html"
},
{
"category": "external",
"summary": "https://www.openwall.com/lists/oss-security/2021/12/14/4",
"url": "https://www.openwall.com/lists/oss-security/2021/12/14/4"
},
{
"category": "external",
"summary": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog",
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
}
],
"release_date": "2021-12-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-01-20T16:00:06+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"EAP 7.4 log4j async"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:0216"
},
{
"category": "workaround",
"details": "For Log4j versions up to and including 2.15.0, this issue can be mitigated by removing the JndiLookup class from the classpath (example: zip -q -d log4j-core-*.jar org/apache/logging/log4j/core/lookup/JndiLookup.class).",
"product_ids": [
"EAP 7.4 log4j async"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"EAP 7.4 log4j async"
]
}
],
"threats": [
{
"category": "exploit_status",
"date": "2023-05-01T00:00:00+00:00",
"details": "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
},
{
"category": "impact",
"details": "Low"
}
],
"title": "log4j-core: DoS in log4j 2.x with thread context message pattern and context lookup pattern (incomplete fix for CVE-2021-44228)"
},
{
"cve": "CVE-2021-45105",
"cwe": {
"id": "CWE-674",
"name": "Uncontrolled Recursion"
},
"discovery_date": "2021-12-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2034067"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Apache Log4j logging library 2.x. when the logging configuration uses a non-default Pattern Layout with a Context Lookup. Attackers with control over Thread Context Map (MDC) input data can craft malicious input data that contains a recursive lookup and can cause Denial of Service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "log4j-core: DoS in log4j 2.x with Thread Context Map (MDC) input data contains a recursive lookup and context lookup pattern",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Product Security has performed an analysis of this flaw and has classified the Attack Complexity(AC) as High because there are multiple factors involved which are beyond attacker\u0027s control:\n\n- The application has to use the logging configuration using a Context Map Lookup (for example, $${ctx:loginId}) which is a non-default Pattern Layout.\n- The application developer has to use the map org.apache.logging.log4j.ThreadContext in the application code and save at-least one key (for example, ThreadContext.put(\"loginId\", \"myId\");) in the ThreadContext map object.\n- Attackers must also know this saved key name in order to exploit this flaw.\n\nNote that saving keys in this map is a non-essential usage of log4j and just an optional feature provided. Refer to https://logging.apache.org/log4j/2.x/manual/lookups.html#ContextMapLookup to know more about the Context Map Lookup feature of Log4j.\n\nLog4j 1.x is not impacted by this vulnerability. Note that only the log4j-core JAR file is impacted by this vulnerability. Applications using ONLY the log4j-api JAR file without the log4j-core JAR file are NOT impacted by this vulnerability.\n\n\nDespite including a vulnerable version of Log4j 2.x, this vulnerability is not exploitable in Elasticsearch[0], as shipped in OpenShift Container Platform and OpenShift Logging. OpenShift 3.11 specifically does not contain any context lookups:\n\nhttps://github.com/openshift/openshift-ansible/blob/release-3.11/roles/openshift_logging_elasticsearch/templates/log4j2.properties.j2\n\nThis vulnerability is therefore rated Low for Elasticsearch in OpenShift Container Platform and OpenShift Logging.\n\n[0] https://discuss.elastic.co/t/apache-log4j2-remote-code-execution-rce-vulnerability-cve-2021-44228-esa-2021-31/291476#update-december-18-4",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"EAP 7.4 log4j async"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-45105"
},
{
"category": "external",
"summary": "RHBZ#2034067",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2034067"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-45105",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-45105"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-45105",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-45105"
},
{
"category": "external",
"summary": "https://issues.apache.org/jira/browse/LOG4J2-3230",
"url": "https://issues.apache.org/jira/browse/LOG4J2-3230"
},
{
"category": "external",
"summary": "https://logging.apache.org/log4j/2.x/security.html",
"url": "https://logging.apache.org/log4j/2.x/security.html"
},
{
"category": "external",
"summary": "https://www.openwall.com/lists/oss-security/2021/12/19/1",
"url": "https://www.openwall.com/lists/oss-security/2021/12/19/1"
}
],
"release_date": "2021-12-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-01-20T16:00:06+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"EAP 7.4 log4j async"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:0216"
},
{
"category": "workaround",
"details": "For Log4j 2 versions up to and including 2.16.0, this flaw can be mitigated by:\n- In PatternLayout in the Log4j logging configuration, replace Context Lookups like ${ctx:loginId} or $${ctx:loginId} with Thread Context Map patterns (%X, %mdc, or %MDC) like %X{loginId}.\n- Otherwise, in the Log4j logging configuration, remove references to Context Lookups like ${ctx:loginId} or $${ctx:loginId} where they originate from sources external to the application such as HTTP headers or user input.",
"product_ids": [
"EAP 7.4 log4j async"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"EAP 7.4 log4j async"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "log4j-core: DoS in log4j 2.x with Thread Context Map (MDC) input data contains a recursive lookup and context lookup pattern"
}
]
}
RHSA-2022:0222
Vulnerability from csaf_redhat - Published: 2022-01-20 18:54 - Updated: 2025-11-21 18:28Summary
Red Hat Security Advisory: Red Hat Integration Camel Extensions for Quarkus 2.2 security update
Notes
Topic
A security update to Red Hat Integration Camel Extensions for Quarkus 2.2 is now available. The purpose of this text-only errata is to inform you about the security issues fixed.
Red Hat Product Security has rated this update as having an impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
This update of Red Hat Integration - Camel Extensions for Quarkus serves as a replacement for 2.2 GA and includes the following security Fix(es):
Security Fix(es):
* log4j-core: remote code execution via JDBC Appender (CVE-2021-44832)
* log4j-core: DoS in log4j 2.x with thread context message pattern and context lookup pattern (incomplete fix for CVE-2021-44228) (CVE-2021-45046)
* log4j-core: DoS in log4j 2.x with Thread Context Map (MDC) input data contains a recursive lookup and context lookup pattern (CVE-2021-45105)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "A security update to Red Hat Integration Camel Extensions for Quarkus 2.2 is now available. The purpose of this text-only errata is to inform you about the security issues fixed.\n\nRed Hat Product Security has rated this update as having an impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "This update of Red Hat Integration - Camel Extensions for Quarkus serves as a replacement for 2.2 GA and includes the following security Fix(es):\n\nSecurity Fix(es):\n\n* log4j-core: remote code execution via JDBC Appender (CVE-2021-44832)\n\n* log4j-core: DoS in log4j 2.x with thread context message pattern and context lookup pattern (incomplete fix for CVE-2021-44228) (CVE-2021-45046)\n\n* log4j-core: DoS in log4j 2.x with Thread Context Map (MDC) input data contains a recursive lookup and context lookup pattern (CVE-2021-45105)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2022:0222",
"url": "https://access.redhat.com/errata/RHSA-2022:0222"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=distributions\u0026product=red.hat.integration\u0026version=2022-Q1",
"url": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=distributions\u0026product=red.hat.integration\u0026version=2022-Q1"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_integration/2022.q1",
"url": "https://access.redhat.com/documentation/en-us/red_hat_integration/2022.q1"
},
{
"category": "external",
"summary": "2032580",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2032580"
},
{
"category": "external",
"summary": "2034067",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2034067"
},
{
"category": "external",
"summary": "2035951",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2035951"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2022/rhsa-2022_0222.json"
}
],
"title": "Red Hat Security Advisory: Red Hat Integration Camel Extensions for Quarkus 2.2 security update",
"tracking": {
"current_release_date": "2025-11-21T18:28:02+00:00",
"generator": {
"date": "2025-11-21T18:28:02+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.12"
}
},
"id": "RHSA-2022:0222",
"initial_release_date": "2022-01-20T18:54:26+00:00",
"revision_history": [
{
"date": "2022-01-20T18:54:26+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2022-01-20T18:54:26+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-11-21T18:28:02+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Integration Camel Extensions for Quarkus 2.2",
"product": {
"name": "Red Hat Integration Camel Extensions for Quarkus 2.2",
"product_id": "Red Hat Integration Camel Extensions for Quarkus 2.2",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:camel_quarkus:2.2"
}
}
}
],
"category": "product_family",
"name": "Red Hat Integration"
}
],
"category": "vendor",
"name": "Red Hat"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-44832",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2021-12-28T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2035951"
}
],
"notes": [
{
"category": "description",
"text": "Apache Log4j2 versions 2.0-beta7 through 2.17.0 (excluding security fix releases 2.3.2 and 2.12.4) are vulnerable to a remote code execution (RCE) attack where an attacker with permission to modify the logging configuration file can construct a malicious configuration using a JDBC Appender with a data source referencing a JNDI URI which can execute remote code. This issue is fixed by limiting JNDI data source names to the java protocol in Log4j2 versions 2.17.1, 2.12.4, and 2.3.2.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "log4j-core: remote code execution via JDBC Appender",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Log4j 1.x is not impacted by this vulnerability. Therefore versions of log4j shipped with Red Hat Enterprise Linux are NOT affected by this flaw.\n\nFor Elasticsearch, as shipped in OpenShift Container Platform and OpenShift Logging, access to the log4j2.properties configuration is limited only to the cluster administrators and exploitation requires cluster logging changes, what reduced the impact of this vulnerability significantly [0].\n\n[0] https://discuss.elastic.co/t/apache-log4j2-remote-code-execution-rce-vulnerability-cve-2021-44228-esa-2021-31/291476#update-jan-6-5",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Integration Camel Extensions for Quarkus 2.2"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-44832"
},
{
"category": "external",
"summary": "RHBZ#2035951",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2035951"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-44832",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44832"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-44832",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-44832"
},
{
"category": "external",
"summary": "https://issues.apache.org/jira/browse/LOG4J2-3293",
"url": "https://issues.apache.org/jira/browse/LOG4J2-3293"
}
],
"release_date": "2021-12-28T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-01-20T18:54:26+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat Integration Camel Extensions for Quarkus 2.2"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:0222"
},
{
"category": "workaround",
"details": "As per upstream:\n- In prior releases confirm that if the JDBC Appender is being used it is not configured to use any protocol other than Java.\n- Note that only the log4j-core JAR file is impacted by this vulnerability. Applications using only the log4j-api JAR file without the log4j-core JAR file are not impacted by this vulnerability.",
"product_ids": [
"Red Hat Integration Camel Extensions for Quarkus 2.2"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat Integration Camel Extensions for Quarkus 2.2"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "log4j-core: remote code execution via JDBC Appender"
},
{
"cve": "CVE-2021-45046",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2021-12-14T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2032580"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Apache Log4j logging library in versions from 2.0.0 and before 2.16.0. A remote attacker with control over Thread Context Map (MDC) input data could craft malicious input using a JNDI Lookup pattern resulting in remote code execution (RCE) in a limited number of environments.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "log4j-core: DoS in log4j 2.x with thread context message pattern and context lookup pattern (incomplete fix for CVE-2021-44228)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Although we have matched Apache\u0027s CVSS score, with the exception of the scope metric which will remain unaltered at \"unchanged\"; as we believe code execution would be at the permission levels of the running JVM and not exceeding that of the original CVE-2021-44228 flaw.\n \nWe have given this vulnerability an impact rating of Moderate, this is because of the unlikely nature of log4j lookup mapping values being derived from attacker controlled values. This is not the default configuration for end-applications using log4j 2.x and would require explicit action from a privileged user (a developer or administrator) to access the vulnerability. \nIn certain non-default configurations, it was found that the fix to address CVE-2021-44228 in Apache Log4j 2.15.0 was insufficient.\n\nThis issue affects the log4j version between 2.0 and 2.15. Log4j 1.x is NOT impacted by this vulnerability. \n\nPrerequisites to exploit this flaw are :\n\n- A remotely accessible endpoint with any protocol (HTTP, TCP, etc) that allows an attacker to send arbitrary data,\n- A log statement in the endpoint that logs the attacker controlled data.\n- Log4j configuration file should be explicitly configured to use a non-default Pattern Layout with a Context Lookup eg. ($${ctx:loginId}) \n\nIn most cases, the mitigation suggested for CVE-2021-44228 (i.e. to set the system property `log4j2.noFormatMsgLookup` to `true) does NOT mitigate this specific vulnerability. \nLog4j 2.16.0 fixes this issue by removing support for message lookup patterns and disabling JNDI functionality by default.\n\nFor Elasticsearch, as shipped in OpenShift 3.11, the \"log4j2.formatMsgNoLookups=true\" system property mitigation is sufficient as there are no included non-standard configurations that allow for exploitation:\n\nhttps://github.com/openshift/openshift-ansible/blob/release-3.11/roles/openshift_logging_elasticsearch/templates/log4j2.properties.j2\n\nhttps://discuss.elastic.co/t/apache-log4j2-remote-code-execution-rce-vulnerability-cve-2021-44228-esa-2021-31/291476\n\nFor CodeReady Studio the fix for this flaw is available on CodeReady Studio 12.21.3 and above versions.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Integration Camel Extensions for Quarkus 2.2"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-45046"
},
{
"category": "external",
"summary": "RHBZ#2032580",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2032580"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-45046",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-45046"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-45046",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-45046"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2021-44228",
"url": "https://access.redhat.com/security/cve/CVE-2021-44228"
},
{
"category": "external",
"summary": "https://logging.apache.org/log4j/2.x/security.html",
"url": "https://logging.apache.org/log4j/2.x/security.html"
},
{
"category": "external",
"summary": "https://www.openwall.com/lists/oss-security/2021/12/14/4",
"url": "https://www.openwall.com/lists/oss-security/2021/12/14/4"
},
{
"category": "external",
"summary": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog",
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
}
],
"release_date": "2021-12-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-01-20T18:54:26+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat Integration Camel Extensions for Quarkus 2.2"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:0222"
},
{
"category": "workaround",
"details": "For Log4j versions up to and including 2.15.0, this issue can be mitigated by removing the JndiLookup class from the classpath (example: zip -q -d log4j-core-*.jar org/apache/logging/log4j/core/lookup/JndiLookup.class).",
"product_ids": [
"Red Hat Integration Camel Extensions for Quarkus 2.2"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat Integration Camel Extensions for Quarkus 2.2"
]
}
],
"threats": [
{
"category": "exploit_status",
"date": "2023-05-01T00:00:00+00:00",
"details": "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
},
{
"category": "impact",
"details": "Moderate"
}
],
"title": "log4j-core: DoS in log4j 2.x with thread context message pattern and context lookup pattern (incomplete fix for CVE-2021-44228)"
},
{
"cve": "CVE-2021-45105",
"cwe": {
"id": "CWE-674",
"name": "Uncontrolled Recursion"
},
"discovery_date": "2021-12-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2034067"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Apache Log4j logging library 2.x. when the logging configuration uses a non-default Pattern Layout with a Context Lookup. Attackers with control over Thread Context Map (MDC) input data can craft malicious input data that contains a recursive lookup and can cause Denial of Service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "log4j-core: DoS in log4j 2.x with Thread Context Map (MDC) input data contains a recursive lookup and context lookup pattern",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Product Security has performed an analysis of this flaw and has classified the Attack Complexity(AC) as High because there are multiple factors involved which are beyond attacker\u0027s control:\n\n- The application has to use the logging configuration using a Context Map Lookup (for example, $${ctx:loginId}) which is a non-default Pattern Layout.\n- The application developer has to use the map org.apache.logging.log4j.ThreadContext in the application code and save at-least one key (for example, ThreadContext.put(\"loginId\", \"myId\");) in the ThreadContext map object.\n- Attackers must also know this saved key name in order to exploit this flaw.\n\nNote that saving keys in this map is a non-essential usage of log4j and just an optional feature provided. Refer to https://logging.apache.org/log4j/2.x/manual/lookups.html#ContextMapLookup to know more about the Context Map Lookup feature of Log4j.\n\nLog4j 1.x is not impacted by this vulnerability. Note that only the log4j-core JAR file is impacted by this vulnerability. Applications using ONLY the log4j-api JAR file without the log4j-core JAR file are NOT impacted by this vulnerability.\n\n\nDespite including a vulnerable version of Log4j 2.x, this vulnerability is not exploitable in Elasticsearch[0], as shipped in OpenShift Container Platform and OpenShift Logging. OpenShift 3.11 specifically does not contain any context lookups:\n\nhttps://github.com/openshift/openshift-ansible/blob/release-3.11/roles/openshift_logging_elasticsearch/templates/log4j2.properties.j2\n\nThis vulnerability is therefore rated Low for Elasticsearch in OpenShift Container Platform and OpenShift Logging.\n\n[0] https://discuss.elastic.co/t/apache-log4j2-remote-code-execution-rce-vulnerability-cve-2021-44228-esa-2021-31/291476#update-december-18-4",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Integration Camel Extensions for Quarkus 2.2"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-45105"
},
{
"category": "external",
"summary": "RHBZ#2034067",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2034067"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-45105",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-45105"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-45105",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-45105"
},
{
"category": "external",
"summary": "https://issues.apache.org/jira/browse/LOG4J2-3230",
"url": "https://issues.apache.org/jira/browse/LOG4J2-3230"
},
{
"category": "external",
"summary": "https://logging.apache.org/log4j/2.x/security.html",
"url": "https://logging.apache.org/log4j/2.x/security.html"
},
{
"category": "external",
"summary": "https://www.openwall.com/lists/oss-security/2021/12/19/1",
"url": "https://www.openwall.com/lists/oss-security/2021/12/19/1"
}
],
"release_date": "2021-12-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-01-20T18:54:26+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat Integration Camel Extensions for Quarkus 2.2"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:0222"
},
{
"category": "workaround",
"details": "For Log4j 2 versions up to and including 2.16.0, this flaw can be mitigated by:\n- In PatternLayout in the Log4j logging configuration, replace Context Lookups like ${ctx:loginId} or $${ctx:loginId} with Thread Context Map patterns (%X, %mdc, or %MDC) like %X{loginId}.\n- Otherwise, in the Log4j logging configuration, remove references to Context Lookups like ${ctx:loginId} or $${ctx:loginId} where they originate from sources external to the application such as HTTP headers or user input.",
"product_ids": [
"Red Hat Integration Camel Extensions for Quarkus 2.2"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Integration Camel Extensions for Quarkus 2.2"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "log4j-core: DoS in log4j 2.x with Thread Context Map (MDC) input data contains a recursive lookup and context lookup pattern"
}
]
}
RHSA-2022_1296
Vulnerability from csaf_redhat - Published: 2022-04-11 12:59 - Updated: 2024-11-26 02:53Summary
Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.4.4 security update
Notes
Topic
A security update is now available for Red Hat JBoss Enterprise Application Platform 7.4 for Red Hat Enterprise Linux 7.
Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime.
This release of Red Hat JBoss Enterprise Application Platform 7.4.4 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.4.3 and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.4.4 Release Notes for information about the most significant bug fixes and enhancements included in this release.
Security Fix(es):
* log4j: SQL injection in Log4j 1.x when application is configured to use JDBCAppender (CVE-2022-23305)
* log4j: Unsafe deserialization flaw in Chainsaw log viewer (CVE-2022-23307)
* log4j: Remote code execution in Log4j 1.x when application is configured to use JMSAppender (CVE-2021-4104)
* log4j-core: remote code execution via JDBC Appender (CVE-2021-44832)
* log4j-core: DoS in log4j 2.x with thread context message pattern and context lookup pattern (incomplete fix for CVE-2021-44228) (CVE-2021-45046)
* log4j-core: DoS in log4j 2.x with Thread Context Map (MDC) input data contains a recursive lookup and context lookup pattern (CVE-2021-45105)
* log4j: Remote code execution in Log4j 1.x when application is configured to use JMSSink (CVE-2022-23302)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Low"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "A security update is now available for Red Hat JBoss Enterprise Application Platform 7.4 for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime.\n\nThis release of Red Hat JBoss Enterprise Application Platform 7.4.4 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.4.3 and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.4.4 Release Notes for information about the most significant bug fixes and enhancements included in this release.\n\nSecurity Fix(es):\n\n* log4j: SQL injection in Log4j 1.x when application is configured to use JDBCAppender (CVE-2022-23305)\n\n* log4j: Unsafe deserialization flaw in Chainsaw log viewer (CVE-2022-23307)\n\n* log4j: Remote code execution in Log4j 1.x when application is configured to use JMSAppender (CVE-2021-4104)\n\n* log4j-core: remote code execution via JDBC Appender (CVE-2021-44832)\n\n* log4j-core: DoS in log4j 2.x with thread context message pattern and context lookup pattern (incomplete fix for CVE-2021-44228) (CVE-2021-45046)\n\n* log4j-core: DoS in log4j 2.x with Thread Context Map (MDC) input data contains a recursive lookup and context lookup pattern (CVE-2021-45105)\n\n* log4j: Remote code execution in Log4j 1.x when application is configured to use JMSSink (CVE-2022-23302)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2022:1296",
"url": "https://access.redhat.com/errata/RHSA-2022:1296"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#low",
"url": "https://access.redhat.com/security/updates/classification/#low"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.4/",
"url": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.4/"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.4/html-single/installation_guide/",
"url": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.4/html-single/installation_guide/"
},
{
"category": "external",
"summary": "2031667",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2031667"
},
{
"category": "external",
"summary": "2032580",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2032580"
},
{
"category": "external",
"summary": "2034067",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2034067"
},
{
"category": "external",
"summary": "2035951",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2035951"
},
{
"category": "external",
"summary": "2041949",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2041949"
},
{
"category": "external",
"summary": "2041959",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2041959"
},
{
"category": "external",
"summary": "2041967",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2041967"
},
{
"category": "external",
"summary": "JBEAP-22105",
"url": "https://issues.redhat.com/browse/JBEAP-22105"
},
{
"category": "external",
"summary": "JBEAP-22385",
"url": "https://issues.redhat.com/browse/JBEAP-22385"
},
{
"category": "external",
"summary": "JBEAP-22731",
"url": "https://issues.redhat.com/browse/JBEAP-22731"
},
{
"category": "external",
"summary": "JBEAP-22738",
"url": "https://issues.redhat.com/browse/JBEAP-22738"
},
{
"category": "external",
"summary": "JBEAP-22819",
"url": "https://issues.redhat.com/browse/JBEAP-22819"
},
{
"category": "external",
"summary": "JBEAP-22839",
"url": "https://issues.redhat.com/browse/JBEAP-22839"
},
{
"category": "external",
"summary": "JBEAP-22864",
"url": "https://issues.redhat.com/browse/JBEAP-22864"
},
{
"category": "external",
"summary": "JBEAP-22899",
"url": "https://issues.redhat.com/browse/JBEAP-22899"
},
{
"category": "external",
"summary": "JBEAP-22904",
"url": "https://issues.redhat.com/browse/JBEAP-22904"
},
{
"category": "external",
"summary": "JBEAP-22911",
"url": "https://issues.redhat.com/browse/JBEAP-22911"
},
{
"category": "external",
"summary": "JBEAP-22912",
"url": "https://issues.redhat.com/browse/JBEAP-22912"
},
{
"category": "external",
"summary": "JBEAP-22913",
"url": "https://issues.redhat.com/browse/JBEAP-22913"
},
{
"category": "external",
"summary": "JBEAP-22935",
"url": "https://issues.redhat.com/browse/JBEAP-22935"
},
{
"category": "external",
"summary": "JBEAP-22945",
"url": "https://issues.redhat.com/browse/JBEAP-22945"
},
{
"category": "external",
"summary": "JBEAP-22973",
"url": "https://issues.redhat.com/browse/JBEAP-22973"
},
{
"category": "external",
"summary": "JBEAP-23038",
"url": "https://issues.redhat.com/browse/JBEAP-23038"
},
{
"category": "external",
"summary": "JBEAP-23040",
"url": "https://issues.redhat.com/browse/JBEAP-23040"
},
{
"category": "external",
"summary": "JBEAP-23045",
"url": "https://issues.redhat.com/browse/JBEAP-23045"
},
{
"category": "external",
"summary": "JBEAP-23101",
"url": "https://issues.redhat.com/browse/JBEAP-23101"
},
{
"category": "external",
"summary": "JBEAP-23105",
"url": "https://issues.redhat.com/browse/JBEAP-23105"
},
{
"category": "external",
"summary": "JBEAP-23143",
"url": "https://issues.redhat.com/browse/JBEAP-23143"
},
{
"category": "external",
"summary": "JBEAP-23177",
"url": "https://issues.redhat.com/browse/JBEAP-23177"
},
{
"category": "external",
"summary": "JBEAP-23323",
"url": "https://issues.redhat.com/browse/JBEAP-23323"
},
{
"category": "external",
"summary": "JBEAP-23373",
"url": "https://issues.redhat.com/browse/JBEAP-23373"
},
{
"category": "external",
"summary": "JBEAP-23374",
"url": "https://issues.redhat.com/browse/JBEAP-23374"
},
{
"category": "external",
"summary": "JBEAP-23375",
"url": "https://issues.redhat.com/browse/JBEAP-23375"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2022/rhsa-2022_1296.json"
}
],
"title": "Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.4.4 security update",
"tracking": {
"current_release_date": "2024-11-26T02:53:09+00:00",
"generator": {
"date": "2024-11-26T02:53:09+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.1"
}
},
"id": "RHSA-2022:1296",
"initial_release_date": "2022-04-11T12:59:41+00:00",
"revision_history": [
{
"date": "2022-04-11T12:59:41+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2022-04-11T12:59:41+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-26T02:53:09+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product": {
"name": "Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el7"
}
}
}
],
"category": "product_family",
"name": "Red Hat JBoss Enterprise Application Platform"
},
{
"branches": [
{
"category": "product_version",
"name": "eap7-jboss-xnio-base-0:3.8.6-1.Final_redhat_00001.1.el7eap.src",
"product": {
"name": "eap7-jboss-xnio-base-0:3.8.6-1.Final_redhat_00001.1.el7eap.src",
"product_id": "eap7-jboss-xnio-base-0:3.8.6-1.Final_redhat_00001.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-xnio-base@3.8.6-1.Final_redhat_00001.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-xom-0:1.3.7-1.redhat_00001.1.el7eap.src",
"product": {
"name": "eap7-xom-0:1.3.7-1.redhat_00001.1.el7eap.src",
"product_id": "eap7-xom-0:1.3.7-1.redhat_00001.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-xom@1.3.7-1.redhat_00001.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-hal-console-0:3.3.9-1.Final_redhat_00001.1.el7eap.src",
"product": {
"name": "eap7-hal-console-0:3.3.9-1.Final_redhat_00001.1.el7eap.src",
"product_id": "eap7-hal-console-0:3.3.9-1.Final_redhat_00001.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hal-console@3.3.9-1.Final_redhat_00001.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-undertow-0:2.2.16-1.Final_redhat_00001.1.el7eap.src",
"product": {
"name": "eap7-undertow-0:2.2.16-1.Final_redhat_00001.1.el7eap.src",
"product_id": "eap7-undertow-0:2.2.16-1.Final_redhat_00001.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-undertow@2.2.16-1.Final_redhat_00001.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-0:5.3.25-1.Final_redhat_00002.1.el7eap.src",
"product": {
"name": "eap7-hibernate-0:5.3.25-1.Final_redhat_00002.1.el7eap.src",
"product_id": "eap7-hibernate-0:5.3.25-1.Final_redhat_00002.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate@5.3.25-1.Final_redhat_00002.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-narayana-0:5.11.4-1.Final_redhat_00001.1.el7eap.src",
"product": {
"name": "eap7-narayana-0:5.11.4-1.Final_redhat_00001.1.el7eap.src",
"product_id": "eap7-narayana-0:5.11.4-1.Final_redhat_00001.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-narayana@5.11.4-1.Final_redhat_00001.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-0:2.16.0-7.redhat_00034.1.el7eap.src",
"product": {
"name": "eap7-activemq-artemis-0:2.16.0-7.redhat_00034.1.el7eap.src",
"product_id": "eap7-activemq-artemis-0:2.16.0-7.redhat_00034.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis@2.16.0-7.redhat_00034.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-elytron-0:1.15.11-1.Final_redhat_00002.1.el7eap.src",
"product": {
"name": "eap7-wildfly-elytron-0:1.15.11-1.Final_redhat_00002.1.el7eap.src",
"product_id": "eap7-wildfly-elytron-0:1.15.11-1.Final_redhat_00002.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-elytron@1.15.11-1.Final_redhat_00002.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-infinispan-0:11.0.15-1.Final_redhat_00001.1.el7eap.src",
"product": {
"name": "eap7-infinispan-0:11.0.15-1.Final_redhat_00001.1.el7eap.src",
"product_id": "eap7-infinispan-0:11.0.15-1.Final_redhat_00001.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-infinispan@11.0.15-1.Final_redhat_00001.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-objectweb-asm-0:9.1.0-1.redhat_00002.1.el7eap.src",
"product": {
"name": "eap7-objectweb-asm-0:9.1.0-1.redhat_00002.1.el7eap.src",
"product_id": "eap7-objectweb-asm-0:9.1.0-1.redhat_00002.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-objectweb-asm@9.1.0-1.redhat_00002.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-vfs-0:3.2.16-1.Final_redhat_00001.1.el7eap.src",
"product": {
"name": "eap7-jboss-vfs-0:3.2.16-1.Final_redhat_00001.1.el7eap.src",
"product_id": "eap7-jboss-vfs-0:3.2.16-1.Final_redhat_00001.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-vfs@3.2.16-1.Final_redhat_00001.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-log4j-0:2.17.1-1.redhat_00001.1.el7eap.src",
"product": {
"name": "eap7-log4j-0:2.17.1-1.redhat_00001.1.el7eap.src",
"product_id": "eap7-log4j-0:2.17.1-1.redhat_00001.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-log4j@2.17.1-1.redhat_00001.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-yasson-0:1.0.10-1.redhat_00001.1.el7eap.src",
"product": {
"name": "eap7-yasson-0:1.0.10-1.redhat_00001.1.el7eap.src",
"product_id": "eap7-yasson-0:1.0.10-1.redhat_00001.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-yasson@1.0.10-1.redhat_00001.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-ecj-1:3.26.0-1.redhat_00002.1.el7eap.src",
"product": {
"name": "eap7-ecj-1:3.26.0-1.redhat_00002.1.el7eap.src",
"product_id": "eap7-ecj-1:3.26.0-1.redhat_00002.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ecj@3.26.0-1.redhat_00002.1.el7eap?arch=src\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "eap7-jbossws-cxf-0:5.4.4-1.Final_redhat_00001.1.el7eap.src",
"product": {
"name": "eap7-jbossws-cxf-0:5.4.4-1.Final_redhat_00001.1.el7eap.src",
"product_id": "eap7-jbossws-cxf-0:5.4.4-1.Final_redhat_00001.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jbossws-cxf@5.4.4-1.Final_redhat_00001.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-openssl-el7-x86_64-0:2.2.0-2.Final_redhat_00002.1.el7eap.src",
"product": {
"name": "eap7-wildfly-openssl-el7-x86_64-0:2.2.0-2.Final_redhat_00002.1.el7eap.src",
"product_id": "eap7-wildfly-openssl-el7-x86_64-0:2.2.0-2.Final_redhat_00002.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-openssl-el7-x86_64@2.2.0-2.Final_redhat_00002.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-openssl-0:2.2.0-3.Final_redhat_00002.1.el7eap.src",
"product": {
"name": "eap7-wildfly-openssl-0:2.2.0-3.Final_redhat_00002.1.el7eap.src",
"product_id": "eap7-wildfly-openssl-0:2.2.0-3.Final_redhat_00002.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-openssl@2.2.0-3.Final_redhat_00002.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-0:1.10.0-15.Final_redhat_00014.1.el7eap.src",
"product": {
"name": "eap7-jboss-server-migration-0:1.10.0-15.Final_redhat_00014.1.el7eap.src",
"product_id": "eap7-jboss-server-migration-0:1.10.0-15.Final_redhat_00014.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration@1.10.0-15.Final_redhat_00014.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-0:7.4.4-3.GA_redhat_00011.1.el7eap.src",
"product": {
"name": "eap7-wildfly-0:7.4.4-3.GA_redhat_00011.1.el7eap.src",
"product_id": "eap7-wildfly-0:7.4.4-3.GA_redhat_00011.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly@7.4.4-3.GA_redhat_00011.1.el7eap?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "eap7-jboss-xnio-base-0:3.8.6-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-jboss-xnio-base-0:3.8.6-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-jboss-xnio-base-0:3.8.6-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-xnio-base@3.8.6-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-xom-0:1.3.7-1.redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-xom-0:1.3.7-1.redhat_00001.1.el7eap.noarch",
"product_id": "eap7-xom-0:1.3.7-1.redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-xom@1.3.7-1.redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-hal-console-0:3.3.9-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-hal-console-0:3.3.9-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-hal-console-0:3.3.9-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hal-console@3.3.9-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-undertow-0:2.2.16-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-undertow-0:2.2.16-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-undertow-0:2.2.16-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-undertow@2.2.16-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-0:5.3.25-1.Final_redhat_00002.1.el7eap.noarch",
"product": {
"name": "eap7-hibernate-0:5.3.25-1.Final_redhat_00002.1.el7eap.noarch",
"product_id": "eap7-hibernate-0:5.3.25-1.Final_redhat_00002.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate@5.3.25-1.Final_redhat_00002.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-core-0:5.3.25-1.Final_redhat_00002.1.el7eap.noarch",
"product": {
"name": "eap7-hibernate-core-0:5.3.25-1.Final_redhat_00002.1.el7eap.noarch",
"product_id": "eap7-hibernate-core-0:5.3.25-1.Final_redhat_00002.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate-core@5.3.25-1.Final_redhat_00002.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-entitymanager-0:5.3.25-1.Final_redhat_00002.1.el7eap.noarch",
"product": {
"name": "eap7-hibernate-entitymanager-0:5.3.25-1.Final_redhat_00002.1.el7eap.noarch",
"product_id": "eap7-hibernate-entitymanager-0:5.3.25-1.Final_redhat_00002.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate-entitymanager@5.3.25-1.Final_redhat_00002.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-envers-0:5.3.25-1.Final_redhat_00002.1.el7eap.noarch",
"product": {
"name": "eap7-hibernate-envers-0:5.3.25-1.Final_redhat_00002.1.el7eap.noarch",
"product_id": "eap7-hibernate-envers-0:5.3.25-1.Final_redhat_00002.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate-envers@5.3.25-1.Final_redhat_00002.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-java8-0:5.3.25-1.Final_redhat_00002.1.el7eap.noarch",
"product": {
"name": "eap7-hibernate-java8-0:5.3.25-1.Final_redhat_00002.1.el7eap.noarch",
"product_id": "eap7-hibernate-java8-0:5.3.25-1.Final_redhat_00002.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate-java8@5.3.25-1.Final_redhat_00002.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-narayana-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-narayana-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-narayana-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-narayana@5.11.4-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-narayana-compensations-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-narayana-compensations-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-narayana-compensations-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-narayana-compensations@5.11.4-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-narayana-jbosstxbridge-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-narayana-jbosstxbridge-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-narayana-jbosstxbridge-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-narayana-jbosstxbridge@5.11.4-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-narayana-jbossxts-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-narayana-jbossxts-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-narayana-jbossxts-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-narayana-jbossxts@5.11.4-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-narayana-jts-idlj-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-narayana-jts-idlj-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-narayana-jts-idlj-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-narayana-jts-idlj@5.11.4-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-narayana-jts-integration-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-narayana-jts-integration-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-narayana-jts-integration-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-narayana-jts-integration@5.11.4-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-narayana-restat-api-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-narayana-restat-api-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-narayana-restat-api-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-narayana-restat-api@5.11.4-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-narayana-restat-bridge-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-narayana-restat-bridge-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-narayana-restat-bridge-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-narayana-restat-bridge@5.11.4-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-narayana-restat-integration-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-narayana-restat-integration-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-narayana-restat-integration-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-narayana-restat-integration@5.11.4-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-narayana-restat-util-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-narayana-restat-util-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-narayana-restat-util-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-narayana-restat-util@5.11.4-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-narayana-txframework-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-narayana-txframework-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-narayana-txframework-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-narayana-txframework@5.11.4-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"product": {
"name": "eap7-activemq-artemis-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"product_id": "eap7-activemq-artemis-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis@2.16.0-7.redhat_00034.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-cli-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"product": {
"name": "eap7-activemq-artemis-cli-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"product_id": "eap7-activemq-artemis-cli-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-cli@2.16.0-7.redhat_00034.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-commons-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"product": {
"name": "eap7-activemq-artemis-commons-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"product_id": "eap7-activemq-artemis-commons-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-commons@2.16.0-7.redhat_00034.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-core-client-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"product": {
"name": "eap7-activemq-artemis-core-client-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"product_id": "eap7-activemq-artemis-core-client-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-core-client@2.16.0-7.redhat_00034.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-dto-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"product": {
"name": "eap7-activemq-artemis-dto-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"product_id": "eap7-activemq-artemis-dto-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-dto@2.16.0-7.redhat_00034.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-hornetq-protocol-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"product": {
"name": "eap7-activemq-artemis-hornetq-protocol-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"product_id": "eap7-activemq-artemis-hornetq-protocol-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-hornetq-protocol@2.16.0-7.redhat_00034.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-hqclient-protocol-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"product": {
"name": "eap7-activemq-artemis-hqclient-protocol-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"product_id": "eap7-activemq-artemis-hqclient-protocol-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-hqclient-protocol@2.16.0-7.redhat_00034.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-jdbc-store-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"product": {
"name": "eap7-activemq-artemis-jdbc-store-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"product_id": "eap7-activemq-artemis-jdbc-store-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-jdbc-store@2.16.0-7.redhat_00034.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-jms-client-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"product": {
"name": "eap7-activemq-artemis-jms-client-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"product_id": "eap7-activemq-artemis-jms-client-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-jms-client@2.16.0-7.redhat_00034.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-jms-server-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"product": {
"name": "eap7-activemq-artemis-jms-server-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"product_id": "eap7-activemq-artemis-jms-server-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-jms-server@2.16.0-7.redhat_00034.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-journal-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"product": {
"name": "eap7-activemq-artemis-journal-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"product_id": "eap7-activemq-artemis-journal-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-journal@2.16.0-7.redhat_00034.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-ra-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"product": {
"name": "eap7-activemq-artemis-ra-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"product_id": "eap7-activemq-artemis-ra-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-ra@2.16.0-7.redhat_00034.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-selector-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"product": {
"name": "eap7-activemq-artemis-selector-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"product_id": "eap7-activemq-artemis-selector-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-selector@2.16.0-7.redhat_00034.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-server-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"product": {
"name": "eap7-activemq-artemis-server-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"product_id": "eap7-activemq-artemis-server-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-server@2.16.0-7.redhat_00034.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-service-extensions-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"product": {
"name": "eap7-activemq-artemis-service-extensions-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"product_id": "eap7-activemq-artemis-service-extensions-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-service-extensions@2.16.0-7.redhat_00034.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-tools-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"product": {
"name": "eap7-activemq-artemis-tools-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"product_id": "eap7-activemq-artemis-tools-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-tools@2.16.0-7.redhat_00034.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-elytron-0:1.15.11-1.Final_redhat_00002.1.el7eap.noarch",
"product": {
"name": "eap7-wildfly-elytron-0:1.15.11-1.Final_redhat_00002.1.el7eap.noarch",
"product_id": "eap7-wildfly-elytron-0:1.15.11-1.Final_redhat_00002.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-elytron@1.15.11-1.Final_redhat_00002.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-elytron-tool-0:1.15.11-1.Final_redhat_00002.1.el7eap.noarch",
"product": {
"name": "eap7-wildfly-elytron-tool-0:1.15.11-1.Final_redhat_00002.1.el7eap.noarch",
"product_id": "eap7-wildfly-elytron-tool-0:1.15.11-1.Final_redhat_00002.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-elytron-tool@1.15.11-1.Final_redhat_00002.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-infinispan-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-infinispan-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-infinispan-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-infinispan@11.0.15-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-infinispan-cachestore-jdbc-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-infinispan-cachestore-jdbc-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-infinispan-cachestore-jdbc-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-infinispan-cachestore-jdbc@11.0.15-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-infinispan-cachestore-remote-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-infinispan-cachestore-remote-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-infinispan-cachestore-remote-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-infinispan-cachestore-remote@11.0.15-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-infinispan-client-hotrod-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-infinispan-client-hotrod-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-infinispan-client-hotrod-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-infinispan-client-hotrod@11.0.15-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-infinispan-commons-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-infinispan-commons-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-infinispan-commons-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-infinispan-commons@11.0.15-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-infinispan-component-annotations-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-infinispan-component-annotations-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-infinispan-component-annotations-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-infinispan-component-annotations@11.0.15-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-infinispan-core-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-infinispan-core-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-infinispan-core-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-infinispan-core@11.0.15-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-infinispan-hibernate-cache-commons-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-infinispan-hibernate-cache-commons-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-infinispan-hibernate-cache-commons-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-infinispan-hibernate-cache-commons@11.0.15-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-infinispan-hibernate-cache-spi-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-infinispan-hibernate-cache-spi-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-infinispan-hibernate-cache-spi-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-infinispan-hibernate-cache-spi@11.0.15-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-infinispan-hibernate-cache-v53-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-infinispan-hibernate-cache-v53-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-infinispan-hibernate-cache-v53-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-infinispan-hibernate-cache-v53@11.0.15-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-objectweb-asm-0:9.1.0-1.redhat_00002.1.el7eap.noarch",
"product": {
"name": "eap7-objectweb-asm-0:9.1.0-1.redhat_00002.1.el7eap.noarch",
"product_id": "eap7-objectweb-asm-0:9.1.0-1.redhat_00002.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-objectweb-asm@9.1.0-1.redhat_00002.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-vfs-0:3.2.16-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-jboss-vfs-0:3.2.16-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-jboss-vfs-0:3.2.16-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-vfs@3.2.16-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-log4j-0:2.17.1-1.redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-log4j-0:2.17.1-1.redhat_00001.1.el7eap.noarch",
"product_id": "eap7-log4j-0:2.17.1-1.redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-log4j@2.17.1-1.redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-yasson-0:1.0.10-1.redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-yasson-0:1.0.10-1.redhat_00001.1.el7eap.noarch",
"product_id": "eap7-yasson-0:1.0.10-1.redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-yasson@1.0.10-1.redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ecj-1:3.26.0-1.redhat_00002.1.el7eap.noarch",
"product": {
"name": "eap7-ecj-1:3.26.0-1.redhat_00002.1.el7eap.noarch",
"product_id": "eap7-ecj-1:3.26.0-1.redhat_00002.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ecj@3.26.0-1.redhat_00002.1.el7eap?arch=noarch\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "eap7-jbossws-cxf-0:5.4.4-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-jbossws-cxf-0:5.4.4-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-jbossws-cxf-0:5.4.4-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jbossws-cxf@5.4.4-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-openssl-0:2.2.0-3.Final_redhat_00002.1.el7eap.noarch",
"product": {
"name": "eap7-wildfly-openssl-0:2.2.0-3.Final_redhat_00002.1.el7eap.noarch",
"product_id": "eap7-wildfly-openssl-0:2.2.0-3.Final_redhat_00002.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-openssl@2.2.0-3.Final_redhat_00002.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-openssl-java-0:2.2.0-3.Final_redhat_00002.1.el7eap.noarch",
"product": {
"name": "eap7-wildfly-openssl-java-0:2.2.0-3.Final_redhat_00002.1.el7eap.noarch",
"product_id": "eap7-wildfly-openssl-java-0:2.2.0-3.Final_redhat_00002.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-openssl-java@2.2.0-3.Final_redhat_00002.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-0:1.10.0-15.Final_redhat_00014.1.el7eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-0:1.10.0-15.Final_redhat_00014.1.el7eap.noarch",
"product_id": "eap7-jboss-server-migration-0:1.10.0-15.Final_redhat_00014.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration@1.10.0-15.Final_redhat_00014.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-cli-0:1.10.0-15.Final_redhat_00014.1.el7eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-cli-0:1.10.0-15.Final_redhat_00014.1.el7eap.noarch",
"product_id": "eap7-jboss-server-migration-cli-0:1.10.0-15.Final_redhat_00014.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-cli@1.10.0-15.Final_redhat_00014.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-core-0:1.10.0-15.Final_redhat_00014.1.el7eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-core-0:1.10.0-15.Final_redhat_00014.1.el7eap.noarch",
"product_id": "eap7-jboss-server-migration-core-0:1.10.0-15.Final_redhat_00014.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-core@1.10.0-15.Final_redhat_00014.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-0:7.4.4-3.GA_redhat_00011.1.el7eap.noarch",
"product": {
"name": "eap7-wildfly-0:7.4.4-3.GA_redhat_00011.1.el7eap.noarch",
"product_id": "eap7-wildfly-0:7.4.4-3.GA_redhat_00011.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly@7.4.4-3.GA_redhat_00011.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-java-jdk11-0:7.4.4-3.GA_redhat_00011.1.el7eap.noarch",
"product": {
"name": "eap7-wildfly-java-jdk11-0:7.4.4-3.GA_redhat_00011.1.el7eap.noarch",
"product_id": "eap7-wildfly-java-jdk11-0:7.4.4-3.GA_redhat_00011.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-java-jdk11@7.4.4-3.GA_redhat_00011.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-java-jdk8-0:7.4.4-3.GA_redhat_00011.1.el7eap.noarch",
"product": {
"name": "eap7-wildfly-java-jdk8-0:7.4.4-3.GA_redhat_00011.1.el7eap.noarch",
"product_id": "eap7-wildfly-java-jdk8-0:7.4.4-3.GA_redhat_00011.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-java-jdk8@7.4.4-3.GA_redhat_00011.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-javadocs-0:7.4.4-3.GA_redhat_00011.1.el7eap.noarch",
"product": {
"name": "eap7-wildfly-javadocs-0:7.4.4-3.GA_redhat_00011.1.el7eap.noarch",
"product_id": "eap7-wildfly-javadocs-0:7.4.4-3.GA_redhat_00011.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-javadocs@7.4.4-3.GA_redhat_00011.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-modules-0:7.4.4-3.GA_redhat_00011.1.el7eap.noarch",
"product": {
"name": "eap7-wildfly-modules-0:7.4.4-3.GA_redhat_00011.1.el7eap.noarch",
"product_id": "eap7-wildfly-modules-0:7.4.4-3.GA_redhat_00011.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-modules@7.4.4-3.GA_redhat_00011.1.el7eap?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "eap7-wildfly-openssl-el7-x86_64-0:2.2.0-2.Final_redhat_00002.1.el7eap.x86_64",
"product": {
"name": "eap7-wildfly-openssl-el7-x86_64-0:2.2.0-2.Final_redhat_00002.1.el7eap.x86_64",
"product_id": "eap7-wildfly-openssl-el7-x86_64-0:2.2.0-2.Final_redhat_00002.1.el7eap.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-openssl-el7-x86_64@2.2.0-2.Final_redhat_00002.1.el7eap?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-openssl-el7-x86_64-debuginfo-0:2.2.0-2.Final_redhat_00002.1.el7eap.x86_64",
"product": {
"name": "eap7-wildfly-openssl-el7-x86_64-debuginfo-0:2.2.0-2.Final_redhat_00002.1.el7eap.x86_64",
"product_id": "eap7-wildfly-openssl-el7-x86_64-debuginfo-0:2.2.0-2.Final_redhat_00002.1.el7eap.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-openssl-el7-x86_64-debuginfo@2.2.0-2.Final_redhat_00002.1.el7eap?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-0:2.16.0-7.redhat_00034.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-7.redhat_00034.1.el7eap.noarch"
},
"product_reference": "eap7-activemq-artemis-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-0:2.16.0-7.redhat_00034.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-7.redhat_00034.1.el7eap.src"
},
"product_reference": "eap7-activemq-artemis-0:2.16.0-7.redhat_00034.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-cli-0:2.16.0-7.redhat_00034.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-7.redhat_00034.1.el7eap.noarch"
},
"product_reference": "eap7-activemq-artemis-cli-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-commons-0:2.16.0-7.redhat_00034.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-7.redhat_00034.1.el7eap.noarch"
},
"product_reference": "eap7-activemq-artemis-commons-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-core-client-0:2.16.0-7.redhat_00034.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-7.redhat_00034.1.el7eap.noarch"
},
"product_reference": "eap7-activemq-artemis-core-client-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-dto-0:2.16.0-7.redhat_00034.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-7.redhat_00034.1.el7eap.noarch"
},
"product_reference": "eap7-activemq-artemis-dto-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-hornetq-protocol-0:2.16.0-7.redhat_00034.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-7.redhat_00034.1.el7eap.noarch"
},
"product_reference": "eap7-activemq-artemis-hornetq-protocol-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-hqclient-protocol-0:2.16.0-7.redhat_00034.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-7.redhat_00034.1.el7eap.noarch"
},
"product_reference": "eap7-activemq-artemis-hqclient-protocol-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-jdbc-store-0:2.16.0-7.redhat_00034.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-7.redhat_00034.1.el7eap.noarch"
},
"product_reference": "eap7-activemq-artemis-jdbc-store-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-jms-client-0:2.16.0-7.redhat_00034.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-7.redhat_00034.1.el7eap.noarch"
},
"product_reference": "eap7-activemq-artemis-jms-client-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-jms-server-0:2.16.0-7.redhat_00034.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-7.redhat_00034.1.el7eap.noarch"
},
"product_reference": "eap7-activemq-artemis-jms-server-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-journal-0:2.16.0-7.redhat_00034.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-7.redhat_00034.1.el7eap.noarch"
},
"product_reference": "eap7-activemq-artemis-journal-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-ra-0:2.16.0-7.redhat_00034.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-7.redhat_00034.1.el7eap.noarch"
},
"product_reference": "eap7-activemq-artemis-ra-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-selector-0:2.16.0-7.redhat_00034.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-7.redhat_00034.1.el7eap.noarch"
},
"product_reference": "eap7-activemq-artemis-selector-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-server-0:2.16.0-7.redhat_00034.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-7.redhat_00034.1.el7eap.noarch"
},
"product_reference": "eap7-activemq-artemis-server-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-service-extensions-0:2.16.0-7.redhat_00034.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-7.redhat_00034.1.el7eap.noarch"
},
"product_reference": "eap7-activemq-artemis-service-extensions-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-tools-0:2.16.0-7.redhat_00034.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-7.redhat_00034.1.el7eap.noarch"
},
"product_reference": "eap7-activemq-artemis-tools-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ecj-1:3.26.0-1.redhat_00002.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-ecj-1:3.26.0-1.redhat_00002.1.el7eap.noarch"
},
"product_reference": "eap7-ecj-1:3.26.0-1.redhat_00002.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ecj-1:3.26.0-1.redhat_00002.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-ecj-1:3.26.0-1.redhat_00002.1.el7eap.src"
},
"product_reference": "eap7-ecj-1:3.26.0-1.redhat_00002.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hal-console-0:3.3.9-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.9-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-hal-console-0:3.3.9-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hal-console-0:3.3.9-1.Final_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.9-1.Final_redhat_00001.1.el7eap.src"
},
"product_reference": "eap7-hal-console-0:3.3.9-1.Final_redhat_00001.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-0:5.3.25-1.Final_redhat_00002.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-hibernate-0:5.3.25-1.Final_redhat_00002.1.el7eap.noarch"
},
"product_reference": "eap7-hibernate-0:5.3.25-1.Final_redhat_00002.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-0:5.3.25-1.Final_redhat_00002.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-hibernate-0:5.3.25-1.Final_redhat_00002.1.el7eap.src"
},
"product_reference": "eap7-hibernate-0:5.3.25-1.Final_redhat_00002.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-core-0:5.3.25-1.Final_redhat_00002.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-hibernate-core-0:5.3.25-1.Final_redhat_00002.1.el7eap.noarch"
},
"product_reference": "eap7-hibernate-core-0:5.3.25-1.Final_redhat_00002.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-entitymanager-0:5.3.25-1.Final_redhat_00002.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.25-1.Final_redhat_00002.1.el7eap.noarch"
},
"product_reference": "eap7-hibernate-entitymanager-0:5.3.25-1.Final_redhat_00002.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-envers-0:5.3.25-1.Final_redhat_00002.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-hibernate-envers-0:5.3.25-1.Final_redhat_00002.1.el7eap.noarch"
},
"product_reference": "eap7-hibernate-envers-0:5.3.25-1.Final_redhat_00002.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-java8-0:5.3.25-1.Final_redhat_00002.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-hibernate-java8-0:5.3.25-1.Final_redhat_00002.1.el7eap.noarch"
},
"product_reference": "eap7-hibernate-java8-0:5.3.25-1.Final_redhat_00002.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-infinispan-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-infinispan-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-infinispan-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-infinispan-0:11.0.15-1.Final_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-infinispan-0:11.0.15-1.Final_redhat_00001.1.el7eap.src"
},
"product_reference": "eap7-infinispan-0:11.0.15-1.Final_redhat_00001.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-infinispan-cachestore-jdbc-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-infinispan-cachestore-jdbc-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-infinispan-cachestore-remote-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-infinispan-cachestore-remote-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-infinispan-client-hotrod-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-infinispan-client-hotrod-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-infinispan-commons-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-infinispan-commons-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-infinispan-commons-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-infinispan-component-annotations-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-infinispan-component-annotations-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-infinispan-core-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-infinispan-core-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-infinispan-core-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-infinispan-hibernate-cache-commons-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-infinispan-hibernate-cache-commons-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-infinispan-hibernate-cache-spi-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-infinispan-hibernate-cache-spi-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-infinispan-hibernate-cache-v53-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-infinispan-hibernate-cache-v53-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-0:1.10.0-15.Final_redhat_00014.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-15.Final_redhat_00014.1.el7eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-0:1.10.0-15.Final_redhat_00014.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-0:1.10.0-15.Final_redhat_00014.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-15.Final_redhat_00014.1.el7eap.src"
},
"product_reference": "eap7-jboss-server-migration-0:1.10.0-15.Final_redhat_00014.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-cli-0:1.10.0-15.Final_redhat_00014.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-15.Final_redhat_00014.1.el7eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-cli-0:1.10.0-15.Final_redhat_00014.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-core-0:1.10.0-15.Final_redhat_00014.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-15.Final_redhat_00014.1.el7eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-core-0:1.10.0-15.Final_redhat_00014.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-vfs-0:3.2.16-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-jboss-vfs-0:3.2.16-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-jboss-vfs-0:3.2.16-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-vfs-0:3.2.16-1.Final_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-jboss-vfs-0:3.2.16-1.Final_redhat_00001.1.el7eap.src"
},
"product_reference": "eap7-jboss-vfs-0:3.2.16-1.Final_redhat_00001.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-xnio-base-0:3.8.6-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.6-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-jboss-xnio-base-0:3.8.6-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-xnio-base-0:3.8.6-1.Final_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.6-1.Final_redhat_00001.1.el7eap.src"
},
"product_reference": "eap7-jboss-xnio-base-0:3.8.6-1.Final_redhat_00001.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jbossws-cxf-0:5.4.4-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.4-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-jbossws-cxf-0:5.4.4-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jbossws-cxf-0:5.4.4-1.Final_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.4-1.Final_redhat_00001.1.el7eap.src"
},
"product_reference": "eap7-jbossws-cxf-0:5.4.4-1.Final_redhat_00001.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-log4j-0:2.17.1-1.redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-log4j-0:2.17.1-1.redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-log4j-0:2.17.1-1.redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-log4j-0:2.17.1-1.redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-log4j-0:2.17.1-1.redhat_00001.1.el7eap.src"
},
"product_reference": "eap7-log4j-0:2.17.1-1.redhat_00001.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-narayana-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-narayana-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-narayana-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-narayana-0:5.11.4-1.Final_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-narayana-0:5.11.4-1.Final_redhat_00001.1.el7eap.src"
},
"product_reference": "eap7-narayana-0:5.11.4-1.Final_redhat_00001.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-narayana-compensations-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-narayana-compensations-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-narayana-compensations-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-narayana-jbosstxbridge-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-narayana-jbosstxbridge-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-narayana-jbosstxbridge-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-narayana-jbossxts-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-narayana-jbossxts-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-narayana-jbossxts-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-narayana-jts-idlj-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-narayana-jts-idlj-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-narayana-jts-idlj-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-narayana-jts-integration-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-narayana-jts-integration-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-narayana-jts-integration-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-narayana-restat-api-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-narayana-restat-api-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-narayana-restat-api-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-narayana-restat-bridge-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-narayana-restat-bridge-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-narayana-restat-bridge-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-narayana-restat-integration-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-narayana-restat-integration-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-narayana-restat-integration-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-narayana-restat-util-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-narayana-restat-util-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-narayana-restat-util-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-narayana-txframework-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-narayana-txframework-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-narayana-txframework-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-objectweb-asm-0:9.1.0-1.redhat_00002.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-objectweb-asm-0:9.1.0-1.redhat_00002.1.el7eap.noarch"
},
"product_reference": "eap7-objectweb-asm-0:9.1.0-1.redhat_00002.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-objectweb-asm-0:9.1.0-1.redhat_00002.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-objectweb-asm-0:9.1.0-1.redhat_00002.1.el7eap.src"
},
"product_reference": "eap7-objectweb-asm-0:9.1.0-1.redhat_00002.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-undertow-0:2.2.16-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-undertow-0:2.2.16-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-undertow-0:2.2.16-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-undertow-0:2.2.16-1.Final_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-undertow-0:2.2.16-1.Final_redhat_00001.1.el7eap.src"
},
"product_reference": "eap7-undertow-0:2.2.16-1.Final_redhat_00001.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-0:7.4.4-3.GA_redhat_00011.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.4-3.GA_redhat_00011.1.el7eap.noarch"
},
"product_reference": "eap7-wildfly-0:7.4.4-3.GA_redhat_00011.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-0:7.4.4-3.GA_redhat_00011.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.4-3.GA_redhat_00011.1.el7eap.src"
},
"product_reference": "eap7-wildfly-0:7.4.4-3.GA_redhat_00011.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-elytron-0:1.15.11-1.Final_redhat_00002.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.11-1.Final_redhat_00002.1.el7eap.noarch"
},
"product_reference": "eap7-wildfly-elytron-0:1.15.11-1.Final_redhat_00002.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-elytron-0:1.15.11-1.Final_redhat_00002.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.11-1.Final_redhat_00002.1.el7eap.src"
},
"product_reference": "eap7-wildfly-elytron-0:1.15.11-1.Final_redhat_00002.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-elytron-tool-0:1.15.11-1.Final_redhat_00002.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.11-1.Final_redhat_00002.1.el7eap.noarch"
},
"product_reference": "eap7-wildfly-elytron-tool-0:1.15.11-1.Final_redhat_00002.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-java-jdk11-0:7.4.4-3.GA_redhat_00011.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.4-3.GA_redhat_00011.1.el7eap.noarch"
},
"product_reference": "eap7-wildfly-java-jdk11-0:7.4.4-3.GA_redhat_00011.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-java-jdk8-0:7.4.4-3.GA_redhat_00011.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.4-3.GA_redhat_00011.1.el7eap.noarch"
},
"product_reference": "eap7-wildfly-java-jdk8-0:7.4.4-3.GA_redhat_00011.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-javadocs-0:7.4.4-3.GA_redhat_00011.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.4-3.GA_redhat_00011.1.el7eap.noarch"
},
"product_reference": "eap7-wildfly-javadocs-0:7.4.4-3.GA_redhat_00011.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-modules-0:7.4.4-3.GA_redhat_00011.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.4-3.GA_redhat_00011.1.el7eap.noarch"
},
"product_reference": "eap7-wildfly-modules-0:7.4.4-3.GA_redhat_00011.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-openssl-0:2.2.0-3.Final_redhat_00002.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-wildfly-openssl-0:2.2.0-3.Final_redhat_00002.1.el7eap.noarch"
},
"product_reference": "eap7-wildfly-openssl-0:2.2.0-3.Final_redhat_00002.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-openssl-0:2.2.0-3.Final_redhat_00002.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-wildfly-openssl-0:2.2.0-3.Final_redhat_00002.1.el7eap.src"
},
"product_reference": "eap7-wildfly-openssl-0:2.2.0-3.Final_redhat_00002.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-openssl-el7-x86_64-0:2.2.0-2.Final_redhat_00002.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-wildfly-openssl-el7-x86_64-0:2.2.0-2.Final_redhat_00002.1.el7eap.src"
},
"product_reference": "eap7-wildfly-openssl-el7-x86_64-0:2.2.0-2.Final_redhat_00002.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-openssl-el7-x86_64-0:2.2.0-2.Final_redhat_00002.1.el7eap.x86_64 as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-wildfly-openssl-el7-x86_64-0:2.2.0-2.Final_redhat_00002.1.el7eap.x86_64"
},
"product_reference": "eap7-wildfly-openssl-el7-x86_64-0:2.2.0-2.Final_redhat_00002.1.el7eap.x86_64",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-openssl-el7-x86_64-debuginfo-0:2.2.0-2.Final_redhat_00002.1.el7eap.x86_64 as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-wildfly-openssl-el7-x86_64-debuginfo-0:2.2.0-2.Final_redhat_00002.1.el7eap.x86_64"
},
"product_reference": "eap7-wildfly-openssl-el7-x86_64-debuginfo-0:2.2.0-2.Final_redhat_00002.1.el7eap.x86_64",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-openssl-java-0:2.2.0-3.Final_redhat_00002.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-wildfly-openssl-java-0:2.2.0-3.Final_redhat_00002.1.el7eap.noarch"
},
"product_reference": "eap7-wildfly-openssl-java-0:2.2.0-3.Final_redhat_00002.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-xom-0:1.3.7-1.redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-xom-0:1.3.7-1.redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-xom-0:1.3.7-1.redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-xom-0:1.3.7-1.redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-xom-0:1.3.7-1.redhat_00001.1.el7eap.src"
},
"product_reference": "eap7-xom-0:1.3.7-1.redhat_00001.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-yasson-0:1.0.10-1.redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-yasson-0:1.0.10-1.redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-yasson-0:1.0.10-1.redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-yasson-0:1.0.10-1.redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-yasson-0:1.0.10-1.redhat_00001.1.el7eap.src"
},
"product_reference": "eap7-yasson-0:1.0.10-1.redhat_00001.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.4"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-4104",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2021-12-13T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-7.redhat_00034.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ecj-1:3.26.0-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ecj-1:3.26.0-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.9-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.9-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-0:5.3.25-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-0:5.3.25-1.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-core-0:5.3.25-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.25-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-envers-0:5.3.25-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-java8-0:5.3.25-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-0:11.0.15-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-commons-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-core-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-15.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-15.Final_redhat_00014.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-15.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-15.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-vfs-0:3.2.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-vfs-0:3.2.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.6-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.4-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-narayana-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-0:5.11.4-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-narayana-compensations-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-jbosstxbridge-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-jbossxts-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-jts-idlj-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-jts-integration-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-restat-api-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-restat-bridge-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-restat-integration-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-restat-util-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-txframework-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-objectweb-asm-0:9.1.0-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-objectweb-asm-0:9.1.0-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.4-3.GA_redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.4-3.GA_redhat_00011.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.11-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.11-1.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.11-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.4-3.GA_redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.4-3.GA_redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.4-3.GA_redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.4-3.GA_redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-openssl-0:2.2.0-3.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-openssl-0:2.2.0-3.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-openssl-el7-x86_64-0:2.2.0-2.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-openssl-el7-x86_64-0:2.2.0-2.Final_redhat_00002.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-wildfly-openssl-el7-x86_64-debuginfo-0:2.2.0-2.Final_redhat_00002.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-wildfly-openssl-java-0:2.2.0-3.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-xom-0:1.3.7-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-xom-0:1.3.7-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-yasson-0:1.0.10-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-yasson-0:1.0.10-1.redhat_00001.1.el7eap.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2031667"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Java logging library Apache Log4j in version 1.x. JMSAppender in Log4j 1.x is vulnerable to deserialization of untrusted data. This allows a remote attacker to execute code on the server if the deployed application is configured to use JMSAppender and to the attacker\u0027s JNDI LDAP endpoint.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "log4j: Remote code execution in Log4j 1.x when application is configured to use JMSAppender",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Based on the conditions to be exploitable (see details below), the risk is much lower than Log4j 2.x and Red Hat has assessed this to be Moderate severity. This flaw has been filed for Log4j 1.x, and the corresponding flaw information for Log4j 2.x is available at: https://access.redhat.com/security/cve/CVE-2021-44228\n\nNote this flaw ONLY affects applications which are specifically configured to use JMSAppender, which is not the default, or when the attacker has write access to the Log4j configuration for adding JMSAppender to the attacker\u0027s JNDI LDAP endpoint. \n\nIf the Log4j configuration is set TopicBindingName or TopicConnectionFactoryBindingName configurations allowing JMSAppender to perform JNDI requests that result in remote code execution in a similar fashion to CVE-2021-44228 Log4j 2.x, Log4j 1.x is vulnerable. However, the attack vector is reduced as it depends on having write access, which is not a standard configuration rather than untrusted user input. These are sufficient factors beyond the attacker\u0027s control.\n\nThe tomcat package shipped with Red Hat Enterprise Linux does not include log4j but it does include a default configuration for log4j, log4j.properties, which could be used with tomcat if users choose to install and configure the library. The JMSAppender is not enabled by default, and the permissions of the file can only be modified as root.\n\nRed Hat Virtualization ships log4j12-1.2.17, but it is used and configured in a way which makes this flaw not possible to exploit. Therefore impact is rated Low.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBEAP-7.4:eap7-log4j-0:2.17.1-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-log4j-0:2.17.1-1.redhat_00001.1.el7eap.src"
],
"known_not_affected": [
"7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-7.redhat_00034.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ecj-1:3.26.0-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ecj-1:3.26.0-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.9-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.9-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-0:5.3.25-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-0:5.3.25-1.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-core-0:5.3.25-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.25-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-envers-0:5.3.25-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-java8-0:5.3.25-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-0:11.0.15-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-commons-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-core-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-15.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-15.Final_redhat_00014.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-15.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-15.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-vfs-0:3.2.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-vfs-0:3.2.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.6-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.4-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-narayana-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-0:5.11.4-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-narayana-compensations-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-jbosstxbridge-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-jbossxts-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-jts-idlj-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-jts-integration-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-restat-api-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-restat-bridge-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-restat-integration-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-restat-util-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-txframework-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-objectweb-asm-0:9.1.0-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-objectweb-asm-0:9.1.0-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.4-3.GA_redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.4-3.GA_redhat_00011.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.11-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.11-1.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.11-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.4-3.GA_redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.4-3.GA_redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.4-3.GA_redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.4-3.GA_redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-openssl-0:2.2.0-3.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-openssl-0:2.2.0-3.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-openssl-el7-x86_64-0:2.2.0-2.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-openssl-el7-x86_64-0:2.2.0-2.Final_redhat_00002.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-wildfly-openssl-el7-x86_64-debuginfo-0:2.2.0-2.Final_redhat_00002.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-wildfly-openssl-java-0:2.2.0-3.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-xom-0:1.3.7-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-xom-0:1.3.7-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-yasson-0:1.0.10-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-yasson-0:1.0.10-1.redhat_00001.1.el7eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-4104"
},
{
"category": "external",
"summary": "RHBZ#2031667",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2031667"
},
{
"category": "external",
"summary": "RHSB-2021-009",
"url": "https://access.redhat.com/security/vulnerabilities/RHSB-2021-009"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-4104",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-4104"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-4104",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-4104"
},
{
"category": "external",
"summary": "https://github.com/apache/logging-log4j2/pull/608#issuecomment-990494126",
"url": "https://github.com/apache/logging-log4j2/pull/608#issuecomment-990494126"
},
{
"category": "external",
"summary": "https://github.com/apache/logging-log4j2/pull/608#issuecomment-991723301",
"url": "https://github.com/apache/logging-log4j2/pull/608#issuecomment-991723301"
},
{
"category": "external",
"summary": "https://lists.apache.org/thread/0x4zvtq92yggdgvwfgsftqrj4xx5w0nx",
"url": "https://lists.apache.org/thread/0x4zvtq92yggdgvwfgsftqrj4xx5w0nx"
},
{
"category": "external",
"summary": "https://www.openwall.com/lists/oss-security/2021/12/13/1",
"url": "https://www.openwall.com/lists/oss-security/2021/12/13/1"
}
],
"release_date": "2021-12-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-04-11T12:59:41+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-JBEAP-7.4:eap7-log4j-0:2.17.1-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-log4j-0:2.17.1-1.redhat_00001.1.el7eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:1296"
},
{
"category": "workaround",
"details": "These are the possible mitigations for this flaw for releases version 1.x:\n\n- Comment out or remove JMSAppender in the Log4j configuration if it is used\n- Remove the JMSAppender class from the classpath. For example:\n```\nzip -q -d log4j-*.jar org/apache/log4j/net/JMSAppender.class\n```\n- Restrict access for the OS user on the platform running the application to prevent modifying the Log4j configuration by the attacker.",
"product_ids": [
"7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-7.redhat_00034.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ecj-1:3.26.0-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ecj-1:3.26.0-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.9-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.9-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-0:5.3.25-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-0:5.3.25-1.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-core-0:5.3.25-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.25-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-envers-0:5.3.25-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-java8-0:5.3.25-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-0:11.0.15-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-commons-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-core-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-15.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-15.Final_redhat_00014.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-15.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-15.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-vfs-0:3.2.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-vfs-0:3.2.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.6-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.4-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-log4j-0:2.17.1-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-log4j-0:2.17.1-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-narayana-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-0:5.11.4-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-narayana-compensations-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-jbosstxbridge-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-jbossxts-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-jts-idlj-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-jts-integration-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-restat-api-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-restat-bridge-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-restat-integration-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-restat-util-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-txframework-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-objectweb-asm-0:9.1.0-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-objectweb-asm-0:9.1.0-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.4-3.GA_redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.4-3.GA_redhat_00011.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.11-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.11-1.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.11-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.4-3.GA_redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.4-3.GA_redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.4-3.GA_redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.4-3.GA_redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-openssl-0:2.2.0-3.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-openssl-0:2.2.0-3.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-openssl-el7-x86_64-0:2.2.0-2.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-openssl-el7-x86_64-0:2.2.0-2.Final_redhat_00002.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-wildfly-openssl-el7-x86_64-debuginfo-0:2.2.0-2.Final_redhat_00002.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-wildfly-openssl-java-0:2.2.0-3.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-xom-0:1.3.7-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-xom-0:1.3.7-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-yasson-0:1.0.10-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-yasson-0:1.0.10-1.redhat_00001.1.el7eap.src"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"7Server-JBEAP-7.4:eap7-log4j-0:2.17.1-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-log4j-0:2.17.1-1.redhat_00001.1.el7eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "log4j: Remote code execution in Log4j 1.x when application is configured to use JMSAppender"
},
{
"cve": "CVE-2021-44832",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2021-12-28T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-7.redhat_00034.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ecj-1:3.26.0-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ecj-1:3.26.0-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.9-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.9-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-0:5.3.25-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-0:5.3.25-1.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-core-0:5.3.25-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.25-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-envers-0:5.3.25-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-java8-0:5.3.25-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-0:11.0.15-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-commons-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-core-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-15.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-15.Final_redhat_00014.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-15.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-15.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-vfs-0:3.2.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-vfs-0:3.2.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.6-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.4-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-narayana-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-0:5.11.4-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-narayana-compensations-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-jbosstxbridge-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-jbossxts-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-jts-idlj-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-jts-integration-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-restat-api-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-restat-bridge-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-restat-integration-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-restat-util-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-txframework-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-objectweb-asm-0:9.1.0-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-objectweb-asm-0:9.1.0-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.4-3.GA_redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.4-3.GA_redhat_00011.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.11-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.11-1.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.11-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.4-3.GA_redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.4-3.GA_redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.4-3.GA_redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.4-3.GA_redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-openssl-0:2.2.0-3.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-openssl-0:2.2.0-3.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-openssl-el7-x86_64-0:2.2.0-2.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-openssl-el7-x86_64-0:2.2.0-2.Final_redhat_00002.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-wildfly-openssl-el7-x86_64-debuginfo-0:2.2.0-2.Final_redhat_00002.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-wildfly-openssl-java-0:2.2.0-3.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-xom-0:1.3.7-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-xom-0:1.3.7-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-yasson-0:1.0.10-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-yasson-0:1.0.10-1.redhat_00001.1.el7eap.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2035951"
}
],
"notes": [
{
"category": "description",
"text": "Apache Log4j2 versions 2.0-beta7 through 2.17.0 (excluding security fix releases 2.3.2 and 2.12.4) are vulnerable to a remote code execution (RCE) attack where an attacker with permission to modify the logging configuration file can construct a malicious configuration using a JDBC Appender with a data source referencing a JNDI URI which can execute remote code. This issue is fixed by limiting JNDI data source names to the java protocol in Log4j2 versions 2.17.1, 2.12.4, and 2.3.2.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "log4j-core: remote code execution via JDBC Appender",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Log4j 1.x is not impacted by this vulnerability. Therefore versions of log4j shipped with Red Hat Enterprise Linux are NOT affected by this flaw.\n\nFor Elasticsearch, as shipped in OpenShift Container Platform and OpenShift Logging, access to the log4j2.properties configuration is limited only to the cluster administrators and exploitation requires cluster logging changes, what reduced the impact of this vulnerability significantly [0].\n\n[0] https://discuss.elastic.co/t/apache-log4j2-remote-code-execution-rce-vulnerability-cve-2021-44228-esa-2021-31/291476#update-jan-6-5",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBEAP-7.4:eap7-log4j-0:2.17.1-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-log4j-0:2.17.1-1.redhat_00001.1.el7eap.src"
],
"known_not_affected": [
"7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-7.redhat_00034.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ecj-1:3.26.0-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ecj-1:3.26.0-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.9-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.9-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-0:5.3.25-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-0:5.3.25-1.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-core-0:5.3.25-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.25-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-envers-0:5.3.25-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-java8-0:5.3.25-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-0:11.0.15-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-commons-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-core-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-15.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-15.Final_redhat_00014.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-15.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-15.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-vfs-0:3.2.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-vfs-0:3.2.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.6-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.4-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-narayana-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-0:5.11.4-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-narayana-compensations-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-jbosstxbridge-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-jbossxts-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-jts-idlj-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-jts-integration-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-restat-api-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-restat-bridge-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-restat-integration-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-restat-util-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-txframework-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-objectweb-asm-0:9.1.0-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-objectweb-asm-0:9.1.0-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.4-3.GA_redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.4-3.GA_redhat_00011.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.11-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.11-1.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.11-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.4-3.GA_redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.4-3.GA_redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.4-3.GA_redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.4-3.GA_redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-openssl-0:2.2.0-3.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-openssl-0:2.2.0-3.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-openssl-el7-x86_64-0:2.2.0-2.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-openssl-el7-x86_64-0:2.2.0-2.Final_redhat_00002.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-wildfly-openssl-el7-x86_64-debuginfo-0:2.2.0-2.Final_redhat_00002.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-wildfly-openssl-java-0:2.2.0-3.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-xom-0:1.3.7-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-xom-0:1.3.7-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-yasson-0:1.0.10-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-yasson-0:1.0.10-1.redhat_00001.1.el7eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-44832"
},
{
"category": "external",
"summary": "RHBZ#2035951",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2035951"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-44832",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44832"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-44832",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-44832"
},
{
"category": "external",
"summary": "https://issues.apache.org/jira/browse/LOG4J2-3293",
"url": "https://issues.apache.org/jira/browse/LOG4J2-3293"
}
],
"release_date": "2021-12-28T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-04-11T12:59:41+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-JBEAP-7.4:eap7-log4j-0:2.17.1-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-log4j-0:2.17.1-1.redhat_00001.1.el7eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:1296"
},
{
"category": "workaround",
"details": "As per upstream:\n- In prior releases confirm that if the JDBC Appender is being used it is not configured to use any protocol other than Java.\n- Note that only the log4j-core JAR file is impacted by this vulnerability. Applications using only the log4j-api JAR file without the log4j-core JAR file are not impacted by this vulnerability.",
"product_ids": [
"7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-7.redhat_00034.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ecj-1:3.26.0-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ecj-1:3.26.0-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.9-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.9-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-0:5.3.25-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-0:5.3.25-1.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-core-0:5.3.25-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.25-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-envers-0:5.3.25-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-java8-0:5.3.25-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-0:11.0.15-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-commons-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-core-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-15.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-15.Final_redhat_00014.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-15.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-15.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-vfs-0:3.2.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-vfs-0:3.2.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.6-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.4-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-log4j-0:2.17.1-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-log4j-0:2.17.1-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-narayana-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-0:5.11.4-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-narayana-compensations-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-jbosstxbridge-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-jbossxts-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-jts-idlj-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-jts-integration-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-restat-api-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-restat-bridge-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-restat-integration-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-restat-util-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-txframework-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-objectweb-asm-0:9.1.0-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-objectweb-asm-0:9.1.0-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.4-3.GA_redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.4-3.GA_redhat_00011.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.11-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.11-1.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.11-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.4-3.GA_redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.4-3.GA_redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.4-3.GA_redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.4-3.GA_redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-openssl-0:2.2.0-3.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-openssl-0:2.2.0-3.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-openssl-el7-x86_64-0:2.2.0-2.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-openssl-el7-x86_64-0:2.2.0-2.Final_redhat_00002.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-wildfly-openssl-el7-x86_64-debuginfo-0:2.2.0-2.Final_redhat_00002.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-wildfly-openssl-java-0:2.2.0-3.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-xom-0:1.3.7-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-xom-0:1.3.7-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-yasson-0:1.0.10-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-yasson-0:1.0.10-1.redhat_00001.1.el7eap.src"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"7Server-JBEAP-7.4:eap7-log4j-0:2.17.1-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-log4j-0:2.17.1-1.redhat_00001.1.el7eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "log4j-core: remote code execution via JDBC Appender"
},
{
"cve": "CVE-2021-45046",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2021-12-14T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-7.redhat_00034.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ecj-1:3.26.0-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ecj-1:3.26.0-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.9-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.9-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-0:5.3.25-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-0:5.3.25-1.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-core-0:5.3.25-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.25-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-envers-0:5.3.25-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-java8-0:5.3.25-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-0:11.0.15-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-commons-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-core-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-15.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-15.Final_redhat_00014.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-15.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-15.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-vfs-0:3.2.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-vfs-0:3.2.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.6-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.4-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-narayana-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-0:5.11.4-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-narayana-compensations-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-jbosstxbridge-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-jbossxts-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-jts-idlj-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-jts-integration-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-restat-api-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-restat-bridge-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-restat-integration-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-restat-util-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-txframework-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-objectweb-asm-0:9.1.0-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-objectweb-asm-0:9.1.0-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.4-3.GA_redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.4-3.GA_redhat_00011.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.11-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.11-1.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.11-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.4-3.GA_redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.4-3.GA_redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.4-3.GA_redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.4-3.GA_redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-openssl-0:2.2.0-3.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-openssl-0:2.2.0-3.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-openssl-el7-x86_64-0:2.2.0-2.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-openssl-el7-x86_64-0:2.2.0-2.Final_redhat_00002.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-wildfly-openssl-el7-x86_64-debuginfo-0:2.2.0-2.Final_redhat_00002.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-wildfly-openssl-java-0:2.2.0-3.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-xom-0:1.3.7-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-xom-0:1.3.7-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-yasson-0:1.0.10-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-yasson-0:1.0.10-1.redhat_00001.1.el7eap.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2032580"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Apache Log4j logging library in versions from 2.0.0 and before 2.16.0. A remote attacker with control over Thread Context Map (MDC) input data could craft malicious input using a JNDI Lookup pattern resulting in remote code execution (RCE) in a limited number of environments.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "log4j-core: DoS in log4j 2.x with thread context message pattern and context lookup pattern (incomplete fix for CVE-2021-44228)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Although we have matched Apache\u0027s CVSS score, with the exception of the scope metric which will remain unaltered at \"unchanged\"; as we believe code execution would be at the permission levels of the running JVM and not exceeding that of the original CVE-2021-44228 flaw.\n \nWe have given this vulnerability an impact rating of Moderate, this is because of the unlikely nature of log4j lookup mapping values being derived from attacker controlled values. This is not the default configuration for end-applications using log4j 2.x and would require explicit action from a privileged user (a developer or administrator) to access the vulnerability. \nIn certain non-default configurations, it was found that the fix to address CVE-2021-44228 in Apache Log4j 2.15.0 was insufficient.\n\nThis issue affects the log4j version between 2.0 and 2.15. Log4j 1.x is NOT impacted by this vulnerability. \n\nPrerequisites to exploit this flaw are :\n\n- A remotely accessible endpoint with any protocol (HTTP, TCP, etc) that allows an attacker to send arbitrary data,\n- A log statement in the endpoint that logs the attacker controlled data.\n- Log4j configuration file should be explicitly configured to use a non-default Pattern Layout with a Context Lookup eg. ($${ctx:loginId}) \n\nIn most cases, the mitigation suggested for CVE-2021-44228 (i.e. to set the system property `log4j2.noFormatMsgLookup` to `true) does NOT mitigate this specific vulnerability. \nLog4j 2.16.0 fixes this issue by removing support for message lookup patterns and disabling JNDI functionality by default.\n\nFor Elasticsearch, as shipped in OpenShift 3.11, the \"log4j2.formatMsgNoLookups=true\" system property mitigation is sufficient as there are no included non-standard configurations that allow for exploitation:\n\nhttps://github.com/openshift/openshift-ansible/blob/release-3.11/roles/openshift_logging_elasticsearch/templates/log4j2.properties.j2\n\nhttps://discuss.elastic.co/t/apache-log4j2-remote-code-execution-rce-vulnerability-cve-2021-44228-esa-2021-31/291476\n\nFor CodeReady Studio the fix for this flaw is available on CodeReady Studio 12.21.3 and above versions.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBEAP-7.4:eap7-log4j-0:2.17.1-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-log4j-0:2.17.1-1.redhat_00001.1.el7eap.src"
],
"known_not_affected": [
"7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-7.redhat_00034.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ecj-1:3.26.0-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ecj-1:3.26.0-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.9-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.9-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-0:5.3.25-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-0:5.3.25-1.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-core-0:5.3.25-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.25-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-envers-0:5.3.25-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-java8-0:5.3.25-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-0:11.0.15-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-commons-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-core-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-15.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-15.Final_redhat_00014.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-15.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-15.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-vfs-0:3.2.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-vfs-0:3.2.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.6-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.4-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-narayana-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-0:5.11.4-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-narayana-compensations-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-jbosstxbridge-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-jbossxts-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-jts-idlj-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-jts-integration-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-restat-api-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-restat-bridge-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-restat-integration-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-restat-util-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-txframework-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-objectweb-asm-0:9.1.0-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-objectweb-asm-0:9.1.0-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.4-3.GA_redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.4-3.GA_redhat_00011.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.11-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.11-1.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.11-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.4-3.GA_redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.4-3.GA_redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.4-3.GA_redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.4-3.GA_redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-openssl-0:2.2.0-3.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-openssl-0:2.2.0-3.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-openssl-el7-x86_64-0:2.2.0-2.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-openssl-el7-x86_64-0:2.2.0-2.Final_redhat_00002.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-wildfly-openssl-el7-x86_64-debuginfo-0:2.2.0-2.Final_redhat_00002.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-wildfly-openssl-java-0:2.2.0-3.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-xom-0:1.3.7-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-xom-0:1.3.7-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-yasson-0:1.0.10-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-yasson-0:1.0.10-1.redhat_00001.1.el7eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-45046"
},
{
"category": "external",
"summary": "RHBZ#2032580",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2032580"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-45046",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-45046"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-45046",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-45046"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2021-44228",
"url": "https://access.redhat.com/security/cve/CVE-2021-44228"
},
{
"category": "external",
"summary": "https://logging.apache.org/log4j/2.x/security.html",
"url": "https://logging.apache.org/log4j/2.x/security.html"
},
{
"category": "external",
"summary": "https://www.openwall.com/lists/oss-security/2021/12/14/4",
"url": "https://www.openwall.com/lists/oss-security/2021/12/14/4"
},
{
"category": "external",
"summary": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog",
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
}
],
"release_date": "2021-12-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-04-11T12:59:41+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-JBEAP-7.4:eap7-log4j-0:2.17.1-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-log4j-0:2.17.1-1.redhat_00001.1.el7eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:1296"
},
{
"category": "workaround",
"details": "For Log4j versions up to and including 2.15.0, this issue can be mitigated by removing the JndiLookup class from the classpath (example: zip -q -d log4j-core-*.jar org/apache/logging/log4j/core/lookup/JndiLookup.class).",
"product_ids": [
"7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-7.redhat_00034.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ecj-1:3.26.0-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ecj-1:3.26.0-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.9-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.9-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-0:5.3.25-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-0:5.3.25-1.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-core-0:5.3.25-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.25-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-envers-0:5.3.25-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-java8-0:5.3.25-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-0:11.0.15-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-commons-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-core-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-15.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-15.Final_redhat_00014.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-15.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-15.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-vfs-0:3.2.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-vfs-0:3.2.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.6-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.4-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-log4j-0:2.17.1-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-log4j-0:2.17.1-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-narayana-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-0:5.11.4-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-narayana-compensations-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-jbosstxbridge-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-jbossxts-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-jts-idlj-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-jts-integration-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-restat-api-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-restat-bridge-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-restat-integration-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-restat-util-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-txframework-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-objectweb-asm-0:9.1.0-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-objectweb-asm-0:9.1.0-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.4-3.GA_redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.4-3.GA_redhat_00011.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.11-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.11-1.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.11-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.4-3.GA_redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.4-3.GA_redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.4-3.GA_redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.4-3.GA_redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-openssl-0:2.2.0-3.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-openssl-0:2.2.0-3.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-openssl-el7-x86_64-0:2.2.0-2.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-openssl-el7-x86_64-0:2.2.0-2.Final_redhat_00002.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-wildfly-openssl-el7-x86_64-debuginfo-0:2.2.0-2.Final_redhat_00002.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-wildfly-openssl-java-0:2.2.0-3.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-xom-0:1.3.7-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-xom-0:1.3.7-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-yasson-0:1.0.10-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-yasson-0:1.0.10-1.redhat_00001.1.el7eap.src"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"7Server-JBEAP-7.4:eap7-log4j-0:2.17.1-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-log4j-0:2.17.1-1.redhat_00001.1.el7eap.src"
]
}
],
"threats": [
{
"category": "exploit_status",
"date": "2023-05-01T00:00:00+00:00",
"details": "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
},
{
"category": "impact",
"details": "Low"
}
],
"title": "log4j-core: DoS in log4j 2.x with thread context message pattern and context lookup pattern (incomplete fix for CVE-2021-44228)"
},
{
"cve": "CVE-2021-45105",
"cwe": {
"id": "CWE-674",
"name": "Uncontrolled Recursion"
},
"discovery_date": "2021-12-19T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-7.redhat_00034.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ecj-1:3.26.0-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ecj-1:3.26.0-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.9-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.9-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-0:5.3.25-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-0:5.3.25-1.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-core-0:5.3.25-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.25-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-envers-0:5.3.25-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-java8-0:5.3.25-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-0:11.0.15-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-commons-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-core-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-15.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-15.Final_redhat_00014.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-15.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-15.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-vfs-0:3.2.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-vfs-0:3.2.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.6-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.4-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-narayana-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-0:5.11.4-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-narayana-compensations-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-jbosstxbridge-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-jbossxts-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-jts-idlj-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-jts-integration-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-restat-api-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-restat-bridge-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-restat-integration-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-restat-util-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-txframework-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-objectweb-asm-0:9.1.0-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-objectweb-asm-0:9.1.0-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.4-3.GA_redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.4-3.GA_redhat_00011.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.11-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.11-1.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.11-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.4-3.GA_redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.4-3.GA_redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.4-3.GA_redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.4-3.GA_redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-openssl-0:2.2.0-3.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-openssl-0:2.2.0-3.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-openssl-el7-x86_64-0:2.2.0-2.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-openssl-el7-x86_64-0:2.2.0-2.Final_redhat_00002.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-wildfly-openssl-el7-x86_64-debuginfo-0:2.2.0-2.Final_redhat_00002.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-wildfly-openssl-java-0:2.2.0-3.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-xom-0:1.3.7-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-xom-0:1.3.7-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-yasson-0:1.0.10-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-yasson-0:1.0.10-1.redhat_00001.1.el7eap.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2034067"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Apache Log4j logging library 2.x. when the logging configuration uses a non-default Pattern Layout with a Context Lookup. Attackers with control over Thread Context Map (MDC) input data can craft malicious input data that contains a recursive lookup and can cause Denial of Service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "log4j-core: DoS in log4j 2.x with Thread Context Map (MDC) input data contains a recursive lookup and context lookup pattern",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Product Security has performed an analysis of this flaw and has classified the Attack Complexity(AC) as High because there are multiple factors involved which are beyond attacker\u0027s control:\n\n- The application has to use the logging configuration using a Context Map Lookup (for example, $${ctx:loginId}) which is a non-default Pattern Layout.\n- The application developer has to use the map org.apache.logging.log4j.ThreadContext in the application code and save at-least one key (for example, ThreadContext.put(\"loginId\", \"myId\");) in the ThreadContext map object.\n- Attackers must also know this saved key name in order to exploit this flaw.\n\nNote that saving keys in this map is a non-essential usage of log4j and just an optional feature provided. Refer to https://logging.apache.org/log4j/2.x/manual/lookups.html#ContextMapLookup to know more about the Context Map Lookup feature of Log4j.\n\nLog4j 1.x is not impacted by this vulnerability. Note that only the log4j-core JAR file is impacted by this vulnerability. Applications using ONLY the log4j-api JAR file without the log4j-core JAR file are NOT impacted by this vulnerability.\n\n\nDespite including a vulnerable version of Log4j 2.x, this vulnerability is not exploitable in Elasticsearch[0], as shipped in OpenShift Container Platform and OpenShift Logging. OpenShift 3.11 specifically does not contain any context lookups:\n\nhttps://github.com/openshift/openshift-ansible/blob/release-3.11/roles/openshift_logging_elasticsearch/templates/log4j2.properties.j2\n\nThis vulnerability is therefore rated Low for Elasticsearch in OpenShift Container Platform and OpenShift Logging.\n\n[0] https://discuss.elastic.co/t/apache-log4j2-remote-code-execution-rce-vulnerability-cve-2021-44228-esa-2021-31/291476#update-december-18-4",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBEAP-7.4:eap7-log4j-0:2.17.1-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-log4j-0:2.17.1-1.redhat_00001.1.el7eap.src"
],
"known_not_affected": [
"7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-7.redhat_00034.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ecj-1:3.26.0-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ecj-1:3.26.0-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.9-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.9-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-0:5.3.25-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-0:5.3.25-1.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-core-0:5.3.25-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.25-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-envers-0:5.3.25-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-java8-0:5.3.25-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-0:11.0.15-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-commons-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-core-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-15.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-15.Final_redhat_00014.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-15.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-15.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-vfs-0:3.2.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-vfs-0:3.2.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.6-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.4-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-narayana-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-0:5.11.4-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-narayana-compensations-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-jbosstxbridge-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-jbossxts-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-jts-idlj-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-jts-integration-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-restat-api-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-restat-bridge-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-restat-integration-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-restat-util-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-txframework-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-objectweb-asm-0:9.1.0-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-objectweb-asm-0:9.1.0-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.4-3.GA_redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.4-3.GA_redhat_00011.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.11-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.11-1.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.11-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.4-3.GA_redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.4-3.GA_redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.4-3.GA_redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.4-3.GA_redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-openssl-0:2.2.0-3.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-openssl-0:2.2.0-3.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-openssl-el7-x86_64-0:2.2.0-2.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-openssl-el7-x86_64-0:2.2.0-2.Final_redhat_00002.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-wildfly-openssl-el7-x86_64-debuginfo-0:2.2.0-2.Final_redhat_00002.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-wildfly-openssl-java-0:2.2.0-3.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-xom-0:1.3.7-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-xom-0:1.3.7-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-yasson-0:1.0.10-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-yasson-0:1.0.10-1.redhat_00001.1.el7eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-45105"
},
{
"category": "external",
"summary": "RHBZ#2034067",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2034067"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-45105",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-45105"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-45105",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-45105"
},
{
"category": "external",
"summary": "https://issues.apache.org/jira/browse/LOG4J2-3230",
"url": "https://issues.apache.org/jira/browse/LOG4J2-3230"
},
{
"category": "external",
"summary": "https://logging.apache.org/log4j/2.x/security.html",
"url": "https://logging.apache.org/log4j/2.x/security.html"
},
{
"category": "external",
"summary": "https://www.openwall.com/lists/oss-security/2021/12/19/1",
"url": "https://www.openwall.com/lists/oss-security/2021/12/19/1"
}
],
"release_date": "2021-12-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-04-11T12:59:41+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-JBEAP-7.4:eap7-log4j-0:2.17.1-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-log4j-0:2.17.1-1.redhat_00001.1.el7eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:1296"
},
{
"category": "workaround",
"details": "For Log4j 2 versions up to and including 2.16.0, this flaw can be mitigated by:\n- In PatternLayout in the Log4j logging configuration, replace Context Lookups like ${ctx:loginId} or $${ctx:loginId} with Thread Context Map patterns (%X, %mdc, or %MDC) like %X{loginId}.\n- Otherwise, in the Log4j logging configuration, remove references to Context Lookups like ${ctx:loginId} or $${ctx:loginId} where they originate from sources external to the application such as HTTP headers or user input.",
"product_ids": [
"7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-7.redhat_00034.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ecj-1:3.26.0-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ecj-1:3.26.0-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.9-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.9-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-0:5.3.25-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-0:5.3.25-1.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-core-0:5.3.25-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.25-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-envers-0:5.3.25-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-java8-0:5.3.25-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-0:11.0.15-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-commons-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-core-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-15.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-15.Final_redhat_00014.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-15.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-15.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-vfs-0:3.2.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-vfs-0:3.2.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.6-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.4-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-log4j-0:2.17.1-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-log4j-0:2.17.1-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-narayana-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-0:5.11.4-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-narayana-compensations-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-jbosstxbridge-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-jbossxts-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-jts-idlj-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-jts-integration-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-restat-api-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-restat-bridge-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-restat-integration-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-restat-util-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-txframework-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-objectweb-asm-0:9.1.0-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-objectweb-asm-0:9.1.0-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.4-3.GA_redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.4-3.GA_redhat_00011.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.11-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.11-1.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.11-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.4-3.GA_redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.4-3.GA_redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.4-3.GA_redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.4-3.GA_redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-openssl-0:2.2.0-3.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-openssl-0:2.2.0-3.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-openssl-el7-x86_64-0:2.2.0-2.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-openssl-el7-x86_64-0:2.2.0-2.Final_redhat_00002.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-wildfly-openssl-el7-x86_64-debuginfo-0:2.2.0-2.Final_redhat_00002.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-wildfly-openssl-java-0:2.2.0-3.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-xom-0:1.3.7-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-xom-0:1.3.7-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-yasson-0:1.0.10-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-yasson-0:1.0.10-1.redhat_00001.1.el7eap.src"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"7Server-JBEAP-7.4:eap7-log4j-0:2.17.1-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-log4j-0:2.17.1-1.redhat_00001.1.el7eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "log4j-core: DoS in log4j 2.x with Thread Context Map (MDC) input data contains a recursive lookup and context lookup pattern"
},
{
"cve": "CVE-2022-23302",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2022-01-18T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-7.redhat_00034.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ecj-1:3.26.0-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ecj-1:3.26.0-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.9-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.9-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-0:5.3.25-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-0:5.3.25-1.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-core-0:5.3.25-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.25-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-envers-0:5.3.25-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-java8-0:5.3.25-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-0:11.0.15-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-commons-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-core-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-15.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-15.Final_redhat_00014.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-15.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-15.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-vfs-0:3.2.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-vfs-0:3.2.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.6-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.4-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-narayana-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-0:5.11.4-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-narayana-compensations-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-jbosstxbridge-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-jbossxts-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-jts-idlj-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-jts-integration-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-restat-api-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-restat-bridge-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-restat-integration-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-restat-util-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-txframework-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-objectweb-asm-0:9.1.0-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-objectweb-asm-0:9.1.0-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.4-3.GA_redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.4-3.GA_redhat_00011.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.11-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.11-1.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.11-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.4-3.GA_redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.4-3.GA_redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.4-3.GA_redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.4-3.GA_redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-openssl-0:2.2.0-3.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-openssl-0:2.2.0-3.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-openssl-el7-x86_64-0:2.2.0-2.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-openssl-el7-x86_64-0:2.2.0-2.Final_redhat_00002.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-wildfly-openssl-el7-x86_64-debuginfo-0:2.2.0-2.Final_redhat_00002.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-wildfly-openssl-java-0:2.2.0-3.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-xom-0:1.3.7-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-xom-0:1.3.7-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-yasson-0:1.0.10-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-yasson-0:1.0.10-1.redhat_00001.1.el7eap.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2041949"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Java logging library Apache Log4j in version 1.x. JMSSink in Log4j 1.x is vulnerable to deserialization of untrusted data. This allows a remote attacker to execute code on the server if JMSSink is deployed and has been configured to perform JNDI requests.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "log4j: Remote code execution in Log4j 1.x when application is configured to use JMSSink",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Note this flaw ONLY affects applications which are specifically configured to use JMSSink, which is not the default, or when the attacker has write access to the Log4j configuration for adding JMSSink to the attacker\u0027s JNDI LDAP endpoint.\n\nRed Hat Satellite bundles log4j-over-slf4j with Candlepin, however, product is not affected as it uses logback framework for logging.\n\nRed Hat Virtualization and OpenShift Container Platform in the OCP Metering stack (the Hive/Presto/Hadoop components) ship a vulnerable version of the log4j package, however JMSSink is not used. Therefore the impact of this vulnerability for these products is rated Low.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBEAP-7.4:eap7-log4j-0:2.17.1-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-log4j-0:2.17.1-1.redhat_00001.1.el7eap.src"
],
"known_not_affected": [
"7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-7.redhat_00034.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ecj-1:3.26.0-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ecj-1:3.26.0-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.9-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.9-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-0:5.3.25-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-0:5.3.25-1.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-core-0:5.3.25-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.25-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-envers-0:5.3.25-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-java8-0:5.3.25-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-0:11.0.15-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-commons-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-core-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-15.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-15.Final_redhat_00014.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-15.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-15.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-vfs-0:3.2.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-vfs-0:3.2.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.6-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.4-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-narayana-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-0:5.11.4-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-narayana-compensations-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-jbosstxbridge-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-jbossxts-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-jts-idlj-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-jts-integration-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-restat-api-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-restat-bridge-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-restat-integration-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-restat-util-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-txframework-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-objectweb-asm-0:9.1.0-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-objectweb-asm-0:9.1.0-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.4-3.GA_redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.4-3.GA_redhat_00011.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.11-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.11-1.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.11-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.4-3.GA_redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.4-3.GA_redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.4-3.GA_redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.4-3.GA_redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-openssl-0:2.2.0-3.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-openssl-0:2.2.0-3.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-openssl-el7-x86_64-0:2.2.0-2.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-openssl-el7-x86_64-0:2.2.0-2.Final_redhat_00002.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-wildfly-openssl-el7-x86_64-debuginfo-0:2.2.0-2.Final_redhat_00002.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-wildfly-openssl-java-0:2.2.0-3.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-xom-0:1.3.7-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-xom-0:1.3.7-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-yasson-0:1.0.10-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-yasson-0:1.0.10-1.redhat_00001.1.el7eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-23302"
},
{
"category": "external",
"summary": "RHBZ#2041949",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2041949"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-23302",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23302"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-23302",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-23302"
},
{
"category": "external",
"summary": "https://www.openwall.com/lists/oss-security/2022/01/18/3",
"url": "https://www.openwall.com/lists/oss-security/2022/01/18/3"
}
],
"release_date": "2022-01-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-04-11T12:59:41+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-JBEAP-7.4:eap7-log4j-0:2.17.1-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-log4j-0:2.17.1-1.redhat_00001.1.el7eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:1296"
},
{
"category": "workaround",
"details": "These are the possible mitigations for this flaw for releases version 1.x:\n\n- Comment out or remove JMSSink in the Log4j configuration if it is used\n- Remove the JMSSink class from the server\u0027s jar files. For example:\n```\nzip -q -d log4j-*.jar org/apache/log4j/net/JMSSink.class\n```\n- Restrict access for the OS user on the platform running the application to prevent modifying the Log4j configuration by the attacker.",
"product_ids": [
"7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-7.redhat_00034.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ecj-1:3.26.0-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ecj-1:3.26.0-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.9-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.9-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-0:5.3.25-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-0:5.3.25-1.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-core-0:5.3.25-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.25-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-envers-0:5.3.25-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-java8-0:5.3.25-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-0:11.0.15-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-commons-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-core-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-15.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-15.Final_redhat_00014.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-15.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-15.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-vfs-0:3.2.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-vfs-0:3.2.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.6-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.4-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-log4j-0:2.17.1-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-log4j-0:2.17.1-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-narayana-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-0:5.11.4-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-narayana-compensations-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-jbosstxbridge-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-jbossxts-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-jts-idlj-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-jts-integration-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-restat-api-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-restat-bridge-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-restat-integration-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-restat-util-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-txframework-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-objectweb-asm-0:9.1.0-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-objectweb-asm-0:9.1.0-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.4-3.GA_redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.4-3.GA_redhat_00011.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.11-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.11-1.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.11-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.4-3.GA_redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.4-3.GA_redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.4-3.GA_redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.4-3.GA_redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-openssl-0:2.2.0-3.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-openssl-0:2.2.0-3.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-openssl-el7-x86_64-0:2.2.0-2.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-openssl-el7-x86_64-0:2.2.0-2.Final_redhat_00002.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-wildfly-openssl-el7-x86_64-debuginfo-0:2.2.0-2.Final_redhat_00002.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-wildfly-openssl-java-0:2.2.0-3.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-xom-0:1.3.7-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-xom-0:1.3.7-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-yasson-0:1.0.10-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-yasson-0:1.0.10-1.redhat_00001.1.el7eap.src"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"7Server-JBEAP-7.4:eap7-log4j-0:2.17.1-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-log4j-0:2.17.1-1.redhat_00001.1.el7eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "log4j: Remote code execution in Log4j 1.x when application is configured to use JMSSink"
},
{
"cve": "CVE-2022-23305",
"cwe": {
"id": "CWE-89",
"name": "Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)"
},
"discovery_date": "2022-01-18T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-7.redhat_00034.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ecj-1:3.26.0-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ecj-1:3.26.0-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.9-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.9-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-0:5.3.25-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-0:5.3.25-1.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-core-0:5.3.25-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.25-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-envers-0:5.3.25-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-java8-0:5.3.25-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-0:11.0.15-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-commons-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-core-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-15.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-15.Final_redhat_00014.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-15.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-15.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-vfs-0:3.2.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-vfs-0:3.2.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.6-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.4-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-narayana-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-0:5.11.4-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-narayana-compensations-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-jbosstxbridge-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-jbossxts-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-jts-idlj-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-jts-integration-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-restat-api-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-restat-bridge-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-restat-integration-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-restat-util-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-txframework-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-objectweb-asm-0:9.1.0-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-objectweb-asm-0:9.1.0-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.4-3.GA_redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.4-3.GA_redhat_00011.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.11-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.11-1.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.11-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.4-3.GA_redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.4-3.GA_redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.4-3.GA_redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.4-3.GA_redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-openssl-0:2.2.0-3.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-openssl-0:2.2.0-3.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-openssl-el7-x86_64-0:2.2.0-2.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-openssl-el7-x86_64-0:2.2.0-2.Final_redhat_00002.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-wildfly-openssl-el7-x86_64-debuginfo-0:2.2.0-2.Final_redhat_00002.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-wildfly-openssl-java-0:2.2.0-3.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-xom-0:1.3.7-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-xom-0:1.3.7-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-yasson-0:1.0.10-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-yasson-0:1.0.10-1.redhat_00001.1.el7eap.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2041959"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Java logging library Apache Log4j in version 1.x. JDBCAppender in Log4j 1.x is vulnerable to SQL injection in untrusted data. This allows a remote attacker to run SQL statements in the database if the deployed application is configured to use JDBCAppender with certain interpolation tokens.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "log4j: SQL injection in Log4j 1.x when application is configured to use JDBCAppender",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Note this issue only affects Log4j 1.x when specifically configured to use the JDBCAppender, which is not the default.\n\nRed Hat Satellite bundles log4j-over-slf4j with Candlepin, however, product is not affected as it uses logback framework for logging.\n\nRed Hat Virtualization and OpenShift Container Platform in the OCP Metering stack (the Hive/Presto/Hadoop components) ship a vulnerable version of the log4j package, however JDBCAppender is not used. Therefore the impact of this vulnerability for these products is rated Low.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBEAP-7.4:eap7-log4j-0:2.17.1-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-log4j-0:2.17.1-1.redhat_00001.1.el7eap.src"
],
"known_not_affected": [
"7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-7.redhat_00034.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ecj-1:3.26.0-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ecj-1:3.26.0-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.9-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.9-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-0:5.3.25-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-0:5.3.25-1.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-core-0:5.3.25-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.25-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-envers-0:5.3.25-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-java8-0:5.3.25-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-0:11.0.15-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-commons-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-core-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-15.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-15.Final_redhat_00014.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-15.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-15.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-vfs-0:3.2.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-vfs-0:3.2.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.6-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.4-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-narayana-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-0:5.11.4-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-narayana-compensations-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-jbosstxbridge-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-jbossxts-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-jts-idlj-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-jts-integration-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-restat-api-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-restat-bridge-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-restat-integration-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-restat-util-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-txframework-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-objectweb-asm-0:9.1.0-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-objectweb-asm-0:9.1.0-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.4-3.GA_redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.4-3.GA_redhat_00011.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.11-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.11-1.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.11-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.4-3.GA_redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.4-3.GA_redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.4-3.GA_redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.4-3.GA_redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-openssl-0:2.2.0-3.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-openssl-0:2.2.0-3.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-openssl-el7-x86_64-0:2.2.0-2.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-openssl-el7-x86_64-0:2.2.0-2.Final_redhat_00002.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-wildfly-openssl-el7-x86_64-debuginfo-0:2.2.0-2.Final_redhat_00002.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-wildfly-openssl-java-0:2.2.0-3.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-xom-0:1.3.7-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-xom-0:1.3.7-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-yasson-0:1.0.10-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-yasson-0:1.0.10-1.redhat_00001.1.el7eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-23305"
},
{
"category": "external",
"summary": "RHBZ#2041959",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2041959"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-23305",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23305"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-23305",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-23305"
},
{
"category": "external",
"summary": "https://www.openwall.com/lists/oss-security/2022/01/18/4",
"url": "https://www.openwall.com/lists/oss-security/2022/01/18/4"
}
],
"release_date": "2022-01-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-04-11T12:59:41+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-JBEAP-7.4:eap7-log4j-0:2.17.1-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-log4j-0:2.17.1-1.redhat_00001.1.el7eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:1296"
},
{
"category": "workaround",
"details": "These are the possible mitigations for this flaw for releases version 1.x:\n\n- Comment out or remove JDBCAppender in the Log4j configuration if it is used\n- Remove the JDBCAppender class from the server\u0027s jar files. For example:\n```\nzip -q -d log4j-*.jar org/apache/log4j/jdbc/JDBCAppender.class\n```",
"product_ids": [
"7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-7.redhat_00034.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ecj-1:3.26.0-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ecj-1:3.26.0-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.9-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.9-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-0:5.3.25-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-0:5.3.25-1.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-core-0:5.3.25-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.25-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-envers-0:5.3.25-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-java8-0:5.3.25-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-0:11.0.15-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-commons-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-core-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-15.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-15.Final_redhat_00014.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-15.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-15.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-vfs-0:3.2.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-vfs-0:3.2.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.6-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.4-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-log4j-0:2.17.1-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-log4j-0:2.17.1-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-narayana-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-0:5.11.4-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-narayana-compensations-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-jbosstxbridge-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-jbossxts-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-jts-idlj-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-jts-integration-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-restat-api-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-restat-bridge-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-restat-integration-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-restat-util-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-txframework-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-objectweb-asm-0:9.1.0-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-objectweb-asm-0:9.1.0-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.4-3.GA_redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.4-3.GA_redhat_00011.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.11-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.11-1.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.11-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.4-3.GA_redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.4-3.GA_redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.4-3.GA_redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.4-3.GA_redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-openssl-0:2.2.0-3.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-openssl-0:2.2.0-3.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-openssl-el7-x86_64-0:2.2.0-2.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-openssl-el7-x86_64-0:2.2.0-2.Final_redhat_00002.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-wildfly-openssl-el7-x86_64-debuginfo-0:2.2.0-2.Final_redhat_00002.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-wildfly-openssl-java-0:2.2.0-3.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-xom-0:1.3.7-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-xom-0:1.3.7-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-yasson-0:1.0.10-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-yasson-0:1.0.10-1.redhat_00001.1.el7eap.src"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"7Server-JBEAP-7.4:eap7-log4j-0:2.17.1-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-log4j-0:2.17.1-1.redhat_00001.1.el7eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "log4j: SQL injection in Log4j 1.x when application is configured to use JDBCAppender"
},
{
"cve": "CVE-2022-23307",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2022-01-18T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-7.redhat_00034.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ecj-1:3.26.0-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ecj-1:3.26.0-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.9-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.9-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-0:5.3.25-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-0:5.3.25-1.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-core-0:5.3.25-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.25-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-envers-0:5.3.25-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-java8-0:5.3.25-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-0:11.0.15-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-commons-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-core-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-15.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-15.Final_redhat_00014.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-15.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-15.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-vfs-0:3.2.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-vfs-0:3.2.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.6-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.4-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-narayana-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-0:5.11.4-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-narayana-compensations-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-jbosstxbridge-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-jbossxts-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-jts-idlj-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-jts-integration-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-restat-api-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-restat-bridge-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-restat-integration-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-restat-util-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-txframework-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-objectweb-asm-0:9.1.0-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-objectweb-asm-0:9.1.0-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.4-3.GA_redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.4-3.GA_redhat_00011.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.11-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.11-1.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.11-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.4-3.GA_redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.4-3.GA_redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.4-3.GA_redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.4-3.GA_redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-openssl-0:2.2.0-3.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-openssl-0:2.2.0-3.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-openssl-el7-x86_64-0:2.2.0-2.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-openssl-el7-x86_64-0:2.2.0-2.Final_redhat_00002.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-wildfly-openssl-el7-x86_64-debuginfo-0:2.2.0-2.Final_redhat_00002.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-wildfly-openssl-java-0:2.2.0-3.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-xom-0:1.3.7-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-xom-0:1.3.7-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-yasson-0:1.0.10-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-yasson-0:1.0.10-1.redhat_00001.1.el7eap.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2041967"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the log4j 1.x chainsaw component, where the contents of certain log entries are deserialized and possibly permit code execution. This flaw allows an attacker to send a malicious request with serialized data to the server to be deserialized when the chainsaw component is run.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "log4j: Unsafe deserialization flaw in Chainsaw log viewer",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Chainsaw is a standalone graphical user interface for viewing log entries in log4j. This flaw may be bypassed by using other available means to access log entries.\n\nRed Hat Satellite bundles log4j-over-slf4j with Candlepin, however, product is not affected as it uses logback framework for logging.\n\nRed Hat Virtualization ships a vulnerable version of the log4j package, however chainsaw is not part of typical use cases. An attacker looking to exploit this would need to not only be able to generate a malicious log entry, but also have the necessary access and permissions to start chainsaw on the engine node. Therefore the impact of this vulnerability for Red Hat Virtualization is rated Low.\n\nSimilar to Red Hat Virtualization in OpenShift Container Platform (OCP), the Hive/Presto/Hadoop components that comprise the OCP Metering stack, ship the vulnerable version of log4j package, however vulnerable chainsaw component is not used by default. Therefore the impact to OCP is reduced to Low.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBEAP-7.4:eap7-log4j-0:2.17.1-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-log4j-0:2.17.1-1.redhat_00001.1.el7eap.src"
],
"known_not_affected": [
"7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-7.redhat_00034.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ecj-1:3.26.0-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ecj-1:3.26.0-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.9-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.9-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-0:5.3.25-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-0:5.3.25-1.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-core-0:5.3.25-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.25-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-envers-0:5.3.25-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-java8-0:5.3.25-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-0:11.0.15-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-commons-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-core-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-15.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-15.Final_redhat_00014.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-15.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-15.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-vfs-0:3.2.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-vfs-0:3.2.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.6-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.4-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-narayana-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-0:5.11.4-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-narayana-compensations-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-jbosstxbridge-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-jbossxts-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-jts-idlj-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-jts-integration-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-restat-api-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-restat-bridge-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-restat-integration-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-restat-util-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-txframework-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-objectweb-asm-0:9.1.0-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-objectweb-asm-0:9.1.0-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.4-3.GA_redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.4-3.GA_redhat_00011.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.11-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.11-1.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.11-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.4-3.GA_redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.4-3.GA_redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.4-3.GA_redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.4-3.GA_redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-openssl-0:2.2.0-3.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-openssl-0:2.2.0-3.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-openssl-el7-x86_64-0:2.2.0-2.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-openssl-el7-x86_64-0:2.2.0-2.Final_redhat_00002.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-wildfly-openssl-el7-x86_64-debuginfo-0:2.2.0-2.Final_redhat_00002.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-wildfly-openssl-java-0:2.2.0-3.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-xom-0:1.3.7-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-xom-0:1.3.7-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-yasson-0:1.0.10-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-yasson-0:1.0.10-1.redhat_00001.1.el7eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-23307"
},
{
"category": "external",
"summary": "RHBZ#2041967",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2041967"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-23307",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23307"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-23307",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-23307"
},
{
"category": "external",
"summary": "https://www.openwall.com/lists/oss-security/2022/01/18/5",
"url": "https://www.openwall.com/lists/oss-security/2022/01/18/5"
}
],
"release_date": "2022-01-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-04-11T12:59:41+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-JBEAP-7.4:eap7-log4j-0:2.17.1-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-log4j-0:2.17.1-1.redhat_00001.1.el7eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:1296"
},
{
"category": "workaround",
"details": "These are the mitigations available for this flaw for log4j 1.x:\n- Avoid using Chainsaw to view logs, and instead use some other utility, especially if there is a log view available within the product itself.\n- Remove the Chainsaw classes from the log4j jar files. For example:\n```\nzip -q -d log4j-*.jar org/apache/log4j/chainsaw/*\n```\n(log4j jars may be nested in zip archives within product)",
"product_ids": [
"7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-7.redhat_00034.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-7.redhat_00034.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ecj-1:3.26.0-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ecj-1:3.26.0-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.9-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.9-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-0:5.3.25-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-0:5.3.25-1.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-core-0:5.3.25-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.25-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-envers-0:5.3.25-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-java8-0:5.3.25-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-0:11.0.15-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-commons-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-core-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-15.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-15.Final_redhat_00014.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-15.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-15.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-vfs-0:3.2.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-vfs-0:3.2.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.6-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.4-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-log4j-0:2.17.1-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-log4j-0:2.17.1-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-narayana-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-0:5.11.4-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-narayana-compensations-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-jbosstxbridge-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-jbossxts-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-jts-idlj-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-jts-integration-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-restat-api-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-restat-bridge-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-restat-integration-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-restat-util-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-narayana-txframework-0:5.11.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-objectweb-asm-0:9.1.0-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-objectweb-asm-0:9.1.0-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.4-3.GA_redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.4-3.GA_redhat_00011.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.11-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.11-1.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.11-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.4-3.GA_redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.4-3.GA_redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.4-3.GA_redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.4-3.GA_redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-openssl-0:2.2.0-3.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-openssl-0:2.2.0-3.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-openssl-el7-x86_64-0:2.2.0-2.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-openssl-el7-x86_64-0:2.2.0-2.Final_redhat_00002.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-wildfly-openssl-el7-x86_64-debuginfo-0:2.2.0-2.Final_redhat_00002.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-wildfly-openssl-java-0:2.2.0-3.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-xom-0:1.3.7-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-xom-0:1.3.7-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-yasson-0:1.0.10-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-yasson-0:1.0.10-1.redhat_00001.1.el7eap.src"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"7Server-JBEAP-7.4:eap7-log4j-0:2.17.1-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-log4j-0:2.17.1-1.redhat_00001.1.el7eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "log4j: Unsafe deserialization flaw in Chainsaw log viewer"
}
]
}
RHSA-2022_0205
Vulnerability from csaf_redhat - Published: 2022-01-20 11:39 - Updated: 2024-11-24 21:31Summary
Red Hat Security Advisory: Red Hat Data Grid 8.2.3 security update
Notes
Topic
An update for Red Hat Data Grid is now available.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat Data Grid is an in-memory, distributed, NoSQL datastore solution. It increases application response times and allows for dramatically improving performance while providing availability, reliability, and elastic scale.
Data Grid 8.2.3 replaces Data Grid 8.2.2 and includes bug fixes and enhancements. Find out more about Data Grid 8.2.3 in the Release Notes [3].
Security Fix(es):
* log4j-core: remote code execution via JDBC Appender (CVE-2021-44832)
* log4j-core: DoS in log4j 2.x with thread context message pattern and context lookup pattern (incomplete fix for CVE-2021-44228) (CVE-2021-45046)
* log4j-core: DoS in log4j 2.x with Thread Context Map (MDC) input data contains a recursive lookup and context lookup pattern (CVE-2021-45105)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for Red Hat Data Grid is now available.\n \nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat Data Grid is an in-memory, distributed, NoSQL datastore solution. It increases application response times and allows for dramatically improving performance while providing availability, reliability, and elastic scale.\n \nData Grid 8.2.3 replaces Data Grid 8.2.2 and includes bug fixes and enhancements. Find out more about Data Grid 8.2.3 in the Release Notes [3].\n\nSecurity Fix(es):\n\n* log4j-core: remote code execution via JDBC Appender (CVE-2021-44832)\n\n* log4j-core: DoS in log4j 2.x with thread context message pattern and context lookup pattern (incomplete fix for CVE-2021-44228) (CVE-2021-45046)\n\n* log4j-core: DoS in log4j 2.x with Thread Context Map (MDC) input data contains a recursive lookup and context lookup pattern (CVE-2021-45105)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2022:0205",
"url": "https://access.redhat.com/errata/RHSA-2022:0205"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=securityPatches\u0026product=data.grid\u0026version=8.2",
"url": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=securityPatches\u0026product=data.grid\u0026version=8.2"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_data_grid/8.2/html-single/red_hat_data_grid_8.2_release_notes/index",
"url": "https://access.redhat.com/documentation/en-us/red_hat_data_grid/8.2/html-single/red_hat_data_grid_8.2_release_notes/index"
},
{
"category": "external",
"summary": "2032580",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2032580"
},
{
"category": "external",
"summary": "2034067",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2034067"
},
{
"category": "external",
"summary": "2035951",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2035951"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2022/rhsa-2022_0205.json"
}
],
"title": "Red Hat Security Advisory: Red Hat Data Grid 8.2.3 security update",
"tracking": {
"current_release_date": "2024-11-24T21:31:16+00:00",
"generator": {
"date": "2024-11-24T21:31:16+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.1"
}
},
"id": "RHSA-2022:0205",
"initial_release_date": "2022-01-20T11:39:58+00:00",
"revision_history": [
{
"date": "2022-01-20T11:39:58+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2022-01-20T11:39:58+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-24T21:31:16+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Data Grid 8.2.3",
"product": {
"name": "Red Hat Data Grid 8.2.3",
"product_id": "Red Hat Data Grid 8.2.3",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_data_grid:8.2"
}
}
}
],
"category": "product_family",
"name": "Red Hat JBoss Data Grid"
}
],
"category": "vendor",
"name": "Red Hat"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-44832",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2021-12-28T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2035951"
}
],
"notes": [
{
"category": "description",
"text": "Apache Log4j2 versions 2.0-beta7 through 2.17.0 (excluding security fix releases 2.3.2 and 2.12.4) are vulnerable to a remote code execution (RCE) attack where an attacker with permission to modify the logging configuration file can construct a malicious configuration using a JDBC Appender with a data source referencing a JNDI URI which can execute remote code. This issue is fixed by limiting JNDI data source names to the java protocol in Log4j2 versions 2.17.1, 2.12.4, and 2.3.2.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "log4j-core: remote code execution via JDBC Appender",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Log4j 1.x is not impacted by this vulnerability. Therefore versions of log4j shipped with Red Hat Enterprise Linux are NOT affected by this flaw.\n\nFor Elasticsearch, as shipped in OpenShift Container Platform and OpenShift Logging, access to the log4j2.properties configuration is limited only to the cluster administrators and exploitation requires cluster logging changes, what reduced the impact of this vulnerability significantly [0].\n\n[0] https://discuss.elastic.co/t/apache-log4j2-remote-code-execution-rce-vulnerability-cve-2021-44228-esa-2021-31/291476#update-jan-6-5",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Data Grid 8.2.3"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-44832"
},
{
"category": "external",
"summary": "RHBZ#2035951",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2035951"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-44832",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44832"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-44832",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-44832"
},
{
"category": "external",
"summary": "https://issues.apache.org/jira/browse/LOG4J2-3293",
"url": "https://issues.apache.org/jira/browse/LOG4J2-3293"
}
],
"release_date": "2021-12-28T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-01-20T11:39:58+00:00",
"details": "To install this update, do the following:\n \n1. Download the Data Grid 8.2.3 server patch from the customer portal[\u00b2].\n2. Back up your existing Data Grid installation. You should back up databases, configuration files, and so on.\n3. Install the Data Grid 8.2.3 server patch. Refer to the 8.2.3 Release Notes[\u00b3] for patching instructions.\n4. Restart Data Grid to ensure the changes take effect.",
"product_ids": [
"Red Hat Data Grid 8.2.3"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:0205"
},
{
"category": "workaround",
"details": "As per upstream:\n- In prior releases confirm that if the JDBC Appender is being used it is not configured to use any protocol other than Java.\n- Note that only the log4j-core JAR file is impacted by this vulnerability. Applications using only the log4j-api JAR file without the log4j-core JAR file are not impacted by this vulnerability.",
"product_ids": [
"Red Hat Data Grid 8.2.3"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat Data Grid 8.2.3"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "log4j-core: remote code execution via JDBC Appender"
},
{
"cve": "CVE-2021-45046",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2021-12-14T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2032580"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Apache Log4j logging library in versions from 2.0.0 and before 2.16.0. A remote attacker with control over Thread Context Map (MDC) input data could craft malicious input using a JNDI Lookup pattern resulting in remote code execution (RCE) in a limited number of environments.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "log4j-core: DoS in log4j 2.x with thread context message pattern and context lookup pattern (incomplete fix for CVE-2021-44228)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Although we have matched Apache\u0027s CVSS score, with the exception of the scope metric which will remain unaltered at \"unchanged\"; as we believe code execution would be at the permission levels of the running JVM and not exceeding that of the original CVE-2021-44228 flaw.\n \nWe have given this vulnerability an impact rating of Moderate, this is because of the unlikely nature of log4j lookup mapping values being derived from attacker controlled values. This is not the default configuration for end-applications using log4j 2.x and would require explicit action from a privileged user (a developer or administrator) to access the vulnerability. \nIn certain non-default configurations, it was found that the fix to address CVE-2021-44228 in Apache Log4j 2.15.0 was insufficient.\n\nThis issue affects the log4j version between 2.0 and 2.15. Log4j 1.x is NOT impacted by this vulnerability. \n\nPrerequisites to exploit this flaw are :\n\n- A remotely accessible endpoint with any protocol (HTTP, TCP, etc) that allows an attacker to send arbitrary data,\n- A log statement in the endpoint that logs the attacker controlled data.\n- Log4j configuration file should be explicitly configured to use a non-default Pattern Layout with a Context Lookup eg. ($${ctx:loginId}) \n\nIn most cases, the mitigation suggested for CVE-2021-44228 (i.e. to set the system property `log4j2.noFormatMsgLookup` to `true) does NOT mitigate this specific vulnerability. \nLog4j 2.16.0 fixes this issue by removing support for message lookup patterns and disabling JNDI functionality by default.\n\nFor Elasticsearch, as shipped in OpenShift 3.11, the \"log4j2.formatMsgNoLookups=true\" system property mitigation is sufficient as there are no included non-standard configurations that allow for exploitation:\n\nhttps://github.com/openshift/openshift-ansible/blob/release-3.11/roles/openshift_logging_elasticsearch/templates/log4j2.properties.j2\n\nhttps://discuss.elastic.co/t/apache-log4j2-remote-code-execution-rce-vulnerability-cve-2021-44228-esa-2021-31/291476\n\nFor CodeReady Studio the fix for this flaw is available on CodeReady Studio 12.21.3 and above versions.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Data Grid 8.2.3"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-45046"
},
{
"category": "external",
"summary": "RHBZ#2032580",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2032580"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-45046",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-45046"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-45046",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-45046"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2021-44228",
"url": "https://access.redhat.com/security/cve/CVE-2021-44228"
},
{
"category": "external",
"summary": "https://logging.apache.org/log4j/2.x/security.html",
"url": "https://logging.apache.org/log4j/2.x/security.html"
},
{
"category": "external",
"summary": "https://www.openwall.com/lists/oss-security/2021/12/14/4",
"url": "https://www.openwall.com/lists/oss-security/2021/12/14/4"
},
{
"category": "external",
"summary": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog",
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
}
],
"release_date": "2021-12-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-01-20T11:39:58+00:00",
"details": "To install this update, do the following:\n \n1. Download the Data Grid 8.2.3 server patch from the customer portal[\u00b2].\n2. Back up your existing Data Grid installation. You should back up databases, configuration files, and so on.\n3. Install the Data Grid 8.2.3 server patch. Refer to the 8.2.3 Release Notes[\u00b3] for patching instructions.\n4. Restart Data Grid to ensure the changes take effect.",
"product_ids": [
"Red Hat Data Grid 8.2.3"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:0205"
},
{
"category": "workaround",
"details": "For Log4j versions up to and including 2.15.0, this issue can be mitigated by removing the JndiLookup class from the classpath (example: zip -q -d log4j-core-*.jar org/apache/logging/log4j/core/lookup/JndiLookup.class).",
"product_ids": [
"Red Hat Data Grid 8.2.3"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat Data Grid 8.2.3"
]
}
],
"threats": [
{
"category": "exploit_status",
"date": "2023-05-01T00:00:00+00:00",
"details": "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
},
{
"category": "impact",
"details": "Moderate"
}
],
"title": "log4j-core: DoS in log4j 2.x with thread context message pattern and context lookup pattern (incomplete fix for CVE-2021-44228)"
},
{
"cve": "CVE-2021-45105",
"cwe": {
"id": "CWE-674",
"name": "Uncontrolled Recursion"
},
"discovery_date": "2021-12-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2034067"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Apache Log4j logging library 2.x. when the logging configuration uses a non-default Pattern Layout with a Context Lookup. Attackers with control over Thread Context Map (MDC) input data can craft malicious input data that contains a recursive lookup and can cause Denial of Service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "log4j-core: DoS in log4j 2.x with Thread Context Map (MDC) input data contains a recursive lookup and context lookup pattern",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Product Security has performed an analysis of this flaw and has classified the Attack Complexity(AC) as High because there are multiple factors involved which are beyond attacker\u0027s control:\n\n- The application has to use the logging configuration using a Context Map Lookup (for example, $${ctx:loginId}) which is a non-default Pattern Layout.\n- The application developer has to use the map org.apache.logging.log4j.ThreadContext in the application code and save at-least one key (for example, ThreadContext.put(\"loginId\", \"myId\");) in the ThreadContext map object.\n- Attackers must also know this saved key name in order to exploit this flaw.\n\nNote that saving keys in this map is a non-essential usage of log4j and just an optional feature provided. Refer to https://logging.apache.org/log4j/2.x/manual/lookups.html#ContextMapLookup to know more about the Context Map Lookup feature of Log4j.\n\nLog4j 1.x is not impacted by this vulnerability. Note that only the log4j-core JAR file is impacted by this vulnerability. Applications using ONLY the log4j-api JAR file without the log4j-core JAR file are NOT impacted by this vulnerability.\n\n\nDespite including a vulnerable version of Log4j 2.x, this vulnerability is not exploitable in Elasticsearch[0], as shipped in OpenShift Container Platform and OpenShift Logging. OpenShift 3.11 specifically does not contain any context lookups:\n\nhttps://github.com/openshift/openshift-ansible/blob/release-3.11/roles/openshift_logging_elasticsearch/templates/log4j2.properties.j2\n\nThis vulnerability is therefore rated Low for Elasticsearch in OpenShift Container Platform and OpenShift Logging.\n\n[0] https://discuss.elastic.co/t/apache-log4j2-remote-code-execution-rce-vulnerability-cve-2021-44228-esa-2021-31/291476#update-december-18-4",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Data Grid 8.2.3"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-45105"
},
{
"category": "external",
"summary": "RHBZ#2034067",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2034067"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-45105",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-45105"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-45105",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-45105"
},
{
"category": "external",
"summary": "https://issues.apache.org/jira/browse/LOG4J2-3230",
"url": "https://issues.apache.org/jira/browse/LOG4J2-3230"
},
{
"category": "external",
"summary": "https://logging.apache.org/log4j/2.x/security.html",
"url": "https://logging.apache.org/log4j/2.x/security.html"
},
{
"category": "external",
"summary": "https://www.openwall.com/lists/oss-security/2021/12/19/1",
"url": "https://www.openwall.com/lists/oss-security/2021/12/19/1"
}
],
"release_date": "2021-12-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-01-20T11:39:58+00:00",
"details": "To install this update, do the following:\n \n1. Download the Data Grid 8.2.3 server patch from the customer portal[\u00b2].\n2. Back up your existing Data Grid installation. You should back up databases, configuration files, and so on.\n3. Install the Data Grid 8.2.3 server patch. Refer to the 8.2.3 Release Notes[\u00b3] for patching instructions.\n4. Restart Data Grid to ensure the changes take effect.",
"product_ids": [
"Red Hat Data Grid 8.2.3"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:0205"
},
{
"category": "workaround",
"details": "For Log4j 2 versions up to and including 2.16.0, this flaw can be mitigated by:\n- In PatternLayout in the Log4j logging configuration, replace Context Lookups like ${ctx:loginId} or $${ctx:loginId} with Thread Context Map patterns (%X, %mdc, or %MDC) like %X{loginId}.\n- Otherwise, in the Log4j logging configuration, remove references to Context Lookups like ${ctx:loginId} or $${ctx:loginId} where they originate from sources external to the application such as HTTP headers or user input.",
"product_ids": [
"Red Hat Data Grid 8.2.3"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Data Grid 8.2.3"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "log4j-core: DoS in log4j 2.x with Thread Context Map (MDC) input data contains a recursive lookup and context lookup pattern"
}
]
}
RHSA-2022:0493
Vulnerability from csaf_redhat - Published: 2022-02-16 11:29 - Updated: 2025-11-21 18:28Summary
Red Hat Security Advisory: OpenShift Container Platform 4.7.43 security update
Notes
Topic
Red Hat OpenShift Container Platform release 4.7.43 is now available with
updates to packages and images that fix several bugs and add enhancements.
This release includes a security update for Red Hat OpenShift Container Platform 4.7.
Red Hat Product Security has rated this update as having a security impact
of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
gives a detailed severity rating, is available for each vulnerability from
the CVE link(s) in the References section.
Details
Red Hat OpenShift Container Platform is Red Hat's cloud computing
Kubernetes application platform solution designed for on-premise or private
cloud deployments.
This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.7.43. See the following advisory for the container images for this release:
https://access.redhat.com/errata/RHSA-2022:0492
Security Fix(es):
* log4j-core: remote code execution via JDBC Appender (CVE-2021-44832)
For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.
All OpenShift Container Platform 4.7 users are advised to upgrade to these updated packages and images when they are available in the appropriate release channel. To check for available updates, use the OpenShift Console or the CLI oc command. Instructions for upgrading a cluster are available at https://docs.openshift.com/container-platform/4.7/updating/updating-cluster-cli.html
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Red Hat OpenShift Container Platform release 4.7.43 is now available with\nupdates to packages and images that fix several bugs and add enhancements.\n\nThis release includes a security update for Red Hat OpenShift Container Platform 4.7.\n\nRed Hat Product Security has rated this update as having a security impact\nof Moderate. A Common Vulnerability Scoring System (CVSS) base score, which\ngives a detailed severity rating, is available for each vulnerability from\nthe CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat OpenShift Container Platform is Red Hat\u0027s cloud computing\nKubernetes application platform solution designed for on-premise or private\ncloud deployments.\n\nThis advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.7.43. See the following advisory for the container images for this release:\n\nhttps://access.redhat.com/errata/RHSA-2022:0492\n\nSecurity Fix(es):\n\n* log4j-core: remote code execution via JDBC Appender (CVE-2021-44832)\n\nFor more details about the security issue(s), including the impact, a CVSS\nscore, acknowledgments, and other related information, refer to the CVE\npage(s) listed in the References section.\n\nAll OpenShift Container Platform 4.7 users are advised to upgrade to these updated packages and images when they are available in the appropriate release channel. To check for available updates, use the OpenShift Console or the CLI oc command. Instructions for upgrading a cluster are available at https://docs.openshift.com/container-platform/4.7/updating/updating-cluster-cli.html",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2022:0493",
"url": "https://access.redhat.com/errata/RHSA-2022:0493"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "2035951",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2035951"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2022/rhsa-2022_0493.json"
}
],
"title": "Red Hat Security Advisory: OpenShift Container Platform 4.7.43 security update",
"tracking": {
"current_release_date": "2025-11-21T18:28:39+00:00",
"generator": {
"date": "2025-11-21T18:28:39+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.12"
}
},
"id": "RHSA-2022:0493",
"initial_release_date": "2022-02-16T11:29:57+00:00",
"revision_history": [
{
"date": "2022-02-16T11:29:57+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2022-02-16T11:29:57+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-11-21T18:28:39+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat OpenShift Container Platform 4.7",
"product": {
"name": "Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift:4.7::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenShift Enterprise"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift4/ose-descheduler@sha256:2ba655f44e0e59c914c40274fb956f1d1f13aff731bafa8553342fae507069ee_s390x",
"product": {
"name": "openshift4/ose-descheduler@sha256:2ba655f44e0e59c914c40274fb956f1d1f13aff731bafa8553342fae507069ee_s390x",
"product_id": "openshift4/ose-descheduler@sha256:2ba655f44e0e59c914c40274fb956f1d1f13aff731bafa8553342fae507069ee_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-descheduler@sha256:2ba655f44e0e59c914c40274fb956f1d1f13aff731bafa8553342fae507069ee?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-descheduler\u0026tag=v4.7.0-202201261123.p0.g7295089.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-node-problem-detector-rhel8@sha256:9819ce4cec57a67c73ef7c806328079eeb697657d22b0205de48f887883d4263_s390x",
"product": {
"name": "openshift4/ose-node-problem-detector-rhel8@sha256:9819ce4cec57a67c73ef7c806328079eeb697657d22b0205de48f887883d4263_s390x",
"product_id": "openshift4/ose-node-problem-detector-rhel8@sha256:9819ce4cec57a67c73ef7c806328079eeb697657d22b0205de48f887883d4263_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-node-problem-detector-rhel8@sha256:9819ce4cec57a67c73ef7c806328079eeb697657d22b0205de48f887883d4263?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-node-problem-detector-rhel8\u0026tag=v4.7.0-202201261123.p0.g1acc3dd.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-cluster-nfd-operator@sha256:e9a8c656f1eed7c0e45cd42b7107bdd9c36d0877749ea707caea2834e2ff7853_s390x",
"product": {
"name": "openshift4/ose-cluster-nfd-operator@sha256:e9a8c656f1eed7c0e45cd42b7107bdd9c36d0877749ea707caea2834e2ff7853_s390x",
"product_id": "openshift4/ose-cluster-nfd-operator@sha256:e9a8c656f1eed7c0e45cd42b7107bdd9c36d0877749ea707caea2834e2ff7853_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-cluster-nfd-operator@sha256:e9a8c656f1eed7c0e45cd42b7107bdd9c36d0877749ea707caea2834e2ff7853?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-cluster-nfd-operator\u0026tag=v4.7.0-202201261123.p0.ga500af3.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-sriov-infiniband-cni@sha256:dc869987220178fda24dd3f7fbe66a910e353519bcda4484ecf91f34e018cadc_s390x",
"product": {
"name": "openshift4/ose-sriov-infiniband-cni@sha256:dc869987220178fda24dd3f7fbe66a910e353519bcda4484ecf91f34e018cadc_s390x",
"product_id": "openshift4/ose-sriov-infiniband-cni@sha256:dc869987220178fda24dd3f7fbe66a910e353519bcda4484ecf91f34e018cadc_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-sriov-infiniband-cni@sha256:dc869987220178fda24dd3f7fbe66a910e353519bcda4484ecf91f34e018cadc?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-sriov-infiniband-cni\u0026tag=v4.7.0-202201261123.p0.g3a0d90c.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-local-storage-diskmaker@sha256:eb94c3891e7b187019e21e01a0c0c51c356de2e52d328cb7cd201ccaf084649a_s390x",
"product": {
"name": "openshift4/ose-local-storage-diskmaker@sha256:eb94c3891e7b187019e21e01a0c0c51c356de2e52d328cb7cd201ccaf084649a_s390x",
"product_id": "openshift4/ose-local-storage-diskmaker@sha256:eb94c3891e7b187019e21e01a0c0c51c356de2e52d328cb7cd201ccaf084649a_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-local-storage-diskmaker@sha256:eb94c3891e7b187019e21e01a0c0c51c356de2e52d328cb7cd201ccaf084649a?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-local-storage-diskmaker\u0026tag=v4.7.0-202201261123.p0.g56eb729.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-local-storage-operator@sha256:1de35e9908b4037e251d5940d6d7832add15438babbd787a8799b97d077bdb51_s390x",
"product": {
"name": "openshift4/ose-local-storage-operator@sha256:1de35e9908b4037e251d5940d6d7832add15438babbd787a8799b97d077bdb51_s390x",
"product_id": "openshift4/ose-local-storage-operator@sha256:1de35e9908b4037e251d5940d6d7832add15438babbd787a8799b97d077bdb51_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-local-storage-operator@sha256:1de35e9908b4037e251d5940d6d7832add15438babbd787a8799b97d077bdb51?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-local-storage-operator\u0026tag=v4.7.0-202201261123.p0.g56eb729.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-local-storage-static-provisioner@sha256:1b9840fca41b1a98bccf81f13d1cf97599098417d44464e516cea6b26c8d96ad_s390x",
"product": {
"name": "openshift4/ose-local-storage-static-provisioner@sha256:1b9840fca41b1a98bccf81f13d1cf97599098417d44464e516cea6b26c8d96ad_s390x",
"product_id": "openshift4/ose-local-storage-static-provisioner@sha256:1b9840fca41b1a98bccf81f13d1cf97599098417d44464e516cea6b26c8d96ad_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-local-storage-static-provisioner@sha256:1b9840fca41b1a98bccf81f13d1cf97599098417d44464e516cea6b26c8d96ad?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-local-storage-static-provisioner\u0026tag=v4.7.0-202201261123.p0.ga054523.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-node-feature-discovery@sha256:b60199d0dbf4727ac8ae61fec173120db88b061ea102f9f814b77da3fdf0cb8d_s390x",
"product": {
"name": "openshift4/ose-node-feature-discovery@sha256:b60199d0dbf4727ac8ae61fec173120db88b061ea102f9f814b77da3fdf0cb8d_s390x",
"product_id": "openshift4/ose-node-feature-discovery@sha256:b60199d0dbf4727ac8ae61fec173120db88b061ea102f9f814b77da3fdf0cb8d_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-node-feature-discovery@sha256:b60199d0dbf4727ac8ae61fec173120db88b061ea102f9f814b77da3fdf0cb8d?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-node-feature-discovery\u0026tag=v4.7.0-202201261123.p0.g5b1bc4f.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-ansible-operator@sha256:61e72a2b6727e2a7b18e433254dade6c341a658c8e5db1c7db76e63201cba68d_s390x",
"product": {
"name": "openshift4/ose-ansible-operator@sha256:61e72a2b6727e2a7b18e433254dade6c341a658c8e5db1c7db76e63201cba68d_s390x",
"product_id": "openshift4/ose-ansible-operator@sha256:61e72a2b6727e2a7b18e433254dade6c341a658c8e5db1c7db76e63201cba68d_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-ansible-operator@sha256:61e72a2b6727e2a7b18e433254dade6c341a658c8e5db1c7db76e63201cba68d?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-ansible-operator\u0026tag=v4.7.0-202201261123.p0.g2cd576d.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-cluster-capacity@sha256:dc6a4807b1a79fae9510fbd85adbfa24ef6390414255688ab5e081a78209cfd1_s390x",
"product": {
"name": "openshift4/ose-cluster-capacity@sha256:dc6a4807b1a79fae9510fbd85adbfa24ef6390414255688ab5e081a78209cfd1_s390x",
"product_id": "openshift4/ose-cluster-capacity@sha256:dc6a4807b1a79fae9510fbd85adbfa24ef6390414255688ab5e081a78209cfd1_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-cluster-capacity@sha256:dc6a4807b1a79fae9510fbd85adbfa24ef6390414255688ab5e081a78209cfd1?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-cluster-capacity\u0026tag=v4.7.0-202201261123.p0.g32653a9.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-egress-dns-proxy@sha256:2b193ab81fa02031e79917fd5c938a0e4ad529c74bdb3ed067140ac66584de75_s390x",
"product": {
"name": "openshift4/ose-egress-dns-proxy@sha256:2b193ab81fa02031e79917fd5c938a0e4ad529c74bdb3ed067140ac66584de75_s390x",
"product_id": "openshift4/ose-egress-dns-proxy@sha256:2b193ab81fa02031e79917fd5c938a0e4ad529c74bdb3ed067140ac66584de75_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-egress-dns-proxy@sha256:2b193ab81fa02031e79917fd5c938a0e4ad529c74bdb3ed067140ac66584de75?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-egress-dns-proxy\u0026tag=v4.7.0-202201261123.p0.g0e45f63.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-egress-router@sha256:342350d595c18a630c6f6bb100e8e2eaa397008d3467757431e81a54cab0fe87_s390x",
"product": {
"name": "openshift4/ose-egress-router@sha256:342350d595c18a630c6f6bb100e8e2eaa397008d3467757431e81a54cab0fe87_s390x",
"product_id": "openshift4/ose-egress-router@sha256:342350d595c18a630c6f6bb100e8e2eaa397008d3467757431e81a54cab0fe87_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-egress-router@sha256:342350d595c18a630c6f6bb100e8e2eaa397008d3467757431e81a54cab0fe87?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-egress-router\u0026tag=v4.7.0-202201261123.p0.g0e45f63.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-helm-operator@sha256:31c0209cce395067e11a47c6ccad47d2b61fdc9cbfb9a678957cc89e51166d12_s390x",
"product": {
"name": "openshift4/ose-helm-operator@sha256:31c0209cce395067e11a47c6ccad47d2b61fdc9cbfb9a678957cc89e51166d12_s390x",
"product_id": "openshift4/ose-helm-operator@sha256:31c0209cce395067e11a47c6ccad47d2b61fdc9cbfb9a678957cc89e51166d12_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-helm-operator@sha256:31c0209cce395067e11a47c6ccad47d2b61fdc9cbfb9a678957cc89e51166d12?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-helm-operator\u0026tag=v4.7.0-202201261123.p0.g2cd576d.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-operator-sdk-rhel8@sha256:b82b5e624823731165f46003fd321a21be8978b048dbcb7c894a8b0f4a4689db_s390x",
"product": {
"name": "openshift4/ose-operator-sdk-rhel8@sha256:b82b5e624823731165f46003fd321a21be8978b048dbcb7c894a8b0f4a4689db_s390x",
"product_id": "openshift4/ose-operator-sdk-rhel8@sha256:b82b5e624823731165f46003fd321a21be8978b048dbcb7c894a8b0f4a4689db_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-operator-sdk-rhel8@sha256:b82b5e624823731165f46003fd321a21be8978b048dbcb7c894a8b0f4a4689db?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-operator-sdk-rhel8\u0026tag=v4.7.0-202201261123.p0.g2cd576d.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-service-idler-rhel8@sha256:867ac586b25cc3587dde454f2419127dbcf610e85b07daa6bcb0f9a18e77c828_s390x",
"product": {
"name": "openshift4/ose-service-idler-rhel8@sha256:867ac586b25cc3587dde454f2419127dbcf610e85b07daa6bcb0f9a18e77c828_s390x",
"product_id": "openshift4/ose-service-idler-rhel8@sha256:867ac586b25cc3587dde454f2419127dbcf610e85b07daa6bcb0f9a18e77c828_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-service-idler-rhel8@sha256:867ac586b25cc3587dde454f2419127dbcf610e85b07daa6bcb0f9a18e77c828?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-service-idler-rhel8\u0026tag=v4.7.0-202201261123.p0.g39cfc66.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-kubernetes-nmstate-handler-rhel8@sha256:33118718e753a7e63c7427e3b2bfec0bb7bf440d9ee5a0b3bff3b13a08023731_s390x",
"product": {
"name": "openshift4/ose-kubernetes-nmstate-handler-rhel8@sha256:33118718e753a7e63c7427e3b2bfec0bb7bf440d9ee5a0b3bff3b13a08023731_s390x",
"product_id": "openshift4/ose-kubernetes-nmstate-handler-rhel8@sha256:33118718e753a7e63c7427e3b2bfec0bb7bf440d9ee5a0b3bff3b13a08023731_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-kubernetes-nmstate-handler-rhel8@sha256:33118718e753a7e63c7427e3b2bfec0bb7bf440d9ee5a0b3bff3b13a08023731?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-kubernetes-nmstate-handler-rhel8\u0026tag=v4.7.0-202201261123.p0.g1987544.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-cluster-kube-descheduler-operator@sha256:c1d2a7d34d240089b8122cbee1acabd687e1175f19f725c4dade1d73bd5b5c25_s390x",
"product": {
"name": "openshift4/ose-cluster-kube-descheduler-operator@sha256:c1d2a7d34d240089b8122cbee1acabd687e1175f19f725c4dade1d73bd5b5c25_s390x",
"product_id": "openshift4/ose-cluster-kube-descheduler-operator@sha256:c1d2a7d34d240089b8122cbee1acabd687e1175f19f725c4dade1d73bd5b5c25_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-cluster-kube-descheduler-operator@sha256:c1d2a7d34d240089b8122cbee1acabd687e1175f19f725c4dade1d73bd5b5c25?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-cluster-kube-descheduler-operator\u0026tag=v4.7.0-202201261123.p0.g3787d15.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:c1d2a7d34d240089b8122cbee1acabd687e1175f19f725c4dade1d73bd5b5c25_s390x",
"product": {
"name": "openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:c1d2a7d34d240089b8122cbee1acabd687e1175f19f725c4dade1d73bd5b5c25_s390x",
"product_id": "openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:c1d2a7d34d240089b8122cbee1acabd687e1175f19f725c4dade1d73bd5b5c25_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-cluster-kube-descheduler-rhel8-operator@sha256:c1d2a7d34d240089b8122cbee1acabd687e1175f19f725c4dade1d73bd5b5c25?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-cluster-kube-descheduler-rhel8-operator\u0026tag=v4.7.0-202201261123.p0.g3787d15.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-clusterresourceoverride-rhel8@sha256:b297025d05f3b5898e97bcd4c79151338605848a32028e4bf2a8e20d46a9a0e6_s390x",
"product": {
"name": "openshift4/ose-clusterresourceoverride-rhel8@sha256:b297025d05f3b5898e97bcd4c79151338605848a32028e4bf2a8e20d46a9a0e6_s390x",
"product_id": "openshift4/ose-clusterresourceoverride-rhel8@sha256:b297025d05f3b5898e97bcd4c79151338605848a32028e4bf2a8e20d46a9a0e6_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-clusterresourceoverride-rhel8@sha256:b297025d05f3b5898e97bcd4c79151338605848a32028e4bf2a8e20d46a9a0e6?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-clusterresourceoverride-rhel8\u0026tag=v4.7.0-202201261123.p0.gd12134c.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:4af4402195c6da600602a0870a9ca8f2913637ab9b4adaca731ce1f514bfb71d_s390x",
"product": {
"name": "openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:4af4402195c6da600602a0870a9ca8f2913637ab9b4adaca731ce1f514bfb71d_s390x",
"product_id": "openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:4af4402195c6da600602a0870a9ca8f2913637ab9b4adaca731ce1f514bfb71d_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-clusterresourceoverride-rhel8-operator@sha256:4af4402195c6da600602a0870a9ca8f2913637ab9b4adaca731ce1f514bfb71d?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-clusterresourceoverride-rhel8-operator\u0026tag=v4.7.0-202201261123.p0.g2945596.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-egress-http-proxy@sha256:11fdd61a55cc06e6b4d1a8aefdf762bf2db21e351962285e26f2ab3d95a8460e_s390x",
"product": {
"name": "openshift4/ose-egress-http-proxy@sha256:11fdd61a55cc06e6b4d1a8aefdf762bf2db21e351962285e26f2ab3d95a8460e_s390x",
"product_id": "openshift4/ose-egress-http-proxy@sha256:11fdd61a55cc06e6b4d1a8aefdf762bf2db21e351962285e26f2ab3d95a8460e_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-egress-http-proxy@sha256:11fdd61a55cc06e6b4d1a8aefdf762bf2db21e351962285e26f2ab3d95a8460e?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-egress-http-proxy\u0026tag=v4.7.0-202201261123.p0.g0e45f63.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:ee09644f92a405a9d847d4f183b30208987c9afb61c15dea10175ac0b08bf5a6_s390x",
"product": {
"name": "openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:ee09644f92a405a9d847d4f183b30208987c9afb61c15dea10175ac0b08bf5a6_s390x",
"product_id": "openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:ee09644f92a405a9d847d4f183b30208987c9afb61c15dea10175ac0b08bf5a6_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-jenkins-agent-nodejs-10-rhel8@sha256:ee09644f92a405a9d847d4f183b30208987c9afb61c15dea10175ac0b08bf5a6?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-jenkins-agent-nodejs-10-rhel8\u0026tag=v4.7.0-202202020525.p0.g1383028.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/kubernetes-nmstate-rhel8-operator@sha256:a03a81188cbb41a6b947e213054834503ff0b138790657e7bcfb89ac76db7e2f_s390x",
"product": {
"name": "openshift4/kubernetes-nmstate-rhel8-operator@sha256:a03a81188cbb41a6b947e213054834503ff0b138790657e7bcfb89ac76db7e2f_s390x",
"product_id": "openshift4/kubernetes-nmstate-rhel8-operator@sha256:a03a81188cbb41a6b947e213054834503ff0b138790657e7bcfb89ac76db7e2f_s390x",
"product_identification_helper": {
"purl": "pkg:oci/kubernetes-nmstate-rhel8-operator@sha256:a03a81188cbb41a6b947e213054834503ff0b138790657e7bcfb89ac76db7e2f?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/kubernetes-nmstate-rhel8-operator\u0026tag=v4.7.0-202201261123.p0.g1987544.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-ptp@sha256:8a59f23dd45f1b7f8149711cd2f4420795c3e29a800c9bcfe53413cd519e3d84_s390x",
"product": {
"name": "openshift4/ose-ptp@sha256:8a59f23dd45f1b7f8149711cd2f4420795c3e29a800c9bcfe53413cd519e3d84_s390x",
"product_id": "openshift4/ose-ptp@sha256:8a59f23dd45f1b7f8149711cd2f4420795c3e29a800c9bcfe53413cd519e3d84_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-ptp@sha256:8a59f23dd45f1b7f8149711cd2f4420795c3e29a800c9bcfe53413cd519e3d84?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-ptp\u0026tag=v4.7.0-202201261123.p0.g6602684.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-local-storage-mustgather-rhel8@sha256:a172fc08b88d93cfacedd5c7a70a187dcbc4709413e200f26498558ec1d0b93a_s390x",
"product": {
"name": "openshift4/ose-local-storage-mustgather-rhel8@sha256:a172fc08b88d93cfacedd5c7a70a187dcbc4709413e200f26498558ec1d0b93a_s390x",
"product_id": "openshift4/ose-local-storage-mustgather-rhel8@sha256:a172fc08b88d93cfacedd5c7a70a187dcbc4709413e200f26498558ec1d0b93a_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-local-storage-mustgather-rhel8@sha256:a172fc08b88d93cfacedd5c7a70a187dcbc4709413e200f26498558ec1d0b93a?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-local-storage-mustgather-rhel8\u0026tag=v4.7.0-202201261537.p0.g56eb729.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-metering-helm-container-rhel8@sha256:d412d15d2538f1c8cda65219aa518627c14c7d1124246b96c71ee9b806fc6509_s390x",
"product": {
"name": "openshift4/ose-metering-helm-container-rhel8@sha256:d412d15d2538f1c8cda65219aa518627c14c7d1124246b96c71ee9b806fc6509_s390x",
"product_id": "openshift4/ose-metering-helm-container-rhel8@sha256:d412d15d2538f1c8cda65219aa518627c14c7d1124246b96c71ee9b806fc6509_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-metering-helm-container-rhel8@sha256:d412d15d2538f1c8cda65219aa518627c14c7d1124246b96c71ee9b806fc6509?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-metering-helm-container-rhel8\u0026tag=v4.7.0-202201261123.p0.gdccc202.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/network-tools-rhel8@sha256:d5c128fb34258594b23210743a46f22ec0efd9178011d749c6e93365fa482470_s390x",
"product": {
"name": "openshift4/network-tools-rhel8@sha256:d5c128fb34258594b23210743a46f22ec0efd9178011d749c6e93365fa482470_s390x",
"product_id": "openshift4/network-tools-rhel8@sha256:d5c128fb34258594b23210743a46f22ec0efd9178011d749c6e93365fa482470_s390x",
"product_identification_helper": {
"purl": "pkg:oci/network-tools-rhel8@sha256:d5c128fb34258594b23210743a46f22ec0efd9178011d749c6e93365fa482470?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/network-tools-rhel8\u0026tag=v4.7.0-202202011649.p0.g70c7f85.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-ptp-operator@sha256:3c4cca09987bb6030b6519394465469b7180c2a042854d38044f5cc3f7d2b30b_s390x",
"product": {
"name": "openshift4/ose-ptp-operator@sha256:3c4cca09987bb6030b6519394465469b7180c2a042854d38044f5cc3f7d2b30b_s390x",
"product_id": "openshift4/ose-ptp-operator@sha256:3c4cca09987bb6030b6519394465469b7180c2a042854d38044f5cc3f7d2b30b_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-ptp-operator@sha256:3c4cca09987bb6030b6519394465469b7180c2a042854d38044f5cc3f7d2b30b?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-ptp-operator\u0026tag=v4.7.0-202201261123.p0.g0853bcd.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:5d67547980eca90abba55217671e141a5211b188fde220a7738d00c492719a90_s390x",
"product": {
"name": "openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:5d67547980eca90abba55217671e141a5211b188fde220a7738d00c492719a90_s390x",
"product_id": "openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:5d67547980eca90abba55217671e141a5211b188fde220a7738d00c492719a90_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-vertical-pod-autoscaler-rhel8@sha256:5d67547980eca90abba55217671e141a5211b188fde220a7738d00c492719a90?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-vertical-pod-autoscaler-rhel8\u0026tag=v4.7.0-202201261123.p0.g8b2e494.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:29b1accb1927eed49cc610fde0d6510c4e4c50e691a09e6d756ae01fa09e0931_s390x",
"product": {
"name": "openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:29b1accb1927eed49cc610fde0d6510c4e4c50e691a09e6d756ae01fa09e0931_s390x",
"product_id": "openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:29b1accb1927eed49cc610fde0d6510c4e4c50e691a09e6d756ae01fa09e0931_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-vertical-pod-autoscaler-rhel8-operator@sha256:29b1accb1927eed49cc610fde0d6510c4e4c50e691a09e6d756ae01fa09e0931?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-vertical-pod-autoscaler-rhel8-operator\u0026tag=v4.7.0-202201261123.p0.g49937fc.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ptp-must-gather-rhel8@sha256:6a109b85e3bf018b10fa79b0fdbfc60342ceef50f3b481b52f775fc64e9ca749_s390x",
"product": {
"name": "openshift4/ptp-must-gather-rhel8@sha256:6a109b85e3bf018b10fa79b0fdbfc60342ceef50f3b481b52f775fc64e9ca749_s390x",
"product_id": "openshift4/ptp-must-gather-rhel8@sha256:6a109b85e3bf018b10fa79b0fdbfc60342ceef50f3b481b52f775fc64e9ca749_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ptp-must-gather-rhel8@sha256:6a109b85e3bf018b10fa79b0fdbfc60342ceef50f3b481b52f775fc64e9ca749?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ptp-must-gather-rhel8\u0026tag=v4.7.0-202201261123.p0.g0853bcd.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-sriov-cni@sha256:81a5d568bcc8c8f6eb387df1d437b6d0500b891c3caeb84b27858034f3de603c_s390x",
"product": {
"name": "openshift4/ose-sriov-cni@sha256:81a5d568bcc8c8f6eb387df1d437b6d0500b891c3caeb84b27858034f3de603c_s390x",
"product_id": "openshift4/ose-sriov-cni@sha256:81a5d568bcc8c8f6eb387df1d437b6d0500b891c3caeb84b27858034f3de603c_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-sriov-cni@sha256:81a5d568bcc8c8f6eb387df1d437b6d0500b891c3caeb84b27858034f3de603c?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-sriov-cni\u0026tag=v4.7.0-202201261123.p0.g2ad0912.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-sriov-dp-admission-controller@sha256:1645377753534108e3efeb01f6140a26ec53137041ff02a1284352c3e273fd0c_s390x",
"product": {
"name": "openshift4/ose-sriov-dp-admission-controller@sha256:1645377753534108e3efeb01f6140a26ec53137041ff02a1284352c3e273fd0c_s390x",
"product_id": "openshift4/ose-sriov-dp-admission-controller@sha256:1645377753534108e3efeb01f6140a26ec53137041ff02a1284352c3e273fd0c_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-sriov-dp-admission-controller@sha256:1645377753534108e3efeb01f6140a26ec53137041ff02a1284352c3e273fd0c?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-sriov-dp-admission-controller\u0026tag=v4.7.0-202201261123.p0.g552c314.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-sriov-network-config-daemon@sha256:1f79da5009c02e53f313b417025d3ffc7e5c54e6428013c5d8c240d95295018b_s390x",
"product": {
"name": "openshift4/ose-sriov-network-config-daemon@sha256:1f79da5009c02e53f313b417025d3ffc7e5c54e6428013c5d8c240d95295018b_s390x",
"product_id": "openshift4/ose-sriov-network-config-daemon@sha256:1f79da5009c02e53f313b417025d3ffc7e5c54e6428013c5d8c240d95295018b_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-sriov-network-config-daemon@sha256:1f79da5009c02e53f313b417025d3ffc7e5c54e6428013c5d8c240d95295018b?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-sriov-network-config-daemon\u0026tag=v4.7.0-202201261123.p0.gf6c2ccd.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-sriov-network-device-plugin@sha256:697a084e5a30a0c6ca7e77ce5c77ada9deb5f109decc0f164a9378b40134ed82_s390x",
"product": {
"name": "openshift4/ose-sriov-network-device-plugin@sha256:697a084e5a30a0c6ca7e77ce5c77ada9deb5f109decc0f164a9378b40134ed82_s390x",
"product_id": "openshift4/ose-sriov-network-device-plugin@sha256:697a084e5a30a0c6ca7e77ce5c77ada9deb5f109decc0f164a9378b40134ed82_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-sriov-network-device-plugin@sha256:697a084e5a30a0c6ca7e77ce5c77ada9deb5f109decc0f164a9378b40134ed82?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-sriov-network-device-plugin\u0026tag=v4.7.0-202201261123.p0.g6d9de39.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-sriov-operator-must-gather@sha256:a270a26fe3257c4ab4020975e8ceb88ed223457497fd7bc11849ce96a0075c1c_s390x",
"product": {
"name": "openshift4/ose-sriov-operator-must-gather@sha256:a270a26fe3257c4ab4020975e8ceb88ed223457497fd7bc11849ce96a0075c1c_s390x",
"product_id": "openshift4/ose-sriov-operator-must-gather@sha256:a270a26fe3257c4ab4020975e8ceb88ed223457497fd7bc11849ce96a0075c1c_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-sriov-operator-must-gather@sha256:a270a26fe3257c4ab4020975e8ceb88ed223457497fd7bc11849ce96a0075c1c?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-sriov-operator-must-gather\u0026tag=v4.7.0-202201261123.p0.gf6c2ccd.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-sriov-network-operator@sha256:74f269f0228b727f77e87c39fd5eeb02345fb44eeef235e3b30decb8142a6cf5_s390x",
"product": {
"name": "openshift4/ose-sriov-network-operator@sha256:74f269f0228b727f77e87c39fd5eeb02345fb44eeef235e3b30decb8142a6cf5_s390x",
"product_id": "openshift4/ose-sriov-network-operator@sha256:74f269f0228b727f77e87c39fd5eeb02345fb44eeef235e3b30decb8142a6cf5_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-sriov-network-operator@sha256:74f269f0228b727f77e87c39fd5eeb02345fb44eeef235e3b30decb8142a6cf5?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-sriov-network-operator\u0026tag=v4.7.0-202201261123.p0.gf6c2ccd.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-sriov-network-webhook@sha256:6eb41f6dcfbdfbefcd12827661e676155758ea3c29f5df868c4bd27b2f323cb3_s390x",
"product": {
"name": "openshift4/ose-sriov-network-webhook@sha256:6eb41f6dcfbdfbefcd12827661e676155758ea3c29f5df868c4bd27b2f323cb3_s390x",
"product_id": "openshift4/ose-sriov-network-webhook@sha256:6eb41f6dcfbdfbefcd12827661e676155758ea3c29f5df868c4bd27b2f323cb3_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-sriov-network-webhook@sha256:6eb41f6dcfbdfbefcd12827661e676155758ea3c29f5df868c4bd27b2f323cb3?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-sriov-network-webhook\u0026tag=v4.7.0-202201261123.p0.gf6c2ccd.assembly.stream"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift4/ose-descheduler@sha256:3a04d4a7f569a1f029ee9e4720f8eabd96bdf1ab848bf0a996b7f449181919d6_amd64",
"product": {
"name": "openshift4/ose-descheduler@sha256:3a04d4a7f569a1f029ee9e4720f8eabd96bdf1ab848bf0a996b7f449181919d6_amd64",
"product_id": "openshift4/ose-descheduler@sha256:3a04d4a7f569a1f029ee9e4720f8eabd96bdf1ab848bf0a996b7f449181919d6_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-descheduler@sha256:3a04d4a7f569a1f029ee9e4720f8eabd96bdf1ab848bf0a996b7f449181919d6?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-descheduler\u0026tag=v4.7.0-202201261123.p0.g7295089.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-node-problem-detector-rhel8@sha256:7a6eb4ee386df0f8f8a1d34c84efe6c895c9f24e3f0e0845016bb845b11f03d3_amd64",
"product": {
"name": "openshift4/ose-node-problem-detector-rhel8@sha256:7a6eb4ee386df0f8f8a1d34c84efe6c895c9f24e3f0e0845016bb845b11f03d3_amd64",
"product_id": "openshift4/ose-node-problem-detector-rhel8@sha256:7a6eb4ee386df0f8f8a1d34c84efe6c895c9f24e3f0e0845016bb845b11f03d3_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-node-problem-detector-rhel8@sha256:7a6eb4ee386df0f8f8a1d34c84efe6c895c9f24e3f0e0845016bb845b11f03d3?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-node-problem-detector-rhel8\u0026tag=v4.7.0-202201261123.p0.g1acc3dd.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-cluster-nfd-operator@sha256:97621545cd74e2810fbc88883c52635e957ab7bb985545660b4848790de078e4_amd64",
"product": {
"name": "openshift4/ose-cluster-nfd-operator@sha256:97621545cd74e2810fbc88883c52635e957ab7bb985545660b4848790de078e4_amd64",
"product_id": "openshift4/ose-cluster-nfd-operator@sha256:97621545cd74e2810fbc88883c52635e957ab7bb985545660b4848790de078e4_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-cluster-nfd-operator@sha256:97621545cd74e2810fbc88883c52635e957ab7bb985545660b4848790de078e4?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-cluster-nfd-operator\u0026tag=v4.7.0-202201261123.p0.ga500af3.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-ghostunnel@sha256:571ced638d5cb907342143c6a515e482c428f3f3729f247ac7d86cf7acebe64d_amd64",
"product": {
"name": "openshift4/ose-ghostunnel@sha256:571ced638d5cb907342143c6a515e482c428f3f3729f247ac7d86cf7acebe64d_amd64",
"product_id": "openshift4/ose-ghostunnel@sha256:571ced638d5cb907342143c6a515e482c428f3f3729f247ac7d86cf7acebe64d_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-ghostunnel@sha256:571ced638d5cb907342143c6a515e482c428f3f3729f247ac7d86cf7acebe64d?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-ghostunnel\u0026tag=v4.7.0-202201261123.p0.g7907399.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-metering-hadoop@sha256:16df368c03c18909eeba85f81ef3427a0df32364a91faf88669cc69c5cee54db_amd64",
"product": {
"name": "openshift4/ose-metering-hadoop@sha256:16df368c03c18909eeba85f81ef3427a0df32364a91faf88669cc69c5cee54db_amd64",
"product_id": "openshift4/ose-metering-hadoop@sha256:16df368c03c18909eeba85f81ef3427a0df32364a91faf88669cc69c5cee54db_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-metering-hadoop@sha256:16df368c03c18909eeba85f81ef3427a0df32364a91faf88669cc69c5cee54db?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-metering-hadoop\u0026tag=v4.7.0-202201271626.p0.g6046504.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-metering-hive@sha256:c41e848a2663da5fc9820eadb880cb2ab456c104977b35fe67b8c34993d79edc_amd64",
"product": {
"name": "openshift4/ose-metering-hive@sha256:c41e848a2663da5fc9820eadb880cb2ab456c104977b35fe67b8c34993d79edc_amd64",
"product_id": "openshift4/ose-metering-hive@sha256:c41e848a2663da5fc9820eadb880cb2ab456c104977b35fe67b8c34993d79edc_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-metering-hive@sha256:c41e848a2663da5fc9820eadb880cb2ab456c104977b35fe67b8c34993d79edc?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-metering-hive\u0026tag=v4.7.0-202201271626.p0.g12e974d.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-sriov-infiniband-cni@sha256:44186335cae56b10b649766841da6ec9cf87105289e64fab69a274e3bee2e822_amd64",
"product": {
"name": "openshift4/ose-sriov-infiniband-cni@sha256:44186335cae56b10b649766841da6ec9cf87105289e64fab69a274e3bee2e822_amd64",
"product_id": "openshift4/ose-sriov-infiniband-cni@sha256:44186335cae56b10b649766841da6ec9cf87105289e64fab69a274e3bee2e822_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-sriov-infiniband-cni@sha256:44186335cae56b10b649766841da6ec9cf87105289e64fab69a274e3bee2e822?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-sriov-infiniband-cni\u0026tag=v4.7.0-202201261123.p0.g3a0d90c.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-local-storage-diskmaker@sha256:14f5cc593403a32b0d3aea18b4c916b92d73bd29a784de330f2055fc549144a8_amd64",
"product": {
"name": "openshift4/ose-local-storage-diskmaker@sha256:14f5cc593403a32b0d3aea18b4c916b92d73bd29a784de330f2055fc549144a8_amd64",
"product_id": "openshift4/ose-local-storage-diskmaker@sha256:14f5cc593403a32b0d3aea18b4c916b92d73bd29a784de330f2055fc549144a8_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-local-storage-diskmaker@sha256:14f5cc593403a32b0d3aea18b4c916b92d73bd29a784de330f2055fc549144a8?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-local-storage-diskmaker\u0026tag=v4.7.0-202201261123.p0.g56eb729.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-local-storage-operator@sha256:7ad09f547291f527313ef62a42f32cd1e28d922abbf4d3faf1a62316fc138835_amd64",
"product": {
"name": "openshift4/ose-local-storage-operator@sha256:7ad09f547291f527313ef62a42f32cd1e28d922abbf4d3faf1a62316fc138835_amd64",
"product_id": "openshift4/ose-local-storage-operator@sha256:7ad09f547291f527313ef62a42f32cd1e28d922abbf4d3faf1a62316fc138835_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-local-storage-operator@sha256:7ad09f547291f527313ef62a42f32cd1e28d922abbf4d3faf1a62316fc138835?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-local-storage-operator\u0026tag=v4.7.0-202201261123.p0.g56eb729.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-local-storage-static-provisioner@sha256:a51abc91479ae86fb2767c3bf333cd0a4a4a0b04c77cc0e134d60583d81b251f_amd64",
"product": {
"name": "openshift4/ose-local-storage-static-provisioner@sha256:a51abc91479ae86fb2767c3bf333cd0a4a4a0b04c77cc0e134d60583d81b251f_amd64",
"product_id": "openshift4/ose-local-storage-static-provisioner@sha256:a51abc91479ae86fb2767c3bf333cd0a4a4a0b04c77cc0e134d60583d81b251f_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-local-storage-static-provisioner@sha256:a51abc91479ae86fb2767c3bf333cd0a4a4a0b04c77cc0e134d60583d81b251f?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-local-storage-static-provisioner\u0026tag=v4.7.0-202201261123.p0.ga054523.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-node-feature-discovery@sha256:a1ea240b21b03823fcce770b5f1268e5ba864a95449ab58fb1b1cce320ef31af_amd64",
"product": {
"name": "openshift4/ose-node-feature-discovery@sha256:a1ea240b21b03823fcce770b5f1268e5ba864a95449ab58fb1b1cce320ef31af_amd64",
"product_id": "openshift4/ose-node-feature-discovery@sha256:a1ea240b21b03823fcce770b5f1268e5ba864a95449ab58fb1b1cce320ef31af_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-node-feature-discovery@sha256:a1ea240b21b03823fcce770b5f1268e5ba864a95449ab58fb1b1cce320ef31af?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-node-feature-discovery\u0026tag=v4.7.0-202201261123.p0.g5b1bc4f.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-ansible-operator@sha256:1c211dc19b7c4d691af7b3b0462082a6a9adab75482e695b0d3bff57c56a27e8_amd64",
"product": {
"name": "openshift4/ose-ansible-operator@sha256:1c211dc19b7c4d691af7b3b0462082a6a9adab75482e695b0d3bff57c56a27e8_amd64",
"product_id": "openshift4/ose-ansible-operator@sha256:1c211dc19b7c4d691af7b3b0462082a6a9adab75482e695b0d3bff57c56a27e8_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-ansible-operator@sha256:1c211dc19b7c4d691af7b3b0462082a6a9adab75482e695b0d3bff57c56a27e8?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-ansible-operator\u0026tag=v4.7.0-202201261123.p0.g2cd576d.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-cluster-capacity@sha256:6eb914575b695cda5e32e67bbc0d94d7a9528d0d84d6e830ab9a652c55d8324b_amd64",
"product": {
"name": "openshift4/ose-cluster-capacity@sha256:6eb914575b695cda5e32e67bbc0d94d7a9528d0d84d6e830ab9a652c55d8324b_amd64",
"product_id": "openshift4/ose-cluster-capacity@sha256:6eb914575b695cda5e32e67bbc0d94d7a9528d0d84d6e830ab9a652c55d8324b_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-cluster-capacity@sha256:6eb914575b695cda5e32e67bbc0d94d7a9528d0d84d6e830ab9a652c55d8324b?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-cluster-capacity\u0026tag=v4.7.0-202201261123.p0.g32653a9.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-egress-dns-proxy@sha256:bcf54c517a897f4db420359d9358df078507a8af7270e3354fba68afc74097bf_amd64",
"product": {
"name": "openshift4/ose-egress-dns-proxy@sha256:bcf54c517a897f4db420359d9358df078507a8af7270e3354fba68afc74097bf_amd64",
"product_id": "openshift4/ose-egress-dns-proxy@sha256:bcf54c517a897f4db420359d9358df078507a8af7270e3354fba68afc74097bf_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-egress-dns-proxy@sha256:bcf54c517a897f4db420359d9358df078507a8af7270e3354fba68afc74097bf?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-egress-dns-proxy\u0026tag=v4.7.0-202201261123.p0.g0e45f63.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-egress-router@sha256:8a4af7c5b461ebe67f0773dcafbcd68fa1e80488d8588747530fc1e7cbe49052_amd64",
"product": {
"name": "openshift4/ose-egress-router@sha256:8a4af7c5b461ebe67f0773dcafbcd68fa1e80488d8588747530fc1e7cbe49052_amd64",
"product_id": "openshift4/ose-egress-router@sha256:8a4af7c5b461ebe67f0773dcafbcd68fa1e80488d8588747530fc1e7cbe49052_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-egress-router@sha256:8a4af7c5b461ebe67f0773dcafbcd68fa1e80488d8588747530fc1e7cbe49052?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-egress-router\u0026tag=v4.7.0-202201261123.p0.g0e45f63.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-helm-operator@sha256:1604de3c8644d2fda88838dd2490efac87f5c9b4447177c4f11327ccf08ddc87_amd64",
"product": {
"name": "openshift4/ose-helm-operator@sha256:1604de3c8644d2fda88838dd2490efac87f5c9b4447177c4f11327ccf08ddc87_amd64",
"product_id": "openshift4/ose-helm-operator@sha256:1604de3c8644d2fda88838dd2490efac87f5c9b4447177c4f11327ccf08ddc87_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-helm-operator@sha256:1604de3c8644d2fda88838dd2490efac87f5c9b4447177c4f11327ccf08ddc87?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-helm-operator\u0026tag=v4.7.0-202201261123.p0.g2cd576d.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-operator-sdk-rhel8@sha256:a4222e6b92e1ede8ea7504723860c0555ba7702db0813024a36936916ac84658_amd64",
"product": {
"name": "openshift4/ose-operator-sdk-rhel8@sha256:a4222e6b92e1ede8ea7504723860c0555ba7702db0813024a36936916ac84658_amd64",
"product_id": "openshift4/ose-operator-sdk-rhel8@sha256:a4222e6b92e1ede8ea7504723860c0555ba7702db0813024a36936916ac84658_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-operator-sdk-rhel8@sha256:a4222e6b92e1ede8ea7504723860c0555ba7702db0813024a36936916ac84658?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-operator-sdk-rhel8\u0026tag=v4.7.0-202201261123.p0.g2cd576d.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-service-idler-rhel8@sha256:452674002f3d1b77096b76c8d682a09112ff7a5201ce3b4ab8c7893c66325c06_amd64",
"product": {
"name": "openshift4/ose-service-idler-rhel8@sha256:452674002f3d1b77096b76c8d682a09112ff7a5201ce3b4ab8c7893c66325c06_amd64",
"product_id": "openshift4/ose-service-idler-rhel8@sha256:452674002f3d1b77096b76c8d682a09112ff7a5201ce3b4ab8c7893c66325c06_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-service-idler-rhel8@sha256:452674002f3d1b77096b76c8d682a09112ff7a5201ce3b4ab8c7893c66325c06?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-service-idler-rhel8\u0026tag=v4.7.0-202201261123.p0.g39cfc66.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-kubernetes-nmstate-handler-rhel8@sha256:f222c80234892103ad4bafc8b93f931cb84aff4589737041c390e9ff0c544834_amd64",
"product": {
"name": "openshift4/ose-kubernetes-nmstate-handler-rhel8@sha256:f222c80234892103ad4bafc8b93f931cb84aff4589737041c390e9ff0c544834_amd64",
"product_id": "openshift4/ose-kubernetes-nmstate-handler-rhel8@sha256:f222c80234892103ad4bafc8b93f931cb84aff4589737041c390e9ff0c544834_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-kubernetes-nmstate-handler-rhel8@sha256:f222c80234892103ad4bafc8b93f931cb84aff4589737041c390e9ff0c544834?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-kubernetes-nmstate-handler-rhel8\u0026tag=v4.7.0-202201261123.p0.g1987544.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-cluster-kube-descheduler-operator@sha256:d24fb0b4f5c74f0af84fc77322f44ada95d171ced1bebbcf815c046a56d7a7ba_amd64",
"product": {
"name": "openshift4/ose-cluster-kube-descheduler-operator@sha256:d24fb0b4f5c74f0af84fc77322f44ada95d171ced1bebbcf815c046a56d7a7ba_amd64",
"product_id": "openshift4/ose-cluster-kube-descheduler-operator@sha256:d24fb0b4f5c74f0af84fc77322f44ada95d171ced1bebbcf815c046a56d7a7ba_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-cluster-kube-descheduler-operator@sha256:d24fb0b4f5c74f0af84fc77322f44ada95d171ced1bebbcf815c046a56d7a7ba?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-cluster-kube-descheduler-operator\u0026tag=v4.7.0-202201261123.p0.g3787d15.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:d24fb0b4f5c74f0af84fc77322f44ada95d171ced1bebbcf815c046a56d7a7ba_amd64",
"product": {
"name": "openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:d24fb0b4f5c74f0af84fc77322f44ada95d171ced1bebbcf815c046a56d7a7ba_amd64",
"product_id": "openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:d24fb0b4f5c74f0af84fc77322f44ada95d171ced1bebbcf815c046a56d7a7ba_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-cluster-kube-descheduler-rhel8-operator@sha256:d24fb0b4f5c74f0af84fc77322f44ada95d171ced1bebbcf815c046a56d7a7ba?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-cluster-kube-descheduler-rhel8-operator\u0026tag=v4.7.0-202201261123.p0.g3787d15.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-clusterresourceoverride-rhel8@sha256:911cdf7fda86a0eb3b675127d13002bcd67793599f265dfcf40747974aa2b428_amd64",
"product": {
"name": "openshift4/ose-clusterresourceoverride-rhel8@sha256:911cdf7fda86a0eb3b675127d13002bcd67793599f265dfcf40747974aa2b428_amd64",
"product_id": "openshift4/ose-clusterresourceoverride-rhel8@sha256:911cdf7fda86a0eb3b675127d13002bcd67793599f265dfcf40747974aa2b428_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-clusterresourceoverride-rhel8@sha256:911cdf7fda86a0eb3b675127d13002bcd67793599f265dfcf40747974aa2b428?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-clusterresourceoverride-rhel8\u0026tag=v4.7.0-202201261123.p0.gd12134c.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:25e98ea642c5b444e0779f12c86d12ad1eb536e758f82411a836273aaec103a6_amd64",
"product": {
"name": "openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:25e98ea642c5b444e0779f12c86d12ad1eb536e758f82411a836273aaec103a6_amd64",
"product_id": "openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:25e98ea642c5b444e0779f12c86d12ad1eb536e758f82411a836273aaec103a6_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-clusterresourceoverride-rhel8-operator@sha256:25e98ea642c5b444e0779f12c86d12ad1eb536e758f82411a836273aaec103a6?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-clusterresourceoverride-rhel8-operator\u0026tag=v4.7.0-202201261123.p0.g2945596.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-egress-http-proxy@sha256:f6ff58f2d35b430ef267ba99264dd27a985b97863f1fe2c77a97f30493a901ac_amd64",
"product": {
"name": "openshift4/ose-egress-http-proxy@sha256:f6ff58f2d35b430ef267ba99264dd27a985b97863f1fe2c77a97f30493a901ac_amd64",
"product_id": "openshift4/ose-egress-http-proxy@sha256:f6ff58f2d35b430ef267ba99264dd27a985b97863f1fe2c77a97f30493a901ac_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-egress-http-proxy@sha256:f6ff58f2d35b430ef267ba99264dd27a985b97863f1fe2c77a97f30493a901ac?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-egress-http-proxy\u0026tag=v4.7.0-202201261123.p0.g0e45f63.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:2e9e8c76769c6008cf50790781c2b2501304ed8badf62fb1d7ff3d3b03ce5266_amd64",
"product": {
"name": "openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:2e9e8c76769c6008cf50790781c2b2501304ed8badf62fb1d7ff3d3b03ce5266_amd64",
"product_id": "openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:2e9e8c76769c6008cf50790781c2b2501304ed8badf62fb1d7ff3d3b03ce5266_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-jenkins-agent-nodejs-10-rhel8@sha256:2e9e8c76769c6008cf50790781c2b2501304ed8badf62fb1d7ff3d3b03ce5266?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-jenkins-agent-nodejs-10-rhel8\u0026tag=v4.7.0-202202020525.p0.g1383028.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/kubernetes-nmstate-rhel8-operator@sha256:22aa9ccb0b12f4bdc935a7b3cc228a8d1a1f6d890da2e52d5df1889bc405f438_amd64",
"product": {
"name": "openshift4/kubernetes-nmstate-rhel8-operator@sha256:22aa9ccb0b12f4bdc935a7b3cc228a8d1a1f6d890da2e52d5df1889bc405f438_amd64",
"product_id": "openshift4/kubernetes-nmstate-rhel8-operator@sha256:22aa9ccb0b12f4bdc935a7b3cc228a8d1a1f6d890da2e52d5df1889bc405f438_amd64",
"product_identification_helper": {
"purl": "pkg:oci/kubernetes-nmstate-rhel8-operator@sha256:22aa9ccb0b12f4bdc935a7b3cc228a8d1a1f6d890da2e52d5df1889bc405f438?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/kubernetes-nmstate-rhel8-operator\u0026tag=v4.7.0-202201261123.p0.g1987544.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-ptp@sha256:84bc727ebee42779a3ae701eb5b1a8c39d9643efea3b072088f2ecc28574c9e6_amd64",
"product": {
"name": "openshift4/ose-ptp@sha256:84bc727ebee42779a3ae701eb5b1a8c39d9643efea3b072088f2ecc28574c9e6_amd64",
"product_id": "openshift4/ose-ptp@sha256:84bc727ebee42779a3ae701eb5b1a8c39d9643efea3b072088f2ecc28574c9e6_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-ptp@sha256:84bc727ebee42779a3ae701eb5b1a8c39d9643efea3b072088f2ecc28574c9e6?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-ptp\u0026tag=v4.7.0-202201261123.p0.g6602684.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-local-storage-mustgather-rhel8@sha256:44e10acf9603002364f4a6a85863946f8381297a50b0181514420511ebea80c8_amd64",
"product": {
"name": "openshift4/ose-local-storage-mustgather-rhel8@sha256:44e10acf9603002364f4a6a85863946f8381297a50b0181514420511ebea80c8_amd64",
"product_id": "openshift4/ose-local-storage-mustgather-rhel8@sha256:44e10acf9603002364f4a6a85863946f8381297a50b0181514420511ebea80c8_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-local-storage-mustgather-rhel8@sha256:44e10acf9603002364f4a6a85863946f8381297a50b0181514420511ebea80c8?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-local-storage-mustgather-rhel8\u0026tag=v4.7.0-202201261537.p0.g56eb729.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-metering-ansible-operator@sha256:6adbba804c49204290251bf308f23377ba59ca878cc347450c8251cd8f9c6fec_amd64",
"product": {
"name": "openshift4/ose-metering-ansible-operator@sha256:6adbba804c49204290251bf308f23377ba59ca878cc347450c8251cd8f9c6fec_amd64",
"product_id": "openshift4/ose-metering-ansible-operator@sha256:6adbba804c49204290251bf308f23377ba59ca878cc347450c8251cd8f9c6fec_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-metering-ansible-operator@sha256:6adbba804c49204290251bf308f23377ba59ca878cc347450c8251cd8f9c6fec?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-metering-ansible-operator\u0026tag=v4.7.0-202201271626.p0.g3959be4.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-metering-helm-container-rhel8@sha256:bc0841525bba0fea0a26b23b22cb41401284b9a458aa6fe9e112eab641b092b0_amd64",
"product": {
"name": "openshift4/ose-metering-helm-container-rhel8@sha256:bc0841525bba0fea0a26b23b22cb41401284b9a458aa6fe9e112eab641b092b0_amd64",
"product_id": "openshift4/ose-metering-helm-container-rhel8@sha256:bc0841525bba0fea0a26b23b22cb41401284b9a458aa6fe9e112eab641b092b0_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-metering-helm-container-rhel8@sha256:bc0841525bba0fea0a26b23b22cb41401284b9a458aa6fe9e112eab641b092b0?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-metering-helm-container-rhel8\u0026tag=v4.7.0-202201261123.p0.gdccc202.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-metering-reporting-operator@sha256:a8f402ad94c4b46a3cd073d82f98c10e449a7d167ad4ed279ba8339e4c7fa411_amd64",
"product": {
"name": "openshift4/ose-metering-reporting-operator@sha256:a8f402ad94c4b46a3cd073d82f98c10e449a7d167ad4ed279ba8339e4c7fa411_amd64",
"product_id": "openshift4/ose-metering-reporting-operator@sha256:a8f402ad94c4b46a3cd073d82f98c10e449a7d167ad4ed279ba8339e4c7fa411_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-metering-reporting-operator@sha256:a8f402ad94c4b46a3cd073d82f98c10e449a7d167ad4ed279ba8339e4c7fa411?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-metering-reporting-operator\u0026tag=v4.7.0-202201261123.p0.g3959be4.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/network-tools-rhel8@sha256:c2dff29f5402be6ab1ed05f970df2095885bb0c6ce301999d1978ab2f6bd10dc_amd64",
"product": {
"name": "openshift4/network-tools-rhel8@sha256:c2dff29f5402be6ab1ed05f970df2095885bb0c6ce301999d1978ab2f6bd10dc_amd64",
"product_id": "openshift4/network-tools-rhel8@sha256:c2dff29f5402be6ab1ed05f970df2095885bb0c6ce301999d1978ab2f6bd10dc_amd64",
"product_identification_helper": {
"purl": "pkg:oci/network-tools-rhel8@sha256:c2dff29f5402be6ab1ed05f970df2095885bb0c6ce301999d1978ab2f6bd10dc?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/network-tools-rhel8\u0026tag=v4.7.0-202202011649.p0.g70c7f85.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-ptp-operator@sha256:fecc5f0d5387857fe8bbc0be5de85038fa81fff05d68b8c9a7f17d69b9744a90_amd64",
"product": {
"name": "openshift4/ose-ptp-operator@sha256:fecc5f0d5387857fe8bbc0be5de85038fa81fff05d68b8c9a7f17d69b9744a90_amd64",
"product_id": "openshift4/ose-ptp-operator@sha256:fecc5f0d5387857fe8bbc0be5de85038fa81fff05d68b8c9a7f17d69b9744a90_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-ptp-operator@sha256:fecc5f0d5387857fe8bbc0be5de85038fa81fff05d68b8c9a7f17d69b9744a90?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-ptp-operator\u0026tag=v4.7.0-202201261123.p0.g0853bcd.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:4e8d3b120530fe8d18d06aaca7792ef537fc92c2db6afaf7c3069dd55f844da9_amd64",
"product": {
"name": "openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:4e8d3b120530fe8d18d06aaca7792ef537fc92c2db6afaf7c3069dd55f844da9_amd64",
"product_id": "openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:4e8d3b120530fe8d18d06aaca7792ef537fc92c2db6afaf7c3069dd55f844da9_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-vertical-pod-autoscaler-rhel8@sha256:4e8d3b120530fe8d18d06aaca7792ef537fc92c2db6afaf7c3069dd55f844da9?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-vertical-pod-autoscaler-rhel8\u0026tag=v4.7.0-202201261123.p0.g8b2e494.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:60bfdb1ee8a9c42dd8b63a60411136ac85ab728b99e92e79c9035dc95eab88cb_amd64",
"product": {
"name": "openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:60bfdb1ee8a9c42dd8b63a60411136ac85ab728b99e92e79c9035dc95eab88cb_amd64",
"product_id": "openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:60bfdb1ee8a9c42dd8b63a60411136ac85ab728b99e92e79c9035dc95eab88cb_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-vertical-pod-autoscaler-rhel8-operator@sha256:60bfdb1ee8a9c42dd8b63a60411136ac85ab728b99e92e79c9035dc95eab88cb?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-vertical-pod-autoscaler-rhel8-operator\u0026tag=v4.7.0-202201261123.p0.g49937fc.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-metering-presto@sha256:894b27ab5d6b96679083bcc1fa1af97cce3211dab3c4c2801b97155a90f8e022_amd64",
"product": {
"name": "openshift4/ose-metering-presto@sha256:894b27ab5d6b96679083bcc1fa1af97cce3211dab3c4c2801b97155a90f8e022_amd64",
"product_id": "openshift4/ose-metering-presto@sha256:894b27ab5d6b96679083bcc1fa1af97cce3211dab3c4c2801b97155a90f8e022_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-metering-presto@sha256:894b27ab5d6b96679083bcc1fa1af97cce3211dab3c4c2801b97155a90f8e022?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-metering-presto\u0026tag=v4.7.0-202201271626.p0.g2155d34.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ptp-must-gather-rhel8@sha256:a513ce618ce42f1cd4b3b3eb4d075cc229f6b2f829c355be8de29c1910d6138d_amd64",
"product": {
"name": "openshift4/ptp-must-gather-rhel8@sha256:a513ce618ce42f1cd4b3b3eb4d075cc229f6b2f829c355be8de29c1910d6138d_amd64",
"product_id": "openshift4/ptp-must-gather-rhel8@sha256:a513ce618ce42f1cd4b3b3eb4d075cc229f6b2f829c355be8de29c1910d6138d_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ptp-must-gather-rhel8@sha256:a513ce618ce42f1cd4b3b3eb4d075cc229f6b2f829c355be8de29c1910d6138d?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ptp-must-gather-rhel8\u0026tag=v4.7.0-202201261123.p0.g0853bcd.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-sriov-cni@sha256:82e46f02c6f0c88139dc1e20a1b61510d3ee2d42ed65118669def44a83735595_amd64",
"product": {
"name": "openshift4/ose-sriov-cni@sha256:82e46f02c6f0c88139dc1e20a1b61510d3ee2d42ed65118669def44a83735595_amd64",
"product_id": "openshift4/ose-sriov-cni@sha256:82e46f02c6f0c88139dc1e20a1b61510d3ee2d42ed65118669def44a83735595_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-sriov-cni@sha256:82e46f02c6f0c88139dc1e20a1b61510d3ee2d42ed65118669def44a83735595?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-sriov-cni\u0026tag=v4.7.0-202201261123.p0.g2ad0912.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-sriov-dp-admission-controller@sha256:e9d74ba6c5c8e863288bc2543e57ac1119c4e47ee9a4f355dfc99b24fc831f82_amd64",
"product": {
"name": "openshift4/ose-sriov-dp-admission-controller@sha256:e9d74ba6c5c8e863288bc2543e57ac1119c4e47ee9a4f355dfc99b24fc831f82_amd64",
"product_id": "openshift4/ose-sriov-dp-admission-controller@sha256:e9d74ba6c5c8e863288bc2543e57ac1119c4e47ee9a4f355dfc99b24fc831f82_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-sriov-dp-admission-controller@sha256:e9d74ba6c5c8e863288bc2543e57ac1119c4e47ee9a4f355dfc99b24fc831f82?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-sriov-dp-admission-controller\u0026tag=v4.7.0-202201261123.p0.g552c314.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-sriov-network-config-daemon@sha256:726e97cc553dec762030d19e37ceace8398bb6ea2bea5d2853fab9d21a830b87_amd64",
"product": {
"name": "openshift4/ose-sriov-network-config-daemon@sha256:726e97cc553dec762030d19e37ceace8398bb6ea2bea5d2853fab9d21a830b87_amd64",
"product_id": "openshift4/ose-sriov-network-config-daemon@sha256:726e97cc553dec762030d19e37ceace8398bb6ea2bea5d2853fab9d21a830b87_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-sriov-network-config-daemon@sha256:726e97cc553dec762030d19e37ceace8398bb6ea2bea5d2853fab9d21a830b87?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-sriov-network-config-daemon\u0026tag=v4.7.0-202201261123.p0.gf6c2ccd.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-sriov-network-device-plugin@sha256:31a390e00f9a2f992508f586e6fce8c0ce046760b553ea007feee1d80c221dee_amd64",
"product": {
"name": "openshift4/ose-sriov-network-device-plugin@sha256:31a390e00f9a2f992508f586e6fce8c0ce046760b553ea007feee1d80c221dee_amd64",
"product_id": "openshift4/ose-sriov-network-device-plugin@sha256:31a390e00f9a2f992508f586e6fce8c0ce046760b553ea007feee1d80c221dee_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-sriov-network-device-plugin@sha256:31a390e00f9a2f992508f586e6fce8c0ce046760b553ea007feee1d80c221dee?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-sriov-network-device-plugin\u0026tag=v4.7.0-202201261123.p0.g6d9de39.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-sriov-operator-must-gather@sha256:7cc7dc4a8aa0785fcb60e17b2aa51629f4bbdf3584b6f87250417ad57d2424ea_amd64",
"product": {
"name": "openshift4/ose-sriov-operator-must-gather@sha256:7cc7dc4a8aa0785fcb60e17b2aa51629f4bbdf3584b6f87250417ad57d2424ea_amd64",
"product_id": "openshift4/ose-sriov-operator-must-gather@sha256:7cc7dc4a8aa0785fcb60e17b2aa51629f4bbdf3584b6f87250417ad57d2424ea_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-sriov-operator-must-gather@sha256:7cc7dc4a8aa0785fcb60e17b2aa51629f4bbdf3584b6f87250417ad57d2424ea?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-sriov-operator-must-gather\u0026tag=v4.7.0-202201261123.p0.gf6c2ccd.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-sriov-network-operator@sha256:a601452298527b60417ce4bc1cd70578fe3e6c08e5b7206a44135e87dae22fee_amd64",
"product": {
"name": "openshift4/ose-sriov-network-operator@sha256:a601452298527b60417ce4bc1cd70578fe3e6c08e5b7206a44135e87dae22fee_amd64",
"product_id": "openshift4/ose-sriov-network-operator@sha256:a601452298527b60417ce4bc1cd70578fe3e6c08e5b7206a44135e87dae22fee_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-sriov-network-operator@sha256:a601452298527b60417ce4bc1cd70578fe3e6c08e5b7206a44135e87dae22fee?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-sriov-network-operator\u0026tag=v4.7.0-202201261123.p0.gf6c2ccd.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-sriov-network-webhook@sha256:c600df4806eabd40e14611aba4ca4d71f5b72aff2de914736999a67115b14f51_amd64",
"product": {
"name": "openshift4/ose-sriov-network-webhook@sha256:c600df4806eabd40e14611aba4ca4d71f5b72aff2de914736999a67115b14f51_amd64",
"product_id": "openshift4/ose-sriov-network-webhook@sha256:c600df4806eabd40e14611aba4ca4d71f5b72aff2de914736999a67115b14f51_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-sriov-network-webhook@sha256:c600df4806eabd40e14611aba4ca4d71f5b72aff2de914736999a67115b14f51?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-sriov-network-webhook\u0026tag=v4.7.0-202201261123.p0.gf6c2ccd.assembly.stream"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift4/ose-descheduler@sha256:2fab7094181d5d9fd26137131018543e248d6db6b3564f29fa9dcf971384d600_ppc64le",
"product": {
"name": "openshift4/ose-descheduler@sha256:2fab7094181d5d9fd26137131018543e248d6db6b3564f29fa9dcf971384d600_ppc64le",
"product_id": "openshift4/ose-descheduler@sha256:2fab7094181d5d9fd26137131018543e248d6db6b3564f29fa9dcf971384d600_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-descheduler@sha256:2fab7094181d5d9fd26137131018543e248d6db6b3564f29fa9dcf971384d600?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-descheduler\u0026tag=v4.7.0-202201261123.p0.g7295089.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-node-problem-detector-rhel8@sha256:177cd65fe97f3a2c2c3951471e53f26e00d662e7f948b36b50bf90dee48fa5f2_ppc64le",
"product": {
"name": "openshift4/ose-node-problem-detector-rhel8@sha256:177cd65fe97f3a2c2c3951471e53f26e00d662e7f948b36b50bf90dee48fa5f2_ppc64le",
"product_id": "openshift4/ose-node-problem-detector-rhel8@sha256:177cd65fe97f3a2c2c3951471e53f26e00d662e7f948b36b50bf90dee48fa5f2_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-node-problem-detector-rhel8@sha256:177cd65fe97f3a2c2c3951471e53f26e00d662e7f948b36b50bf90dee48fa5f2?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-node-problem-detector-rhel8\u0026tag=v4.7.0-202201261123.p0.g1acc3dd.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-cluster-nfd-operator@sha256:1a482262a43445c6e56a8ed1c68f50a23241038e7bed6fb5b1ac860093ffd711_ppc64le",
"product": {
"name": "openshift4/ose-cluster-nfd-operator@sha256:1a482262a43445c6e56a8ed1c68f50a23241038e7bed6fb5b1ac860093ffd711_ppc64le",
"product_id": "openshift4/ose-cluster-nfd-operator@sha256:1a482262a43445c6e56a8ed1c68f50a23241038e7bed6fb5b1ac860093ffd711_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-cluster-nfd-operator@sha256:1a482262a43445c6e56a8ed1c68f50a23241038e7bed6fb5b1ac860093ffd711?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-cluster-nfd-operator\u0026tag=v4.7.0-202201261123.p0.ga500af3.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-sriov-infiniband-cni@sha256:25b8e51cedf57a5cd5d84685711e4f46c06b9d3f521bac76b00fbe2fc35310b9_ppc64le",
"product": {
"name": "openshift4/ose-sriov-infiniband-cni@sha256:25b8e51cedf57a5cd5d84685711e4f46c06b9d3f521bac76b00fbe2fc35310b9_ppc64le",
"product_id": "openshift4/ose-sriov-infiniband-cni@sha256:25b8e51cedf57a5cd5d84685711e4f46c06b9d3f521bac76b00fbe2fc35310b9_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-sriov-infiniband-cni@sha256:25b8e51cedf57a5cd5d84685711e4f46c06b9d3f521bac76b00fbe2fc35310b9?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-sriov-infiniband-cni\u0026tag=v4.7.0-202201261123.p0.g3a0d90c.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-local-storage-diskmaker@sha256:72a04abe499e3821465b46b97095c1fb9a085ea65893996ff88429540f9bca62_ppc64le",
"product": {
"name": "openshift4/ose-local-storage-diskmaker@sha256:72a04abe499e3821465b46b97095c1fb9a085ea65893996ff88429540f9bca62_ppc64le",
"product_id": "openshift4/ose-local-storage-diskmaker@sha256:72a04abe499e3821465b46b97095c1fb9a085ea65893996ff88429540f9bca62_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-local-storage-diskmaker@sha256:72a04abe499e3821465b46b97095c1fb9a085ea65893996ff88429540f9bca62?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-local-storage-diskmaker\u0026tag=v4.7.0-202201261123.p0.g56eb729.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-local-storage-operator@sha256:c0c355248008651fc862cfef2300b4a4e31de396ef3c356d576b78ae8d086606_ppc64le",
"product": {
"name": "openshift4/ose-local-storage-operator@sha256:c0c355248008651fc862cfef2300b4a4e31de396ef3c356d576b78ae8d086606_ppc64le",
"product_id": "openshift4/ose-local-storage-operator@sha256:c0c355248008651fc862cfef2300b4a4e31de396ef3c356d576b78ae8d086606_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-local-storage-operator@sha256:c0c355248008651fc862cfef2300b4a4e31de396ef3c356d576b78ae8d086606?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-local-storage-operator\u0026tag=v4.7.0-202201261123.p0.g56eb729.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-local-storage-static-provisioner@sha256:a69a74c4d1851ce45b09dbed28ebf0ea623aa882fb2f90de8fb3e167c2e6ec95_ppc64le",
"product": {
"name": "openshift4/ose-local-storage-static-provisioner@sha256:a69a74c4d1851ce45b09dbed28ebf0ea623aa882fb2f90de8fb3e167c2e6ec95_ppc64le",
"product_id": "openshift4/ose-local-storage-static-provisioner@sha256:a69a74c4d1851ce45b09dbed28ebf0ea623aa882fb2f90de8fb3e167c2e6ec95_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-local-storage-static-provisioner@sha256:a69a74c4d1851ce45b09dbed28ebf0ea623aa882fb2f90de8fb3e167c2e6ec95?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-local-storage-static-provisioner\u0026tag=v4.7.0-202201261123.p0.ga054523.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-node-feature-discovery@sha256:8131f6aa3f829be60efa523e46a207f0d0d54801655d27ddea615e2a0d965e67_ppc64le",
"product": {
"name": "openshift4/ose-node-feature-discovery@sha256:8131f6aa3f829be60efa523e46a207f0d0d54801655d27ddea615e2a0d965e67_ppc64le",
"product_id": "openshift4/ose-node-feature-discovery@sha256:8131f6aa3f829be60efa523e46a207f0d0d54801655d27ddea615e2a0d965e67_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-node-feature-discovery@sha256:8131f6aa3f829be60efa523e46a207f0d0d54801655d27ddea615e2a0d965e67?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-node-feature-discovery\u0026tag=v4.7.0-202201261123.p0.g5b1bc4f.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-ansible-operator@sha256:4624acfc582f366d2b871b528037535a6ef8800409fd2060e7e170912ea3e366_ppc64le",
"product": {
"name": "openshift4/ose-ansible-operator@sha256:4624acfc582f366d2b871b528037535a6ef8800409fd2060e7e170912ea3e366_ppc64le",
"product_id": "openshift4/ose-ansible-operator@sha256:4624acfc582f366d2b871b528037535a6ef8800409fd2060e7e170912ea3e366_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-ansible-operator@sha256:4624acfc582f366d2b871b528037535a6ef8800409fd2060e7e170912ea3e366?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-ansible-operator\u0026tag=v4.7.0-202201261123.p0.g2cd576d.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-cluster-capacity@sha256:755b11a5f0283bd40aca158cba01dc52acc86a0f89c2286f35be1ce1526822c5_ppc64le",
"product": {
"name": "openshift4/ose-cluster-capacity@sha256:755b11a5f0283bd40aca158cba01dc52acc86a0f89c2286f35be1ce1526822c5_ppc64le",
"product_id": "openshift4/ose-cluster-capacity@sha256:755b11a5f0283bd40aca158cba01dc52acc86a0f89c2286f35be1ce1526822c5_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-cluster-capacity@sha256:755b11a5f0283bd40aca158cba01dc52acc86a0f89c2286f35be1ce1526822c5?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-cluster-capacity\u0026tag=v4.7.0-202201261123.p0.g32653a9.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-egress-dns-proxy@sha256:423ebfcd7b5ee5866d9a48748d6ff6cf86ad513debc426ca2f837dad077e6ba9_ppc64le",
"product": {
"name": "openshift4/ose-egress-dns-proxy@sha256:423ebfcd7b5ee5866d9a48748d6ff6cf86ad513debc426ca2f837dad077e6ba9_ppc64le",
"product_id": "openshift4/ose-egress-dns-proxy@sha256:423ebfcd7b5ee5866d9a48748d6ff6cf86ad513debc426ca2f837dad077e6ba9_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-egress-dns-proxy@sha256:423ebfcd7b5ee5866d9a48748d6ff6cf86ad513debc426ca2f837dad077e6ba9?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-egress-dns-proxy\u0026tag=v4.7.0-202201261123.p0.g0e45f63.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-egress-router@sha256:9741b74b0deb3ef44186a0d98a58db45995b2bd404db445621d27d74c02e971f_ppc64le",
"product": {
"name": "openshift4/ose-egress-router@sha256:9741b74b0deb3ef44186a0d98a58db45995b2bd404db445621d27d74c02e971f_ppc64le",
"product_id": "openshift4/ose-egress-router@sha256:9741b74b0deb3ef44186a0d98a58db45995b2bd404db445621d27d74c02e971f_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-egress-router@sha256:9741b74b0deb3ef44186a0d98a58db45995b2bd404db445621d27d74c02e971f?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-egress-router\u0026tag=v4.7.0-202201261123.p0.g0e45f63.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-helm-operator@sha256:edf4456768f7777ac29ace329c391fdd6a6b214c8e747863ca009b13f4d0e4b9_ppc64le",
"product": {
"name": "openshift4/ose-helm-operator@sha256:edf4456768f7777ac29ace329c391fdd6a6b214c8e747863ca009b13f4d0e4b9_ppc64le",
"product_id": "openshift4/ose-helm-operator@sha256:edf4456768f7777ac29ace329c391fdd6a6b214c8e747863ca009b13f4d0e4b9_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-helm-operator@sha256:edf4456768f7777ac29ace329c391fdd6a6b214c8e747863ca009b13f4d0e4b9?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-helm-operator\u0026tag=v4.7.0-202201261123.p0.g2cd576d.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-operator-sdk-rhel8@sha256:048df6fb0114e1337a8187779b9cb02de9f0afefe150a9606f33e50dcdf450f0_ppc64le",
"product": {
"name": "openshift4/ose-operator-sdk-rhel8@sha256:048df6fb0114e1337a8187779b9cb02de9f0afefe150a9606f33e50dcdf450f0_ppc64le",
"product_id": "openshift4/ose-operator-sdk-rhel8@sha256:048df6fb0114e1337a8187779b9cb02de9f0afefe150a9606f33e50dcdf450f0_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-operator-sdk-rhel8@sha256:048df6fb0114e1337a8187779b9cb02de9f0afefe150a9606f33e50dcdf450f0?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-operator-sdk-rhel8\u0026tag=v4.7.0-202201261123.p0.g2cd576d.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-service-idler-rhel8@sha256:41bba8ae933de9d4b23cddc011d71365e4cdabdc9ffcb0de585990e5fbb62cd8_ppc64le",
"product": {
"name": "openshift4/ose-service-idler-rhel8@sha256:41bba8ae933de9d4b23cddc011d71365e4cdabdc9ffcb0de585990e5fbb62cd8_ppc64le",
"product_id": "openshift4/ose-service-idler-rhel8@sha256:41bba8ae933de9d4b23cddc011d71365e4cdabdc9ffcb0de585990e5fbb62cd8_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-service-idler-rhel8@sha256:41bba8ae933de9d4b23cddc011d71365e4cdabdc9ffcb0de585990e5fbb62cd8?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-service-idler-rhel8\u0026tag=v4.7.0-202201261123.p0.g39cfc66.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-kubernetes-nmstate-handler-rhel8@sha256:dca4deaed3dd64e477cb506978fedf04605565b721917b86574ecfe0fe192bf0_ppc64le",
"product": {
"name": "openshift4/ose-kubernetes-nmstate-handler-rhel8@sha256:dca4deaed3dd64e477cb506978fedf04605565b721917b86574ecfe0fe192bf0_ppc64le",
"product_id": "openshift4/ose-kubernetes-nmstate-handler-rhel8@sha256:dca4deaed3dd64e477cb506978fedf04605565b721917b86574ecfe0fe192bf0_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-kubernetes-nmstate-handler-rhel8@sha256:dca4deaed3dd64e477cb506978fedf04605565b721917b86574ecfe0fe192bf0?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-kubernetes-nmstate-handler-rhel8\u0026tag=v4.7.0-202201261123.p0.g1987544.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-cluster-kube-descheduler-operator@sha256:ee09043cbe40994c13a502aa1c0b1d8f5f845c5662e20660afef223f578b1172_ppc64le",
"product": {
"name": "openshift4/ose-cluster-kube-descheduler-operator@sha256:ee09043cbe40994c13a502aa1c0b1d8f5f845c5662e20660afef223f578b1172_ppc64le",
"product_id": "openshift4/ose-cluster-kube-descheduler-operator@sha256:ee09043cbe40994c13a502aa1c0b1d8f5f845c5662e20660afef223f578b1172_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-cluster-kube-descheduler-operator@sha256:ee09043cbe40994c13a502aa1c0b1d8f5f845c5662e20660afef223f578b1172?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-cluster-kube-descheduler-operator\u0026tag=v4.7.0-202201261123.p0.g3787d15.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:ee09043cbe40994c13a502aa1c0b1d8f5f845c5662e20660afef223f578b1172_ppc64le",
"product": {
"name": "openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:ee09043cbe40994c13a502aa1c0b1d8f5f845c5662e20660afef223f578b1172_ppc64le",
"product_id": "openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:ee09043cbe40994c13a502aa1c0b1d8f5f845c5662e20660afef223f578b1172_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-cluster-kube-descheduler-rhel8-operator@sha256:ee09043cbe40994c13a502aa1c0b1d8f5f845c5662e20660afef223f578b1172?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-cluster-kube-descheduler-rhel8-operator\u0026tag=v4.7.0-202201261123.p0.g3787d15.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-clusterresourceoverride-rhel8@sha256:fa7304d3cb390015ff664a2b2301591fb83216a0db95ac325289134f6cb001ff_ppc64le",
"product": {
"name": "openshift4/ose-clusterresourceoverride-rhel8@sha256:fa7304d3cb390015ff664a2b2301591fb83216a0db95ac325289134f6cb001ff_ppc64le",
"product_id": "openshift4/ose-clusterresourceoverride-rhel8@sha256:fa7304d3cb390015ff664a2b2301591fb83216a0db95ac325289134f6cb001ff_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-clusterresourceoverride-rhel8@sha256:fa7304d3cb390015ff664a2b2301591fb83216a0db95ac325289134f6cb001ff?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-clusterresourceoverride-rhel8\u0026tag=v4.7.0-202201261123.p0.gd12134c.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:02722e2b4b20f5ce75f49283b93577642ac94d21fb3c7bc3f2345dc1cae006c4_ppc64le",
"product": {
"name": "openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:02722e2b4b20f5ce75f49283b93577642ac94d21fb3c7bc3f2345dc1cae006c4_ppc64le",
"product_id": "openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:02722e2b4b20f5ce75f49283b93577642ac94d21fb3c7bc3f2345dc1cae006c4_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-clusterresourceoverride-rhel8-operator@sha256:02722e2b4b20f5ce75f49283b93577642ac94d21fb3c7bc3f2345dc1cae006c4?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-clusterresourceoverride-rhel8-operator\u0026tag=v4.7.0-202201261123.p0.g2945596.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-egress-http-proxy@sha256:76fba817c4e8556e58494c54fba0186ac7f607f871355816c3a8051cf0b98143_ppc64le",
"product": {
"name": "openshift4/ose-egress-http-proxy@sha256:76fba817c4e8556e58494c54fba0186ac7f607f871355816c3a8051cf0b98143_ppc64le",
"product_id": "openshift4/ose-egress-http-proxy@sha256:76fba817c4e8556e58494c54fba0186ac7f607f871355816c3a8051cf0b98143_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-egress-http-proxy@sha256:76fba817c4e8556e58494c54fba0186ac7f607f871355816c3a8051cf0b98143?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-egress-http-proxy\u0026tag=v4.7.0-202201261123.p0.g0e45f63.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:7b1da7f58a151e9a92ce088264eded20ddd5e99c6ed91811ab875c8584a32d42_ppc64le",
"product": {
"name": "openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:7b1da7f58a151e9a92ce088264eded20ddd5e99c6ed91811ab875c8584a32d42_ppc64le",
"product_id": "openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:7b1da7f58a151e9a92ce088264eded20ddd5e99c6ed91811ab875c8584a32d42_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-jenkins-agent-nodejs-10-rhel8@sha256:7b1da7f58a151e9a92ce088264eded20ddd5e99c6ed91811ab875c8584a32d42?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-jenkins-agent-nodejs-10-rhel8\u0026tag=v4.7.0-202202020525.p0.g1383028.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/kubernetes-nmstate-rhel8-operator@sha256:d9d6d79fb09b6bcf8b9cd9aa4db5660f00861c1be51a0739d1814a6d6b555269_ppc64le",
"product": {
"name": "openshift4/kubernetes-nmstate-rhel8-operator@sha256:d9d6d79fb09b6bcf8b9cd9aa4db5660f00861c1be51a0739d1814a6d6b555269_ppc64le",
"product_id": "openshift4/kubernetes-nmstate-rhel8-operator@sha256:d9d6d79fb09b6bcf8b9cd9aa4db5660f00861c1be51a0739d1814a6d6b555269_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/kubernetes-nmstate-rhel8-operator@sha256:d9d6d79fb09b6bcf8b9cd9aa4db5660f00861c1be51a0739d1814a6d6b555269?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/kubernetes-nmstate-rhel8-operator\u0026tag=v4.7.0-202201261123.p0.g1987544.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-ptp@sha256:7b80bfd84618e2ca174c68cac564a89a29d85b2882ed0232e83fb2b94e01045b_ppc64le",
"product": {
"name": "openshift4/ose-ptp@sha256:7b80bfd84618e2ca174c68cac564a89a29d85b2882ed0232e83fb2b94e01045b_ppc64le",
"product_id": "openshift4/ose-ptp@sha256:7b80bfd84618e2ca174c68cac564a89a29d85b2882ed0232e83fb2b94e01045b_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-ptp@sha256:7b80bfd84618e2ca174c68cac564a89a29d85b2882ed0232e83fb2b94e01045b?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-ptp\u0026tag=v4.7.0-202201261123.p0.g6602684.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-local-storage-mustgather-rhel8@sha256:dd567cbaa78320859d956551673d37d21ebff9ef231908ccdd402ff85a82a106_ppc64le",
"product": {
"name": "openshift4/ose-local-storage-mustgather-rhel8@sha256:dd567cbaa78320859d956551673d37d21ebff9ef231908ccdd402ff85a82a106_ppc64le",
"product_id": "openshift4/ose-local-storage-mustgather-rhel8@sha256:dd567cbaa78320859d956551673d37d21ebff9ef231908ccdd402ff85a82a106_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-local-storage-mustgather-rhel8@sha256:dd567cbaa78320859d956551673d37d21ebff9ef231908ccdd402ff85a82a106?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-local-storage-mustgather-rhel8\u0026tag=v4.7.0-202201261537.p0.g56eb729.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-metering-helm-container-rhel8@sha256:8ef0d8b296fd6cf92b335759b0ae69e2d27b0febcfd7b8039a2a285d6872af24_ppc64le",
"product": {
"name": "openshift4/ose-metering-helm-container-rhel8@sha256:8ef0d8b296fd6cf92b335759b0ae69e2d27b0febcfd7b8039a2a285d6872af24_ppc64le",
"product_id": "openshift4/ose-metering-helm-container-rhel8@sha256:8ef0d8b296fd6cf92b335759b0ae69e2d27b0febcfd7b8039a2a285d6872af24_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-metering-helm-container-rhel8@sha256:8ef0d8b296fd6cf92b335759b0ae69e2d27b0febcfd7b8039a2a285d6872af24?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-metering-helm-container-rhel8\u0026tag=v4.7.0-202201261123.p0.gdccc202.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/network-tools-rhel8@sha256:fcf96da33bcea8e56d9d3edf5da10b2acbf77445c60d4f4d9a220b5c5ff564da_ppc64le",
"product": {
"name": "openshift4/network-tools-rhel8@sha256:fcf96da33bcea8e56d9d3edf5da10b2acbf77445c60d4f4d9a220b5c5ff564da_ppc64le",
"product_id": "openshift4/network-tools-rhel8@sha256:fcf96da33bcea8e56d9d3edf5da10b2acbf77445c60d4f4d9a220b5c5ff564da_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/network-tools-rhel8@sha256:fcf96da33bcea8e56d9d3edf5da10b2acbf77445c60d4f4d9a220b5c5ff564da?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/network-tools-rhel8\u0026tag=v4.7.0-202202011649.p0.g70c7f85.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-ptp-operator@sha256:26e7b07274177e86ef6ec8a96188e7957e4f68f73a1420e196702922094417ae_ppc64le",
"product": {
"name": "openshift4/ose-ptp-operator@sha256:26e7b07274177e86ef6ec8a96188e7957e4f68f73a1420e196702922094417ae_ppc64le",
"product_id": "openshift4/ose-ptp-operator@sha256:26e7b07274177e86ef6ec8a96188e7957e4f68f73a1420e196702922094417ae_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-ptp-operator@sha256:26e7b07274177e86ef6ec8a96188e7957e4f68f73a1420e196702922094417ae?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-ptp-operator\u0026tag=v4.7.0-202201261123.p0.g0853bcd.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:0694a70fe7b9d8dda2efc2776c045b5bfcf5a7592515d93d2c8c8eb4ac3e4be8_ppc64le",
"product": {
"name": "openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:0694a70fe7b9d8dda2efc2776c045b5bfcf5a7592515d93d2c8c8eb4ac3e4be8_ppc64le",
"product_id": "openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:0694a70fe7b9d8dda2efc2776c045b5bfcf5a7592515d93d2c8c8eb4ac3e4be8_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-vertical-pod-autoscaler-rhel8@sha256:0694a70fe7b9d8dda2efc2776c045b5bfcf5a7592515d93d2c8c8eb4ac3e4be8?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-vertical-pod-autoscaler-rhel8\u0026tag=v4.7.0-202201261123.p0.g8b2e494.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:7cda510767be34b8ac3b808aace4ab2d61107042daa98f620993a667852b9a1c_ppc64le",
"product": {
"name": "openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:7cda510767be34b8ac3b808aace4ab2d61107042daa98f620993a667852b9a1c_ppc64le",
"product_id": "openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:7cda510767be34b8ac3b808aace4ab2d61107042daa98f620993a667852b9a1c_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-vertical-pod-autoscaler-rhel8-operator@sha256:7cda510767be34b8ac3b808aace4ab2d61107042daa98f620993a667852b9a1c?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-vertical-pod-autoscaler-rhel8-operator\u0026tag=v4.7.0-202201261123.p0.g49937fc.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ptp-must-gather-rhel8@sha256:b59208db40a37fd3111a6d41e9588a157b4188d3e303fec225d6e7ae2b94b724_ppc64le",
"product": {
"name": "openshift4/ptp-must-gather-rhel8@sha256:b59208db40a37fd3111a6d41e9588a157b4188d3e303fec225d6e7ae2b94b724_ppc64le",
"product_id": "openshift4/ptp-must-gather-rhel8@sha256:b59208db40a37fd3111a6d41e9588a157b4188d3e303fec225d6e7ae2b94b724_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ptp-must-gather-rhel8@sha256:b59208db40a37fd3111a6d41e9588a157b4188d3e303fec225d6e7ae2b94b724?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ptp-must-gather-rhel8\u0026tag=v4.7.0-202201261123.p0.g0853bcd.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-sriov-cni@sha256:51b4b6163d3a296d598330e2119c7f12c41c15a3ea81b15c59774ab71a4052ea_ppc64le",
"product": {
"name": "openshift4/ose-sriov-cni@sha256:51b4b6163d3a296d598330e2119c7f12c41c15a3ea81b15c59774ab71a4052ea_ppc64le",
"product_id": "openshift4/ose-sriov-cni@sha256:51b4b6163d3a296d598330e2119c7f12c41c15a3ea81b15c59774ab71a4052ea_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-sriov-cni@sha256:51b4b6163d3a296d598330e2119c7f12c41c15a3ea81b15c59774ab71a4052ea?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-sriov-cni\u0026tag=v4.7.0-202201261123.p0.g2ad0912.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-sriov-dp-admission-controller@sha256:85d3feec1f6c23752bcf1e20de47cd83dc4171295c922b2962cca31f52fdcc99_ppc64le",
"product": {
"name": "openshift4/ose-sriov-dp-admission-controller@sha256:85d3feec1f6c23752bcf1e20de47cd83dc4171295c922b2962cca31f52fdcc99_ppc64le",
"product_id": "openshift4/ose-sriov-dp-admission-controller@sha256:85d3feec1f6c23752bcf1e20de47cd83dc4171295c922b2962cca31f52fdcc99_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-sriov-dp-admission-controller@sha256:85d3feec1f6c23752bcf1e20de47cd83dc4171295c922b2962cca31f52fdcc99?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-sriov-dp-admission-controller\u0026tag=v4.7.0-202201261123.p0.g552c314.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-sriov-network-config-daemon@sha256:282eb59274ebf8c9b1d4df18957fe016a1276851504febfa7d0a82b3ff123b46_ppc64le",
"product": {
"name": "openshift4/ose-sriov-network-config-daemon@sha256:282eb59274ebf8c9b1d4df18957fe016a1276851504febfa7d0a82b3ff123b46_ppc64le",
"product_id": "openshift4/ose-sriov-network-config-daemon@sha256:282eb59274ebf8c9b1d4df18957fe016a1276851504febfa7d0a82b3ff123b46_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-sriov-network-config-daemon@sha256:282eb59274ebf8c9b1d4df18957fe016a1276851504febfa7d0a82b3ff123b46?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-sriov-network-config-daemon\u0026tag=v4.7.0-202201261123.p0.gf6c2ccd.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-sriov-network-device-plugin@sha256:27bc5f7d3785dc55ae6b56a1abdd724f1b071f18070d8fd1be93710425f63fee_ppc64le",
"product": {
"name": "openshift4/ose-sriov-network-device-plugin@sha256:27bc5f7d3785dc55ae6b56a1abdd724f1b071f18070d8fd1be93710425f63fee_ppc64le",
"product_id": "openshift4/ose-sriov-network-device-plugin@sha256:27bc5f7d3785dc55ae6b56a1abdd724f1b071f18070d8fd1be93710425f63fee_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-sriov-network-device-plugin@sha256:27bc5f7d3785dc55ae6b56a1abdd724f1b071f18070d8fd1be93710425f63fee?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-sriov-network-device-plugin\u0026tag=v4.7.0-202201261123.p0.g6d9de39.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-sriov-operator-must-gather@sha256:852ec914338080ae0b0a0d80cc1f8776c69904f7aa481073124f7e30f66ea701_ppc64le",
"product": {
"name": "openshift4/ose-sriov-operator-must-gather@sha256:852ec914338080ae0b0a0d80cc1f8776c69904f7aa481073124f7e30f66ea701_ppc64le",
"product_id": "openshift4/ose-sriov-operator-must-gather@sha256:852ec914338080ae0b0a0d80cc1f8776c69904f7aa481073124f7e30f66ea701_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-sriov-operator-must-gather@sha256:852ec914338080ae0b0a0d80cc1f8776c69904f7aa481073124f7e30f66ea701?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-sriov-operator-must-gather\u0026tag=v4.7.0-202201261123.p0.gf6c2ccd.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-sriov-network-operator@sha256:74535f528ddf08eace2d38a42cdbdc2cc34f2e918b1ea1137aba44150404f034_ppc64le",
"product": {
"name": "openshift4/ose-sriov-network-operator@sha256:74535f528ddf08eace2d38a42cdbdc2cc34f2e918b1ea1137aba44150404f034_ppc64le",
"product_id": "openshift4/ose-sriov-network-operator@sha256:74535f528ddf08eace2d38a42cdbdc2cc34f2e918b1ea1137aba44150404f034_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-sriov-network-operator@sha256:74535f528ddf08eace2d38a42cdbdc2cc34f2e918b1ea1137aba44150404f034?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-sriov-network-operator\u0026tag=v4.7.0-202201261123.p0.gf6c2ccd.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-sriov-network-webhook@sha256:e8766c5b017e1d13b5da871db07511834fefa46e5fafe3d98ad128d5d9adbdaa_ppc64le",
"product": {
"name": "openshift4/ose-sriov-network-webhook@sha256:e8766c5b017e1d13b5da871db07511834fefa46e5fafe3d98ad128d5d9adbdaa_ppc64le",
"product_id": "openshift4/ose-sriov-network-webhook@sha256:e8766c5b017e1d13b5da871db07511834fefa46e5fafe3d98ad128d5d9adbdaa_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-sriov-network-webhook@sha256:e8766c5b017e1d13b5da871db07511834fefa46e5fafe3d98ad128d5d9adbdaa?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-sriov-network-webhook\u0026tag=v4.7.0-202201261123.p0.gf6c2ccd.assembly.stream"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/kubernetes-nmstate-rhel8-operator@sha256:22aa9ccb0b12f4bdc935a7b3cc228a8d1a1f6d890da2e52d5df1889bc405f438_amd64 as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/kubernetes-nmstate-rhel8-operator@sha256:22aa9ccb0b12f4bdc935a7b3cc228a8d1a1f6d890da2e52d5df1889bc405f438_amd64"
},
"product_reference": "openshift4/kubernetes-nmstate-rhel8-operator@sha256:22aa9ccb0b12f4bdc935a7b3cc228a8d1a1f6d890da2e52d5df1889bc405f438_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/kubernetes-nmstate-rhel8-operator@sha256:a03a81188cbb41a6b947e213054834503ff0b138790657e7bcfb89ac76db7e2f_s390x as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/kubernetes-nmstate-rhel8-operator@sha256:a03a81188cbb41a6b947e213054834503ff0b138790657e7bcfb89ac76db7e2f_s390x"
},
"product_reference": "openshift4/kubernetes-nmstate-rhel8-operator@sha256:a03a81188cbb41a6b947e213054834503ff0b138790657e7bcfb89ac76db7e2f_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/kubernetes-nmstate-rhel8-operator@sha256:d9d6d79fb09b6bcf8b9cd9aa4db5660f00861c1be51a0739d1814a6d6b555269_ppc64le as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/kubernetes-nmstate-rhel8-operator@sha256:d9d6d79fb09b6bcf8b9cd9aa4db5660f00861c1be51a0739d1814a6d6b555269_ppc64le"
},
"product_reference": "openshift4/kubernetes-nmstate-rhel8-operator@sha256:d9d6d79fb09b6bcf8b9cd9aa4db5660f00861c1be51a0739d1814a6d6b555269_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/network-tools-rhel8@sha256:c2dff29f5402be6ab1ed05f970df2095885bb0c6ce301999d1978ab2f6bd10dc_amd64 as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/network-tools-rhel8@sha256:c2dff29f5402be6ab1ed05f970df2095885bb0c6ce301999d1978ab2f6bd10dc_amd64"
},
"product_reference": "openshift4/network-tools-rhel8@sha256:c2dff29f5402be6ab1ed05f970df2095885bb0c6ce301999d1978ab2f6bd10dc_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/network-tools-rhel8@sha256:d5c128fb34258594b23210743a46f22ec0efd9178011d749c6e93365fa482470_s390x as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/network-tools-rhel8@sha256:d5c128fb34258594b23210743a46f22ec0efd9178011d749c6e93365fa482470_s390x"
},
"product_reference": "openshift4/network-tools-rhel8@sha256:d5c128fb34258594b23210743a46f22ec0efd9178011d749c6e93365fa482470_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/network-tools-rhel8@sha256:fcf96da33bcea8e56d9d3edf5da10b2acbf77445c60d4f4d9a220b5c5ff564da_ppc64le as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/network-tools-rhel8@sha256:fcf96da33bcea8e56d9d3edf5da10b2acbf77445c60d4f4d9a220b5c5ff564da_ppc64le"
},
"product_reference": "openshift4/network-tools-rhel8@sha256:fcf96da33bcea8e56d9d3edf5da10b2acbf77445c60d4f4d9a220b5c5ff564da_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-ansible-operator@sha256:1c211dc19b7c4d691af7b3b0462082a6a9adab75482e695b0d3bff57c56a27e8_amd64 as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-ansible-operator@sha256:1c211dc19b7c4d691af7b3b0462082a6a9adab75482e695b0d3bff57c56a27e8_amd64"
},
"product_reference": "openshift4/ose-ansible-operator@sha256:1c211dc19b7c4d691af7b3b0462082a6a9adab75482e695b0d3bff57c56a27e8_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-ansible-operator@sha256:4624acfc582f366d2b871b528037535a6ef8800409fd2060e7e170912ea3e366_ppc64le as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-ansible-operator@sha256:4624acfc582f366d2b871b528037535a6ef8800409fd2060e7e170912ea3e366_ppc64le"
},
"product_reference": "openshift4/ose-ansible-operator@sha256:4624acfc582f366d2b871b528037535a6ef8800409fd2060e7e170912ea3e366_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-ansible-operator@sha256:61e72a2b6727e2a7b18e433254dade6c341a658c8e5db1c7db76e63201cba68d_s390x as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-ansible-operator@sha256:61e72a2b6727e2a7b18e433254dade6c341a658c8e5db1c7db76e63201cba68d_s390x"
},
"product_reference": "openshift4/ose-ansible-operator@sha256:61e72a2b6727e2a7b18e433254dade6c341a658c8e5db1c7db76e63201cba68d_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cluster-capacity@sha256:6eb914575b695cda5e32e67bbc0d94d7a9528d0d84d6e830ab9a652c55d8324b_amd64 as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-cluster-capacity@sha256:6eb914575b695cda5e32e67bbc0d94d7a9528d0d84d6e830ab9a652c55d8324b_amd64"
},
"product_reference": "openshift4/ose-cluster-capacity@sha256:6eb914575b695cda5e32e67bbc0d94d7a9528d0d84d6e830ab9a652c55d8324b_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cluster-capacity@sha256:755b11a5f0283bd40aca158cba01dc52acc86a0f89c2286f35be1ce1526822c5_ppc64le as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-cluster-capacity@sha256:755b11a5f0283bd40aca158cba01dc52acc86a0f89c2286f35be1ce1526822c5_ppc64le"
},
"product_reference": "openshift4/ose-cluster-capacity@sha256:755b11a5f0283bd40aca158cba01dc52acc86a0f89c2286f35be1ce1526822c5_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cluster-capacity@sha256:dc6a4807b1a79fae9510fbd85adbfa24ef6390414255688ab5e081a78209cfd1_s390x as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-cluster-capacity@sha256:dc6a4807b1a79fae9510fbd85adbfa24ef6390414255688ab5e081a78209cfd1_s390x"
},
"product_reference": "openshift4/ose-cluster-capacity@sha256:dc6a4807b1a79fae9510fbd85adbfa24ef6390414255688ab5e081a78209cfd1_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cluster-kube-descheduler-operator@sha256:c1d2a7d34d240089b8122cbee1acabd687e1175f19f725c4dade1d73bd5b5c25_s390x as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-cluster-kube-descheduler-operator@sha256:c1d2a7d34d240089b8122cbee1acabd687e1175f19f725c4dade1d73bd5b5c25_s390x"
},
"product_reference": "openshift4/ose-cluster-kube-descheduler-operator@sha256:c1d2a7d34d240089b8122cbee1acabd687e1175f19f725c4dade1d73bd5b5c25_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cluster-kube-descheduler-operator@sha256:d24fb0b4f5c74f0af84fc77322f44ada95d171ced1bebbcf815c046a56d7a7ba_amd64 as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-cluster-kube-descheduler-operator@sha256:d24fb0b4f5c74f0af84fc77322f44ada95d171ced1bebbcf815c046a56d7a7ba_amd64"
},
"product_reference": "openshift4/ose-cluster-kube-descheduler-operator@sha256:d24fb0b4f5c74f0af84fc77322f44ada95d171ced1bebbcf815c046a56d7a7ba_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cluster-kube-descheduler-operator@sha256:ee09043cbe40994c13a502aa1c0b1d8f5f845c5662e20660afef223f578b1172_ppc64le as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-cluster-kube-descheduler-operator@sha256:ee09043cbe40994c13a502aa1c0b1d8f5f845c5662e20660afef223f578b1172_ppc64le"
},
"product_reference": "openshift4/ose-cluster-kube-descheduler-operator@sha256:ee09043cbe40994c13a502aa1c0b1d8f5f845c5662e20660afef223f578b1172_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:c1d2a7d34d240089b8122cbee1acabd687e1175f19f725c4dade1d73bd5b5c25_s390x as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:c1d2a7d34d240089b8122cbee1acabd687e1175f19f725c4dade1d73bd5b5c25_s390x"
},
"product_reference": "openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:c1d2a7d34d240089b8122cbee1acabd687e1175f19f725c4dade1d73bd5b5c25_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:d24fb0b4f5c74f0af84fc77322f44ada95d171ced1bebbcf815c046a56d7a7ba_amd64 as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:d24fb0b4f5c74f0af84fc77322f44ada95d171ced1bebbcf815c046a56d7a7ba_amd64"
},
"product_reference": "openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:d24fb0b4f5c74f0af84fc77322f44ada95d171ced1bebbcf815c046a56d7a7ba_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:ee09043cbe40994c13a502aa1c0b1d8f5f845c5662e20660afef223f578b1172_ppc64le as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:ee09043cbe40994c13a502aa1c0b1d8f5f845c5662e20660afef223f578b1172_ppc64le"
},
"product_reference": "openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:ee09043cbe40994c13a502aa1c0b1d8f5f845c5662e20660afef223f578b1172_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cluster-nfd-operator@sha256:1a482262a43445c6e56a8ed1c68f50a23241038e7bed6fb5b1ac860093ffd711_ppc64le as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-cluster-nfd-operator@sha256:1a482262a43445c6e56a8ed1c68f50a23241038e7bed6fb5b1ac860093ffd711_ppc64le"
},
"product_reference": "openshift4/ose-cluster-nfd-operator@sha256:1a482262a43445c6e56a8ed1c68f50a23241038e7bed6fb5b1ac860093ffd711_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cluster-nfd-operator@sha256:97621545cd74e2810fbc88883c52635e957ab7bb985545660b4848790de078e4_amd64 as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-cluster-nfd-operator@sha256:97621545cd74e2810fbc88883c52635e957ab7bb985545660b4848790de078e4_amd64"
},
"product_reference": "openshift4/ose-cluster-nfd-operator@sha256:97621545cd74e2810fbc88883c52635e957ab7bb985545660b4848790de078e4_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cluster-nfd-operator@sha256:e9a8c656f1eed7c0e45cd42b7107bdd9c36d0877749ea707caea2834e2ff7853_s390x as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-cluster-nfd-operator@sha256:e9a8c656f1eed7c0e45cd42b7107bdd9c36d0877749ea707caea2834e2ff7853_s390x"
},
"product_reference": "openshift4/ose-cluster-nfd-operator@sha256:e9a8c656f1eed7c0e45cd42b7107bdd9c36d0877749ea707caea2834e2ff7853_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:02722e2b4b20f5ce75f49283b93577642ac94d21fb3c7bc3f2345dc1cae006c4_ppc64le as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:02722e2b4b20f5ce75f49283b93577642ac94d21fb3c7bc3f2345dc1cae006c4_ppc64le"
},
"product_reference": "openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:02722e2b4b20f5ce75f49283b93577642ac94d21fb3c7bc3f2345dc1cae006c4_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:25e98ea642c5b444e0779f12c86d12ad1eb536e758f82411a836273aaec103a6_amd64 as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:25e98ea642c5b444e0779f12c86d12ad1eb536e758f82411a836273aaec103a6_amd64"
},
"product_reference": "openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:25e98ea642c5b444e0779f12c86d12ad1eb536e758f82411a836273aaec103a6_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:4af4402195c6da600602a0870a9ca8f2913637ab9b4adaca731ce1f514bfb71d_s390x as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:4af4402195c6da600602a0870a9ca8f2913637ab9b4adaca731ce1f514bfb71d_s390x"
},
"product_reference": "openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:4af4402195c6da600602a0870a9ca8f2913637ab9b4adaca731ce1f514bfb71d_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-clusterresourceoverride-rhel8@sha256:911cdf7fda86a0eb3b675127d13002bcd67793599f265dfcf40747974aa2b428_amd64 as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-clusterresourceoverride-rhel8@sha256:911cdf7fda86a0eb3b675127d13002bcd67793599f265dfcf40747974aa2b428_amd64"
},
"product_reference": "openshift4/ose-clusterresourceoverride-rhel8@sha256:911cdf7fda86a0eb3b675127d13002bcd67793599f265dfcf40747974aa2b428_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-clusterresourceoverride-rhel8@sha256:b297025d05f3b5898e97bcd4c79151338605848a32028e4bf2a8e20d46a9a0e6_s390x as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-clusterresourceoverride-rhel8@sha256:b297025d05f3b5898e97bcd4c79151338605848a32028e4bf2a8e20d46a9a0e6_s390x"
},
"product_reference": "openshift4/ose-clusterresourceoverride-rhel8@sha256:b297025d05f3b5898e97bcd4c79151338605848a32028e4bf2a8e20d46a9a0e6_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-clusterresourceoverride-rhel8@sha256:fa7304d3cb390015ff664a2b2301591fb83216a0db95ac325289134f6cb001ff_ppc64le as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-clusterresourceoverride-rhel8@sha256:fa7304d3cb390015ff664a2b2301591fb83216a0db95ac325289134f6cb001ff_ppc64le"
},
"product_reference": "openshift4/ose-clusterresourceoverride-rhel8@sha256:fa7304d3cb390015ff664a2b2301591fb83216a0db95ac325289134f6cb001ff_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-descheduler@sha256:2ba655f44e0e59c914c40274fb956f1d1f13aff731bafa8553342fae507069ee_s390x as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-descheduler@sha256:2ba655f44e0e59c914c40274fb956f1d1f13aff731bafa8553342fae507069ee_s390x"
},
"product_reference": "openshift4/ose-descheduler@sha256:2ba655f44e0e59c914c40274fb956f1d1f13aff731bafa8553342fae507069ee_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-descheduler@sha256:2fab7094181d5d9fd26137131018543e248d6db6b3564f29fa9dcf971384d600_ppc64le as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-descheduler@sha256:2fab7094181d5d9fd26137131018543e248d6db6b3564f29fa9dcf971384d600_ppc64le"
},
"product_reference": "openshift4/ose-descheduler@sha256:2fab7094181d5d9fd26137131018543e248d6db6b3564f29fa9dcf971384d600_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-descheduler@sha256:3a04d4a7f569a1f029ee9e4720f8eabd96bdf1ab848bf0a996b7f449181919d6_amd64 as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-descheduler@sha256:3a04d4a7f569a1f029ee9e4720f8eabd96bdf1ab848bf0a996b7f449181919d6_amd64"
},
"product_reference": "openshift4/ose-descheduler@sha256:3a04d4a7f569a1f029ee9e4720f8eabd96bdf1ab848bf0a996b7f449181919d6_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-egress-dns-proxy@sha256:2b193ab81fa02031e79917fd5c938a0e4ad529c74bdb3ed067140ac66584de75_s390x as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-egress-dns-proxy@sha256:2b193ab81fa02031e79917fd5c938a0e4ad529c74bdb3ed067140ac66584de75_s390x"
},
"product_reference": "openshift4/ose-egress-dns-proxy@sha256:2b193ab81fa02031e79917fd5c938a0e4ad529c74bdb3ed067140ac66584de75_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-egress-dns-proxy@sha256:423ebfcd7b5ee5866d9a48748d6ff6cf86ad513debc426ca2f837dad077e6ba9_ppc64le as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-egress-dns-proxy@sha256:423ebfcd7b5ee5866d9a48748d6ff6cf86ad513debc426ca2f837dad077e6ba9_ppc64le"
},
"product_reference": "openshift4/ose-egress-dns-proxy@sha256:423ebfcd7b5ee5866d9a48748d6ff6cf86ad513debc426ca2f837dad077e6ba9_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-egress-dns-proxy@sha256:bcf54c517a897f4db420359d9358df078507a8af7270e3354fba68afc74097bf_amd64 as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-egress-dns-proxy@sha256:bcf54c517a897f4db420359d9358df078507a8af7270e3354fba68afc74097bf_amd64"
},
"product_reference": "openshift4/ose-egress-dns-proxy@sha256:bcf54c517a897f4db420359d9358df078507a8af7270e3354fba68afc74097bf_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-egress-http-proxy@sha256:11fdd61a55cc06e6b4d1a8aefdf762bf2db21e351962285e26f2ab3d95a8460e_s390x as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-egress-http-proxy@sha256:11fdd61a55cc06e6b4d1a8aefdf762bf2db21e351962285e26f2ab3d95a8460e_s390x"
},
"product_reference": "openshift4/ose-egress-http-proxy@sha256:11fdd61a55cc06e6b4d1a8aefdf762bf2db21e351962285e26f2ab3d95a8460e_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-egress-http-proxy@sha256:76fba817c4e8556e58494c54fba0186ac7f607f871355816c3a8051cf0b98143_ppc64le as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-egress-http-proxy@sha256:76fba817c4e8556e58494c54fba0186ac7f607f871355816c3a8051cf0b98143_ppc64le"
},
"product_reference": "openshift4/ose-egress-http-proxy@sha256:76fba817c4e8556e58494c54fba0186ac7f607f871355816c3a8051cf0b98143_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-egress-http-proxy@sha256:f6ff58f2d35b430ef267ba99264dd27a985b97863f1fe2c77a97f30493a901ac_amd64 as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-egress-http-proxy@sha256:f6ff58f2d35b430ef267ba99264dd27a985b97863f1fe2c77a97f30493a901ac_amd64"
},
"product_reference": "openshift4/ose-egress-http-proxy@sha256:f6ff58f2d35b430ef267ba99264dd27a985b97863f1fe2c77a97f30493a901ac_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-egress-router@sha256:342350d595c18a630c6f6bb100e8e2eaa397008d3467757431e81a54cab0fe87_s390x as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-egress-router@sha256:342350d595c18a630c6f6bb100e8e2eaa397008d3467757431e81a54cab0fe87_s390x"
},
"product_reference": "openshift4/ose-egress-router@sha256:342350d595c18a630c6f6bb100e8e2eaa397008d3467757431e81a54cab0fe87_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-egress-router@sha256:8a4af7c5b461ebe67f0773dcafbcd68fa1e80488d8588747530fc1e7cbe49052_amd64 as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-egress-router@sha256:8a4af7c5b461ebe67f0773dcafbcd68fa1e80488d8588747530fc1e7cbe49052_amd64"
},
"product_reference": "openshift4/ose-egress-router@sha256:8a4af7c5b461ebe67f0773dcafbcd68fa1e80488d8588747530fc1e7cbe49052_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-egress-router@sha256:9741b74b0deb3ef44186a0d98a58db45995b2bd404db445621d27d74c02e971f_ppc64le as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-egress-router@sha256:9741b74b0deb3ef44186a0d98a58db45995b2bd404db445621d27d74c02e971f_ppc64le"
},
"product_reference": "openshift4/ose-egress-router@sha256:9741b74b0deb3ef44186a0d98a58db45995b2bd404db445621d27d74c02e971f_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-ghostunnel@sha256:571ced638d5cb907342143c6a515e482c428f3f3729f247ac7d86cf7acebe64d_amd64 as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-ghostunnel@sha256:571ced638d5cb907342143c6a515e482c428f3f3729f247ac7d86cf7acebe64d_amd64"
},
"product_reference": "openshift4/ose-ghostunnel@sha256:571ced638d5cb907342143c6a515e482c428f3f3729f247ac7d86cf7acebe64d_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-helm-operator@sha256:1604de3c8644d2fda88838dd2490efac87f5c9b4447177c4f11327ccf08ddc87_amd64 as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-helm-operator@sha256:1604de3c8644d2fda88838dd2490efac87f5c9b4447177c4f11327ccf08ddc87_amd64"
},
"product_reference": "openshift4/ose-helm-operator@sha256:1604de3c8644d2fda88838dd2490efac87f5c9b4447177c4f11327ccf08ddc87_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-helm-operator@sha256:31c0209cce395067e11a47c6ccad47d2b61fdc9cbfb9a678957cc89e51166d12_s390x as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-helm-operator@sha256:31c0209cce395067e11a47c6ccad47d2b61fdc9cbfb9a678957cc89e51166d12_s390x"
},
"product_reference": "openshift4/ose-helm-operator@sha256:31c0209cce395067e11a47c6ccad47d2b61fdc9cbfb9a678957cc89e51166d12_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-helm-operator@sha256:edf4456768f7777ac29ace329c391fdd6a6b214c8e747863ca009b13f4d0e4b9_ppc64le as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-helm-operator@sha256:edf4456768f7777ac29ace329c391fdd6a6b214c8e747863ca009b13f4d0e4b9_ppc64le"
},
"product_reference": "openshift4/ose-helm-operator@sha256:edf4456768f7777ac29ace329c391fdd6a6b214c8e747863ca009b13f4d0e4b9_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:2e9e8c76769c6008cf50790781c2b2501304ed8badf62fb1d7ff3d3b03ce5266_amd64 as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:2e9e8c76769c6008cf50790781c2b2501304ed8badf62fb1d7ff3d3b03ce5266_amd64"
},
"product_reference": "openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:2e9e8c76769c6008cf50790781c2b2501304ed8badf62fb1d7ff3d3b03ce5266_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:7b1da7f58a151e9a92ce088264eded20ddd5e99c6ed91811ab875c8584a32d42_ppc64le as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:7b1da7f58a151e9a92ce088264eded20ddd5e99c6ed91811ab875c8584a32d42_ppc64le"
},
"product_reference": "openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:7b1da7f58a151e9a92ce088264eded20ddd5e99c6ed91811ab875c8584a32d42_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:ee09644f92a405a9d847d4f183b30208987c9afb61c15dea10175ac0b08bf5a6_s390x as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:ee09644f92a405a9d847d4f183b30208987c9afb61c15dea10175ac0b08bf5a6_s390x"
},
"product_reference": "openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:ee09644f92a405a9d847d4f183b30208987c9afb61c15dea10175ac0b08bf5a6_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-kubernetes-nmstate-handler-rhel8@sha256:33118718e753a7e63c7427e3b2bfec0bb7bf440d9ee5a0b3bff3b13a08023731_s390x as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-kubernetes-nmstate-handler-rhel8@sha256:33118718e753a7e63c7427e3b2bfec0bb7bf440d9ee5a0b3bff3b13a08023731_s390x"
},
"product_reference": "openshift4/ose-kubernetes-nmstate-handler-rhel8@sha256:33118718e753a7e63c7427e3b2bfec0bb7bf440d9ee5a0b3bff3b13a08023731_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-kubernetes-nmstate-handler-rhel8@sha256:dca4deaed3dd64e477cb506978fedf04605565b721917b86574ecfe0fe192bf0_ppc64le as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-kubernetes-nmstate-handler-rhel8@sha256:dca4deaed3dd64e477cb506978fedf04605565b721917b86574ecfe0fe192bf0_ppc64le"
},
"product_reference": "openshift4/ose-kubernetes-nmstate-handler-rhel8@sha256:dca4deaed3dd64e477cb506978fedf04605565b721917b86574ecfe0fe192bf0_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-kubernetes-nmstate-handler-rhel8@sha256:f222c80234892103ad4bafc8b93f931cb84aff4589737041c390e9ff0c544834_amd64 as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-kubernetes-nmstate-handler-rhel8@sha256:f222c80234892103ad4bafc8b93f931cb84aff4589737041c390e9ff0c544834_amd64"
},
"product_reference": "openshift4/ose-kubernetes-nmstate-handler-rhel8@sha256:f222c80234892103ad4bafc8b93f931cb84aff4589737041c390e9ff0c544834_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-local-storage-diskmaker@sha256:14f5cc593403a32b0d3aea18b4c916b92d73bd29a784de330f2055fc549144a8_amd64 as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-local-storage-diskmaker@sha256:14f5cc593403a32b0d3aea18b4c916b92d73bd29a784de330f2055fc549144a8_amd64"
},
"product_reference": "openshift4/ose-local-storage-diskmaker@sha256:14f5cc593403a32b0d3aea18b4c916b92d73bd29a784de330f2055fc549144a8_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-local-storage-diskmaker@sha256:72a04abe499e3821465b46b97095c1fb9a085ea65893996ff88429540f9bca62_ppc64le as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-local-storage-diskmaker@sha256:72a04abe499e3821465b46b97095c1fb9a085ea65893996ff88429540f9bca62_ppc64le"
},
"product_reference": "openshift4/ose-local-storage-diskmaker@sha256:72a04abe499e3821465b46b97095c1fb9a085ea65893996ff88429540f9bca62_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-local-storage-diskmaker@sha256:eb94c3891e7b187019e21e01a0c0c51c356de2e52d328cb7cd201ccaf084649a_s390x as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-local-storage-diskmaker@sha256:eb94c3891e7b187019e21e01a0c0c51c356de2e52d328cb7cd201ccaf084649a_s390x"
},
"product_reference": "openshift4/ose-local-storage-diskmaker@sha256:eb94c3891e7b187019e21e01a0c0c51c356de2e52d328cb7cd201ccaf084649a_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-local-storage-mustgather-rhel8@sha256:44e10acf9603002364f4a6a85863946f8381297a50b0181514420511ebea80c8_amd64 as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-local-storage-mustgather-rhel8@sha256:44e10acf9603002364f4a6a85863946f8381297a50b0181514420511ebea80c8_amd64"
},
"product_reference": "openshift4/ose-local-storage-mustgather-rhel8@sha256:44e10acf9603002364f4a6a85863946f8381297a50b0181514420511ebea80c8_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-local-storage-mustgather-rhel8@sha256:a172fc08b88d93cfacedd5c7a70a187dcbc4709413e200f26498558ec1d0b93a_s390x as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-local-storage-mustgather-rhel8@sha256:a172fc08b88d93cfacedd5c7a70a187dcbc4709413e200f26498558ec1d0b93a_s390x"
},
"product_reference": "openshift4/ose-local-storage-mustgather-rhel8@sha256:a172fc08b88d93cfacedd5c7a70a187dcbc4709413e200f26498558ec1d0b93a_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-local-storage-mustgather-rhel8@sha256:dd567cbaa78320859d956551673d37d21ebff9ef231908ccdd402ff85a82a106_ppc64le as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-local-storage-mustgather-rhel8@sha256:dd567cbaa78320859d956551673d37d21ebff9ef231908ccdd402ff85a82a106_ppc64le"
},
"product_reference": "openshift4/ose-local-storage-mustgather-rhel8@sha256:dd567cbaa78320859d956551673d37d21ebff9ef231908ccdd402ff85a82a106_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-local-storage-operator@sha256:1de35e9908b4037e251d5940d6d7832add15438babbd787a8799b97d077bdb51_s390x as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-local-storage-operator@sha256:1de35e9908b4037e251d5940d6d7832add15438babbd787a8799b97d077bdb51_s390x"
},
"product_reference": "openshift4/ose-local-storage-operator@sha256:1de35e9908b4037e251d5940d6d7832add15438babbd787a8799b97d077bdb51_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-local-storage-operator@sha256:7ad09f547291f527313ef62a42f32cd1e28d922abbf4d3faf1a62316fc138835_amd64 as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-local-storage-operator@sha256:7ad09f547291f527313ef62a42f32cd1e28d922abbf4d3faf1a62316fc138835_amd64"
},
"product_reference": "openshift4/ose-local-storage-operator@sha256:7ad09f547291f527313ef62a42f32cd1e28d922abbf4d3faf1a62316fc138835_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-local-storage-operator@sha256:c0c355248008651fc862cfef2300b4a4e31de396ef3c356d576b78ae8d086606_ppc64le as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-local-storage-operator@sha256:c0c355248008651fc862cfef2300b4a4e31de396ef3c356d576b78ae8d086606_ppc64le"
},
"product_reference": "openshift4/ose-local-storage-operator@sha256:c0c355248008651fc862cfef2300b4a4e31de396ef3c356d576b78ae8d086606_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-local-storage-static-provisioner@sha256:1b9840fca41b1a98bccf81f13d1cf97599098417d44464e516cea6b26c8d96ad_s390x as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-local-storage-static-provisioner@sha256:1b9840fca41b1a98bccf81f13d1cf97599098417d44464e516cea6b26c8d96ad_s390x"
},
"product_reference": "openshift4/ose-local-storage-static-provisioner@sha256:1b9840fca41b1a98bccf81f13d1cf97599098417d44464e516cea6b26c8d96ad_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-local-storage-static-provisioner@sha256:a51abc91479ae86fb2767c3bf333cd0a4a4a0b04c77cc0e134d60583d81b251f_amd64 as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-local-storage-static-provisioner@sha256:a51abc91479ae86fb2767c3bf333cd0a4a4a0b04c77cc0e134d60583d81b251f_amd64"
},
"product_reference": "openshift4/ose-local-storage-static-provisioner@sha256:a51abc91479ae86fb2767c3bf333cd0a4a4a0b04c77cc0e134d60583d81b251f_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-local-storage-static-provisioner@sha256:a69a74c4d1851ce45b09dbed28ebf0ea623aa882fb2f90de8fb3e167c2e6ec95_ppc64le as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-local-storage-static-provisioner@sha256:a69a74c4d1851ce45b09dbed28ebf0ea623aa882fb2f90de8fb3e167c2e6ec95_ppc64le"
},
"product_reference": "openshift4/ose-local-storage-static-provisioner@sha256:a69a74c4d1851ce45b09dbed28ebf0ea623aa882fb2f90de8fb3e167c2e6ec95_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-metering-ansible-operator@sha256:6adbba804c49204290251bf308f23377ba59ca878cc347450c8251cd8f9c6fec_amd64 as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-metering-ansible-operator@sha256:6adbba804c49204290251bf308f23377ba59ca878cc347450c8251cd8f9c6fec_amd64"
},
"product_reference": "openshift4/ose-metering-ansible-operator@sha256:6adbba804c49204290251bf308f23377ba59ca878cc347450c8251cd8f9c6fec_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-metering-hadoop@sha256:16df368c03c18909eeba85f81ef3427a0df32364a91faf88669cc69c5cee54db_amd64 as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-metering-hadoop@sha256:16df368c03c18909eeba85f81ef3427a0df32364a91faf88669cc69c5cee54db_amd64"
},
"product_reference": "openshift4/ose-metering-hadoop@sha256:16df368c03c18909eeba85f81ef3427a0df32364a91faf88669cc69c5cee54db_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-metering-helm-container-rhel8@sha256:8ef0d8b296fd6cf92b335759b0ae69e2d27b0febcfd7b8039a2a285d6872af24_ppc64le as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-metering-helm-container-rhel8@sha256:8ef0d8b296fd6cf92b335759b0ae69e2d27b0febcfd7b8039a2a285d6872af24_ppc64le"
},
"product_reference": "openshift4/ose-metering-helm-container-rhel8@sha256:8ef0d8b296fd6cf92b335759b0ae69e2d27b0febcfd7b8039a2a285d6872af24_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-metering-helm-container-rhel8@sha256:bc0841525bba0fea0a26b23b22cb41401284b9a458aa6fe9e112eab641b092b0_amd64 as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-metering-helm-container-rhel8@sha256:bc0841525bba0fea0a26b23b22cb41401284b9a458aa6fe9e112eab641b092b0_amd64"
},
"product_reference": "openshift4/ose-metering-helm-container-rhel8@sha256:bc0841525bba0fea0a26b23b22cb41401284b9a458aa6fe9e112eab641b092b0_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-metering-helm-container-rhel8@sha256:d412d15d2538f1c8cda65219aa518627c14c7d1124246b96c71ee9b806fc6509_s390x as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-metering-helm-container-rhel8@sha256:d412d15d2538f1c8cda65219aa518627c14c7d1124246b96c71ee9b806fc6509_s390x"
},
"product_reference": "openshift4/ose-metering-helm-container-rhel8@sha256:d412d15d2538f1c8cda65219aa518627c14c7d1124246b96c71ee9b806fc6509_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-metering-hive@sha256:c41e848a2663da5fc9820eadb880cb2ab456c104977b35fe67b8c34993d79edc_amd64 as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-metering-hive@sha256:c41e848a2663da5fc9820eadb880cb2ab456c104977b35fe67b8c34993d79edc_amd64"
},
"product_reference": "openshift4/ose-metering-hive@sha256:c41e848a2663da5fc9820eadb880cb2ab456c104977b35fe67b8c34993d79edc_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-metering-presto@sha256:894b27ab5d6b96679083bcc1fa1af97cce3211dab3c4c2801b97155a90f8e022_amd64 as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-metering-presto@sha256:894b27ab5d6b96679083bcc1fa1af97cce3211dab3c4c2801b97155a90f8e022_amd64"
},
"product_reference": "openshift4/ose-metering-presto@sha256:894b27ab5d6b96679083bcc1fa1af97cce3211dab3c4c2801b97155a90f8e022_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-metering-reporting-operator@sha256:a8f402ad94c4b46a3cd073d82f98c10e449a7d167ad4ed279ba8339e4c7fa411_amd64 as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-metering-reporting-operator@sha256:a8f402ad94c4b46a3cd073d82f98c10e449a7d167ad4ed279ba8339e4c7fa411_amd64"
},
"product_reference": "openshift4/ose-metering-reporting-operator@sha256:a8f402ad94c4b46a3cd073d82f98c10e449a7d167ad4ed279ba8339e4c7fa411_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-node-feature-discovery@sha256:8131f6aa3f829be60efa523e46a207f0d0d54801655d27ddea615e2a0d965e67_ppc64le as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-node-feature-discovery@sha256:8131f6aa3f829be60efa523e46a207f0d0d54801655d27ddea615e2a0d965e67_ppc64le"
},
"product_reference": "openshift4/ose-node-feature-discovery@sha256:8131f6aa3f829be60efa523e46a207f0d0d54801655d27ddea615e2a0d965e67_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-node-feature-discovery@sha256:a1ea240b21b03823fcce770b5f1268e5ba864a95449ab58fb1b1cce320ef31af_amd64 as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-node-feature-discovery@sha256:a1ea240b21b03823fcce770b5f1268e5ba864a95449ab58fb1b1cce320ef31af_amd64"
},
"product_reference": "openshift4/ose-node-feature-discovery@sha256:a1ea240b21b03823fcce770b5f1268e5ba864a95449ab58fb1b1cce320ef31af_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-node-feature-discovery@sha256:b60199d0dbf4727ac8ae61fec173120db88b061ea102f9f814b77da3fdf0cb8d_s390x as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-node-feature-discovery@sha256:b60199d0dbf4727ac8ae61fec173120db88b061ea102f9f814b77da3fdf0cb8d_s390x"
},
"product_reference": "openshift4/ose-node-feature-discovery@sha256:b60199d0dbf4727ac8ae61fec173120db88b061ea102f9f814b77da3fdf0cb8d_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-node-problem-detector-rhel8@sha256:177cd65fe97f3a2c2c3951471e53f26e00d662e7f948b36b50bf90dee48fa5f2_ppc64le as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-node-problem-detector-rhel8@sha256:177cd65fe97f3a2c2c3951471e53f26e00d662e7f948b36b50bf90dee48fa5f2_ppc64le"
},
"product_reference": "openshift4/ose-node-problem-detector-rhel8@sha256:177cd65fe97f3a2c2c3951471e53f26e00d662e7f948b36b50bf90dee48fa5f2_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-node-problem-detector-rhel8@sha256:7a6eb4ee386df0f8f8a1d34c84efe6c895c9f24e3f0e0845016bb845b11f03d3_amd64 as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-node-problem-detector-rhel8@sha256:7a6eb4ee386df0f8f8a1d34c84efe6c895c9f24e3f0e0845016bb845b11f03d3_amd64"
},
"product_reference": "openshift4/ose-node-problem-detector-rhel8@sha256:7a6eb4ee386df0f8f8a1d34c84efe6c895c9f24e3f0e0845016bb845b11f03d3_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-node-problem-detector-rhel8@sha256:9819ce4cec57a67c73ef7c806328079eeb697657d22b0205de48f887883d4263_s390x as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-node-problem-detector-rhel8@sha256:9819ce4cec57a67c73ef7c806328079eeb697657d22b0205de48f887883d4263_s390x"
},
"product_reference": "openshift4/ose-node-problem-detector-rhel8@sha256:9819ce4cec57a67c73ef7c806328079eeb697657d22b0205de48f887883d4263_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-operator-sdk-rhel8@sha256:048df6fb0114e1337a8187779b9cb02de9f0afefe150a9606f33e50dcdf450f0_ppc64le as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-operator-sdk-rhel8@sha256:048df6fb0114e1337a8187779b9cb02de9f0afefe150a9606f33e50dcdf450f0_ppc64le"
},
"product_reference": "openshift4/ose-operator-sdk-rhel8@sha256:048df6fb0114e1337a8187779b9cb02de9f0afefe150a9606f33e50dcdf450f0_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-operator-sdk-rhel8@sha256:a4222e6b92e1ede8ea7504723860c0555ba7702db0813024a36936916ac84658_amd64 as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-operator-sdk-rhel8@sha256:a4222e6b92e1ede8ea7504723860c0555ba7702db0813024a36936916ac84658_amd64"
},
"product_reference": "openshift4/ose-operator-sdk-rhel8@sha256:a4222e6b92e1ede8ea7504723860c0555ba7702db0813024a36936916ac84658_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-operator-sdk-rhel8@sha256:b82b5e624823731165f46003fd321a21be8978b048dbcb7c894a8b0f4a4689db_s390x as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-operator-sdk-rhel8@sha256:b82b5e624823731165f46003fd321a21be8978b048dbcb7c894a8b0f4a4689db_s390x"
},
"product_reference": "openshift4/ose-operator-sdk-rhel8@sha256:b82b5e624823731165f46003fd321a21be8978b048dbcb7c894a8b0f4a4689db_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-ptp-operator@sha256:26e7b07274177e86ef6ec8a96188e7957e4f68f73a1420e196702922094417ae_ppc64le as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-ptp-operator@sha256:26e7b07274177e86ef6ec8a96188e7957e4f68f73a1420e196702922094417ae_ppc64le"
},
"product_reference": "openshift4/ose-ptp-operator@sha256:26e7b07274177e86ef6ec8a96188e7957e4f68f73a1420e196702922094417ae_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-ptp-operator@sha256:3c4cca09987bb6030b6519394465469b7180c2a042854d38044f5cc3f7d2b30b_s390x as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-ptp-operator@sha256:3c4cca09987bb6030b6519394465469b7180c2a042854d38044f5cc3f7d2b30b_s390x"
},
"product_reference": "openshift4/ose-ptp-operator@sha256:3c4cca09987bb6030b6519394465469b7180c2a042854d38044f5cc3f7d2b30b_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-ptp-operator@sha256:fecc5f0d5387857fe8bbc0be5de85038fa81fff05d68b8c9a7f17d69b9744a90_amd64 as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-ptp-operator@sha256:fecc5f0d5387857fe8bbc0be5de85038fa81fff05d68b8c9a7f17d69b9744a90_amd64"
},
"product_reference": "openshift4/ose-ptp-operator@sha256:fecc5f0d5387857fe8bbc0be5de85038fa81fff05d68b8c9a7f17d69b9744a90_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-ptp@sha256:7b80bfd84618e2ca174c68cac564a89a29d85b2882ed0232e83fb2b94e01045b_ppc64le as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-ptp@sha256:7b80bfd84618e2ca174c68cac564a89a29d85b2882ed0232e83fb2b94e01045b_ppc64le"
},
"product_reference": "openshift4/ose-ptp@sha256:7b80bfd84618e2ca174c68cac564a89a29d85b2882ed0232e83fb2b94e01045b_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-ptp@sha256:84bc727ebee42779a3ae701eb5b1a8c39d9643efea3b072088f2ecc28574c9e6_amd64 as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-ptp@sha256:84bc727ebee42779a3ae701eb5b1a8c39d9643efea3b072088f2ecc28574c9e6_amd64"
},
"product_reference": "openshift4/ose-ptp@sha256:84bc727ebee42779a3ae701eb5b1a8c39d9643efea3b072088f2ecc28574c9e6_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-ptp@sha256:8a59f23dd45f1b7f8149711cd2f4420795c3e29a800c9bcfe53413cd519e3d84_s390x as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-ptp@sha256:8a59f23dd45f1b7f8149711cd2f4420795c3e29a800c9bcfe53413cd519e3d84_s390x"
},
"product_reference": "openshift4/ose-ptp@sha256:8a59f23dd45f1b7f8149711cd2f4420795c3e29a800c9bcfe53413cd519e3d84_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-service-idler-rhel8@sha256:41bba8ae933de9d4b23cddc011d71365e4cdabdc9ffcb0de585990e5fbb62cd8_ppc64le as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-service-idler-rhel8@sha256:41bba8ae933de9d4b23cddc011d71365e4cdabdc9ffcb0de585990e5fbb62cd8_ppc64le"
},
"product_reference": "openshift4/ose-service-idler-rhel8@sha256:41bba8ae933de9d4b23cddc011d71365e4cdabdc9ffcb0de585990e5fbb62cd8_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-service-idler-rhel8@sha256:452674002f3d1b77096b76c8d682a09112ff7a5201ce3b4ab8c7893c66325c06_amd64 as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-service-idler-rhel8@sha256:452674002f3d1b77096b76c8d682a09112ff7a5201ce3b4ab8c7893c66325c06_amd64"
},
"product_reference": "openshift4/ose-service-idler-rhel8@sha256:452674002f3d1b77096b76c8d682a09112ff7a5201ce3b4ab8c7893c66325c06_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-service-idler-rhel8@sha256:867ac586b25cc3587dde454f2419127dbcf610e85b07daa6bcb0f9a18e77c828_s390x as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-service-idler-rhel8@sha256:867ac586b25cc3587dde454f2419127dbcf610e85b07daa6bcb0f9a18e77c828_s390x"
},
"product_reference": "openshift4/ose-service-idler-rhel8@sha256:867ac586b25cc3587dde454f2419127dbcf610e85b07daa6bcb0f9a18e77c828_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-sriov-cni@sha256:51b4b6163d3a296d598330e2119c7f12c41c15a3ea81b15c59774ab71a4052ea_ppc64le as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-sriov-cni@sha256:51b4b6163d3a296d598330e2119c7f12c41c15a3ea81b15c59774ab71a4052ea_ppc64le"
},
"product_reference": "openshift4/ose-sriov-cni@sha256:51b4b6163d3a296d598330e2119c7f12c41c15a3ea81b15c59774ab71a4052ea_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-sriov-cni@sha256:81a5d568bcc8c8f6eb387df1d437b6d0500b891c3caeb84b27858034f3de603c_s390x as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-sriov-cni@sha256:81a5d568bcc8c8f6eb387df1d437b6d0500b891c3caeb84b27858034f3de603c_s390x"
},
"product_reference": "openshift4/ose-sriov-cni@sha256:81a5d568bcc8c8f6eb387df1d437b6d0500b891c3caeb84b27858034f3de603c_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-sriov-cni@sha256:82e46f02c6f0c88139dc1e20a1b61510d3ee2d42ed65118669def44a83735595_amd64 as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-sriov-cni@sha256:82e46f02c6f0c88139dc1e20a1b61510d3ee2d42ed65118669def44a83735595_amd64"
},
"product_reference": "openshift4/ose-sriov-cni@sha256:82e46f02c6f0c88139dc1e20a1b61510d3ee2d42ed65118669def44a83735595_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-sriov-dp-admission-controller@sha256:1645377753534108e3efeb01f6140a26ec53137041ff02a1284352c3e273fd0c_s390x as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-sriov-dp-admission-controller@sha256:1645377753534108e3efeb01f6140a26ec53137041ff02a1284352c3e273fd0c_s390x"
},
"product_reference": "openshift4/ose-sriov-dp-admission-controller@sha256:1645377753534108e3efeb01f6140a26ec53137041ff02a1284352c3e273fd0c_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-sriov-dp-admission-controller@sha256:85d3feec1f6c23752bcf1e20de47cd83dc4171295c922b2962cca31f52fdcc99_ppc64le as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-sriov-dp-admission-controller@sha256:85d3feec1f6c23752bcf1e20de47cd83dc4171295c922b2962cca31f52fdcc99_ppc64le"
},
"product_reference": "openshift4/ose-sriov-dp-admission-controller@sha256:85d3feec1f6c23752bcf1e20de47cd83dc4171295c922b2962cca31f52fdcc99_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-sriov-dp-admission-controller@sha256:e9d74ba6c5c8e863288bc2543e57ac1119c4e47ee9a4f355dfc99b24fc831f82_amd64 as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-sriov-dp-admission-controller@sha256:e9d74ba6c5c8e863288bc2543e57ac1119c4e47ee9a4f355dfc99b24fc831f82_amd64"
},
"product_reference": "openshift4/ose-sriov-dp-admission-controller@sha256:e9d74ba6c5c8e863288bc2543e57ac1119c4e47ee9a4f355dfc99b24fc831f82_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-sriov-infiniband-cni@sha256:25b8e51cedf57a5cd5d84685711e4f46c06b9d3f521bac76b00fbe2fc35310b9_ppc64le as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-sriov-infiniband-cni@sha256:25b8e51cedf57a5cd5d84685711e4f46c06b9d3f521bac76b00fbe2fc35310b9_ppc64le"
},
"product_reference": "openshift4/ose-sriov-infiniband-cni@sha256:25b8e51cedf57a5cd5d84685711e4f46c06b9d3f521bac76b00fbe2fc35310b9_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-sriov-infiniband-cni@sha256:44186335cae56b10b649766841da6ec9cf87105289e64fab69a274e3bee2e822_amd64 as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-sriov-infiniband-cni@sha256:44186335cae56b10b649766841da6ec9cf87105289e64fab69a274e3bee2e822_amd64"
},
"product_reference": "openshift4/ose-sriov-infiniband-cni@sha256:44186335cae56b10b649766841da6ec9cf87105289e64fab69a274e3bee2e822_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-sriov-infiniband-cni@sha256:dc869987220178fda24dd3f7fbe66a910e353519bcda4484ecf91f34e018cadc_s390x as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-sriov-infiniband-cni@sha256:dc869987220178fda24dd3f7fbe66a910e353519bcda4484ecf91f34e018cadc_s390x"
},
"product_reference": "openshift4/ose-sriov-infiniband-cni@sha256:dc869987220178fda24dd3f7fbe66a910e353519bcda4484ecf91f34e018cadc_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-sriov-network-config-daemon@sha256:1f79da5009c02e53f313b417025d3ffc7e5c54e6428013c5d8c240d95295018b_s390x as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-sriov-network-config-daemon@sha256:1f79da5009c02e53f313b417025d3ffc7e5c54e6428013c5d8c240d95295018b_s390x"
},
"product_reference": "openshift4/ose-sriov-network-config-daemon@sha256:1f79da5009c02e53f313b417025d3ffc7e5c54e6428013c5d8c240d95295018b_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-sriov-network-config-daemon@sha256:282eb59274ebf8c9b1d4df18957fe016a1276851504febfa7d0a82b3ff123b46_ppc64le as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-sriov-network-config-daemon@sha256:282eb59274ebf8c9b1d4df18957fe016a1276851504febfa7d0a82b3ff123b46_ppc64le"
},
"product_reference": "openshift4/ose-sriov-network-config-daemon@sha256:282eb59274ebf8c9b1d4df18957fe016a1276851504febfa7d0a82b3ff123b46_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-sriov-network-config-daemon@sha256:726e97cc553dec762030d19e37ceace8398bb6ea2bea5d2853fab9d21a830b87_amd64 as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-sriov-network-config-daemon@sha256:726e97cc553dec762030d19e37ceace8398bb6ea2bea5d2853fab9d21a830b87_amd64"
},
"product_reference": "openshift4/ose-sriov-network-config-daemon@sha256:726e97cc553dec762030d19e37ceace8398bb6ea2bea5d2853fab9d21a830b87_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-sriov-network-device-plugin@sha256:27bc5f7d3785dc55ae6b56a1abdd724f1b071f18070d8fd1be93710425f63fee_ppc64le as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-sriov-network-device-plugin@sha256:27bc5f7d3785dc55ae6b56a1abdd724f1b071f18070d8fd1be93710425f63fee_ppc64le"
},
"product_reference": "openshift4/ose-sriov-network-device-plugin@sha256:27bc5f7d3785dc55ae6b56a1abdd724f1b071f18070d8fd1be93710425f63fee_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-sriov-network-device-plugin@sha256:31a390e00f9a2f992508f586e6fce8c0ce046760b553ea007feee1d80c221dee_amd64 as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-sriov-network-device-plugin@sha256:31a390e00f9a2f992508f586e6fce8c0ce046760b553ea007feee1d80c221dee_amd64"
},
"product_reference": "openshift4/ose-sriov-network-device-plugin@sha256:31a390e00f9a2f992508f586e6fce8c0ce046760b553ea007feee1d80c221dee_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-sriov-network-device-plugin@sha256:697a084e5a30a0c6ca7e77ce5c77ada9deb5f109decc0f164a9378b40134ed82_s390x as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-sriov-network-device-plugin@sha256:697a084e5a30a0c6ca7e77ce5c77ada9deb5f109decc0f164a9378b40134ed82_s390x"
},
"product_reference": "openshift4/ose-sriov-network-device-plugin@sha256:697a084e5a30a0c6ca7e77ce5c77ada9deb5f109decc0f164a9378b40134ed82_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-sriov-network-operator@sha256:74535f528ddf08eace2d38a42cdbdc2cc34f2e918b1ea1137aba44150404f034_ppc64le as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-sriov-network-operator@sha256:74535f528ddf08eace2d38a42cdbdc2cc34f2e918b1ea1137aba44150404f034_ppc64le"
},
"product_reference": "openshift4/ose-sriov-network-operator@sha256:74535f528ddf08eace2d38a42cdbdc2cc34f2e918b1ea1137aba44150404f034_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-sriov-network-operator@sha256:74f269f0228b727f77e87c39fd5eeb02345fb44eeef235e3b30decb8142a6cf5_s390x as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-sriov-network-operator@sha256:74f269f0228b727f77e87c39fd5eeb02345fb44eeef235e3b30decb8142a6cf5_s390x"
},
"product_reference": "openshift4/ose-sriov-network-operator@sha256:74f269f0228b727f77e87c39fd5eeb02345fb44eeef235e3b30decb8142a6cf5_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-sriov-network-operator@sha256:a601452298527b60417ce4bc1cd70578fe3e6c08e5b7206a44135e87dae22fee_amd64 as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-sriov-network-operator@sha256:a601452298527b60417ce4bc1cd70578fe3e6c08e5b7206a44135e87dae22fee_amd64"
},
"product_reference": "openshift4/ose-sriov-network-operator@sha256:a601452298527b60417ce4bc1cd70578fe3e6c08e5b7206a44135e87dae22fee_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-sriov-network-webhook@sha256:6eb41f6dcfbdfbefcd12827661e676155758ea3c29f5df868c4bd27b2f323cb3_s390x as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-sriov-network-webhook@sha256:6eb41f6dcfbdfbefcd12827661e676155758ea3c29f5df868c4bd27b2f323cb3_s390x"
},
"product_reference": "openshift4/ose-sriov-network-webhook@sha256:6eb41f6dcfbdfbefcd12827661e676155758ea3c29f5df868c4bd27b2f323cb3_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-sriov-network-webhook@sha256:c600df4806eabd40e14611aba4ca4d71f5b72aff2de914736999a67115b14f51_amd64 as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-sriov-network-webhook@sha256:c600df4806eabd40e14611aba4ca4d71f5b72aff2de914736999a67115b14f51_amd64"
},
"product_reference": "openshift4/ose-sriov-network-webhook@sha256:c600df4806eabd40e14611aba4ca4d71f5b72aff2de914736999a67115b14f51_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-sriov-network-webhook@sha256:e8766c5b017e1d13b5da871db07511834fefa46e5fafe3d98ad128d5d9adbdaa_ppc64le as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-sriov-network-webhook@sha256:e8766c5b017e1d13b5da871db07511834fefa46e5fafe3d98ad128d5d9adbdaa_ppc64le"
},
"product_reference": "openshift4/ose-sriov-network-webhook@sha256:e8766c5b017e1d13b5da871db07511834fefa46e5fafe3d98ad128d5d9adbdaa_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-sriov-operator-must-gather@sha256:7cc7dc4a8aa0785fcb60e17b2aa51629f4bbdf3584b6f87250417ad57d2424ea_amd64 as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-sriov-operator-must-gather@sha256:7cc7dc4a8aa0785fcb60e17b2aa51629f4bbdf3584b6f87250417ad57d2424ea_amd64"
},
"product_reference": "openshift4/ose-sriov-operator-must-gather@sha256:7cc7dc4a8aa0785fcb60e17b2aa51629f4bbdf3584b6f87250417ad57d2424ea_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-sriov-operator-must-gather@sha256:852ec914338080ae0b0a0d80cc1f8776c69904f7aa481073124f7e30f66ea701_ppc64le as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-sriov-operator-must-gather@sha256:852ec914338080ae0b0a0d80cc1f8776c69904f7aa481073124f7e30f66ea701_ppc64le"
},
"product_reference": "openshift4/ose-sriov-operator-must-gather@sha256:852ec914338080ae0b0a0d80cc1f8776c69904f7aa481073124f7e30f66ea701_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-sriov-operator-must-gather@sha256:a270a26fe3257c4ab4020975e8ceb88ed223457497fd7bc11849ce96a0075c1c_s390x as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-sriov-operator-must-gather@sha256:a270a26fe3257c4ab4020975e8ceb88ed223457497fd7bc11849ce96a0075c1c_s390x"
},
"product_reference": "openshift4/ose-sriov-operator-must-gather@sha256:a270a26fe3257c4ab4020975e8ceb88ed223457497fd7bc11849ce96a0075c1c_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:29b1accb1927eed49cc610fde0d6510c4e4c50e691a09e6d756ae01fa09e0931_s390x as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:29b1accb1927eed49cc610fde0d6510c4e4c50e691a09e6d756ae01fa09e0931_s390x"
},
"product_reference": "openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:29b1accb1927eed49cc610fde0d6510c4e4c50e691a09e6d756ae01fa09e0931_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:60bfdb1ee8a9c42dd8b63a60411136ac85ab728b99e92e79c9035dc95eab88cb_amd64 as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:60bfdb1ee8a9c42dd8b63a60411136ac85ab728b99e92e79c9035dc95eab88cb_amd64"
},
"product_reference": "openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:60bfdb1ee8a9c42dd8b63a60411136ac85ab728b99e92e79c9035dc95eab88cb_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:7cda510767be34b8ac3b808aace4ab2d61107042daa98f620993a667852b9a1c_ppc64le as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:7cda510767be34b8ac3b808aace4ab2d61107042daa98f620993a667852b9a1c_ppc64le"
},
"product_reference": "openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:7cda510767be34b8ac3b808aace4ab2d61107042daa98f620993a667852b9a1c_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:0694a70fe7b9d8dda2efc2776c045b5bfcf5a7592515d93d2c8c8eb4ac3e4be8_ppc64le as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:0694a70fe7b9d8dda2efc2776c045b5bfcf5a7592515d93d2c8c8eb4ac3e4be8_ppc64le"
},
"product_reference": "openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:0694a70fe7b9d8dda2efc2776c045b5bfcf5a7592515d93d2c8c8eb4ac3e4be8_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:4e8d3b120530fe8d18d06aaca7792ef537fc92c2db6afaf7c3069dd55f844da9_amd64 as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:4e8d3b120530fe8d18d06aaca7792ef537fc92c2db6afaf7c3069dd55f844da9_amd64"
},
"product_reference": "openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:4e8d3b120530fe8d18d06aaca7792ef537fc92c2db6afaf7c3069dd55f844da9_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:5d67547980eca90abba55217671e141a5211b188fde220a7738d00c492719a90_s390x as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:5d67547980eca90abba55217671e141a5211b188fde220a7738d00c492719a90_s390x"
},
"product_reference": "openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:5d67547980eca90abba55217671e141a5211b188fde220a7738d00c492719a90_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ptp-must-gather-rhel8@sha256:6a109b85e3bf018b10fa79b0fdbfc60342ceef50f3b481b52f775fc64e9ca749_s390x as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ptp-must-gather-rhel8@sha256:6a109b85e3bf018b10fa79b0fdbfc60342ceef50f3b481b52f775fc64e9ca749_s390x"
},
"product_reference": "openshift4/ptp-must-gather-rhel8@sha256:6a109b85e3bf018b10fa79b0fdbfc60342ceef50f3b481b52f775fc64e9ca749_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ptp-must-gather-rhel8@sha256:a513ce618ce42f1cd4b3b3eb4d075cc229f6b2f829c355be8de29c1910d6138d_amd64 as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ptp-must-gather-rhel8@sha256:a513ce618ce42f1cd4b3b3eb4d075cc229f6b2f829c355be8de29c1910d6138d_amd64"
},
"product_reference": "openshift4/ptp-must-gather-rhel8@sha256:a513ce618ce42f1cd4b3b3eb4d075cc229f6b2f829c355be8de29c1910d6138d_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ptp-must-gather-rhel8@sha256:b59208db40a37fd3111a6d41e9588a157b4188d3e303fec225d6e7ae2b94b724_ppc64le as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ptp-must-gather-rhel8@sha256:b59208db40a37fd3111a6d41e9588a157b4188d3e303fec225d6e7ae2b94b724_ppc64le"
},
"product_reference": "openshift4/ptp-must-gather-rhel8@sha256:b59208db40a37fd3111a6d41e9588a157b4188d3e303fec225d6e7ae2b94b724_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.7"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-44832",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2021-12-28T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHOSE-4.7:openshift4/kubernetes-nmstate-rhel8-operator@sha256:22aa9ccb0b12f4bdc935a7b3cc228a8d1a1f6d890da2e52d5df1889bc405f438_amd64",
"8Base-RHOSE-4.7:openshift4/kubernetes-nmstate-rhel8-operator@sha256:a03a81188cbb41a6b947e213054834503ff0b138790657e7bcfb89ac76db7e2f_s390x",
"8Base-RHOSE-4.7:openshift4/kubernetes-nmstate-rhel8-operator@sha256:d9d6d79fb09b6bcf8b9cd9aa4db5660f00861c1be51a0739d1814a6d6b555269_ppc64le",
"8Base-RHOSE-4.7:openshift4/network-tools-rhel8@sha256:c2dff29f5402be6ab1ed05f970df2095885bb0c6ce301999d1978ab2f6bd10dc_amd64",
"8Base-RHOSE-4.7:openshift4/network-tools-rhel8@sha256:d5c128fb34258594b23210743a46f22ec0efd9178011d749c6e93365fa482470_s390x",
"8Base-RHOSE-4.7:openshift4/network-tools-rhel8@sha256:fcf96da33bcea8e56d9d3edf5da10b2acbf77445c60d4f4d9a220b5c5ff564da_ppc64le",
"8Base-RHOSE-4.7:openshift4/ose-ansible-operator@sha256:1c211dc19b7c4d691af7b3b0462082a6a9adab75482e695b0d3bff57c56a27e8_amd64",
"8Base-RHOSE-4.7:openshift4/ose-ansible-operator@sha256:4624acfc582f366d2b871b528037535a6ef8800409fd2060e7e170912ea3e366_ppc64le",
"8Base-RHOSE-4.7:openshift4/ose-ansible-operator@sha256:61e72a2b6727e2a7b18e433254dade6c341a658c8e5db1c7db76e63201cba68d_s390x",
"8Base-RHOSE-4.7:openshift4/ose-cluster-capacity@sha256:6eb914575b695cda5e32e67bbc0d94d7a9528d0d84d6e830ab9a652c55d8324b_amd64",
"8Base-RHOSE-4.7:openshift4/ose-cluster-capacity@sha256:755b11a5f0283bd40aca158cba01dc52acc86a0f89c2286f35be1ce1526822c5_ppc64le",
"8Base-RHOSE-4.7:openshift4/ose-cluster-capacity@sha256:dc6a4807b1a79fae9510fbd85adbfa24ef6390414255688ab5e081a78209cfd1_s390x",
"8Base-RHOSE-4.7:openshift4/ose-cluster-kube-descheduler-operator@sha256:c1d2a7d34d240089b8122cbee1acabd687e1175f19f725c4dade1d73bd5b5c25_s390x",
"8Base-RHOSE-4.7:openshift4/ose-cluster-kube-descheduler-operator@sha256:d24fb0b4f5c74f0af84fc77322f44ada95d171ced1bebbcf815c046a56d7a7ba_amd64",
"8Base-RHOSE-4.7:openshift4/ose-cluster-kube-descheduler-operator@sha256:ee09043cbe40994c13a502aa1c0b1d8f5f845c5662e20660afef223f578b1172_ppc64le",
"8Base-RHOSE-4.7:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:c1d2a7d34d240089b8122cbee1acabd687e1175f19f725c4dade1d73bd5b5c25_s390x",
"8Base-RHOSE-4.7:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:d24fb0b4f5c74f0af84fc77322f44ada95d171ced1bebbcf815c046a56d7a7ba_amd64",
"8Base-RHOSE-4.7:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:ee09043cbe40994c13a502aa1c0b1d8f5f845c5662e20660afef223f578b1172_ppc64le",
"8Base-RHOSE-4.7:openshift4/ose-cluster-nfd-operator@sha256:1a482262a43445c6e56a8ed1c68f50a23241038e7bed6fb5b1ac860093ffd711_ppc64le",
"8Base-RHOSE-4.7:openshift4/ose-cluster-nfd-operator@sha256:97621545cd74e2810fbc88883c52635e957ab7bb985545660b4848790de078e4_amd64",
"8Base-RHOSE-4.7:openshift4/ose-cluster-nfd-operator@sha256:e9a8c656f1eed7c0e45cd42b7107bdd9c36d0877749ea707caea2834e2ff7853_s390x",
"8Base-RHOSE-4.7:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:02722e2b4b20f5ce75f49283b93577642ac94d21fb3c7bc3f2345dc1cae006c4_ppc64le",
"8Base-RHOSE-4.7:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:25e98ea642c5b444e0779f12c86d12ad1eb536e758f82411a836273aaec103a6_amd64",
"8Base-RHOSE-4.7:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:4af4402195c6da600602a0870a9ca8f2913637ab9b4adaca731ce1f514bfb71d_s390x",
"8Base-RHOSE-4.7:openshift4/ose-clusterresourceoverride-rhel8@sha256:911cdf7fda86a0eb3b675127d13002bcd67793599f265dfcf40747974aa2b428_amd64",
"8Base-RHOSE-4.7:openshift4/ose-clusterresourceoverride-rhel8@sha256:b297025d05f3b5898e97bcd4c79151338605848a32028e4bf2a8e20d46a9a0e6_s390x",
"8Base-RHOSE-4.7:openshift4/ose-clusterresourceoverride-rhel8@sha256:fa7304d3cb390015ff664a2b2301591fb83216a0db95ac325289134f6cb001ff_ppc64le",
"8Base-RHOSE-4.7:openshift4/ose-descheduler@sha256:2ba655f44e0e59c914c40274fb956f1d1f13aff731bafa8553342fae507069ee_s390x",
"8Base-RHOSE-4.7:openshift4/ose-descheduler@sha256:2fab7094181d5d9fd26137131018543e248d6db6b3564f29fa9dcf971384d600_ppc64le",
"8Base-RHOSE-4.7:openshift4/ose-descheduler@sha256:3a04d4a7f569a1f029ee9e4720f8eabd96bdf1ab848bf0a996b7f449181919d6_amd64",
"8Base-RHOSE-4.7:openshift4/ose-egress-dns-proxy@sha256:2b193ab81fa02031e79917fd5c938a0e4ad529c74bdb3ed067140ac66584de75_s390x",
"8Base-RHOSE-4.7:openshift4/ose-egress-dns-proxy@sha256:423ebfcd7b5ee5866d9a48748d6ff6cf86ad513debc426ca2f837dad077e6ba9_ppc64le",
"8Base-RHOSE-4.7:openshift4/ose-egress-dns-proxy@sha256:bcf54c517a897f4db420359d9358df078507a8af7270e3354fba68afc74097bf_amd64",
"8Base-RHOSE-4.7:openshift4/ose-egress-http-proxy@sha256:11fdd61a55cc06e6b4d1a8aefdf762bf2db21e351962285e26f2ab3d95a8460e_s390x",
"8Base-RHOSE-4.7:openshift4/ose-egress-http-proxy@sha256:76fba817c4e8556e58494c54fba0186ac7f607f871355816c3a8051cf0b98143_ppc64le",
"8Base-RHOSE-4.7:openshift4/ose-egress-http-proxy@sha256:f6ff58f2d35b430ef267ba99264dd27a985b97863f1fe2c77a97f30493a901ac_amd64",
"8Base-RHOSE-4.7:openshift4/ose-egress-router@sha256:342350d595c18a630c6f6bb100e8e2eaa397008d3467757431e81a54cab0fe87_s390x",
"8Base-RHOSE-4.7:openshift4/ose-egress-router@sha256:8a4af7c5b461ebe67f0773dcafbcd68fa1e80488d8588747530fc1e7cbe49052_amd64",
"8Base-RHOSE-4.7:openshift4/ose-egress-router@sha256:9741b74b0deb3ef44186a0d98a58db45995b2bd404db445621d27d74c02e971f_ppc64le",
"8Base-RHOSE-4.7:openshift4/ose-ghostunnel@sha256:571ced638d5cb907342143c6a515e482c428f3f3729f247ac7d86cf7acebe64d_amd64",
"8Base-RHOSE-4.7:openshift4/ose-helm-operator@sha256:1604de3c8644d2fda88838dd2490efac87f5c9b4447177c4f11327ccf08ddc87_amd64",
"8Base-RHOSE-4.7:openshift4/ose-helm-operator@sha256:31c0209cce395067e11a47c6ccad47d2b61fdc9cbfb9a678957cc89e51166d12_s390x",
"8Base-RHOSE-4.7:openshift4/ose-helm-operator@sha256:edf4456768f7777ac29ace329c391fdd6a6b214c8e747863ca009b13f4d0e4b9_ppc64le",
"8Base-RHOSE-4.7:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:2e9e8c76769c6008cf50790781c2b2501304ed8badf62fb1d7ff3d3b03ce5266_amd64",
"8Base-RHOSE-4.7:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:7b1da7f58a151e9a92ce088264eded20ddd5e99c6ed91811ab875c8584a32d42_ppc64le",
"8Base-RHOSE-4.7:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:ee09644f92a405a9d847d4f183b30208987c9afb61c15dea10175ac0b08bf5a6_s390x",
"8Base-RHOSE-4.7:openshift4/ose-kubernetes-nmstate-handler-rhel8@sha256:33118718e753a7e63c7427e3b2bfec0bb7bf440d9ee5a0b3bff3b13a08023731_s390x",
"8Base-RHOSE-4.7:openshift4/ose-kubernetes-nmstate-handler-rhel8@sha256:dca4deaed3dd64e477cb506978fedf04605565b721917b86574ecfe0fe192bf0_ppc64le",
"8Base-RHOSE-4.7:openshift4/ose-kubernetes-nmstate-handler-rhel8@sha256:f222c80234892103ad4bafc8b93f931cb84aff4589737041c390e9ff0c544834_amd64",
"8Base-RHOSE-4.7:openshift4/ose-local-storage-diskmaker@sha256:14f5cc593403a32b0d3aea18b4c916b92d73bd29a784de330f2055fc549144a8_amd64",
"8Base-RHOSE-4.7:openshift4/ose-local-storage-diskmaker@sha256:72a04abe499e3821465b46b97095c1fb9a085ea65893996ff88429540f9bca62_ppc64le",
"8Base-RHOSE-4.7:openshift4/ose-local-storage-diskmaker@sha256:eb94c3891e7b187019e21e01a0c0c51c356de2e52d328cb7cd201ccaf084649a_s390x",
"8Base-RHOSE-4.7:openshift4/ose-local-storage-mustgather-rhel8@sha256:44e10acf9603002364f4a6a85863946f8381297a50b0181514420511ebea80c8_amd64",
"8Base-RHOSE-4.7:openshift4/ose-local-storage-mustgather-rhel8@sha256:a172fc08b88d93cfacedd5c7a70a187dcbc4709413e200f26498558ec1d0b93a_s390x",
"8Base-RHOSE-4.7:openshift4/ose-local-storage-mustgather-rhel8@sha256:dd567cbaa78320859d956551673d37d21ebff9ef231908ccdd402ff85a82a106_ppc64le",
"8Base-RHOSE-4.7:openshift4/ose-local-storage-operator@sha256:1de35e9908b4037e251d5940d6d7832add15438babbd787a8799b97d077bdb51_s390x",
"8Base-RHOSE-4.7:openshift4/ose-local-storage-operator@sha256:7ad09f547291f527313ef62a42f32cd1e28d922abbf4d3faf1a62316fc138835_amd64",
"8Base-RHOSE-4.7:openshift4/ose-local-storage-operator@sha256:c0c355248008651fc862cfef2300b4a4e31de396ef3c356d576b78ae8d086606_ppc64le",
"8Base-RHOSE-4.7:openshift4/ose-local-storage-static-provisioner@sha256:1b9840fca41b1a98bccf81f13d1cf97599098417d44464e516cea6b26c8d96ad_s390x",
"8Base-RHOSE-4.7:openshift4/ose-local-storage-static-provisioner@sha256:a51abc91479ae86fb2767c3bf333cd0a4a4a0b04c77cc0e134d60583d81b251f_amd64",
"8Base-RHOSE-4.7:openshift4/ose-local-storage-static-provisioner@sha256:a69a74c4d1851ce45b09dbed28ebf0ea623aa882fb2f90de8fb3e167c2e6ec95_ppc64le",
"8Base-RHOSE-4.7:openshift4/ose-metering-ansible-operator@sha256:6adbba804c49204290251bf308f23377ba59ca878cc347450c8251cd8f9c6fec_amd64",
"8Base-RHOSE-4.7:openshift4/ose-metering-hadoop@sha256:16df368c03c18909eeba85f81ef3427a0df32364a91faf88669cc69c5cee54db_amd64",
"8Base-RHOSE-4.7:openshift4/ose-metering-helm-container-rhel8@sha256:8ef0d8b296fd6cf92b335759b0ae69e2d27b0febcfd7b8039a2a285d6872af24_ppc64le",
"8Base-RHOSE-4.7:openshift4/ose-metering-helm-container-rhel8@sha256:bc0841525bba0fea0a26b23b22cb41401284b9a458aa6fe9e112eab641b092b0_amd64",
"8Base-RHOSE-4.7:openshift4/ose-metering-helm-container-rhel8@sha256:d412d15d2538f1c8cda65219aa518627c14c7d1124246b96c71ee9b806fc6509_s390x",
"8Base-RHOSE-4.7:openshift4/ose-metering-reporting-operator@sha256:a8f402ad94c4b46a3cd073d82f98c10e449a7d167ad4ed279ba8339e4c7fa411_amd64",
"8Base-RHOSE-4.7:openshift4/ose-node-feature-discovery@sha256:8131f6aa3f829be60efa523e46a207f0d0d54801655d27ddea615e2a0d965e67_ppc64le",
"8Base-RHOSE-4.7:openshift4/ose-node-feature-discovery@sha256:a1ea240b21b03823fcce770b5f1268e5ba864a95449ab58fb1b1cce320ef31af_amd64",
"8Base-RHOSE-4.7:openshift4/ose-node-feature-discovery@sha256:b60199d0dbf4727ac8ae61fec173120db88b061ea102f9f814b77da3fdf0cb8d_s390x",
"8Base-RHOSE-4.7:openshift4/ose-node-problem-detector-rhel8@sha256:177cd65fe97f3a2c2c3951471e53f26e00d662e7f948b36b50bf90dee48fa5f2_ppc64le",
"8Base-RHOSE-4.7:openshift4/ose-node-problem-detector-rhel8@sha256:7a6eb4ee386df0f8f8a1d34c84efe6c895c9f24e3f0e0845016bb845b11f03d3_amd64",
"8Base-RHOSE-4.7:openshift4/ose-node-problem-detector-rhel8@sha256:9819ce4cec57a67c73ef7c806328079eeb697657d22b0205de48f887883d4263_s390x",
"8Base-RHOSE-4.7:openshift4/ose-operator-sdk-rhel8@sha256:048df6fb0114e1337a8187779b9cb02de9f0afefe150a9606f33e50dcdf450f0_ppc64le",
"8Base-RHOSE-4.7:openshift4/ose-operator-sdk-rhel8@sha256:a4222e6b92e1ede8ea7504723860c0555ba7702db0813024a36936916ac84658_amd64",
"8Base-RHOSE-4.7:openshift4/ose-operator-sdk-rhel8@sha256:b82b5e624823731165f46003fd321a21be8978b048dbcb7c894a8b0f4a4689db_s390x",
"8Base-RHOSE-4.7:openshift4/ose-ptp-operator@sha256:26e7b07274177e86ef6ec8a96188e7957e4f68f73a1420e196702922094417ae_ppc64le",
"8Base-RHOSE-4.7:openshift4/ose-ptp-operator@sha256:3c4cca09987bb6030b6519394465469b7180c2a042854d38044f5cc3f7d2b30b_s390x",
"8Base-RHOSE-4.7:openshift4/ose-ptp-operator@sha256:fecc5f0d5387857fe8bbc0be5de85038fa81fff05d68b8c9a7f17d69b9744a90_amd64",
"8Base-RHOSE-4.7:openshift4/ose-ptp@sha256:7b80bfd84618e2ca174c68cac564a89a29d85b2882ed0232e83fb2b94e01045b_ppc64le",
"8Base-RHOSE-4.7:openshift4/ose-ptp@sha256:84bc727ebee42779a3ae701eb5b1a8c39d9643efea3b072088f2ecc28574c9e6_amd64",
"8Base-RHOSE-4.7:openshift4/ose-ptp@sha256:8a59f23dd45f1b7f8149711cd2f4420795c3e29a800c9bcfe53413cd519e3d84_s390x",
"8Base-RHOSE-4.7:openshift4/ose-service-idler-rhel8@sha256:41bba8ae933de9d4b23cddc011d71365e4cdabdc9ffcb0de585990e5fbb62cd8_ppc64le",
"8Base-RHOSE-4.7:openshift4/ose-service-idler-rhel8@sha256:452674002f3d1b77096b76c8d682a09112ff7a5201ce3b4ab8c7893c66325c06_amd64",
"8Base-RHOSE-4.7:openshift4/ose-service-idler-rhel8@sha256:867ac586b25cc3587dde454f2419127dbcf610e85b07daa6bcb0f9a18e77c828_s390x",
"8Base-RHOSE-4.7:openshift4/ose-sriov-cni@sha256:51b4b6163d3a296d598330e2119c7f12c41c15a3ea81b15c59774ab71a4052ea_ppc64le",
"8Base-RHOSE-4.7:openshift4/ose-sriov-cni@sha256:81a5d568bcc8c8f6eb387df1d437b6d0500b891c3caeb84b27858034f3de603c_s390x",
"8Base-RHOSE-4.7:openshift4/ose-sriov-cni@sha256:82e46f02c6f0c88139dc1e20a1b61510d3ee2d42ed65118669def44a83735595_amd64",
"8Base-RHOSE-4.7:openshift4/ose-sriov-dp-admission-controller@sha256:1645377753534108e3efeb01f6140a26ec53137041ff02a1284352c3e273fd0c_s390x",
"8Base-RHOSE-4.7:openshift4/ose-sriov-dp-admission-controller@sha256:85d3feec1f6c23752bcf1e20de47cd83dc4171295c922b2962cca31f52fdcc99_ppc64le",
"8Base-RHOSE-4.7:openshift4/ose-sriov-dp-admission-controller@sha256:e9d74ba6c5c8e863288bc2543e57ac1119c4e47ee9a4f355dfc99b24fc831f82_amd64",
"8Base-RHOSE-4.7:openshift4/ose-sriov-infiniband-cni@sha256:25b8e51cedf57a5cd5d84685711e4f46c06b9d3f521bac76b00fbe2fc35310b9_ppc64le",
"8Base-RHOSE-4.7:openshift4/ose-sriov-infiniband-cni@sha256:44186335cae56b10b649766841da6ec9cf87105289e64fab69a274e3bee2e822_amd64",
"8Base-RHOSE-4.7:openshift4/ose-sriov-infiniband-cni@sha256:dc869987220178fda24dd3f7fbe66a910e353519bcda4484ecf91f34e018cadc_s390x",
"8Base-RHOSE-4.7:openshift4/ose-sriov-network-config-daemon@sha256:1f79da5009c02e53f313b417025d3ffc7e5c54e6428013c5d8c240d95295018b_s390x",
"8Base-RHOSE-4.7:openshift4/ose-sriov-network-config-daemon@sha256:282eb59274ebf8c9b1d4df18957fe016a1276851504febfa7d0a82b3ff123b46_ppc64le",
"8Base-RHOSE-4.7:openshift4/ose-sriov-network-config-daemon@sha256:726e97cc553dec762030d19e37ceace8398bb6ea2bea5d2853fab9d21a830b87_amd64",
"8Base-RHOSE-4.7:openshift4/ose-sriov-network-device-plugin@sha256:27bc5f7d3785dc55ae6b56a1abdd724f1b071f18070d8fd1be93710425f63fee_ppc64le",
"8Base-RHOSE-4.7:openshift4/ose-sriov-network-device-plugin@sha256:31a390e00f9a2f992508f586e6fce8c0ce046760b553ea007feee1d80c221dee_amd64",
"8Base-RHOSE-4.7:openshift4/ose-sriov-network-device-plugin@sha256:697a084e5a30a0c6ca7e77ce5c77ada9deb5f109decc0f164a9378b40134ed82_s390x",
"8Base-RHOSE-4.7:openshift4/ose-sriov-network-operator@sha256:74535f528ddf08eace2d38a42cdbdc2cc34f2e918b1ea1137aba44150404f034_ppc64le",
"8Base-RHOSE-4.7:openshift4/ose-sriov-network-operator@sha256:74f269f0228b727f77e87c39fd5eeb02345fb44eeef235e3b30decb8142a6cf5_s390x",
"8Base-RHOSE-4.7:openshift4/ose-sriov-network-operator@sha256:a601452298527b60417ce4bc1cd70578fe3e6c08e5b7206a44135e87dae22fee_amd64",
"8Base-RHOSE-4.7:openshift4/ose-sriov-network-webhook@sha256:6eb41f6dcfbdfbefcd12827661e676155758ea3c29f5df868c4bd27b2f323cb3_s390x",
"8Base-RHOSE-4.7:openshift4/ose-sriov-network-webhook@sha256:c600df4806eabd40e14611aba4ca4d71f5b72aff2de914736999a67115b14f51_amd64",
"8Base-RHOSE-4.7:openshift4/ose-sriov-network-webhook@sha256:e8766c5b017e1d13b5da871db07511834fefa46e5fafe3d98ad128d5d9adbdaa_ppc64le",
"8Base-RHOSE-4.7:openshift4/ose-sriov-operator-must-gather@sha256:7cc7dc4a8aa0785fcb60e17b2aa51629f4bbdf3584b6f87250417ad57d2424ea_amd64",
"8Base-RHOSE-4.7:openshift4/ose-sriov-operator-must-gather@sha256:852ec914338080ae0b0a0d80cc1f8776c69904f7aa481073124f7e30f66ea701_ppc64le",
"8Base-RHOSE-4.7:openshift4/ose-sriov-operator-must-gather@sha256:a270a26fe3257c4ab4020975e8ceb88ed223457497fd7bc11849ce96a0075c1c_s390x",
"8Base-RHOSE-4.7:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:29b1accb1927eed49cc610fde0d6510c4e4c50e691a09e6d756ae01fa09e0931_s390x",
"8Base-RHOSE-4.7:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:60bfdb1ee8a9c42dd8b63a60411136ac85ab728b99e92e79c9035dc95eab88cb_amd64",
"8Base-RHOSE-4.7:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:7cda510767be34b8ac3b808aace4ab2d61107042daa98f620993a667852b9a1c_ppc64le",
"8Base-RHOSE-4.7:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:0694a70fe7b9d8dda2efc2776c045b5bfcf5a7592515d93d2c8c8eb4ac3e4be8_ppc64le",
"8Base-RHOSE-4.7:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:4e8d3b120530fe8d18d06aaca7792ef537fc92c2db6afaf7c3069dd55f844da9_amd64",
"8Base-RHOSE-4.7:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:5d67547980eca90abba55217671e141a5211b188fde220a7738d00c492719a90_s390x",
"8Base-RHOSE-4.7:openshift4/ptp-must-gather-rhel8@sha256:6a109b85e3bf018b10fa79b0fdbfc60342ceef50f3b481b52f775fc64e9ca749_s390x",
"8Base-RHOSE-4.7:openshift4/ptp-must-gather-rhel8@sha256:a513ce618ce42f1cd4b3b3eb4d075cc229f6b2f829c355be8de29c1910d6138d_amd64",
"8Base-RHOSE-4.7:openshift4/ptp-must-gather-rhel8@sha256:b59208db40a37fd3111a6d41e9588a157b4188d3e303fec225d6e7ae2b94b724_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2035951"
}
],
"notes": [
{
"category": "description",
"text": "Apache Log4j2 versions 2.0-beta7 through 2.17.0 (excluding security fix releases 2.3.2 and 2.12.4) are vulnerable to a remote code execution (RCE) attack where an attacker with permission to modify the logging configuration file can construct a malicious configuration using a JDBC Appender with a data source referencing a JNDI URI which can execute remote code. This issue is fixed by limiting JNDI data source names to the java protocol in Log4j2 versions 2.17.1, 2.12.4, and 2.3.2.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "log4j-core: remote code execution via JDBC Appender",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Log4j 1.x is not impacted by this vulnerability. Therefore versions of log4j shipped with Red Hat Enterprise Linux are NOT affected by this flaw.\n\nFor Elasticsearch, as shipped in OpenShift Container Platform and OpenShift Logging, access to the log4j2.properties configuration is limited only to the cluster administrators and exploitation requires cluster logging changes, what reduced the impact of this vulnerability significantly [0].\n\n[0] https://discuss.elastic.co/t/apache-log4j2-remote-code-execution-rce-vulnerability-cve-2021-44228-esa-2021-31/291476#update-jan-6-5",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-4.7:openshift4/ose-metering-hive@sha256:c41e848a2663da5fc9820eadb880cb2ab456c104977b35fe67b8c34993d79edc_amd64",
"8Base-RHOSE-4.7:openshift4/ose-metering-presto@sha256:894b27ab5d6b96679083bcc1fa1af97cce3211dab3c4c2801b97155a90f8e022_amd64"
],
"known_not_affected": [
"8Base-RHOSE-4.7:openshift4/kubernetes-nmstate-rhel8-operator@sha256:22aa9ccb0b12f4bdc935a7b3cc228a8d1a1f6d890da2e52d5df1889bc405f438_amd64",
"8Base-RHOSE-4.7:openshift4/kubernetes-nmstate-rhel8-operator@sha256:a03a81188cbb41a6b947e213054834503ff0b138790657e7bcfb89ac76db7e2f_s390x",
"8Base-RHOSE-4.7:openshift4/kubernetes-nmstate-rhel8-operator@sha256:d9d6d79fb09b6bcf8b9cd9aa4db5660f00861c1be51a0739d1814a6d6b555269_ppc64le",
"8Base-RHOSE-4.7:openshift4/network-tools-rhel8@sha256:c2dff29f5402be6ab1ed05f970df2095885bb0c6ce301999d1978ab2f6bd10dc_amd64",
"8Base-RHOSE-4.7:openshift4/network-tools-rhel8@sha256:d5c128fb34258594b23210743a46f22ec0efd9178011d749c6e93365fa482470_s390x",
"8Base-RHOSE-4.7:openshift4/network-tools-rhel8@sha256:fcf96da33bcea8e56d9d3edf5da10b2acbf77445c60d4f4d9a220b5c5ff564da_ppc64le",
"8Base-RHOSE-4.7:openshift4/ose-ansible-operator@sha256:1c211dc19b7c4d691af7b3b0462082a6a9adab75482e695b0d3bff57c56a27e8_amd64",
"8Base-RHOSE-4.7:openshift4/ose-ansible-operator@sha256:4624acfc582f366d2b871b528037535a6ef8800409fd2060e7e170912ea3e366_ppc64le",
"8Base-RHOSE-4.7:openshift4/ose-ansible-operator@sha256:61e72a2b6727e2a7b18e433254dade6c341a658c8e5db1c7db76e63201cba68d_s390x",
"8Base-RHOSE-4.7:openshift4/ose-cluster-capacity@sha256:6eb914575b695cda5e32e67bbc0d94d7a9528d0d84d6e830ab9a652c55d8324b_amd64",
"8Base-RHOSE-4.7:openshift4/ose-cluster-capacity@sha256:755b11a5f0283bd40aca158cba01dc52acc86a0f89c2286f35be1ce1526822c5_ppc64le",
"8Base-RHOSE-4.7:openshift4/ose-cluster-capacity@sha256:dc6a4807b1a79fae9510fbd85adbfa24ef6390414255688ab5e081a78209cfd1_s390x",
"8Base-RHOSE-4.7:openshift4/ose-cluster-kube-descheduler-operator@sha256:c1d2a7d34d240089b8122cbee1acabd687e1175f19f725c4dade1d73bd5b5c25_s390x",
"8Base-RHOSE-4.7:openshift4/ose-cluster-kube-descheduler-operator@sha256:d24fb0b4f5c74f0af84fc77322f44ada95d171ced1bebbcf815c046a56d7a7ba_amd64",
"8Base-RHOSE-4.7:openshift4/ose-cluster-kube-descheduler-operator@sha256:ee09043cbe40994c13a502aa1c0b1d8f5f845c5662e20660afef223f578b1172_ppc64le",
"8Base-RHOSE-4.7:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:c1d2a7d34d240089b8122cbee1acabd687e1175f19f725c4dade1d73bd5b5c25_s390x",
"8Base-RHOSE-4.7:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:d24fb0b4f5c74f0af84fc77322f44ada95d171ced1bebbcf815c046a56d7a7ba_amd64",
"8Base-RHOSE-4.7:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:ee09043cbe40994c13a502aa1c0b1d8f5f845c5662e20660afef223f578b1172_ppc64le",
"8Base-RHOSE-4.7:openshift4/ose-cluster-nfd-operator@sha256:1a482262a43445c6e56a8ed1c68f50a23241038e7bed6fb5b1ac860093ffd711_ppc64le",
"8Base-RHOSE-4.7:openshift4/ose-cluster-nfd-operator@sha256:97621545cd74e2810fbc88883c52635e957ab7bb985545660b4848790de078e4_amd64",
"8Base-RHOSE-4.7:openshift4/ose-cluster-nfd-operator@sha256:e9a8c656f1eed7c0e45cd42b7107bdd9c36d0877749ea707caea2834e2ff7853_s390x",
"8Base-RHOSE-4.7:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:02722e2b4b20f5ce75f49283b93577642ac94d21fb3c7bc3f2345dc1cae006c4_ppc64le",
"8Base-RHOSE-4.7:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:25e98ea642c5b444e0779f12c86d12ad1eb536e758f82411a836273aaec103a6_amd64",
"8Base-RHOSE-4.7:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:4af4402195c6da600602a0870a9ca8f2913637ab9b4adaca731ce1f514bfb71d_s390x",
"8Base-RHOSE-4.7:openshift4/ose-clusterresourceoverride-rhel8@sha256:911cdf7fda86a0eb3b675127d13002bcd67793599f265dfcf40747974aa2b428_amd64",
"8Base-RHOSE-4.7:openshift4/ose-clusterresourceoverride-rhel8@sha256:b297025d05f3b5898e97bcd4c79151338605848a32028e4bf2a8e20d46a9a0e6_s390x",
"8Base-RHOSE-4.7:openshift4/ose-clusterresourceoverride-rhel8@sha256:fa7304d3cb390015ff664a2b2301591fb83216a0db95ac325289134f6cb001ff_ppc64le",
"8Base-RHOSE-4.7:openshift4/ose-descheduler@sha256:2ba655f44e0e59c914c40274fb956f1d1f13aff731bafa8553342fae507069ee_s390x",
"8Base-RHOSE-4.7:openshift4/ose-descheduler@sha256:2fab7094181d5d9fd26137131018543e248d6db6b3564f29fa9dcf971384d600_ppc64le",
"8Base-RHOSE-4.7:openshift4/ose-descheduler@sha256:3a04d4a7f569a1f029ee9e4720f8eabd96bdf1ab848bf0a996b7f449181919d6_amd64",
"8Base-RHOSE-4.7:openshift4/ose-egress-dns-proxy@sha256:2b193ab81fa02031e79917fd5c938a0e4ad529c74bdb3ed067140ac66584de75_s390x",
"8Base-RHOSE-4.7:openshift4/ose-egress-dns-proxy@sha256:423ebfcd7b5ee5866d9a48748d6ff6cf86ad513debc426ca2f837dad077e6ba9_ppc64le",
"8Base-RHOSE-4.7:openshift4/ose-egress-dns-proxy@sha256:bcf54c517a897f4db420359d9358df078507a8af7270e3354fba68afc74097bf_amd64",
"8Base-RHOSE-4.7:openshift4/ose-egress-http-proxy@sha256:11fdd61a55cc06e6b4d1a8aefdf762bf2db21e351962285e26f2ab3d95a8460e_s390x",
"8Base-RHOSE-4.7:openshift4/ose-egress-http-proxy@sha256:76fba817c4e8556e58494c54fba0186ac7f607f871355816c3a8051cf0b98143_ppc64le",
"8Base-RHOSE-4.7:openshift4/ose-egress-http-proxy@sha256:f6ff58f2d35b430ef267ba99264dd27a985b97863f1fe2c77a97f30493a901ac_amd64",
"8Base-RHOSE-4.7:openshift4/ose-egress-router@sha256:342350d595c18a630c6f6bb100e8e2eaa397008d3467757431e81a54cab0fe87_s390x",
"8Base-RHOSE-4.7:openshift4/ose-egress-router@sha256:8a4af7c5b461ebe67f0773dcafbcd68fa1e80488d8588747530fc1e7cbe49052_amd64",
"8Base-RHOSE-4.7:openshift4/ose-egress-router@sha256:9741b74b0deb3ef44186a0d98a58db45995b2bd404db445621d27d74c02e971f_ppc64le",
"8Base-RHOSE-4.7:openshift4/ose-ghostunnel@sha256:571ced638d5cb907342143c6a515e482c428f3f3729f247ac7d86cf7acebe64d_amd64",
"8Base-RHOSE-4.7:openshift4/ose-helm-operator@sha256:1604de3c8644d2fda88838dd2490efac87f5c9b4447177c4f11327ccf08ddc87_amd64",
"8Base-RHOSE-4.7:openshift4/ose-helm-operator@sha256:31c0209cce395067e11a47c6ccad47d2b61fdc9cbfb9a678957cc89e51166d12_s390x",
"8Base-RHOSE-4.7:openshift4/ose-helm-operator@sha256:edf4456768f7777ac29ace329c391fdd6a6b214c8e747863ca009b13f4d0e4b9_ppc64le",
"8Base-RHOSE-4.7:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:2e9e8c76769c6008cf50790781c2b2501304ed8badf62fb1d7ff3d3b03ce5266_amd64",
"8Base-RHOSE-4.7:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:7b1da7f58a151e9a92ce088264eded20ddd5e99c6ed91811ab875c8584a32d42_ppc64le",
"8Base-RHOSE-4.7:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:ee09644f92a405a9d847d4f183b30208987c9afb61c15dea10175ac0b08bf5a6_s390x",
"8Base-RHOSE-4.7:openshift4/ose-kubernetes-nmstate-handler-rhel8@sha256:33118718e753a7e63c7427e3b2bfec0bb7bf440d9ee5a0b3bff3b13a08023731_s390x",
"8Base-RHOSE-4.7:openshift4/ose-kubernetes-nmstate-handler-rhel8@sha256:dca4deaed3dd64e477cb506978fedf04605565b721917b86574ecfe0fe192bf0_ppc64le",
"8Base-RHOSE-4.7:openshift4/ose-kubernetes-nmstate-handler-rhel8@sha256:f222c80234892103ad4bafc8b93f931cb84aff4589737041c390e9ff0c544834_amd64",
"8Base-RHOSE-4.7:openshift4/ose-local-storage-diskmaker@sha256:14f5cc593403a32b0d3aea18b4c916b92d73bd29a784de330f2055fc549144a8_amd64",
"8Base-RHOSE-4.7:openshift4/ose-local-storage-diskmaker@sha256:72a04abe499e3821465b46b97095c1fb9a085ea65893996ff88429540f9bca62_ppc64le",
"8Base-RHOSE-4.7:openshift4/ose-local-storage-diskmaker@sha256:eb94c3891e7b187019e21e01a0c0c51c356de2e52d328cb7cd201ccaf084649a_s390x",
"8Base-RHOSE-4.7:openshift4/ose-local-storage-mustgather-rhel8@sha256:44e10acf9603002364f4a6a85863946f8381297a50b0181514420511ebea80c8_amd64",
"8Base-RHOSE-4.7:openshift4/ose-local-storage-mustgather-rhel8@sha256:a172fc08b88d93cfacedd5c7a70a187dcbc4709413e200f26498558ec1d0b93a_s390x",
"8Base-RHOSE-4.7:openshift4/ose-local-storage-mustgather-rhel8@sha256:dd567cbaa78320859d956551673d37d21ebff9ef231908ccdd402ff85a82a106_ppc64le",
"8Base-RHOSE-4.7:openshift4/ose-local-storage-operator@sha256:1de35e9908b4037e251d5940d6d7832add15438babbd787a8799b97d077bdb51_s390x",
"8Base-RHOSE-4.7:openshift4/ose-local-storage-operator@sha256:7ad09f547291f527313ef62a42f32cd1e28d922abbf4d3faf1a62316fc138835_amd64",
"8Base-RHOSE-4.7:openshift4/ose-local-storage-operator@sha256:c0c355248008651fc862cfef2300b4a4e31de396ef3c356d576b78ae8d086606_ppc64le",
"8Base-RHOSE-4.7:openshift4/ose-local-storage-static-provisioner@sha256:1b9840fca41b1a98bccf81f13d1cf97599098417d44464e516cea6b26c8d96ad_s390x",
"8Base-RHOSE-4.7:openshift4/ose-local-storage-static-provisioner@sha256:a51abc91479ae86fb2767c3bf333cd0a4a4a0b04c77cc0e134d60583d81b251f_amd64",
"8Base-RHOSE-4.7:openshift4/ose-local-storage-static-provisioner@sha256:a69a74c4d1851ce45b09dbed28ebf0ea623aa882fb2f90de8fb3e167c2e6ec95_ppc64le",
"8Base-RHOSE-4.7:openshift4/ose-metering-ansible-operator@sha256:6adbba804c49204290251bf308f23377ba59ca878cc347450c8251cd8f9c6fec_amd64",
"8Base-RHOSE-4.7:openshift4/ose-metering-hadoop@sha256:16df368c03c18909eeba85f81ef3427a0df32364a91faf88669cc69c5cee54db_amd64",
"8Base-RHOSE-4.7:openshift4/ose-metering-helm-container-rhel8@sha256:8ef0d8b296fd6cf92b335759b0ae69e2d27b0febcfd7b8039a2a285d6872af24_ppc64le",
"8Base-RHOSE-4.7:openshift4/ose-metering-helm-container-rhel8@sha256:bc0841525bba0fea0a26b23b22cb41401284b9a458aa6fe9e112eab641b092b0_amd64",
"8Base-RHOSE-4.7:openshift4/ose-metering-helm-container-rhel8@sha256:d412d15d2538f1c8cda65219aa518627c14c7d1124246b96c71ee9b806fc6509_s390x",
"8Base-RHOSE-4.7:openshift4/ose-metering-reporting-operator@sha256:a8f402ad94c4b46a3cd073d82f98c10e449a7d167ad4ed279ba8339e4c7fa411_amd64",
"8Base-RHOSE-4.7:openshift4/ose-node-feature-discovery@sha256:8131f6aa3f829be60efa523e46a207f0d0d54801655d27ddea615e2a0d965e67_ppc64le",
"8Base-RHOSE-4.7:openshift4/ose-node-feature-discovery@sha256:a1ea240b21b03823fcce770b5f1268e5ba864a95449ab58fb1b1cce320ef31af_amd64",
"8Base-RHOSE-4.7:openshift4/ose-node-feature-discovery@sha256:b60199d0dbf4727ac8ae61fec173120db88b061ea102f9f814b77da3fdf0cb8d_s390x",
"8Base-RHOSE-4.7:openshift4/ose-node-problem-detector-rhel8@sha256:177cd65fe97f3a2c2c3951471e53f26e00d662e7f948b36b50bf90dee48fa5f2_ppc64le",
"8Base-RHOSE-4.7:openshift4/ose-node-problem-detector-rhel8@sha256:7a6eb4ee386df0f8f8a1d34c84efe6c895c9f24e3f0e0845016bb845b11f03d3_amd64",
"8Base-RHOSE-4.7:openshift4/ose-node-problem-detector-rhel8@sha256:9819ce4cec57a67c73ef7c806328079eeb697657d22b0205de48f887883d4263_s390x",
"8Base-RHOSE-4.7:openshift4/ose-operator-sdk-rhel8@sha256:048df6fb0114e1337a8187779b9cb02de9f0afefe150a9606f33e50dcdf450f0_ppc64le",
"8Base-RHOSE-4.7:openshift4/ose-operator-sdk-rhel8@sha256:a4222e6b92e1ede8ea7504723860c0555ba7702db0813024a36936916ac84658_amd64",
"8Base-RHOSE-4.7:openshift4/ose-operator-sdk-rhel8@sha256:b82b5e624823731165f46003fd321a21be8978b048dbcb7c894a8b0f4a4689db_s390x",
"8Base-RHOSE-4.7:openshift4/ose-ptp-operator@sha256:26e7b07274177e86ef6ec8a96188e7957e4f68f73a1420e196702922094417ae_ppc64le",
"8Base-RHOSE-4.7:openshift4/ose-ptp-operator@sha256:3c4cca09987bb6030b6519394465469b7180c2a042854d38044f5cc3f7d2b30b_s390x",
"8Base-RHOSE-4.7:openshift4/ose-ptp-operator@sha256:fecc5f0d5387857fe8bbc0be5de85038fa81fff05d68b8c9a7f17d69b9744a90_amd64",
"8Base-RHOSE-4.7:openshift4/ose-ptp@sha256:7b80bfd84618e2ca174c68cac564a89a29d85b2882ed0232e83fb2b94e01045b_ppc64le",
"8Base-RHOSE-4.7:openshift4/ose-ptp@sha256:84bc727ebee42779a3ae701eb5b1a8c39d9643efea3b072088f2ecc28574c9e6_amd64",
"8Base-RHOSE-4.7:openshift4/ose-ptp@sha256:8a59f23dd45f1b7f8149711cd2f4420795c3e29a800c9bcfe53413cd519e3d84_s390x",
"8Base-RHOSE-4.7:openshift4/ose-service-idler-rhel8@sha256:41bba8ae933de9d4b23cddc011d71365e4cdabdc9ffcb0de585990e5fbb62cd8_ppc64le",
"8Base-RHOSE-4.7:openshift4/ose-service-idler-rhel8@sha256:452674002f3d1b77096b76c8d682a09112ff7a5201ce3b4ab8c7893c66325c06_amd64",
"8Base-RHOSE-4.7:openshift4/ose-service-idler-rhel8@sha256:867ac586b25cc3587dde454f2419127dbcf610e85b07daa6bcb0f9a18e77c828_s390x",
"8Base-RHOSE-4.7:openshift4/ose-sriov-cni@sha256:51b4b6163d3a296d598330e2119c7f12c41c15a3ea81b15c59774ab71a4052ea_ppc64le",
"8Base-RHOSE-4.7:openshift4/ose-sriov-cni@sha256:81a5d568bcc8c8f6eb387df1d437b6d0500b891c3caeb84b27858034f3de603c_s390x",
"8Base-RHOSE-4.7:openshift4/ose-sriov-cni@sha256:82e46f02c6f0c88139dc1e20a1b61510d3ee2d42ed65118669def44a83735595_amd64",
"8Base-RHOSE-4.7:openshift4/ose-sriov-dp-admission-controller@sha256:1645377753534108e3efeb01f6140a26ec53137041ff02a1284352c3e273fd0c_s390x",
"8Base-RHOSE-4.7:openshift4/ose-sriov-dp-admission-controller@sha256:85d3feec1f6c23752bcf1e20de47cd83dc4171295c922b2962cca31f52fdcc99_ppc64le",
"8Base-RHOSE-4.7:openshift4/ose-sriov-dp-admission-controller@sha256:e9d74ba6c5c8e863288bc2543e57ac1119c4e47ee9a4f355dfc99b24fc831f82_amd64",
"8Base-RHOSE-4.7:openshift4/ose-sriov-infiniband-cni@sha256:25b8e51cedf57a5cd5d84685711e4f46c06b9d3f521bac76b00fbe2fc35310b9_ppc64le",
"8Base-RHOSE-4.7:openshift4/ose-sriov-infiniband-cni@sha256:44186335cae56b10b649766841da6ec9cf87105289e64fab69a274e3bee2e822_amd64",
"8Base-RHOSE-4.7:openshift4/ose-sriov-infiniband-cni@sha256:dc869987220178fda24dd3f7fbe66a910e353519bcda4484ecf91f34e018cadc_s390x",
"8Base-RHOSE-4.7:openshift4/ose-sriov-network-config-daemon@sha256:1f79da5009c02e53f313b417025d3ffc7e5c54e6428013c5d8c240d95295018b_s390x",
"8Base-RHOSE-4.7:openshift4/ose-sriov-network-config-daemon@sha256:282eb59274ebf8c9b1d4df18957fe016a1276851504febfa7d0a82b3ff123b46_ppc64le",
"8Base-RHOSE-4.7:openshift4/ose-sriov-network-config-daemon@sha256:726e97cc553dec762030d19e37ceace8398bb6ea2bea5d2853fab9d21a830b87_amd64",
"8Base-RHOSE-4.7:openshift4/ose-sriov-network-device-plugin@sha256:27bc5f7d3785dc55ae6b56a1abdd724f1b071f18070d8fd1be93710425f63fee_ppc64le",
"8Base-RHOSE-4.7:openshift4/ose-sriov-network-device-plugin@sha256:31a390e00f9a2f992508f586e6fce8c0ce046760b553ea007feee1d80c221dee_amd64",
"8Base-RHOSE-4.7:openshift4/ose-sriov-network-device-plugin@sha256:697a084e5a30a0c6ca7e77ce5c77ada9deb5f109decc0f164a9378b40134ed82_s390x",
"8Base-RHOSE-4.7:openshift4/ose-sriov-network-operator@sha256:74535f528ddf08eace2d38a42cdbdc2cc34f2e918b1ea1137aba44150404f034_ppc64le",
"8Base-RHOSE-4.7:openshift4/ose-sriov-network-operator@sha256:74f269f0228b727f77e87c39fd5eeb02345fb44eeef235e3b30decb8142a6cf5_s390x",
"8Base-RHOSE-4.7:openshift4/ose-sriov-network-operator@sha256:a601452298527b60417ce4bc1cd70578fe3e6c08e5b7206a44135e87dae22fee_amd64",
"8Base-RHOSE-4.7:openshift4/ose-sriov-network-webhook@sha256:6eb41f6dcfbdfbefcd12827661e676155758ea3c29f5df868c4bd27b2f323cb3_s390x",
"8Base-RHOSE-4.7:openshift4/ose-sriov-network-webhook@sha256:c600df4806eabd40e14611aba4ca4d71f5b72aff2de914736999a67115b14f51_amd64",
"8Base-RHOSE-4.7:openshift4/ose-sriov-network-webhook@sha256:e8766c5b017e1d13b5da871db07511834fefa46e5fafe3d98ad128d5d9adbdaa_ppc64le",
"8Base-RHOSE-4.7:openshift4/ose-sriov-operator-must-gather@sha256:7cc7dc4a8aa0785fcb60e17b2aa51629f4bbdf3584b6f87250417ad57d2424ea_amd64",
"8Base-RHOSE-4.7:openshift4/ose-sriov-operator-must-gather@sha256:852ec914338080ae0b0a0d80cc1f8776c69904f7aa481073124f7e30f66ea701_ppc64le",
"8Base-RHOSE-4.7:openshift4/ose-sriov-operator-must-gather@sha256:a270a26fe3257c4ab4020975e8ceb88ed223457497fd7bc11849ce96a0075c1c_s390x",
"8Base-RHOSE-4.7:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:29b1accb1927eed49cc610fde0d6510c4e4c50e691a09e6d756ae01fa09e0931_s390x",
"8Base-RHOSE-4.7:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:60bfdb1ee8a9c42dd8b63a60411136ac85ab728b99e92e79c9035dc95eab88cb_amd64",
"8Base-RHOSE-4.7:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:7cda510767be34b8ac3b808aace4ab2d61107042daa98f620993a667852b9a1c_ppc64le",
"8Base-RHOSE-4.7:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:0694a70fe7b9d8dda2efc2776c045b5bfcf5a7592515d93d2c8c8eb4ac3e4be8_ppc64le",
"8Base-RHOSE-4.7:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:4e8d3b120530fe8d18d06aaca7792ef537fc92c2db6afaf7c3069dd55f844da9_amd64",
"8Base-RHOSE-4.7:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:5d67547980eca90abba55217671e141a5211b188fde220a7738d00c492719a90_s390x",
"8Base-RHOSE-4.7:openshift4/ptp-must-gather-rhel8@sha256:6a109b85e3bf018b10fa79b0fdbfc60342ceef50f3b481b52f775fc64e9ca749_s390x",
"8Base-RHOSE-4.7:openshift4/ptp-must-gather-rhel8@sha256:a513ce618ce42f1cd4b3b3eb4d075cc229f6b2f829c355be8de29c1910d6138d_amd64",
"8Base-RHOSE-4.7:openshift4/ptp-must-gather-rhel8@sha256:b59208db40a37fd3111a6d41e9588a157b4188d3e303fec225d6e7ae2b94b724_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-44832"
},
{
"category": "external",
"summary": "RHBZ#2035951",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2035951"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-44832",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44832"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-44832",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-44832"
},
{
"category": "external",
"summary": "https://issues.apache.org/jira/browse/LOG4J2-3293",
"url": "https://issues.apache.org/jira/browse/LOG4J2-3293"
}
],
"release_date": "2021-12-28T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-02-16T11:29:57+00:00",
"details": "For OpenShift Container Platform 4.7 see the following documentation, which\nwill be updated shortly for this release, for important instructions on how\nto upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.7/release_notes/ocp-4-7-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.7/updating/updating-cluster-cli.html",
"product_ids": [
"8Base-RHOSE-4.7:openshift4/ose-metering-hive@sha256:c41e848a2663da5fc9820eadb880cb2ab456c104977b35fe67b8c34993d79edc_amd64",
"8Base-RHOSE-4.7:openshift4/ose-metering-presto@sha256:894b27ab5d6b96679083bcc1fa1af97cce3211dab3c4c2801b97155a90f8e022_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:0493"
},
{
"category": "workaround",
"details": "As per upstream:\n- In prior releases confirm that if the JDBC Appender is being used it is not configured to use any protocol other than Java.\n- Note that only the log4j-core JAR file is impacted by this vulnerability. Applications using only the log4j-api JAR file without the log4j-core JAR file are not impacted by this vulnerability.",
"product_ids": [
"8Base-RHOSE-4.7:openshift4/kubernetes-nmstate-rhel8-operator@sha256:22aa9ccb0b12f4bdc935a7b3cc228a8d1a1f6d890da2e52d5df1889bc405f438_amd64",
"8Base-RHOSE-4.7:openshift4/kubernetes-nmstate-rhel8-operator@sha256:a03a81188cbb41a6b947e213054834503ff0b138790657e7bcfb89ac76db7e2f_s390x",
"8Base-RHOSE-4.7:openshift4/kubernetes-nmstate-rhel8-operator@sha256:d9d6d79fb09b6bcf8b9cd9aa4db5660f00861c1be51a0739d1814a6d6b555269_ppc64le",
"8Base-RHOSE-4.7:openshift4/network-tools-rhel8@sha256:c2dff29f5402be6ab1ed05f970df2095885bb0c6ce301999d1978ab2f6bd10dc_amd64",
"8Base-RHOSE-4.7:openshift4/network-tools-rhel8@sha256:d5c128fb34258594b23210743a46f22ec0efd9178011d749c6e93365fa482470_s390x",
"8Base-RHOSE-4.7:openshift4/network-tools-rhel8@sha256:fcf96da33bcea8e56d9d3edf5da10b2acbf77445c60d4f4d9a220b5c5ff564da_ppc64le",
"8Base-RHOSE-4.7:openshift4/ose-ansible-operator@sha256:1c211dc19b7c4d691af7b3b0462082a6a9adab75482e695b0d3bff57c56a27e8_amd64",
"8Base-RHOSE-4.7:openshift4/ose-ansible-operator@sha256:4624acfc582f366d2b871b528037535a6ef8800409fd2060e7e170912ea3e366_ppc64le",
"8Base-RHOSE-4.7:openshift4/ose-ansible-operator@sha256:61e72a2b6727e2a7b18e433254dade6c341a658c8e5db1c7db76e63201cba68d_s390x",
"8Base-RHOSE-4.7:openshift4/ose-cluster-capacity@sha256:6eb914575b695cda5e32e67bbc0d94d7a9528d0d84d6e830ab9a652c55d8324b_amd64",
"8Base-RHOSE-4.7:openshift4/ose-cluster-capacity@sha256:755b11a5f0283bd40aca158cba01dc52acc86a0f89c2286f35be1ce1526822c5_ppc64le",
"8Base-RHOSE-4.7:openshift4/ose-cluster-capacity@sha256:dc6a4807b1a79fae9510fbd85adbfa24ef6390414255688ab5e081a78209cfd1_s390x",
"8Base-RHOSE-4.7:openshift4/ose-cluster-kube-descheduler-operator@sha256:c1d2a7d34d240089b8122cbee1acabd687e1175f19f725c4dade1d73bd5b5c25_s390x",
"8Base-RHOSE-4.7:openshift4/ose-cluster-kube-descheduler-operator@sha256:d24fb0b4f5c74f0af84fc77322f44ada95d171ced1bebbcf815c046a56d7a7ba_amd64",
"8Base-RHOSE-4.7:openshift4/ose-cluster-kube-descheduler-operator@sha256:ee09043cbe40994c13a502aa1c0b1d8f5f845c5662e20660afef223f578b1172_ppc64le",
"8Base-RHOSE-4.7:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:c1d2a7d34d240089b8122cbee1acabd687e1175f19f725c4dade1d73bd5b5c25_s390x",
"8Base-RHOSE-4.7:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:d24fb0b4f5c74f0af84fc77322f44ada95d171ced1bebbcf815c046a56d7a7ba_amd64",
"8Base-RHOSE-4.7:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:ee09043cbe40994c13a502aa1c0b1d8f5f845c5662e20660afef223f578b1172_ppc64le",
"8Base-RHOSE-4.7:openshift4/ose-cluster-nfd-operator@sha256:1a482262a43445c6e56a8ed1c68f50a23241038e7bed6fb5b1ac860093ffd711_ppc64le",
"8Base-RHOSE-4.7:openshift4/ose-cluster-nfd-operator@sha256:97621545cd74e2810fbc88883c52635e957ab7bb985545660b4848790de078e4_amd64",
"8Base-RHOSE-4.7:openshift4/ose-cluster-nfd-operator@sha256:e9a8c656f1eed7c0e45cd42b7107bdd9c36d0877749ea707caea2834e2ff7853_s390x",
"8Base-RHOSE-4.7:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:02722e2b4b20f5ce75f49283b93577642ac94d21fb3c7bc3f2345dc1cae006c4_ppc64le",
"8Base-RHOSE-4.7:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:25e98ea642c5b444e0779f12c86d12ad1eb536e758f82411a836273aaec103a6_amd64",
"8Base-RHOSE-4.7:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:4af4402195c6da600602a0870a9ca8f2913637ab9b4adaca731ce1f514bfb71d_s390x",
"8Base-RHOSE-4.7:openshift4/ose-clusterresourceoverride-rhel8@sha256:911cdf7fda86a0eb3b675127d13002bcd67793599f265dfcf40747974aa2b428_amd64",
"8Base-RHOSE-4.7:openshift4/ose-clusterresourceoverride-rhel8@sha256:b297025d05f3b5898e97bcd4c79151338605848a32028e4bf2a8e20d46a9a0e6_s390x",
"8Base-RHOSE-4.7:openshift4/ose-clusterresourceoverride-rhel8@sha256:fa7304d3cb390015ff664a2b2301591fb83216a0db95ac325289134f6cb001ff_ppc64le",
"8Base-RHOSE-4.7:openshift4/ose-descheduler@sha256:2ba655f44e0e59c914c40274fb956f1d1f13aff731bafa8553342fae507069ee_s390x",
"8Base-RHOSE-4.7:openshift4/ose-descheduler@sha256:2fab7094181d5d9fd26137131018543e248d6db6b3564f29fa9dcf971384d600_ppc64le",
"8Base-RHOSE-4.7:openshift4/ose-descheduler@sha256:3a04d4a7f569a1f029ee9e4720f8eabd96bdf1ab848bf0a996b7f449181919d6_amd64",
"8Base-RHOSE-4.7:openshift4/ose-egress-dns-proxy@sha256:2b193ab81fa02031e79917fd5c938a0e4ad529c74bdb3ed067140ac66584de75_s390x",
"8Base-RHOSE-4.7:openshift4/ose-egress-dns-proxy@sha256:423ebfcd7b5ee5866d9a48748d6ff6cf86ad513debc426ca2f837dad077e6ba9_ppc64le",
"8Base-RHOSE-4.7:openshift4/ose-egress-dns-proxy@sha256:bcf54c517a897f4db420359d9358df078507a8af7270e3354fba68afc74097bf_amd64",
"8Base-RHOSE-4.7:openshift4/ose-egress-http-proxy@sha256:11fdd61a55cc06e6b4d1a8aefdf762bf2db21e351962285e26f2ab3d95a8460e_s390x",
"8Base-RHOSE-4.7:openshift4/ose-egress-http-proxy@sha256:76fba817c4e8556e58494c54fba0186ac7f607f871355816c3a8051cf0b98143_ppc64le",
"8Base-RHOSE-4.7:openshift4/ose-egress-http-proxy@sha256:f6ff58f2d35b430ef267ba99264dd27a985b97863f1fe2c77a97f30493a901ac_amd64",
"8Base-RHOSE-4.7:openshift4/ose-egress-router@sha256:342350d595c18a630c6f6bb100e8e2eaa397008d3467757431e81a54cab0fe87_s390x",
"8Base-RHOSE-4.7:openshift4/ose-egress-router@sha256:8a4af7c5b461ebe67f0773dcafbcd68fa1e80488d8588747530fc1e7cbe49052_amd64",
"8Base-RHOSE-4.7:openshift4/ose-egress-router@sha256:9741b74b0deb3ef44186a0d98a58db45995b2bd404db445621d27d74c02e971f_ppc64le",
"8Base-RHOSE-4.7:openshift4/ose-ghostunnel@sha256:571ced638d5cb907342143c6a515e482c428f3f3729f247ac7d86cf7acebe64d_amd64",
"8Base-RHOSE-4.7:openshift4/ose-helm-operator@sha256:1604de3c8644d2fda88838dd2490efac87f5c9b4447177c4f11327ccf08ddc87_amd64",
"8Base-RHOSE-4.7:openshift4/ose-helm-operator@sha256:31c0209cce395067e11a47c6ccad47d2b61fdc9cbfb9a678957cc89e51166d12_s390x",
"8Base-RHOSE-4.7:openshift4/ose-helm-operator@sha256:edf4456768f7777ac29ace329c391fdd6a6b214c8e747863ca009b13f4d0e4b9_ppc64le",
"8Base-RHOSE-4.7:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:2e9e8c76769c6008cf50790781c2b2501304ed8badf62fb1d7ff3d3b03ce5266_amd64",
"8Base-RHOSE-4.7:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:7b1da7f58a151e9a92ce088264eded20ddd5e99c6ed91811ab875c8584a32d42_ppc64le",
"8Base-RHOSE-4.7:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:ee09644f92a405a9d847d4f183b30208987c9afb61c15dea10175ac0b08bf5a6_s390x",
"8Base-RHOSE-4.7:openshift4/ose-kubernetes-nmstate-handler-rhel8@sha256:33118718e753a7e63c7427e3b2bfec0bb7bf440d9ee5a0b3bff3b13a08023731_s390x",
"8Base-RHOSE-4.7:openshift4/ose-kubernetes-nmstate-handler-rhel8@sha256:dca4deaed3dd64e477cb506978fedf04605565b721917b86574ecfe0fe192bf0_ppc64le",
"8Base-RHOSE-4.7:openshift4/ose-kubernetes-nmstate-handler-rhel8@sha256:f222c80234892103ad4bafc8b93f931cb84aff4589737041c390e9ff0c544834_amd64",
"8Base-RHOSE-4.7:openshift4/ose-local-storage-diskmaker@sha256:14f5cc593403a32b0d3aea18b4c916b92d73bd29a784de330f2055fc549144a8_amd64",
"8Base-RHOSE-4.7:openshift4/ose-local-storage-diskmaker@sha256:72a04abe499e3821465b46b97095c1fb9a085ea65893996ff88429540f9bca62_ppc64le",
"8Base-RHOSE-4.7:openshift4/ose-local-storage-diskmaker@sha256:eb94c3891e7b187019e21e01a0c0c51c356de2e52d328cb7cd201ccaf084649a_s390x",
"8Base-RHOSE-4.7:openshift4/ose-local-storage-mustgather-rhel8@sha256:44e10acf9603002364f4a6a85863946f8381297a50b0181514420511ebea80c8_amd64",
"8Base-RHOSE-4.7:openshift4/ose-local-storage-mustgather-rhel8@sha256:a172fc08b88d93cfacedd5c7a70a187dcbc4709413e200f26498558ec1d0b93a_s390x",
"8Base-RHOSE-4.7:openshift4/ose-local-storage-mustgather-rhel8@sha256:dd567cbaa78320859d956551673d37d21ebff9ef231908ccdd402ff85a82a106_ppc64le",
"8Base-RHOSE-4.7:openshift4/ose-local-storage-operator@sha256:1de35e9908b4037e251d5940d6d7832add15438babbd787a8799b97d077bdb51_s390x",
"8Base-RHOSE-4.7:openshift4/ose-local-storage-operator@sha256:7ad09f547291f527313ef62a42f32cd1e28d922abbf4d3faf1a62316fc138835_amd64",
"8Base-RHOSE-4.7:openshift4/ose-local-storage-operator@sha256:c0c355248008651fc862cfef2300b4a4e31de396ef3c356d576b78ae8d086606_ppc64le",
"8Base-RHOSE-4.7:openshift4/ose-local-storage-static-provisioner@sha256:1b9840fca41b1a98bccf81f13d1cf97599098417d44464e516cea6b26c8d96ad_s390x",
"8Base-RHOSE-4.7:openshift4/ose-local-storage-static-provisioner@sha256:a51abc91479ae86fb2767c3bf333cd0a4a4a0b04c77cc0e134d60583d81b251f_amd64",
"8Base-RHOSE-4.7:openshift4/ose-local-storage-static-provisioner@sha256:a69a74c4d1851ce45b09dbed28ebf0ea623aa882fb2f90de8fb3e167c2e6ec95_ppc64le",
"8Base-RHOSE-4.7:openshift4/ose-metering-ansible-operator@sha256:6adbba804c49204290251bf308f23377ba59ca878cc347450c8251cd8f9c6fec_amd64",
"8Base-RHOSE-4.7:openshift4/ose-metering-hadoop@sha256:16df368c03c18909eeba85f81ef3427a0df32364a91faf88669cc69c5cee54db_amd64",
"8Base-RHOSE-4.7:openshift4/ose-metering-helm-container-rhel8@sha256:8ef0d8b296fd6cf92b335759b0ae69e2d27b0febcfd7b8039a2a285d6872af24_ppc64le",
"8Base-RHOSE-4.7:openshift4/ose-metering-helm-container-rhel8@sha256:bc0841525bba0fea0a26b23b22cb41401284b9a458aa6fe9e112eab641b092b0_amd64",
"8Base-RHOSE-4.7:openshift4/ose-metering-helm-container-rhel8@sha256:d412d15d2538f1c8cda65219aa518627c14c7d1124246b96c71ee9b806fc6509_s390x",
"8Base-RHOSE-4.7:openshift4/ose-metering-hive@sha256:c41e848a2663da5fc9820eadb880cb2ab456c104977b35fe67b8c34993d79edc_amd64",
"8Base-RHOSE-4.7:openshift4/ose-metering-presto@sha256:894b27ab5d6b96679083bcc1fa1af97cce3211dab3c4c2801b97155a90f8e022_amd64",
"8Base-RHOSE-4.7:openshift4/ose-metering-reporting-operator@sha256:a8f402ad94c4b46a3cd073d82f98c10e449a7d167ad4ed279ba8339e4c7fa411_amd64",
"8Base-RHOSE-4.7:openshift4/ose-node-feature-discovery@sha256:8131f6aa3f829be60efa523e46a207f0d0d54801655d27ddea615e2a0d965e67_ppc64le",
"8Base-RHOSE-4.7:openshift4/ose-node-feature-discovery@sha256:a1ea240b21b03823fcce770b5f1268e5ba864a95449ab58fb1b1cce320ef31af_amd64",
"8Base-RHOSE-4.7:openshift4/ose-node-feature-discovery@sha256:b60199d0dbf4727ac8ae61fec173120db88b061ea102f9f814b77da3fdf0cb8d_s390x",
"8Base-RHOSE-4.7:openshift4/ose-node-problem-detector-rhel8@sha256:177cd65fe97f3a2c2c3951471e53f26e00d662e7f948b36b50bf90dee48fa5f2_ppc64le",
"8Base-RHOSE-4.7:openshift4/ose-node-problem-detector-rhel8@sha256:7a6eb4ee386df0f8f8a1d34c84efe6c895c9f24e3f0e0845016bb845b11f03d3_amd64",
"8Base-RHOSE-4.7:openshift4/ose-node-problem-detector-rhel8@sha256:9819ce4cec57a67c73ef7c806328079eeb697657d22b0205de48f887883d4263_s390x",
"8Base-RHOSE-4.7:openshift4/ose-operator-sdk-rhel8@sha256:048df6fb0114e1337a8187779b9cb02de9f0afefe150a9606f33e50dcdf450f0_ppc64le",
"8Base-RHOSE-4.7:openshift4/ose-operator-sdk-rhel8@sha256:a4222e6b92e1ede8ea7504723860c0555ba7702db0813024a36936916ac84658_amd64",
"8Base-RHOSE-4.7:openshift4/ose-operator-sdk-rhel8@sha256:b82b5e624823731165f46003fd321a21be8978b048dbcb7c894a8b0f4a4689db_s390x",
"8Base-RHOSE-4.7:openshift4/ose-ptp-operator@sha256:26e7b07274177e86ef6ec8a96188e7957e4f68f73a1420e196702922094417ae_ppc64le",
"8Base-RHOSE-4.7:openshift4/ose-ptp-operator@sha256:3c4cca09987bb6030b6519394465469b7180c2a042854d38044f5cc3f7d2b30b_s390x",
"8Base-RHOSE-4.7:openshift4/ose-ptp-operator@sha256:fecc5f0d5387857fe8bbc0be5de85038fa81fff05d68b8c9a7f17d69b9744a90_amd64",
"8Base-RHOSE-4.7:openshift4/ose-ptp@sha256:7b80bfd84618e2ca174c68cac564a89a29d85b2882ed0232e83fb2b94e01045b_ppc64le",
"8Base-RHOSE-4.7:openshift4/ose-ptp@sha256:84bc727ebee42779a3ae701eb5b1a8c39d9643efea3b072088f2ecc28574c9e6_amd64",
"8Base-RHOSE-4.7:openshift4/ose-ptp@sha256:8a59f23dd45f1b7f8149711cd2f4420795c3e29a800c9bcfe53413cd519e3d84_s390x",
"8Base-RHOSE-4.7:openshift4/ose-service-idler-rhel8@sha256:41bba8ae933de9d4b23cddc011d71365e4cdabdc9ffcb0de585990e5fbb62cd8_ppc64le",
"8Base-RHOSE-4.7:openshift4/ose-service-idler-rhel8@sha256:452674002f3d1b77096b76c8d682a09112ff7a5201ce3b4ab8c7893c66325c06_amd64",
"8Base-RHOSE-4.7:openshift4/ose-service-idler-rhel8@sha256:867ac586b25cc3587dde454f2419127dbcf610e85b07daa6bcb0f9a18e77c828_s390x",
"8Base-RHOSE-4.7:openshift4/ose-sriov-cni@sha256:51b4b6163d3a296d598330e2119c7f12c41c15a3ea81b15c59774ab71a4052ea_ppc64le",
"8Base-RHOSE-4.7:openshift4/ose-sriov-cni@sha256:81a5d568bcc8c8f6eb387df1d437b6d0500b891c3caeb84b27858034f3de603c_s390x",
"8Base-RHOSE-4.7:openshift4/ose-sriov-cni@sha256:82e46f02c6f0c88139dc1e20a1b61510d3ee2d42ed65118669def44a83735595_amd64",
"8Base-RHOSE-4.7:openshift4/ose-sriov-dp-admission-controller@sha256:1645377753534108e3efeb01f6140a26ec53137041ff02a1284352c3e273fd0c_s390x",
"8Base-RHOSE-4.7:openshift4/ose-sriov-dp-admission-controller@sha256:85d3feec1f6c23752bcf1e20de47cd83dc4171295c922b2962cca31f52fdcc99_ppc64le",
"8Base-RHOSE-4.7:openshift4/ose-sriov-dp-admission-controller@sha256:e9d74ba6c5c8e863288bc2543e57ac1119c4e47ee9a4f355dfc99b24fc831f82_amd64",
"8Base-RHOSE-4.7:openshift4/ose-sriov-infiniband-cni@sha256:25b8e51cedf57a5cd5d84685711e4f46c06b9d3f521bac76b00fbe2fc35310b9_ppc64le",
"8Base-RHOSE-4.7:openshift4/ose-sriov-infiniband-cni@sha256:44186335cae56b10b649766841da6ec9cf87105289e64fab69a274e3bee2e822_amd64",
"8Base-RHOSE-4.7:openshift4/ose-sriov-infiniband-cni@sha256:dc869987220178fda24dd3f7fbe66a910e353519bcda4484ecf91f34e018cadc_s390x",
"8Base-RHOSE-4.7:openshift4/ose-sriov-network-config-daemon@sha256:1f79da5009c02e53f313b417025d3ffc7e5c54e6428013c5d8c240d95295018b_s390x",
"8Base-RHOSE-4.7:openshift4/ose-sriov-network-config-daemon@sha256:282eb59274ebf8c9b1d4df18957fe016a1276851504febfa7d0a82b3ff123b46_ppc64le",
"8Base-RHOSE-4.7:openshift4/ose-sriov-network-config-daemon@sha256:726e97cc553dec762030d19e37ceace8398bb6ea2bea5d2853fab9d21a830b87_amd64",
"8Base-RHOSE-4.7:openshift4/ose-sriov-network-device-plugin@sha256:27bc5f7d3785dc55ae6b56a1abdd724f1b071f18070d8fd1be93710425f63fee_ppc64le",
"8Base-RHOSE-4.7:openshift4/ose-sriov-network-device-plugin@sha256:31a390e00f9a2f992508f586e6fce8c0ce046760b553ea007feee1d80c221dee_amd64",
"8Base-RHOSE-4.7:openshift4/ose-sriov-network-device-plugin@sha256:697a084e5a30a0c6ca7e77ce5c77ada9deb5f109decc0f164a9378b40134ed82_s390x",
"8Base-RHOSE-4.7:openshift4/ose-sriov-network-operator@sha256:74535f528ddf08eace2d38a42cdbdc2cc34f2e918b1ea1137aba44150404f034_ppc64le",
"8Base-RHOSE-4.7:openshift4/ose-sriov-network-operator@sha256:74f269f0228b727f77e87c39fd5eeb02345fb44eeef235e3b30decb8142a6cf5_s390x",
"8Base-RHOSE-4.7:openshift4/ose-sriov-network-operator@sha256:a601452298527b60417ce4bc1cd70578fe3e6c08e5b7206a44135e87dae22fee_amd64",
"8Base-RHOSE-4.7:openshift4/ose-sriov-network-webhook@sha256:6eb41f6dcfbdfbefcd12827661e676155758ea3c29f5df868c4bd27b2f323cb3_s390x",
"8Base-RHOSE-4.7:openshift4/ose-sriov-network-webhook@sha256:c600df4806eabd40e14611aba4ca4d71f5b72aff2de914736999a67115b14f51_amd64",
"8Base-RHOSE-4.7:openshift4/ose-sriov-network-webhook@sha256:e8766c5b017e1d13b5da871db07511834fefa46e5fafe3d98ad128d5d9adbdaa_ppc64le",
"8Base-RHOSE-4.7:openshift4/ose-sriov-operator-must-gather@sha256:7cc7dc4a8aa0785fcb60e17b2aa51629f4bbdf3584b6f87250417ad57d2424ea_amd64",
"8Base-RHOSE-4.7:openshift4/ose-sriov-operator-must-gather@sha256:852ec914338080ae0b0a0d80cc1f8776c69904f7aa481073124f7e30f66ea701_ppc64le",
"8Base-RHOSE-4.7:openshift4/ose-sriov-operator-must-gather@sha256:a270a26fe3257c4ab4020975e8ceb88ed223457497fd7bc11849ce96a0075c1c_s390x",
"8Base-RHOSE-4.7:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:29b1accb1927eed49cc610fde0d6510c4e4c50e691a09e6d756ae01fa09e0931_s390x",
"8Base-RHOSE-4.7:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:60bfdb1ee8a9c42dd8b63a60411136ac85ab728b99e92e79c9035dc95eab88cb_amd64",
"8Base-RHOSE-4.7:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:7cda510767be34b8ac3b808aace4ab2d61107042daa98f620993a667852b9a1c_ppc64le",
"8Base-RHOSE-4.7:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:0694a70fe7b9d8dda2efc2776c045b5bfcf5a7592515d93d2c8c8eb4ac3e4be8_ppc64le",
"8Base-RHOSE-4.7:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:4e8d3b120530fe8d18d06aaca7792ef537fc92c2db6afaf7c3069dd55f844da9_amd64",
"8Base-RHOSE-4.7:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:5d67547980eca90abba55217671e141a5211b188fde220a7738d00c492719a90_s390x",
"8Base-RHOSE-4.7:openshift4/ptp-must-gather-rhel8@sha256:6a109b85e3bf018b10fa79b0fdbfc60342ceef50f3b481b52f775fc64e9ca749_s390x",
"8Base-RHOSE-4.7:openshift4/ptp-must-gather-rhel8@sha256:a513ce618ce42f1cd4b3b3eb4d075cc229f6b2f829c355be8de29c1910d6138d_amd64",
"8Base-RHOSE-4.7:openshift4/ptp-must-gather-rhel8@sha256:b59208db40a37fd3111a6d41e9588a157b4188d3e303fec225d6e7ae2b94b724_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-RHOSE-4.7:openshift4/kubernetes-nmstate-rhel8-operator@sha256:22aa9ccb0b12f4bdc935a7b3cc228a8d1a1f6d890da2e52d5df1889bc405f438_amd64",
"8Base-RHOSE-4.7:openshift4/kubernetes-nmstate-rhel8-operator@sha256:a03a81188cbb41a6b947e213054834503ff0b138790657e7bcfb89ac76db7e2f_s390x",
"8Base-RHOSE-4.7:openshift4/kubernetes-nmstate-rhel8-operator@sha256:d9d6d79fb09b6bcf8b9cd9aa4db5660f00861c1be51a0739d1814a6d6b555269_ppc64le",
"8Base-RHOSE-4.7:openshift4/network-tools-rhel8@sha256:c2dff29f5402be6ab1ed05f970df2095885bb0c6ce301999d1978ab2f6bd10dc_amd64",
"8Base-RHOSE-4.7:openshift4/network-tools-rhel8@sha256:d5c128fb34258594b23210743a46f22ec0efd9178011d749c6e93365fa482470_s390x",
"8Base-RHOSE-4.7:openshift4/network-tools-rhel8@sha256:fcf96da33bcea8e56d9d3edf5da10b2acbf77445c60d4f4d9a220b5c5ff564da_ppc64le",
"8Base-RHOSE-4.7:openshift4/ose-ansible-operator@sha256:1c211dc19b7c4d691af7b3b0462082a6a9adab75482e695b0d3bff57c56a27e8_amd64",
"8Base-RHOSE-4.7:openshift4/ose-ansible-operator@sha256:4624acfc582f366d2b871b528037535a6ef8800409fd2060e7e170912ea3e366_ppc64le",
"8Base-RHOSE-4.7:openshift4/ose-ansible-operator@sha256:61e72a2b6727e2a7b18e433254dade6c341a658c8e5db1c7db76e63201cba68d_s390x",
"8Base-RHOSE-4.7:openshift4/ose-cluster-capacity@sha256:6eb914575b695cda5e32e67bbc0d94d7a9528d0d84d6e830ab9a652c55d8324b_amd64",
"8Base-RHOSE-4.7:openshift4/ose-cluster-capacity@sha256:755b11a5f0283bd40aca158cba01dc52acc86a0f89c2286f35be1ce1526822c5_ppc64le",
"8Base-RHOSE-4.7:openshift4/ose-cluster-capacity@sha256:dc6a4807b1a79fae9510fbd85adbfa24ef6390414255688ab5e081a78209cfd1_s390x",
"8Base-RHOSE-4.7:openshift4/ose-cluster-kube-descheduler-operator@sha256:c1d2a7d34d240089b8122cbee1acabd687e1175f19f725c4dade1d73bd5b5c25_s390x",
"8Base-RHOSE-4.7:openshift4/ose-cluster-kube-descheduler-operator@sha256:d24fb0b4f5c74f0af84fc77322f44ada95d171ced1bebbcf815c046a56d7a7ba_amd64",
"8Base-RHOSE-4.7:openshift4/ose-cluster-kube-descheduler-operator@sha256:ee09043cbe40994c13a502aa1c0b1d8f5f845c5662e20660afef223f578b1172_ppc64le",
"8Base-RHOSE-4.7:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:c1d2a7d34d240089b8122cbee1acabd687e1175f19f725c4dade1d73bd5b5c25_s390x",
"8Base-RHOSE-4.7:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:d24fb0b4f5c74f0af84fc77322f44ada95d171ced1bebbcf815c046a56d7a7ba_amd64",
"8Base-RHOSE-4.7:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:ee09043cbe40994c13a502aa1c0b1d8f5f845c5662e20660afef223f578b1172_ppc64le",
"8Base-RHOSE-4.7:openshift4/ose-cluster-nfd-operator@sha256:1a482262a43445c6e56a8ed1c68f50a23241038e7bed6fb5b1ac860093ffd711_ppc64le",
"8Base-RHOSE-4.7:openshift4/ose-cluster-nfd-operator@sha256:97621545cd74e2810fbc88883c52635e957ab7bb985545660b4848790de078e4_amd64",
"8Base-RHOSE-4.7:openshift4/ose-cluster-nfd-operator@sha256:e9a8c656f1eed7c0e45cd42b7107bdd9c36d0877749ea707caea2834e2ff7853_s390x",
"8Base-RHOSE-4.7:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:02722e2b4b20f5ce75f49283b93577642ac94d21fb3c7bc3f2345dc1cae006c4_ppc64le",
"8Base-RHOSE-4.7:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:25e98ea642c5b444e0779f12c86d12ad1eb536e758f82411a836273aaec103a6_amd64",
"8Base-RHOSE-4.7:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:4af4402195c6da600602a0870a9ca8f2913637ab9b4adaca731ce1f514bfb71d_s390x",
"8Base-RHOSE-4.7:openshift4/ose-clusterresourceoverride-rhel8@sha256:911cdf7fda86a0eb3b675127d13002bcd67793599f265dfcf40747974aa2b428_amd64",
"8Base-RHOSE-4.7:openshift4/ose-clusterresourceoverride-rhel8@sha256:b297025d05f3b5898e97bcd4c79151338605848a32028e4bf2a8e20d46a9a0e6_s390x",
"8Base-RHOSE-4.7:openshift4/ose-clusterresourceoverride-rhel8@sha256:fa7304d3cb390015ff664a2b2301591fb83216a0db95ac325289134f6cb001ff_ppc64le",
"8Base-RHOSE-4.7:openshift4/ose-descheduler@sha256:2ba655f44e0e59c914c40274fb956f1d1f13aff731bafa8553342fae507069ee_s390x",
"8Base-RHOSE-4.7:openshift4/ose-descheduler@sha256:2fab7094181d5d9fd26137131018543e248d6db6b3564f29fa9dcf971384d600_ppc64le",
"8Base-RHOSE-4.7:openshift4/ose-descheduler@sha256:3a04d4a7f569a1f029ee9e4720f8eabd96bdf1ab848bf0a996b7f449181919d6_amd64",
"8Base-RHOSE-4.7:openshift4/ose-egress-dns-proxy@sha256:2b193ab81fa02031e79917fd5c938a0e4ad529c74bdb3ed067140ac66584de75_s390x",
"8Base-RHOSE-4.7:openshift4/ose-egress-dns-proxy@sha256:423ebfcd7b5ee5866d9a48748d6ff6cf86ad513debc426ca2f837dad077e6ba9_ppc64le",
"8Base-RHOSE-4.7:openshift4/ose-egress-dns-proxy@sha256:bcf54c517a897f4db420359d9358df078507a8af7270e3354fba68afc74097bf_amd64",
"8Base-RHOSE-4.7:openshift4/ose-egress-http-proxy@sha256:11fdd61a55cc06e6b4d1a8aefdf762bf2db21e351962285e26f2ab3d95a8460e_s390x",
"8Base-RHOSE-4.7:openshift4/ose-egress-http-proxy@sha256:76fba817c4e8556e58494c54fba0186ac7f607f871355816c3a8051cf0b98143_ppc64le",
"8Base-RHOSE-4.7:openshift4/ose-egress-http-proxy@sha256:f6ff58f2d35b430ef267ba99264dd27a985b97863f1fe2c77a97f30493a901ac_amd64",
"8Base-RHOSE-4.7:openshift4/ose-egress-router@sha256:342350d595c18a630c6f6bb100e8e2eaa397008d3467757431e81a54cab0fe87_s390x",
"8Base-RHOSE-4.7:openshift4/ose-egress-router@sha256:8a4af7c5b461ebe67f0773dcafbcd68fa1e80488d8588747530fc1e7cbe49052_amd64",
"8Base-RHOSE-4.7:openshift4/ose-egress-router@sha256:9741b74b0deb3ef44186a0d98a58db45995b2bd404db445621d27d74c02e971f_ppc64le",
"8Base-RHOSE-4.7:openshift4/ose-ghostunnel@sha256:571ced638d5cb907342143c6a515e482c428f3f3729f247ac7d86cf7acebe64d_amd64",
"8Base-RHOSE-4.7:openshift4/ose-helm-operator@sha256:1604de3c8644d2fda88838dd2490efac87f5c9b4447177c4f11327ccf08ddc87_amd64",
"8Base-RHOSE-4.7:openshift4/ose-helm-operator@sha256:31c0209cce395067e11a47c6ccad47d2b61fdc9cbfb9a678957cc89e51166d12_s390x",
"8Base-RHOSE-4.7:openshift4/ose-helm-operator@sha256:edf4456768f7777ac29ace329c391fdd6a6b214c8e747863ca009b13f4d0e4b9_ppc64le",
"8Base-RHOSE-4.7:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:2e9e8c76769c6008cf50790781c2b2501304ed8badf62fb1d7ff3d3b03ce5266_amd64",
"8Base-RHOSE-4.7:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:7b1da7f58a151e9a92ce088264eded20ddd5e99c6ed91811ab875c8584a32d42_ppc64le",
"8Base-RHOSE-4.7:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:ee09644f92a405a9d847d4f183b30208987c9afb61c15dea10175ac0b08bf5a6_s390x",
"8Base-RHOSE-4.7:openshift4/ose-kubernetes-nmstate-handler-rhel8@sha256:33118718e753a7e63c7427e3b2bfec0bb7bf440d9ee5a0b3bff3b13a08023731_s390x",
"8Base-RHOSE-4.7:openshift4/ose-kubernetes-nmstate-handler-rhel8@sha256:dca4deaed3dd64e477cb506978fedf04605565b721917b86574ecfe0fe192bf0_ppc64le",
"8Base-RHOSE-4.7:openshift4/ose-kubernetes-nmstate-handler-rhel8@sha256:f222c80234892103ad4bafc8b93f931cb84aff4589737041c390e9ff0c544834_amd64",
"8Base-RHOSE-4.7:openshift4/ose-local-storage-diskmaker@sha256:14f5cc593403a32b0d3aea18b4c916b92d73bd29a784de330f2055fc549144a8_amd64",
"8Base-RHOSE-4.7:openshift4/ose-local-storage-diskmaker@sha256:72a04abe499e3821465b46b97095c1fb9a085ea65893996ff88429540f9bca62_ppc64le",
"8Base-RHOSE-4.7:openshift4/ose-local-storage-diskmaker@sha256:eb94c3891e7b187019e21e01a0c0c51c356de2e52d328cb7cd201ccaf084649a_s390x",
"8Base-RHOSE-4.7:openshift4/ose-local-storage-mustgather-rhel8@sha256:44e10acf9603002364f4a6a85863946f8381297a50b0181514420511ebea80c8_amd64",
"8Base-RHOSE-4.7:openshift4/ose-local-storage-mustgather-rhel8@sha256:a172fc08b88d93cfacedd5c7a70a187dcbc4709413e200f26498558ec1d0b93a_s390x",
"8Base-RHOSE-4.7:openshift4/ose-local-storage-mustgather-rhel8@sha256:dd567cbaa78320859d956551673d37d21ebff9ef231908ccdd402ff85a82a106_ppc64le",
"8Base-RHOSE-4.7:openshift4/ose-local-storage-operator@sha256:1de35e9908b4037e251d5940d6d7832add15438babbd787a8799b97d077bdb51_s390x",
"8Base-RHOSE-4.7:openshift4/ose-local-storage-operator@sha256:7ad09f547291f527313ef62a42f32cd1e28d922abbf4d3faf1a62316fc138835_amd64",
"8Base-RHOSE-4.7:openshift4/ose-local-storage-operator@sha256:c0c355248008651fc862cfef2300b4a4e31de396ef3c356d576b78ae8d086606_ppc64le",
"8Base-RHOSE-4.7:openshift4/ose-local-storage-static-provisioner@sha256:1b9840fca41b1a98bccf81f13d1cf97599098417d44464e516cea6b26c8d96ad_s390x",
"8Base-RHOSE-4.7:openshift4/ose-local-storage-static-provisioner@sha256:a51abc91479ae86fb2767c3bf333cd0a4a4a0b04c77cc0e134d60583d81b251f_amd64",
"8Base-RHOSE-4.7:openshift4/ose-local-storage-static-provisioner@sha256:a69a74c4d1851ce45b09dbed28ebf0ea623aa882fb2f90de8fb3e167c2e6ec95_ppc64le",
"8Base-RHOSE-4.7:openshift4/ose-metering-ansible-operator@sha256:6adbba804c49204290251bf308f23377ba59ca878cc347450c8251cd8f9c6fec_amd64",
"8Base-RHOSE-4.7:openshift4/ose-metering-hadoop@sha256:16df368c03c18909eeba85f81ef3427a0df32364a91faf88669cc69c5cee54db_amd64",
"8Base-RHOSE-4.7:openshift4/ose-metering-helm-container-rhel8@sha256:8ef0d8b296fd6cf92b335759b0ae69e2d27b0febcfd7b8039a2a285d6872af24_ppc64le",
"8Base-RHOSE-4.7:openshift4/ose-metering-helm-container-rhel8@sha256:bc0841525bba0fea0a26b23b22cb41401284b9a458aa6fe9e112eab641b092b0_amd64",
"8Base-RHOSE-4.7:openshift4/ose-metering-helm-container-rhel8@sha256:d412d15d2538f1c8cda65219aa518627c14c7d1124246b96c71ee9b806fc6509_s390x",
"8Base-RHOSE-4.7:openshift4/ose-metering-hive@sha256:c41e848a2663da5fc9820eadb880cb2ab456c104977b35fe67b8c34993d79edc_amd64",
"8Base-RHOSE-4.7:openshift4/ose-metering-presto@sha256:894b27ab5d6b96679083bcc1fa1af97cce3211dab3c4c2801b97155a90f8e022_amd64",
"8Base-RHOSE-4.7:openshift4/ose-metering-reporting-operator@sha256:a8f402ad94c4b46a3cd073d82f98c10e449a7d167ad4ed279ba8339e4c7fa411_amd64",
"8Base-RHOSE-4.7:openshift4/ose-node-feature-discovery@sha256:8131f6aa3f829be60efa523e46a207f0d0d54801655d27ddea615e2a0d965e67_ppc64le",
"8Base-RHOSE-4.7:openshift4/ose-node-feature-discovery@sha256:a1ea240b21b03823fcce770b5f1268e5ba864a95449ab58fb1b1cce320ef31af_amd64",
"8Base-RHOSE-4.7:openshift4/ose-node-feature-discovery@sha256:b60199d0dbf4727ac8ae61fec173120db88b061ea102f9f814b77da3fdf0cb8d_s390x",
"8Base-RHOSE-4.7:openshift4/ose-node-problem-detector-rhel8@sha256:177cd65fe97f3a2c2c3951471e53f26e00d662e7f948b36b50bf90dee48fa5f2_ppc64le",
"8Base-RHOSE-4.7:openshift4/ose-node-problem-detector-rhel8@sha256:7a6eb4ee386df0f8f8a1d34c84efe6c895c9f24e3f0e0845016bb845b11f03d3_amd64",
"8Base-RHOSE-4.7:openshift4/ose-node-problem-detector-rhel8@sha256:9819ce4cec57a67c73ef7c806328079eeb697657d22b0205de48f887883d4263_s390x",
"8Base-RHOSE-4.7:openshift4/ose-operator-sdk-rhel8@sha256:048df6fb0114e1337a8187779b9cb02de9f0afefe150a9606f33e50dcdf450f0_ppc64le",
"8Base-RHOSE-4.7:openshift4/ose-operator-sdk-rhel8@sha256:a4222e6b92e1ede8ea7504723860c0555ba7702db0813024a36936916ac84658_amd64",
"8Base-RHOSE-4.7:openshift4/ose-operator-sdk-rhel8@sha256:b82b5e624823731165f46003fd321a21be8978b048dbcb7c894a8b0f4a4689db_s390x",
"8Base-RHOSE-4.7:openshift4/ose-ptp-operator@sha256:26e7b07274177e86ef6ec8a96188e7957e4f68f73a1420e196702922094417ae_ppc64le",
"8Base-RHOSE-4.7:openshift4/ose-ptp-operator@sha256:3c4cca09987bb6030b6519394465469b7180c2a042854d38044f5cc3f7d2b30b_s390x",
"8Base-RHOSE-4.7:openshift4/ose-ptp-operator@sha256:fecc5f0d5387857fe8bbc0be5de85038fa81fff05d68b8c9a7f17d69b9744a90_amd64",
"8Base-RHOSE-4.7:openshift4/ose-ptp@sha256:7b80bfd84618e2ca174c68cac564a89a29d85b2882ed0232e83fb2b94e01045b_ppc64le",
"8Base-RHOSE-4.7:openshift4/ose-ptp@sha256:84bc727ebee42779a3ae701eb5b1a8c39d9643efea3b072088f2ecc28574c9e6_amd64",
"8Base-RHOSE-4.7:openshift4/ose-ptp@sha256:8a59f23dd45f1b7f8149711cd2f4420795c3e29a800c9bcfe53413cd519e3d84_s390x",
"8Base-RHOSE-4.7:openshift4/ose-service-idler-rhel8@sha256:41bba8ae933de9d4b23cddc011d71365e4cdabdc9ffcb0de585990e5fbb62cd8_ppc64le",
"8Base-RHOSE-4.7:openshift4/ose-service-idler-rhel8@sha256:452674002f3d1b77096b76c8d682a09112ff7a5201ce3b4ab8c7893c66325c06_amd64",
"8Base-RHOSE-4.7:openshift4/ose-service-idler-rhel8@sha256:867ac586b25cc3587dde454f2419127dbcf610e85b07daa6bcb0f9a18e77c828_s390x",
"8Base-RHOSE-4.7:openshift4/ose-sriov-cni@sha256:51b4b6163d3a296d598330e2119c7f12c41c15a3ea81b15c59774ab71a4052ea_ppc64le",
"8Base-RHOSE-4.7:openshift4/ose-sriov-cni@sha256:81a5d568bcc8c8f6eb387df1d437b6d0500b891c3caeb84b27858034f3de603c_s390x",
"8Base-RHOSE-4.7:openshift4/ose-sriov-cni@sha256:82e46f02c6f0c88139dc1e20a1b61510d3ee2d42ed65118669def44a83735595_amd64",
"8Base-RHOSE-4.7:openshift4/ose-sriov-dp-admission-controller@sha256:1645377753534108e3efeb01f6140a26ec53137041ff02a1284352c3e273fd0c_s390x",
"8Base-RHOSE-4.7:openshift4/ose-sriov-dp-admission-controller@sha256:85d3feec1f6c23752bcf1e20de47cd83dc4171295c922b2962cca31f52fdcc99_ppc64le",
"8Base-RHOSE-4.7:openshift4/ose-sriov-dp-admission-controller@sha256:e9d74ba6c5c8e863288bc2543e57ac1119c4e47ee9a4f355dfc99b24fc831f82_amd64",
"8Base-RHOSE-4.7:openshift4/ose-sriov-infiniband-cni@sha256:25b8e51cedf57a5cd5d84685711e4f46c06b9d3f521bac76b00fbe2fc35310b9_ppc64le",
"8Base-RHOSE-4.7:openshift4/ose-sriov-infiniband-cni@sha256:44186335cae56b10b649766841da6ec9cf87105289e64fab69a274e3bee2e822_amd64",
"8Base-RHOSE-4.7:openshift4/ose-sriov-infiniband-cni@sha256:dc869987220178fda24dd3f7fbe66a910e353519bcda4484ecf91f34e018cadc_s390x",
"8Base-RHOSE-4.7:openshift4/ose-sriov-network-config-daemon@sha256:1f79da5009c02e53f313b417025d3ffc7e5c54e6428013c5d8c240d95295018b_s390x",
"8Base-RHOSE-4.7:openshift4/ose-sriov-network-config-daemon@sha256:282eb59274ebf8c9b1d4df18957fe016a1276851504febfa7d0a82b3ff123b46_ppc64le",
"8Base-RHOSE-4.7:openshift4/ose-sriov-network-config-daemon@sha256:726e97cc553dec762030d19e37ceace8398bb6ea2bea5d2853fab9d21a830b87_amd64",
"8Base-RHOSE-4.7:openshift4/ose-sriov-network-device-plugin@sha256:27bc5f7d3785dc55ae6b56a1abdd724f1b071f18070d8fd1be93710425f63fee_ppc64le",
"8Base-RHOSE-4.7:openshift4/ose-sriov-network-device-plugin@sha256:31a390e00f9a2f992508f586e6fce8c0ce046760b553ea007feee1d80c221dee_amd64",
"8Base-RHOSE-4.7:openshift4/ose-sriov-network-device-plugin@sha256:697a084e5a30a0c6ca7e77ce5c77ada9deb5f109decc0f164a9378b40134ed82_s390x",
"8Base-RHOSE-4.7:openshift4/ose-sriov-network-operator@sha256:74535f528ddf08eace2d38a42cdbdc2cc34f2e918b1ea1137aba44150404f034_ppc64le",
"8Base-RHOSE-4.7:openshift4/ose-sriov-network-operator@sha256:74f269f0228b727f77e87c39fd5eeb02345fb44eeef235e3b30decb8142a6cf5_s390x",
"8Base-RHOSE-4.7:openshift4/ose-sriov-network-operator@sha256:a601452298527b60417ce4bc1cd70578fe3e6c08e5b7206a44135e87dae22fee_amd64",
"8Base-RHOSE-4.7:openshift4/ose-sriov-network-webhook@sha256:6eb41f6dcfbdfbefcd12827661e676155758ea3c29f5df868c4bd27b2f323cb3_s390x",
"8Base-RHOSE-4.7:openshift4/ose-sriov-network-webhook@sha256:c600df4806eabd40e14611aba4ca4d71f5b72aff2de914736999a67115b14f51_amd64",
"8Base-RHOSE-4.7:openshift4/ose-sriov-network-webhook@sha256:e8766c5b017e1d13b5da871db07511834fefa46e5fafe3d98ad128d5d9adbdaa_ppc64le",
"8Base-RHOSE-4.7:openshift4/ose-sriov-operator-must-gather@sha256:7cc7dc4a8aa0785fcb60e17b2aa51629f4bbdf3584b6f87250417ad57d2424ea_amd64",
"8Base-RHOSE-4.7:openshift4/ose-sriov-operator-must-gather@sha256:852ec914338080ae0b0a0d80cc1f8776c69904f7aa481073124f7e30f66ea701_ppc64le",
"8Base-RHOSE-4.7:openshift4/ose-sriov-operator-must-gather@sha256:a270a26fe3257c4ab4020975e8ceb88ed223457497fd7bc11849ce96a0075c1c_s390x",
"8Base-RHOSE-4.7:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:29b1accb1927eed49cc610fde0d6510c4e4c50e691a09e6d756ae01fa09e0931_s390x",
"8Base-RHOSE-4.7:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:60bfdb1ee8a9c42dd8b63a60411136ac85ab728b99e92e79c9035dc95eab88cb_amd64",
"8Base-RHOSE-4.7:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:7cda510767be34b8ac3b808aace4ab2d61107042daa98f620993a667852b9a1c_ppc64le",
"8Base-RHOSE-4.7:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:0694a70fe7b9d8dda2efc2776c045b5bfcf5a7592515d93d2c8c8eb4ac3e4be8_ppc64le",
"8Base-RHOSE-4.7:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:4e8d3b120530fe8d18d06aaca7792ef537fc92c2db6afaf7c3069dd55f844da9_amd64",
"8Base-RHOSE-4.7:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:5d67547980eca90abba55217671e141a5211b188fde220a7738d00c492719a90_s390x",
"8Base-RHOSE-4.7:openshift4/ptp-must-gather-rhel8@sha256:6a109b85e3bf018b10fa79b0fdbfc60342ceef50f3b481b52f775fc64e9ca749_s390x",
"8Base-RHOSE-4.7:openshift4/ptp-must-gather-rhel8@sha256:a513ce618ce42f1cd4b3b3eb4d075cc229f6b2f829c355be8de29c1910d6138d_amd64",
"8Base-RHOSE-4.7:openshift4/ptp-must-gather-rhel8@sha256:b59208db40a37fd3111a6d41e9588a157b4188d3e303fec225d6e7ae2b94b724_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "log4j-core: remote code execution via JDBC Appender"
}
]
}
RHSA-2022_0223
Vulnerability from csaf_redhat - Published: 2022-01-20 18:55 - Updated: 2024-11-24 21:30Summary
Red Hat Security Advisory: Red Hat Integration Camel-K 1.6.3 release and security update
Notes
Topic
A minor version update (from 1.6.2 to 1.6.3) is now available for Red Hat Integration Camel K that includes bug fixes. The purpose of this text-only errata is to inform you about the security issues fixed in this release.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
A minor version update (from 1.6.2 to 1.6.3) is now available for Red Hat Camel K that includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References.
Security Fix(es):
* log4j-core: remote code execution via JDBC Appender (CVE-2021-44832)
* log4j-core: DoS in log4j 2.x with thread context message pattern and context lookup pattern (incomplete fix for CVE-2021-44228) (CVE-2021-45046)
* log4j-core: DoS in log4j 2.x with Thread Context Map (MDC) input data contains a recursive lookup and context lookup pattern (CVE-2021-45105)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "A minor version update (from 1.6.2 to 1.6.3) is now available for Red Hat Integration Camel K that includes bug fixes. The purpose of this text-only errata is to inform you about the security issues fixed in this release.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "A minor version update (from 1.6.2 to 1.6.3) is now available for Red Hat Camel K that includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References.\n\nSecurity Fix(es):\n\n* log4j-core: remote code execution via JDBC Appender (CVE-2021-44832)\n\n* log4j-core: DoS in log4j 2.x with thread context message pattern and context lookup pattern (incomplete fix for CVE-2021-44228) (CVE-2021-45046)\n\n* log4j-core: DoS in log4j 2.x with Thread Context Map (MDC) input data contains a recursive lookup and context lookup pattern (CVE-2021-45105)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2022:0223",
"url": "https://access.redhat.com/errata/RHSA-2022:0223"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=distributions\u0026product=red.hat.integration\u0026version=2022-Q1",
"url": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=distributions\u0026product=red.hat.integration\u0026version=2022-Q1"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_integration/2022.q1",
"url": "https://access.redhat.com/documentation/en-us/red_hat_integration/2022.q1"
},
{
"category": "external",
"summary": "2032580",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2032580"
},
{
"category": "external",
"summary": "2034067",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2034067"
},
{
"category": "external",
"summary": "2035951",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2035951"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2022/rhsa-2022_0223.json"
}
],
"title": "Red Hat Security Advisory: Red Hat Integration Camel-K 1.6.3 release and security update",
"tracking": {
"current_release_date": "2024-11-24T21:30:19+00:00",
"generator": {
"date": "2024-11-24T21:30:19+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.1"
}
},
"id": "RHSA-2022:0223",
"initial_release_date": "2022-01-20T18:55:14+00:00",
"revision_history": [
{
"date": "2022-01-20T18:55:14+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2022-01-20T18:55:14+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-24T21:30:19+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Integration Camel-K 1.6.3",
"product": {
"name": "Red Hat Integration Camel-K 1.6.3",
"product_id": "Red Hat Integration Camel-K 1.6.3",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:integration:1"
}
}
}
],
"category": "product_family",
"name": "Red Hat Integration"
}
],
"category": "vendor",
"name": "Red Hat"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-44832",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2021-12-28T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2035951"
}
],
"notes": [
{
"category": "description",
"text": "Apache Log4j2 versions 2.0-beta7 through 2.17.0 (excluding security fix releases 2.3.2 and 2.12.4) are vulnerable to a remote code execution (RCE) attack where an attacker with permission to modify the logging configuration file can construct a malicious configuration using a JDBC Appender with a data source referencing a JNDI URI which can execute remote code. This issue is fixed by limiting JNDI data source names to the java protocol in Log4j2 versions 2.17.1, 2.12.4, and 2.3.2.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "log4j-core: remote code execution via JDBC Appender",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Log4j 1.x is not impacted by this vulnerability. Therefore versions of log4j shipped with Red Hat Enterprise Linux are NOT affected by this flaw.\n\nFor Elasticsearch, as shipped in OpenShift Container Platform and OpenShift Logging, access to the log4j2.properties configuration is limited only to the cluster administrators and exploitation requires cluster logging changes, what reduced the impact of this vulnerability significantly [0].\n\n[0] https://discuss.elastic.co/t/apache-log4j2-remote-code-execution-rce-vulnerability-cve-2021-44228-esa-2021-31/291476#update-jan-6-5",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Integration Camel-K 1.6.3"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-44832"
},
{
"category": "external",
"summary": "RHBZ#2035951",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2035951"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-44832",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44832"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-44832",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-44832"
},
{
"category": "external",
"summary": "https://issues.apache.org/jira/browse/LOG4J2-3293",
"url": "https://issues.apache.org/jira/browse/LOG4J2-3293"
}
],
"release_date": "2021-12-28T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-01-20T18:55:14+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat Integration Camel-K 1.6.3"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:0223"
},
{
"category": "workaround",
"details": "As per upstream:\n- In prior releases confirm that if the JDBC Appender is being used it is not configured to use any protocol other than Java.\n- Note that only the log4j-core JAR file is impacted by this vulnerability. Applications using only the log4j-api JAR file without the log4j-core JAR file are not impacted by this vulnerability.",
"product_ids": [
"Red Hat Integration Camel-K 1.6.3"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat Integration Camel-K 1.6.3"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "log4j-core: remote code execution via JDBC Appender"
},
{
"cve": "CVE-2021-45046",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2021-12-14T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2032580"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Apache Log4j logging library in versions from 2.0.0 and before 2.16.0. A remote attacker with control over Thread Context Map (MDC) input data could craft malicious input using a JNDI Lookup pattern resulting in remote code execution (RCE) in a limited number of environments.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "log4j-core: DoS in log4j 2.x with thread context message pattern and context lookup pattern (incomplete fix for CVE-2021-44228)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Although we have matched Apache\u0027s CVSS score, with the exception of the scope metric which will remain unaltered at \"unchanged\"; as we believe code execution would be at the permission levels of the running JVM and not exceeding that of the original CVE-2021-44228 flaw.\n \nWe have given this vulnerability an impact rating of Moderate, this is because of the unlikely nature of log4j lookup mapping values being derived from attacker controlled values. This is not the default configuration for end-applications using log4j 2.x and would require explicit action from a privileged user (a developer or administrator) to access the vulnerability. \nIn certain non-default configurations, it was found that the fix to address CVE-2021-44228 in Apache Log4j 2.15.0 was insufficient.\n\nThis issue affects the log4j version between 2.0 and 2.15. Log4j 1.x is NOT impacted by this vulnerability. \n\nPrerequisites to exploit this flaw are :\n\n- A remotely accessible endpoint with any protocol (HTTP, TCP, etc) that allows an attacker to send arbitrary data,\n- A log statement in the endpoint that logs the attacker controlled data.\n- Log4j configuration file should be explicitly configured to use a non-default Pattern Layout with a Context Lookup eg. ($${ctx:loginId}) \n\nIn most cases, the mitigation suggested for CVE-2021-44228 (i.e. to set the system property `log4j2.noFormatMsgLookup` to `true) does NOT mitigate this specific vulnerability. \nLog4j 2.16.0 fixes this issue by removing support for message lookup patterns and disabling JNDI functionality by default.\n\nFor Elasticsearch, as shipped in OpenShift 3.11, the \"log4j2.formatMsgNoLookups=true\" system property mitigation is sufficient as there are no included non-standard configurations that allow for exploitation:\n\nhttps://github.com/openshift/openshift-ansible/blob/release-3.11/roles/openshift_logging_elasticsearch/templates/log4j2.properties.j2\n\nhttps://discuss.elastic.co/t/apache-log4j2-remote-code-execution-rce-vulnerability-cve-2021-44228-esa-2021-31/291476\n\nFor CodeReady Studio the fix for this flaw is available on CodeReady Studio 12.21.3 and above versions.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Integration Camel-K 1.6.3"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-45046"
},
{
"category": "external",
"summary": "RHBZ#2032580",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2032580"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-45046",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-45046"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-45046",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-45046"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2021-44228",
"url": "https://access.redhat.com/security/cve/CVE-2021-44228"
},
{
"category": "external",
"summary": "https://logging.apache.org/log4j/2.x/security.html",
"url": "https://logging.apache.org/log4j/2.x/security.html"
},
{
"category": "external",
"summary": "https://www.openwall.com/lists/oss-security/2021/12/14/4",
"url": "https://www.openwall.com/lists/oss-security/2021/12/14/4"
},
{
"category": "external",
"summary": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog",
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
}
],
"release_date": "2021-12-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-01-20T18:55:14+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat Integration Camel-K 1.6.3"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:0223"
},
{
"category": "workaround",
"details": "For Log4j versions up to and including 2.15.0, this issue can be mitigated by removing the JndiLookup class from the classpath (example: zip -q -d log4j-core-*.jar org/apache/logging/log4j/core/lookup/JndiLookup.class).",
"product_ids": [
"Red Hat Integration Camel-K 1.6.3"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat Integration Camel-K 1.6.3"
]
}
],
"threats": [
{
"category": "exploit_status",
"date": "2023-05-01T00:00:00+00:00",
"details": "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
},
{
"category": "impact",
"details": "Moderate"
}
],
"title": "log4j-core: DoS in log4j 2.x with thread context message pattern and context lookup pattern (incomplete fix for CVE-2021-44228)"
},
{
"cve": "CVE-2021-45105",
"cwe": {
"id": "CWE-674",
"name": "Uncontrolled Recursion"
},
"discovery_date": "2021-12-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2034067"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Apache Log4j logging library 2.x. when the logging configuration uses a non-default Pattern Layout with a Context Lookup. Attackers with control over Thread Context Map (MDC) input data can craft malicious input data that contains a recursive lookup and can cause Denial of Service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "log4j-core: DoS in log4j 2.x with Thread Context Map (MDC) input data contains a recursive lookup and context lookup pattern",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Product Security has performed an analysis of this flaw and has classified the Attack Complexity(AC) as High because there are multiple factors involved which are beyond attacker\u0027s control:\n\n- The application has to use the logging configuration using a Context Map Lookup (for example, $${ctx:loginId}) which is a non-default Pattern Layout.\n- The application developer has to use the map org.apache.logging.log4j.ThreadContext in the application code and save at-least one key (for example, ThreadContext.put(\"loginId\", \"myId\");) in the ThreadContext map object.\n- Attackers must also know this saved key name in order to exploit this flaw.\n\nNote that saving keys in this map is a non-essential usage of log4j and just an optional feature provided. Refer to https://logging.apache.org/log4j/2.x/manual/lookups.html#ContextMapLookup to know more about the Context Map Lookup feature of Log4j.\n\nLog4j 1.x is not impacted by this vulnerability. Note that only the log4j-core JAR file is impacted by this vulnerability. Applications using ONLY the log4j-api JAR file without the log4j-core JAR file are NOT impacted by this vulnerability.\n\n\nDespite including a vulnerable version of Log4j 2.x, this vulnerability is not exploitable in Elasticsearch[0], as shipped in OpenShift Container Platform and OpenShift Logging. OpenShift 3.11 specifically does not contain any context lookups:\n\nhttps://github.com/openshift/openshift-ansible/blob/release-3.11/roles/openshift_logging_elasticsearch/templates/log4j2.properties.j2\n\nThis vulnerability is therefore rated Low for Elasticsearch in OpenShift Container Platform and OpenShift Logging.\n\n[0] https://discuss.elastic.co/t/apache-log4j2-remote-code-execution-rce-vulnerability-cve-2021-44228-esa-2021-31/291476#update-december-18-4",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Integration Camel-K 1.6.3"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-45105"
},
{
"category": "external",
"summary": "RHBZ#2034067",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2034067"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-45105",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-45105"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-45105",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-45105"
},
{
"category": "external",
"summary": "https://issues.apache.org/jira/browse/LOG4J2-3230",
"url": "https://issues.apache.org/jira/browse/LOG4J2-3230"
},
{
"category": "external",
"summary": "https://logging.apache.org/log4j/2.x/security.html",
"url": "https://logging.apache.org/log4j/2.x/security.html"
},
{
"category": "external",
"summary": "https://www.openwall.com/lists/oss-security/2021/12/19/1",
"url": "https://www.openwall.com/lists/oss-security/2021/12/19/1"
}
],
"release_date": "2021-12-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-01-20T18:55:14+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat Integration Camel-K 1.6.3"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:0223"
},
{
"category": "workaround",
"details": "For Log4j 2 versions up to and including 2.16.0, this flaw can be mitigated by:\n- In PatternLayout in the Log4j logging configuration, replace Context Lookups like ${ctx:loginId} or $${ctx:loginId} with Thread Context Map patterns (%X, %mdc, or %MDC) like %X{loginId}.\n- Otherwise, in the Log4j logging configuration, remove references to Context Lookups like ${ctx:loginId} or $${ctx:loginId} where they originate from sources external to the application such as HTTP headers or user input.",
"product_ids": [
"Red Hat Integration Camel-K 1.6.3"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Integration Camel-K 1.6.3"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "log4j-core: DoS in log4j 2.x with Thread Context Map (MDC) input data contains a recursive lookup and context lookup pattern"
}
]
}
RHSA-2022_0181
Vulnerability from csaf_redhat - Published: 2022-01-27 08:24 - Updated: 2024-11-25 10:49Summary
Red Hat Security Advisory: OpenShift Container Platform 4.6.54 extras and security update
Notes
Topic
Red Hat OpenShift Container Platform release 4.6.54 is now available with updates to packages and images that fix several bugs.
This release includes a security update for Red Hat OpenShift Container Platform 4.6.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments.
This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.6.54. See the following advisory for the container images for this release:
https://access.redhat.com/errata/RHBA-2022:0180
Security Fix(es):
* log4j-core: remote code execution via JDBC Appender (CVE-2021-44832)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
All OpenShift Container Platform 4.6 users are advised to upgrade to these updated packages and images when they are available in the appropriate release channel. To check for available updates, use the OpenShift Console or the CLI oc command. Instructions for upgrading a cluster are available at https://docs.openshift.com/container-platform/4.6/updating/updating-cluster-between-minor.html#understanding-upgrade-channels_updating-cluster-between-minor
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Red Hat OpenShift Container Platform release 4.6.54 is now available with updates to packages and images that fix several bugs.\n\nThis release includes a security update for Red Hat OpenShift Container Platform 4.6.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat OpenShift Container Platform is Red Hat\u0027s cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments.\n\nThis advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.6.54. See the following advisory for the container images for this release:\n\nhttps://access.redhat.com/errata/RHBA-2022:0180\n\nSecurity Fix(es):\n\n* log4j-core: remote code execution via JDBC Appender (CVE-2021-44832)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAll OpenShift Container Platform 4.6 users are advised to upgrade to these updated packages and images when they are available in the appropriate release channel. To check for available updates, use the OpenShift Console or the CLI oc command. Instructions for upgrading a cluster are available at https://docs.openshift.com/container-platform/4.6/updating/updating-cluster-between-minor.html#understanding-upgrade-channels_updating-cluster-between-minor",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2022:0181",
"url": "https://access.redhat.com/errata/RHSA-2022:0181"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "1985826",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1985826"
},
{
"category": "external",
"summary": "2034412",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2034412"
},
{
"category": "external",
"summary": "2035951",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2035951"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2022/rhsa-2022_0181.json"
}
],
"title": "Red Hat Security Advisory: OpenShift Container Platform 4.6.54 extras and security update",
"tracking": {
"current_release_date": "2024-11-25T10:49:02+00:00",
"generator": {
"date": "2024-11-25T10:49:02+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.1"
}
},
"id": "RHSA-2022:0181",
"initial_release_date": "2022-01-27T08:24:22+00:00",
"revision_history": [
{
"date": "2022-01-27T08:24:22+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2022-01-27T08:24:22+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-25T10:49:02+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat OpenShift Container Platform 4.6",
"product": {
"name": "Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift:4.6::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenShift Enterprise"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift4/ose-descheduler@sha256:e1f0421a3d7c05e9d89336b1a5d992aa794a707b45a7f19c24ba6fbf731fc030_ppc64le",
"product": {
"name": "openshift4/ose-descheduler@sha256:e1f0421a3d7c05e9d89336b1a5d992aa794a707b45a7f19c24ba6fbf731fc030_ppc64le",
"product_id": "openshift4/ose-descheduler@sha256:e1f0421a3d7c05e9d89336b1a5d992aa794a707b45a7f19c24ba6fbf731fc030_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-descheduler@sha256:e1f0421a3d7c05e9d89336b1a5d992aa794a707b45a7f19c24ba6fbf731fc030?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-descheduler\u0026tag=v4.6.0-202201111633.p0.g4c0ed6d.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-node-problem-detector-rhel8@sha256:25f3e6e8ec060df5cd6ad82035cf6f7c973890829c95ef5a006af292882c5f17_ppc64le",
"product": {
"name": "openshift4/ose-node-problem-detector-rhel8@sha256:25f3e6e8ec060df5cd6ad82035cf6f7c973890829c95ef5a006af292882c5f17_ppc64le",
"product_id": "openshift4/ose-node-problem-detector-rhel8@sha256:25f3e6e8ec060df5cd6ad82035cf6f7c973890829c95ef5a006af292882c5f17_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-node-problem-detector-rhel8@sha256:25f3e6e8ec060df5cd6ad82035cf6f7c973890829c95ef5a006af292882c5f17?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-node-problem-detector-rhel8\u0026tag=v4.6.0-202201111633.p0.gb392f6d.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-cluster-logging-operator@sha256:35b7c99ee5ef1e05c31713148ca45795d11fb8cec14f5b73a5082edde1a420dd_ppc64le",
"product": {
"name": "openshift4/ose-cluster-logging-operator@sha256:35b7c99ee5ef1e05c31713148ca45795d11fb8cec14f5b73a5082edde1a420dd_ppc64le",
"product_id": "openshift4/ose-cluster-logging-operator@sha256:35b7c99ee5ef1e05c31713148ca45795d11fb8cec14f5b73a5082edde1a420dd_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-cluster-logging-operator@sha256:35b7c99ee5ef1e05c31713148ca45795d11fb8cec14f5b73a5082edde1a420dd?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-cluster-logging-operator\u0026tag=v4.6.0-202201181437.p0.g7f7eccc.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-cluster-nfd-operator@sha256:837499b03eb6d86f40c9376d7f58ca99736fb028b9171215c9c11b3b7c9e1ea5_ppc64le",
"product": {
"name": "openshift4/ose-cluster-nfd-operator@sha256:837499b03eb6d86f40c9376d7f58ca99736fb028b9171215c9c11b3b7c9e1ea5_ppc64le",
"product_id": "openshift4/ose-cluster-nfd-operator@sha256:837499b03eb6d86f40c9376d7f58ca99736fb028b9171215c9c11b3b7c9e1ea5_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-cluster-nfd-operator@sha256:837499b03eb6d86f40c9376d7f58ca99736fb028b9171215c9c11b3b7c9e1ea5?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-cluster-nfd-operator\u0026tag=v4.6.0-202201111633.p0.g791e21e.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-elasticsearch-operator@sha256:dad1e81945e33a88a10af0ba300ff838b9556b07856bb44625a1b5e06be59b5f_ppc64le",
"product": {
"name": "openshift4/ose-elasticsearch-operator@sha256:dad1e81945e33a88a10af0ba300ff838b9556b07856bb44625a1b5e06be59b5f_ppc64le",
"product_id": "openshift4/ose-elasticsearch-operator@sha256:dad1e81945e33a88a10af0ba300ff838b9556b07856bb44625a1b5e06be59b5f_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-elasticsearch-operator@sha256:dad1e81945e33a88a10af0ba300ff838b9556b07856bb44625a1b5e06be59b5f?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-elasticsearch-operator\u0026tag=v4.6.0-202201181437.p0.gd421c69.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-sriov-infiniband-cni@sha256:44b6e854ecd47519615b68965464e94b31e9a44a698df0574f858cf6f9f47b8c_ppc64le",
"product": {
"name": "openshift4/ose-sriov-infiniband-cni@sha256:44b6e854ecd47519615b68965464e94b31e9a44a698df0574f858cf6f9f47b8c_ppc64le",
"product_id": "openshift4/ose-sriov-infiniband-cni@sha256:44b6e854ecd47519615b68965464e94b31e9a44a698df0574f858cf6f9f47b8c_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-sriov-infiniband-cni@sha256:44b6e854ecd47519615b68965464e94b31e9a44a698df0574f858cf6f9f47b8c?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-sriov-infiniband-cni\u0026tag=v4.6.0-202201111633.p0.g8082d6e.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-local-storage-diskmaker@sha256:5c917f6e16f53c787ab98ded89e6de10172ebbbc427ddd7b39274f6849fda279_ppc64le",
"product": {
"name": "openshift4/ose-local-storage-diskmaker@sha256:5c917f6e16f53c787ab98ded89e6de10172ebbbc427ddd7b39274f6849fda279_ppc64le",
"product_id": "openshift4/ose-local-storage-diskmaker@sha256:5c917f6e16f53c787ab98ded89e6de10172ebbbc427ddd7b39274f6849fda279_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-local-storage-diskmaker@sha256:5c917f6e16f53c787ab98ded89e6de10172ebbbc427ddd7b39274f6849fda279?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-local-storage-diskmaker\u0026tag=v4.6.0-202201111633.p0.gfa3468d.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-local-storage-operator@sha256:79d85a7a26cb26e7636c3e0057394739e5e7e553c460ea83130a75a1e047e139_ppc64le",
"product": {
"name": "openshift4/ose-local-storage-operator@sha256:79d85a7a26cb26e7636c3e0057394739e5e7e553c460ea83130a75a1e047e139_ppc64le",
"product_id": "openshift4/ose-local-storage-operator@sha256:79d85a7a26cb26e7636c3e0057394739e5e7e553c460ea83130a75a1e047e139_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-local-storage-operator@sha256:79d85a7a26cb26e7636c3e0057394739e5e7e553c460ea83130a75a1e047e139?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-local-storage-operator\u0026tag=v4.6.0-202201111633.p0.gfa3468d.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-local-storage-static-provisioner@sha256:a112dd127655109b81ae6f9fa5d7458642c517a84a6fabb2ff76f19cf4b73cff_ppc64le",
"product": {
"name": "openshift4/ose-local-storage-static-provisioner@sha256:a112dd127655109b81ae6f9fa5d7458642c517a84a6fabb2ff76f19cf4b73cff_ppc64le",
"product_id": "openshift4/ose-local-storage-static-provisioner@sha256:a112dd127655109b81ae6f9fa5d7458642c517a84a6fabb2ff76f19cf4b73cff_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-local-storage-static-provisioner@sha256:a112dd127655109b81ae6f9fa5d7458642c517a84a6fabb2ff76f19cf4b73cff?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-local-storage-static-provisioner\u0026tag=v4.6.0-202201111633.p0.g9ee7458.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-logging-curator5@sha256:f291f5cf001e32843171cced32c9266b3801cf8838d44fd150f7064c8edd15bc_ppc64le",
"product": {
"name": "openshift4/ose-logging-curator5@sha256:f291f5cf001e32843171cced32c9266b3801cf8838d44fd150f7064c8edd15bc_ppc64le",
"product_id": "openshift4/ose-logging-curator5@sha256:f291f5cf001e32843171cced32c9266b3801cf8838d44fd150f7064c8edd15bc_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-logging-curator5@sha256:f291f5cf001e32843171cced32c9266b3801cf8838d44fd150f7064c8edd15bc?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-logging-curator5\u0026tag=v4.6.0-202201181437.p0.g181b827.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-logging-elasticsearch6@sha256:494cca490e8be47a3dd458f04791a11f80fca0255534fe926b5654e62d02950b_ppc64le",
"product": {
"name": "openshift4/ose-logging-elasticsearch6@sha256:494cca490e8be47a3dd458f04791a11f80fca0255534fe926b5654e62d02950b_ppc64le",
"product_id": "openshift4/ose-logging-elasticsearch6@sha256:494cca490e8be47a3dd458f04791a11f80fca0255534fe926b5654e62d02950b_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-logging-elasticsearch6@sha256:494cca490e8be47a3dd458f04791a11f80fca0255534fe926b5654e62d02950b?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-logging-elasticsearch6\u0026tag=v4.6.0-202201181437.p0.g181b827.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-logging-eventrouter@sha256:0a4d48dd5651c1fd6038d6f1780c5bf012a6fad3dbb5442cb2331bac22ef30e6_ppc64le",
"product": {
"name": "openshift4/ose-logging-eventrouter@sha256:0a4d48dd5651c1fd6038d6f1780c5bf012a6fad3dbb5442cb2331bac22ef30e6_ppc64le",
"product_id": "openshift4/ose-logging-eventrouter@sha256:0a4d48dd5651c1fd6038d6f1780c5bf012a6fad3dbb5442cb2331bac22ef30e6_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-logging-eventrouter@sha256:0a4d48dd5651c1fd6038d6f1780c5bf012a6fad3dbb5442cb2331bac22ef30e6?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-logging-eventrouter\u0026tag=v4.6.0-202201111633.p0.g131cfe6.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-logging-fluentd@sha256:81b925ab3a62be690462b3b04d2dc837bac84650fb57f4adce339d69493cde44_ppc64le",
"product": {
"name": "openshift4/ose-logging-fluentd@sha256:81b925ab3a62be690462b3b04d2dc837bac84650fb57f4adce339d69493cde44_ppc64le",
"product_id": "openshift4/ose-logging-fluentd@sha256:81b925ab3a62be690462b3b04d2dc837bac84650fb57f4adce339d69493cde44_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-logging-fluentd@sha256:81b925ab3a62be690462b3b04d2dc837bac84650fb57f4adce339d69493cde44?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-logging-fluentd\u0026tag=v4.6.0-202201181437.p0.g181b827.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-logging-kibana6@sha256:96126e249c57434c3641c8bfdee4ffd009c5fc20cfa1ef2763ab33fbdca68d3b_ppc64le",
"product": {
"name": "openshift4/ose-logging-kibana6@sha256:96126e249c57434c3641c8bfdee4ffd009c5fc20cfa1ef2763ab33fbdca68d3b_ppc64le",
"product_id": "openshift4/ose-logging-kibana6@sha256:96126e249c57434c3641c8bfdee4ffd009c5fc20cfa1ef2763ab33fbdca68d3b_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-logging-kibana6@sha256:96126e249c57434c3641c8bfdee4ffd009c5fc20cfa1ef2763ab33fbdca68d3b?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-logging-kibana6\u0026tag=v4.6.0-202201181437.p0.g181b827.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-node-feature-discovery@sha256:bd3a05f7433b159efc5dd4aa12afffa6e9121ae612a93722425ddcef6fbaf9d3_ppc64le",
"product": {
"name": "openshift4/ose-node-feature-discovery@sha256:bd3a05f7433b159efc5dd4aa12afffa6e9121ae612a93722425ddcef6fbaf9d3_ppc64le",
"product_id": "openshift4/ose-node-feature-discovery@sha256:bd3a05f7433b159efc5dd4aa12afffa6e9121ae612a93722425ddcef6fbaf9d3_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-node-feature-discovery@sha256:bd3a05f7433b159efc5dd4aa12afffa6e9121ae612a93722425ddcef6fbaf9d3?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-node-feature-discovery\u0026tag=v4.6.0-202201111633.p0.ge75e467.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-ansible-operator@sha256:9851086ac084c5187482604b55b216009af51174b51b0a4ecaa22ae6965bdfac_ppc64le",
"product": {
"name": "openshift4/ose-ansible-operator@sha256:9851086ac084c5187482604b55b216009af51174b51b0a4ecaa22ae6965bdfac_ppc64le",
"product_id": "openshift4/ose-ansible-operator@sha256:9851086ac084c5187482604b55b216009af51174b51b0a4ecaa22ae6965bdfac_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-ansible-operator@sha256:9851086ac084c5187482604b55b216009af51174b51b0a4ecaa22ae6965bdfac?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-ansible-operator\u0026tag=v4.6.0-202201111855.p0.gf65b49e.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-cluster-capacity@sha256:538543b6ea1186ba46340e2fc0752dc397bc2bde989fa356427aa991ef52b23f_ppc64le",
"product": {
"name": "openshift4/ose-cluster-capacity@sha256:538543b6ea1186ba46340e2fc0752dc397bc2bde989fa356427aa991ef52b23f_ppc64le",
"product_id": "openshift4/ose-cluster-capacity@sha256:538543b6ea1186ba46340e2fc0752dc397bc2bde989fa356427aa991ef52b23f_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-cluster-capacity@sha256:538543b6ea1186ba46340e2fc0752dc397bc2bde989fa356427aa991ef52b23f?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-cluster-capacity\u0026tag=v4.6.0-202201111633.p0.g44065a4.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-egress-dns-proxy@sha256:27f0d36b1d6e0b9f746d4645444311c80ce0b3bf2a7a1f40619e6abf5ebacdac_ppc64le",
"product": {
"name": "openshift4/ose-egress-dns-proxy@sha256:27f0d36b1d6e0b9f746d4645444311c80ce0b3bf2a7a1f40619e6abf5ebacdac_ppc64le",
"product_id": "openshift4/ose-egress-dns-proxy@sha256:27f0d36b1d6e0b9f746d4645444311c80ce0b3bf2a7a1f40619e6abf5ebacdac_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-egress-dns-proxy@sha256:27f0d36b1d6e0b9f746d4645444311c80ce0b3bf2a7a1f40619e6abf5ebacdac?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-egress-dns-proxy\u0026tag=v4.6.0-202201120855.p0.g618b71d.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-egress-router@sha256:b793400ba4ca8347fed2769021f45589e96394d7f3f1b67d08e3787484193a8d_ppc64le",
"product": {
"name": "openshift4/ose-egress-router@sha256:b793400ba4ca8347fed2769021f45589e96394d7f3f1b67d08e3787484193a8d_ppc64le",
"product_id": "openshift4/ose-egress-router@sha256:b793400ba4ca8347fed2769021f45589e96394d7f3f1b67d08e3787484193a8d_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-egress-router@sha256:b793400ba4ca8347fed2769021f45589e96394d7f3f1b67d08e3787484193a8d?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-egress-router\u0026tag=v4.6.0-202201111633.p0.g618b71d.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-helm-operator@sha256:8123030facf3f2e1150a988fb48c04edb8bf8725fd1385fb5d6e00209a90aafc_ppc64le",
"product": {
"name": "openshift4/ose-helm-operator@sha256:8123030facf3f2e1150a988fb48c04edb8bf8725fd1385fb5d6e00209a90aafc_ppc64le",
"product_id": "openshift4/ose-helm-operator@sha256:8123030facf3f2e1150a988fb48c04edb8bf8725fd1385fb5d6e00209a90aafc_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-helm-operator@sha256:8123030facf3f2e1150a988fb48c04edb8bf8725fd1385fb5d6e00209a90aafc?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-helm-operator\u0026tag=v4.6.0-202201111633.p0.gf65b49e.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-service-idler-rhel8@sha256:b3ddfec490c5c285d373ea2eeea18361bdebbc377593157be592f8c903ab93e3_ppc64le",
"product": {
"name": "openshift4/ose-service-idler-rhel8@sha256:b3ddfec490c5c285d373ea2eeea18361bdebbc377593157be592f8c903ab93e3_ppc64le",
"product_id": "openshift4/ose-service-idler-rhel8@sha256:b3ddfec490c5c285d373ea2eeea18361bdebbc377593157be592f8c903ab93e3_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-service-idler-rhel8@sha256:b3ddfec490c5c285d373ea2eeea18361bdebbc377593157be592f8c903ab93e3?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-service-idler-rhel8\u0026tag=v4.6.0-202201111633.p0.g39cfc66.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-cluster-kube-descheduler-operator@sha256:b10e9335ffcb0c66cc733c493e7e90c81ecdc62fe74cb628260553141dd0e768_ppc64le",
"product": {
"name": "openshift4/ose-cluster-kube-descheduler-operator@sha256:b10e9335ffcb0c66cc733c493e7e90c81ecdc62fe74cb628260553141dd0e768_ppc64le",
"product_id": "openshift4/ose-cluster-kube-descheduler-operator@sha256:b10e9335ffcb0c66cc733c493e7e90c81ecdc62fe74cb628260553141dd0e768_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-cluster-kube-descheduler-operator@sha256:b10e9335ffcb0c66cc733c493e7e90c81ecdc62fe74cb628260553141dd0e768?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-cluster-kube-descheduler-operator\u0026tag=v4.6.0-202201111855.p0.gbd1f995.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:b10e9335ffcb0c66cc733c493e7e90c81ecdc62fe74cb628260553141dd0e768_ppc64le",
"product": {
"name": "openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:b10e9335ffcb0c66cc733c493e7e90c81ecdc62fe74cb628260553141dd0e768_ppc64le",
"product_id": "openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:b10e9335ffcb0c66cc733c493e7e90c81ecdc62fe74cb628260553141dd0e768_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-cluster-kube-descheduler-rhel8-operator@sha256:b10e9335ffcb0c66cc733c493e7e90c81ecdc62fe74cb628260553141dd0e768?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-cluster-kube-descheduler-rhel8-operator\u0026tag=v4.6.0-202201111855.p0.gbd1f995.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-clusterresourceoverride-rhel8@sha256:67a5e7a3e155fee5aea31f5ff6191071f2dafdb3cf5f8f107fee7f749bac70b3_ppc64le",
"product": {
"name": "openshift4/ose-clusterresourceoverride-rhel8@sha256:67a5e7a3e155fee5aea31f5ff6191071f2dafdb3cf5f8f107fee7f749bac70b3_ppc64le",
"product_id": "openshift4/ose-clusterresourceoverride-rhel8@sha256:67a5e7a3e155fee5aea31f5ff6191071f2dafdb3cf5f8f107fee7f749bac70b3_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-clusterresourceoverride-rhel8@sha256:67a5e7a3e155fee5aea31f5ff6191071f2dafdb3cf5f8f107fee7f749bac70b3?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-clusterresourceoverride-rhel8\u0026tag=v4.6.0-202201111633.p0.gfabfa8b.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:9be5d1bd86525b465f4e21734fb64cf33d06a558628abe51355818eec90d6c5b_ppc64le",
"product": {
"name": "openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:9be5d1bd86525b465f4e21734fb64cf33d06a558628abe51355818eec90d6c5b_ppc64le",
"product_id": "openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:9be5d1bd86525b465f4e21734fb64cf33d06a558628abe51355818eec90d6c5b_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-clusterresourceoverride-rhel8-operator@sha256:9be5d1bd86525b465f4e21734fb64cf33d06a558628abe51355818eec90d6c5b?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-clusterresourceoverride-rhel8-operator\u0026tag=v4.6.0-202201111633.p0.g9c75ad0.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-egress-http-proxy@sha256:1995f9ac67fec2ed8872a89fe7bf7bb72d9a25d50dc3f6060ae6cb7ca0b1cc50_ppc64le",
"product": {
"name": "openshift4/ose-egress-http-proxy@sha256:1995f9ac67fec2ed8872a89fe7bf7bb72d9a25d50dc3f6060ae6cb7ca0b1cc50_ppc64le",
"product_id": "openshift4/ose-egress-http-proxy@sha256:1995f9ac67fec2ed8872a89fe7bf7bb72d9a25d50dc3f6060ae6cb7ca0b1cc50_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-egress-http-proxy@sha256:1995f9ac67fec2ed8872a89fe7bf7bb72d9a25d50dc3f6060ae6cb7ca0b1cc50?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-egress-http-proxy\u0026tag=v4.6.0-202201111633.p0.g618b71d.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-elasticsearch-proxy@sha256:ec79fffde7369e36a548c594e0cab8fd2aec68f4bfb870c966873de953c82e28_ppc64le",
"product": {
"name": "openshift4/ose-elasticsearch-proxy@sha256:ec79fffde7369e36a548c594e0cab8fd2aec68f4bfb870c966873de953c82e28_ppc64le",
"product_id": "openshift4/ose-elasticsearch-proxy@sha256:ec79fffde7369e36a548c594e0cab8fd2aec68f4bfb870c966873de953c82e28_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-elasticsearch-proxy@sha256:ec79fffde7369e36a548c594e0cab8fd2aec68f4bfb870c966873de953c82e28?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-elasticsearch-proxy\u0026tag=v4.6.0-202201111633.p0.g12d80b2.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:f616d7ce6a927e4d07db54915e10c23052054883092b54cba31263fa2deeb143_ppc64le",
"product": {
"name": "openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:f616d7ce6a927e4d07db54915e10c23052054883092b54cba31263fa2deeb143_ppc64le",
"product_id": "openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:f616d7ce6a927e4d07db54915e10c23052054883092b54cba31263fa2deeb143_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-jenkins-agent-nodejs-10-rhel8@sha256:f616d7ce6a927e4d07db54915e10c23052054883092b54cba31263fa2deeb143?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-jenkins-agent-nodejs-10-rhel8\u0026tag=v4.6.0-202201111855.p0.g3c3794f.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-ptp@sha256:78251c9f29301cf945e7cd21059e26a4efa81f387351343391da8851fd47ad55_ppc64le",
"product": {
"name": "openshift4/ose-ptp@sha256:78251c9f29301cf945e7cd21059e26a4efa81f387351343391da8851fd47ad55_ppc64le",
"product_id": "openshift4/ose-ptp@sha256:78251c9f29301cf945e7cd21059e26a4efa81f387351343391da8851fd47ad55_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-ptp@sha256:78251c9f29301cf945e7cd21059e26a4efa81f387351343391da8851fd47ad55?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-ptp\u0026tag=v4.6.0-202201111633.p0.g8f5a67a.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-metering-helm-container-rhel8@sha256:8280180d103a31b2e8594b2eb3711c205a956b2443624f6244488c86f0cab328_ppc64le",
"product": {
"name": "openshift4/ose-metering-helm-container-rhel8@sha256:8280180d103a31b2e8594b2eb3711c205a956b2443624f6244488c86f0cab328_ppc64le",
"product_id": "openshift4/ose-metering-helm-container-rhel8@sha256:8280180d103a31b2e8594b2eb3711c205a956b2443624f6244488c86f0cab328_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-metering-helm-container-rhel8@sha256:8280180d103a31b2e8594b2eb3711c205a956b2443624f6244488c86f0cab328?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-metering-helm-container-rhel8\u0026tag=v4.6.0-202201111633.p0.gcc06fc6.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-ptp-operator@sha256:3b88fd834e952da56657207ef1c29d5cb05b0a71a68cdd6c6af00ab846166e47_ppc64le",
"product": {
"name": "openshift4/ose-ptp-operator@sha256:3b88fd834e952da56657207ef1c29d5cb05b0a71a68cdd6c6af00ab846166e47_ppc64le",
"product_id": "openshift4/ose-ptp-operator@sha256:3b88fd834e952da56657207ef1c29d5cb05b0a71a68cdd6c6af00ab846166e47_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-ptp-operator@sha256:3b88fd834e952da56657207ef1c29d5cb05b0a71a68cdd6c6af00ab846166e47?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-ptp-operator\u0026tag=v4.6.0-202201111855.p0.g97081b3.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:0d541b24cd4e5f6fda0c0f6a652a600ce5b7107076dc0572a3da6b5d166220f7_ppc64le",
"product": {
"name": "openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:0d541b24cd4e5f6fda0c0f6a652a600ce5b7107076dc0572a3da6b5d166220f7_ppc64le",
"product_id": "openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:0d541b24cd4e5f6fda0c0f6a652a600ce5b7107076dc0572a3da6b5d166220f7_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-vertical-pod-autoscaler-rhel8@sha256:0d541b24cd4e5f6fda0c0f6a652a600ce5b7107076dc0572a3da6b5d166220f7?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-vertical-pod-autoscaler-rhel8\u0026tag=v4.6.0-202201111855.p0.ga19224c.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:b4a504d3d1fc1d1a8a2284edbf787dc3fc4279389c8f7a4f537da0f9d84f49de_ppc64le",
"product": {
"name": "openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:b4a504d3d1fc1d1a8a2284edbf787dc3fc4279389c8f7a4f537da0f9d84f49de_ppc64le",
"product_id": "openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:b4a504d3d1fc1d1a8a2284edbf787dc3fc4279389c8f7a4f537da0f9d84f49de_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-vertical-pod-autoscaler-rhel8-operator@sha256:b4a504d3d1fc1d1a8a2284edbf787dc3fc4279389c8f7a4f537da0f9d84f49de?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-vertical-pod-autoscaler-rhel8-operator\u0026tag=v4.6.0-202201111855.p0.gddfb5bf.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-sriov-cni@sha256:4a6d5d05e952393f41912f0b07e57ed2c6f1be49bd1bf6be2ad8dabffc9bf5a1_ppc64le",
"product": {
"name": "openshift4/ose-sriov-cni@sha256:4a6d5d05e952393f41912f0b07e57ed2c6f1be49bd1bf6be2ad8dabffc9bf5a1_ppc64le",
"product_id": "openshift4/ose-sriov-cni@sha256:4a6d5d05e952393f41912f0b07e57ed2c6f1be49bd1bf6be2ad8dabffc9bf5a1_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-sriov-cni@sha256:4a6d5d05e952393f41912f0b07e57ed2c6f1be49bd1bf6be2ad8dabffc9bf5a1?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-sriov-cni\u0026tag=v4.6.0-202201111633.p0.gd209fd9.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-sriov-dp-admission-controller@sha256:277aef8937aa7892c1bf281de09177c46af5717d0107ca3a249cd43c4d9d60b2_ppc64le",
"product": {
"name": "openshift4/ose-sriov-dp-admission-controller@sha256:277aef8937aa7892c1bf281de09177c46af5717d0107ca3a249cd43c4d9d60b2_ppc64le",
"product_id": "openshift4/ose-sriov-dp-admission-controller@sha256:277aef8937aa7892c1bf281de09177c46af5717d0107ca3a249cd43c4d9d60b2_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-sriov-dp-admission-controller@sha256:277aef8937aa7892c1bf281de09177c46af5717d0107ca3a249cd43c4d9d60b2?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-sriov-dp-admission-controller\u0026tag=v4.6.0-202201111633.p0.g907f1f6.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-sriov-network-config-daemon@sha256:a81cd86608af1bf295b247df68549ca62a980d6063f87fe6855f52ef69f9d933_ppc64le",
"product": {
"name": "openshift4/ose-sriov-network-config-daemon@sha256:a81cd86608af1bf295b247df68549ca62a980d6063f87fe6855f52ef69f9d933_ppc64le",
"product_id": "openshift4/ose-sriov-network-config-daemon@sha256:a81cd86608af1bf295b247df68549ca62a980d6063f87fe6855f52ef69f9d933_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-sriov-network-config-daemon@sha256:a81cd86608af1bf295b247df68549ca62a980d6063f87fe6855f52ef69f9d933?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-sriov-network-config-daemon\u0026tag=v4.6.0-202201111855.p0.g67dd835.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-sriov-network-device-plugin@sha256:5203b4e517f0255d2e530f61c7dfa21784987074540eb83845e52d6a66d8e875_ppc64le",
"product": {
"name": "openshift4/ose-sriov-network-device-plugin@sha256:5203b4e517f0255d2e530f61c7dfa21784987074540eb83845e52d6a66d8e875_ppc64le",
"product_id": "openshift4/ose-sriov-network-device-plugin@sha256:5203b4e517f0255d2e530f61c7dfa21784987074540eb83845e52d6a66d8e875_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-sriov-network-device-plugin@sha256:5203b4e517f0255d2e530f61c7dfa21784987074540eb83845e52d6a66d8e875?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-sriov-network-device-plugin\u0026tag=v4.6.0-202201111633.p0.g62be5ad.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-sriov-operator-must-gather@sha256:4297f0d0f045f58a11353fad6c9de6baaa31a6cb7903ad51f6b01bee4b9703f0_ppc64le",
"product": {
"name": "openshift4/ose-sriov-operator-must-gather@sha256:4297f0d0f045f58a11353fad6c9de6baaa31a6cb7903ad51f6b01bee4b9703f0_ppc64le",
"product_id": "openshift4/ose-sriov-operator-must-gather@sha256:4297f0d0f045f58a11353fad6c9de6baaa31a6cb7903ad51f6b01bee4b9703f0_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-sriov-operator-must-gather@sha256:4297f0d0f045f58a11353fad6c9de6baaa31a6cb7903ad51f6b01bee4b9703f0?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-sriov-operator-must-gather\u0026tag=v4.6.0-202201111855.p0.g67dd835.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-sriov-network-operator@sha256:185cba65f61575ba943dd5cb2726a0ac9f46a2f7a70d215f20b5364236c9670d_ppc64le",
"product": {
"name": "openshift4/ose-sriov-network-operator@sha256:185cba65f61575ba943dd5cb2726a0ac9f46a2f7a70d215f20b5364236c9670d_ppc64le",
"product_id": "openshift4/ose-sriov-network-operator@sha256:185cba65f61575ba943dd5cb2726a0ac9f46a2f7a70d215f20b5364236c9670d_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-sriov-network-operator@sha256:185cba65f61575ba943dd5cb2726a0ac9f46a2f7a70d215f20b5364236c9670d?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-sriov-network-operator\u0026tag=v4.6.0-202201111855.p0.g67dd835.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-sriov-network-webhook@sha256:290d63c1f882428084ed263cb9bf6fa6be0ef839ac0b864248dab92cee6790a7_ppc64le",
"product": {
"name": "openshift4/ose-sriov-network-webhook@sha256:290d63c1f882428084ed263cb9bf6fa6be0ef839ac0b864248dab92cee6790a7_ppc64le",
"product_id": "openshift4/ose-sriov-network-webhook@sha256:290d63c1f882428084ed263cb9bf6fa6be0ef839ac0b864248dab92cee6790a7_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-sriov-network-webhook@sha256:290d63c1f882428084ed263cb9bf6fa6be0ef839ac0b864248dab92cee6790a7?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-sriov-network-webhook\u0026tag=v4.6.0-202201111855.p0.g67dd835.assembly.stream"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift4/ose-descheduler@sha256:13b72f06cf0587747fb189781a85a79e9d3245e9add207afba714b85659ccf51_amd64",
"product": {
"name": "openshift4/ose-descheduler@sha256:13b72f06cf0587747fb189781a85a79e9d3245e9add207afba714b85659ccf51_amd64",
"product_id": "openshift4/ose-descheduler@sha256:13b72f06cf0587747fb189781a85a79e9d3245e9add207afba714b85659ccf51_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-descheduler@sha256:13b72f06cf0587747fb189781a85a79e9d3245e9add207afba714b85659ccf51?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-descheduler\u0026tag=v4.6.0-202201111633.p0.g4c0ed6d.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-node-problem-detector-rhel8@sha256:edd9b7d3df9f5f741c0d83607eabd20c0666960825dc21018813aee95fa0216a_amd64",
"product": {
"name": "openshift4/ose-node-problem-detector-rhel8@sha256:edd9b7d3df9f5f741c0d83607eabd20c0666960825dc21018813aee95fa0216a_amd64",
"product_id": "openshift4/ose-node-problem-detector-rhel8@sha256:edd9b7d3df9f5f741c0d83607eabd20c0666960825dc21018813aee95fa0216a_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-node-problem-detector-rhel8@sha256:edd9b7d3df9f5f741c0d83607eabd20c0666960825dc21018813aee95fa0216a?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-node-problem-detector-rhel8\u0026tag=v4.6.0-202201111633.p0.gb392f6d.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-cluster-logging-operator@sha256:2f8c778281b547d7f8a6926b4527651f1b93cbc836b4f567251b436406ae531d_amd64",
"product": {
"name": "openshift4/ose-cluster-logging-operator@sha256:2f8c778281b547d7f8a6926b4527651f1b93cbc836b4f567251b436406ae531d_amd64",
"product_id": "openshift4/ose-cluster-logging-operator@sha256:2f8c778281b547d7f8a6926b4527651f1b93cbc836b4f567251b436406ae531d_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-cluster-logging-operator@sha256:2f8c778281b547d7f8a6926b4527651f1b93cbc836b4f567251b436406ae531d?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-cluster-logging-operator\u0026tag=v4.6.0-202201181437.p0.g7f7eccc.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-cluster-nfd-operator@sha256:60e1a506e61226b57744b5023b8683745b602b32570c844631c5516e277cea4d_amd64",
"product": {
"name": "openshift4/ose-cluster-nfd-operator@sha256:60e1a506e61226b57744b5023b8683745b602b32570c844631c5516e277cea4d_amd64",
"product_id": "openshift4/ose-cluster-nfd-operator@sha256:60e1a506e61226b57744b5023b8683745b602b32570c844631c5516e277cea4d_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-cluster-nfd-operator@sha256:60e1a506e61226b57744b5023b8683745b602b32570c844631c5516e277cea4d?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-cluster-nfd-operator\u0026tag=v4.6.0-202201111633.p0.g791e21e.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-elasticsearch-operator@sha256:babd8e4facbdf98988147f9ca14aed822b9661dfd07667c03cd5c2b3cd779c61_amd64",
"product": {
"name": "openshift4/ose-elasticsearch-operator@sha256:babd8e4facbdf98988147f9ca14aed822b9661dfd07667c03cd5c2b3cd779c61_amd64",
"product_id": "openshift4/ose-elasticsearch-operator@sha256:babd8e4facbdf98988147f9ca14aed822b9661dfd07667c03cd5c2b3cd779c61_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-elasticsearch-operator@sha256:babd8e4facbdf98988147f9ca14aed822b9661dfd07667c03cd5c2b3cd779c61?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-elasticsearch-operator\u0026tag=v4.6.0-202201181437.p0.gd421c69.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-ghostunnel@sha256:cf92e54db3dad23fa8df46847b1da1330d925bd0a6b3ac266eed31baae6c86a9_amd64",
"product": {
"name": "openshift4/ose-ghostunnel@sha256:cf92e54db3dad23fa8df46847b1da1330d925bd0a6b3ac266eed31baae6c86a9_amd64",
"product_id": "openshift4/ose-ghostunnel@sha256:cf92e54db3dad23fa8df46847b1da1330d925bd0a6b3ac266eed31baae6c86a9_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-ghostunnel@sha256:cf92e54db3dad23fa8df46847b1da1330d925bd0a6b3ac266eed31baae6c86a9?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-ghostunnel\u0026tag=v4.6.0-202201111633.p0.gd5ea7b7.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-metering-hadoop@sha256:7c5a754163f73dbd38557b80f9c0b0286877774350177744ea6b199b0d62784f_amd64",
"product": {
"name": "openshift4/ose-metering-hadoop@sha256:7c5a754163f73dbd38557b80f9c0b0286877774350177744ea6b199b0d62784f_amd64",
"product_id": "openshift4/ose-metering-hadoop@sha256:7c5a754163f73dbd38557b80f9c0b0286877774350177744ea6b199b0d62784f_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-metering-hadoop@sha256:7c5a754163f73dbd38557b80f9c0b0286877774350177744ea6b199b0d62784f?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-metering-hadoop\u0026tag=v4.6.0-202201111633.p0.gf381145.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-metering-hive@sha256:b7e2a84f2e134b4316a8db9edebacd9bd8bb2a7daa7bf000da1d8802c45a2b12_amd64",
"product": {
"name": "openshift4/ose-metering-hive@sha256:b7e2a84f2e134b4316a8db9edebacd9bd8bb2a7daa7bf000da1d8802c45a2b12_amd64",
"product_id": "openshift4/ose-metering-hive@sha256:b7e2a84f2e134b4316a8db9edebacd9bd8bb2a7daa7bf000da1d8802c45a2b12_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-metering-hive@sha256:b7e2a84f2e134b4316a8db9edebacd9bd8bb2a7daa7bf000da1d8802c45a2b12?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-metering-hive\u0026tag=v4.6.0-202201111633.p0.gf139e12.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-sriov-infiniband-cni@sha256:fc1db84a3523bdddfd54725ecd4f75ae2271f4e97d649009ca8f9ae94a25cc1a_amd64",
"product": {
"name": "openshift4/ose-sriov-infiniband-cni@sha256:fc1db84a3523bdddfd54725ecd4f75ae2271f4e97d649009ca8f9ae94a25cc1a_amd64",
"product_id": "openshift4/ose-sriov-infiniband-cni@sha256:fc1db84a3523bdddfd54725ecd4f75ae2271f4e97d649009ca8f9ae94a25cc1a_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-sriov-infiniband-cni@sha256:fc1db84a3523bdddfd54725ecd4f75ae2271f4e97d649009ca8f9ae94a25cc1a?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-sriov-infiniband-cni\u0026tag=v4.6.0-202201111633.p0.g8082d6e.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-local-storage-diskmaker@sha256:f0803d7e103a6386db864d892b06a8506e1e8427f5439ade0b2b576cd57f39e1_amd64",
"product": {
"name": "openshift4/ose-local-storage-diskmaker@sha256:f0803d7e103a6386db864d892b06a8506e1e8427f5439ade0b2b576cd57f39e1_amd64",
"product_id": "openshift4/ose-local-storage-diskmaker@sha256:f0803d7e103a6386db864d892b06a8506e1e8427f5439ade0b2b576cd57f39e1_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-local-storage-diskmaker@sha256:f0803d7e103a6386db864d892b06a8506e1e8427f5439ade0b2b576cd57f39e1?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-local-storage-diskmaker\u0026tag=v4.6.0-202201111633.p0.gfa3468d.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-local-storage-operator@sha256:7ce40d96b827a92da571e809f563072c8dbcfeb4dd105e5e80c774ad7dd75424_amd64",
"product": {
"name": "openshift4/ose-local-storage-operator@sha256:7ce40d96b827a92da571e809f563072c8dbcfeb4dd105e5e80c774ad7dd75424_amd64",
"product_id": "openshift4/ose-local-storage-operator@sha256:7ce40d96b827a92da571e809f563072c8dbcfeb4dd105e5e80c774ad7dd75424_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-local-storage-operator@sha256:7ce40d96b827a92da571e809f563072c8dbcfeb4dd105e5e80c774ad7dd75424?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-local-storage-operator\u0026tag=v4.6.0-202201111633.p0.gfa3468d.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-local-storage-static-provisioner@sha256:88f085beb4edf3cdc7e03e08ec0bf896fd17fd5e8629891e1359b500ddee3d40_amd64",
"product": {
"name": "openshift4/ose-local-storage-static-provisioner@sha256:88f085beb4edf3cdc7e03e08ec0bf896fd17fd5e8629891e1359b500ddee3d40_amd64",
"product_id": "openshift4/ose-local-storage-static-provisioner@sha256:88f085beb4edf3cdc7e03e08ec0bf896fd17fd5e8629891e1359b500ddee3d40_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-local-storage-static-provisioner@sha256:88f085beb4edf3cdc7e03e08ec0bf896fd17fd5e8629891e1359b500ddee3d40?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-local-storage-static-provisioner\u0026tag=v4.6.0-202201111633.p0.g9ee7458.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-logging-curator5@sha256:ef9ca522e2e42d28263fe567dfd1455872a13b779d009f569f86a9806f7727b5_amd64",
"product": {
"name": "openshift4/ose-logging-curator5@sha256:ef9ca522e2e42d28263fe567dfd1455872a13b779d009f569f86a9806f7727b5_amd64",
"product_id": "openshift4/ose-logging-curator5@sha256:ef9ca522e2e42d28263fe567dfd1455872a13b779d009f569f86a9806f7727b5_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-logging-curator5@sha256:ef9ca522e2e42d28263fe567dfd1455872a13b779d009f569f86a9806f7727b5?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-logging-curator5\u0026tag=v4.6.0-202201181437.p0.g181b827.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-logging-elasticsearch6@sha256:08069eb8d8084532872995971c4613487efe93e338fb091db122b9bf48228927_amd64",
"product": {
"name": "openshift4/ose-logging-elasticsearch6@sha256:08069eb8d8084532872995971c4613487efe93e338fb091db122b9bf48228927_amd64",
"product_id": "openshift4/ose-logging-elasticsearch6@sha256:08069eb8d8084532872995971c4613487efe93e338fb091db122b9bf48228927_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-logging-elasticsearch6@sha256:08069eb8d8084532872995971c4613487efe93e338fb091db122b9bf48228927?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-logging-elasticsearch6\u0026tag=v4.6.0-202201181437.p0.g181b827.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-logging-eventrouter@sha256:d174e013bab68f62d077d3994b3419e02bb48f7df30b7ba9416f3531898faa0f_amd64",
"product": {
"name": "openshift4/ose-logging-eventrouter@sha256:d174e013bab68f62d077d3994b3419e02bb48f7df30b7ba9416f3531898faa0f_amd64",
"product_id": "openshift4/ose-logging-eventrouter@sha256:d174e013bab68f62d077d3994b3419e02bb48f7df30b7ba9416f3531898faa0f_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-logging-eventrouter@sha256:d174e013bab68f62d077d3994b3419e02bb48f7df30b7ba9416f3531898faa0f?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-logging-eventrouter\u0026tag=v4.6.0-202201111633.p0.g131cfe6.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-logging-fluentd@sha256:a8cfdeddcc6a910f5cb320afa136544575c6c8a957270973ce0fd09c090cada6_amd64",
"product": {
"name": "openshift4/ose-logging-fluentd@sha256:a8cfdeddcc6a910f5cb320afa136544575c6c8a957270973ce0fd09c090cada6_amd64",
"product_id": "openshift4/ose-logging-fluentd@sha256:a8cfdeddcc6a910f5cb320afa136544575c6c8a957270973ce0fd09c090cada6_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-logging-fluentd@sha256:a8cfdeddcc6a910f5cb320afa136544575c6c8a957270973ce0fd09c090cada6?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-logging-fluentd\u0026tag=v4.6.0-202201181437.p0.g181b827.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-logging-kibana6@sha256:713c0cf0011d8b9b965fce87c21c1822ec3e6b30a12d523cfae899e3df538376_amd64",
"product": {
"name": "openshift4/ose-logging-kibana6@sha256:713c0cf0011d8b9b965fce87c21c1822ec3e6b30a12d523cfae899e3df538376_amd64",
"product_id": "openshift4/ose-logging-kibana6@sha256:713c0cf0011d8b9b965fce87c21c1822ec3e6b30a12d523cfae899e3df538376_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-logging-kibana6@sha256:713c0cf0011d8b9b965fce87c21c1822ec3e6b30a12d523cfae899e3df538376?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-logging-kibana6\u0026tag=v4.6.0-202201181437.p0.g181b827.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-node-feature-discovery@sha256:949915f8d3fa7b0d99e8b01fdf6cc6a28c16942a6978fa7cbb604467a5b9bd04_amd64",
"product": {
"name": "openshift4/ose-node-feature-discovery@sha256:949915f8d3fa7b0d99e8b01fdf6cc6a28c16942a6978fa7cbb604467a5b9bd04_amd64",
"product_id": "openshift4/ose-node-feature-discovery@sha256:949915f8d3fa7b0d99e8b01fdf6cc6a28c16942a6978fa7cbb604467a5b9bd04_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-node-feature-discovery@sha256:949915f8d3fa7b0d99e8b01fdf6cc6a28c16942a6978fa7cbb604467a5b9bd04?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-node-feature-discovery\u0026tag=v4.6.0-202201111633.p0.ge75e467.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-ansible-operator@sha256:6e7666c52fca236c7708df93a64720b1bc94d9997c5cca300fb78a5301a811d3_amd64",
"product": {
"name": "openshift4/ose-ansible-operator@sha256:6e7666c52fca236c7708df93a64720b1bc94d9997c5cca300fb78a5301a811d3_amd64",
"product_id": "openshift4/ose-ansible-operator@sha256:6e7666c52fca236c7708df93a64720b1bc94d9997c5cca300fb78a5301a811d3_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-ansible-operator@sha256:6e7666c52fca236c7708df93a64720b1bc94d9997c5cca300fb78a5301a811d3?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-ansible-operator\u0026tag=v4.6.0-202201111855.p0.gf65b49e.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-cluster-capacity@sha256:552025bcda355dc99917e2a454b11df197c7033ec3468752db7f4f55385c0009_amd64",
"product": {
"name": "openshift4/ose-cluster-capacity@sha256:552025bcda355dc99917e2a454b11df197c7033ec3468752db7f4f55385c0009_amd64",
"product_id": "openshift4/ose-cluster-capacity@sha256:552025bcda355dc99917e2a454b11df197c7033ec3468752db7f4f55385c0009_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-cluster-capacity@sha256:552025bcda355dc99917e2a454b11df197c7033ec3468752db7f4f55385c0009?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-cluster-capacity\u0026tag=v4.6.0-202201111633.p0.g44065a4.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-egress-dns-proxy@sha256:06a4ed599ae7598453ea474092c8515b2bead4631d5fc22848f19100b3d8d34a_amd64",
"product": {
"name": "openshift4/ose-egress-dns-proxy@sha256:06a4ed599ae7598453ea474092c8515b2bead4631d5fc22848f19100b3d8d34a_amd64",
"product_id": "openshift4/ose-egress-dns-proxy@sha256:06a4ed599ae7598453ea474092c8515b2bead4631d5fc22848f19100b3d8d34a_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-egress-dns-proxy@sha256:06a4ed599ae7598453ea474092c8515b2bead4631d5fc22848f19100b3d8d34a?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-egress-dns-proxy\u0026tag=v4.6.0-202201120855.p0.g618b71d.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-egress-router@sha256:abc06cbf734379c3460d401eae44981d01f2489d85ba128d6c25ad4e9cc4ac5a_amd64",
"product": {
"name": "openshift4/ose-egress-router@sha256:abc06cbf734379c3460d401eae44981d01f2489d85ba128d6c25ad4e9cc4ac5a_amd64",
"product_id": "openshift4/ose-egress-router@sha256:abc06cbf734379c3460d401eae44981d01f2489d85ba128d6c25ad4e9cc4ac5a_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-egress-router@sha256:abc06cbf734379c3460d401eae44981d01f2489d85ba128d6c25ad4e9cc4ac5a?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-egress-router\u0026tag=v4.6.0-202201111633.p0.g618b71d.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-helm-operator@sha256:0c87dc49ed5f7fe9b495fc4ce9c04533a3cb30bcf35776730fb23d68fb7d935c_amd64",
"product": {
"name": "openshift4/ose-helm-operator@sha256:0c87dc49ed5f7fe9b495fc4ce9c04533a3cb30bcf35776730fb23d68fb7d935c_amd64",
"product_id": "openshift4/ose-helm-operator@sha256:0c87dc49ed5f7fe9b495fc4ce9c04533a3cb30bcf35776730fb23d68fb7d935c_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-helm-operator@sha256:0c87dc49ed5f7fe9b495fc4ce9c04533a3cb30bcf35776730fb23d68fb7d935c?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-helm-operator\u0026tag=v4.6.0-202201111633.p0.gf65b49e.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-service-idler-rhel8@sha256:e223fe4e6a2e1de6d0faa3c3b1164e914bdb9315f679416d3aecffd4f8544f06_amd64",
"product": {
"name": "openshift4/ose-service-idler-rhel8@sha256:e223fe4e6a2e1de6d0faa3c3b1164e914bdb9315f679416d3aecffd4f8544f06_amd64",
"product_id": "openshift4/ose-service-idler-rhel8@sha256:e223fe4e6a2e1de6d0faa3c3b1164e914bdb9315f679416d3aecffd4f8544f06_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-service-idler-rhel8@sha256:e223fe4e6a2e1de6d0faa3c3b1164e914bdb9315f679416d3aecffd4f8544f06?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-service-idler-rhel8\u0026tag=v4.6.0-202201111633.p0.g39cfc66.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-cluster-kube-descheduler-operator@sha256:3487912c66a6b61677be483ad0d48d404933d4f2c855a962b0038adefda820ac_amd64",
"product": {
"name": "openshift4/ose-cluster-kube-descheduler-operator@sha256:3487912c66a6b61677be483ad0d48d404933d4f2c855a962b0038adefda820ac_amd64",
"product_id": "openshift4/ose-cluster-kube-descheduler-operator@sha256:3487912c66a6b61677be483ad0d48d404933d4f2c855a962b0038adefda820ac_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-cluster-kube-descheduler-operator@sha256:3487912c66a6b61677be483ad0d48d404933d4f2c855a962b0038adefda820ac?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-cluster-kube-descheduler-operator\u0026tag=v4.6.0-202201111855.p0.gbd1f995.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:3487912c66a6b61677be483ad0d48d404933d4f2c855a962b0038adefda820ac_amd64",
"product": {
"name": "openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:3487912c66a6b61677be483ad0d48d404933d4f2c855a962b0038adefda820ac_amd64",
"product_id": "openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:3487912c66a6b61677be483ad0d48d404933d4f2c855a962b0038adefda820ac_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-cluster-kube-descheduler-rhel8-operator@sha256:3487912c66a6b61677be483ad0d48d404933d4f2c855a962b0038adefda820ac?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-cluster-kube-descheduler-rhel8-operator\u0026tag=v4.6.0-202201111855.p0.gbd1f995.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-clusterresourceoverride-rhel8@sha256:135edfa97d1e2c97e4d71e91f22cf412df20b1a2f985f9dace339ff6419b0afe_amd64",
"product": {
"name": "openshift4/ose-clusterresourceoverride-rhel8@sha256:135edfa97d1e2c97e4d71e91f22cf412df20b1a2f985f9dace339ff6419b0afe_amd64",
"product_id": "openshift4/ose-clusterresourceoverride-rhel8@sha256:135edfa97d1e2c97e4d71e91f22cf412df20b1a2f985f9dace339ff6419b0afe_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-clusterresourceoverride-rhel8@sha256:135edfa97d1e2c97e4d71e91f22cf412df20b1a2f985f9dace339ff6419b0afe?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-clusterresourceoverride-rhel8\u0026tag=v4.6.0-202201111633.p0.gfabfa8b.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:f5a0bbf1cdee2baeeeef4a68f9c2778b3e32803aa39d3a5225ab14c5a834abda_amd64",
"product": {
"name": "openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:f5a0bbf1cdee2baeeeef4a68f9c2778b3e32803aa39d3a5225ab14c5a834abda_amd64",
"product_id": "openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:f5a0bbf1cdee2baeeeef4a68f9c2778b3e32803aa39d3a5225ab14c5a834abda_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-clusterresourceoverride-rhel8-operator@sha256:f5a0bbf1cdee2baeeeef4a68f9c2778b3e32803aa39d3a5225ab14c5a834abda?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-clusterresourceoverride-rhel8-operator\u0026tag=v4.6.0-202201111633.p0.g9c75ad0.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-egress-http-proxy@sha256:989062e17028afc452b6049eeb2b49988dbca1857b5be4c0ebc0d540ef4a9f0c_amd64",
"product": {
"name": "openshift4/ose-egress-http-proxy@sha256:989062e17028afc452b6049eeb2b49988dbca1857b5be4c0ebc0d540ef4a9f0c_amd64",
"product_id": "openshift4/ose-egress-http-proxy@sha256:989062e17028afc452b6049eeb2b49988dbca1857b5be4c0ebc0d540ef4a9f0c_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-egress-http-proxy@sha256:989062e17028afc452b6049eeb2b49988dbca1857b5be4c0ebc0d540ef4a9f0c?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-egress-http-proxy\u0026tag=v4.6.0-202201111633.p0.g618b71d.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-elasticsearch-proxy@sha256:6f38aaca7153b53dd766acef9a056816c358a389629930fb6704cd136457f1fd_amd64",
"product": {
"name": "openshift4/ose-elasticsearch-proxy@sha256:6f38aaca7153b53dd766acef9a056816c358a389629930fb6704cd136457f1fd_amd64",
"product_id": "openshift4/ose-elasticsearch-proxy@sha256:6f38aaca7153b53dd766acef9a056816c358a389629930fb6704cd136457f1fd_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-elasticsearch-proxy@sha256:6f38aaca7153b53dd766acef9a056816c358a389629930fb6704cd136457f1fd?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-elasticsearch-proxy\u0026tag=v4.6.0-202201111633.p0.g12d80b2.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:53e4efe77d61d5c975e0d2bda0a5721624fa9b9bbe845b879320745dc5808146_amd64",
"product": {
"name": "openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:53e4efe77d61d5c975e0d2bda0a5721624fa9b9bbe845b879320745dc5808146_amd64",
"product_id": "openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:53e4efe77d61d5c975e0d2bda0a5721624fa9b9bbe845b879320745dc5808146_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-jenkins-agent-nodejs-10-rhel8@sha256:53e4efe77d61d5c975e0d2bda0a5721624fa9b9bbe845b879320745dc5808146?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-jenkins-agent-nodejs-10-rhel8\u0026tag=v4.6.0-202201111855.p0.g3c3794f.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-ptp@sha256:ba082241f9cc57f8b35a979d7b9096bdad4c9f6dd4cdecde0e4d6eba7645d9e2_amd64",
"product": {
"name": "openshift4/ose-ptp@sha256:ba082241f9cc57f8b35a979d7b9096bdad4c9f6dd4cdecde0e4d6eba7645d9e2_amd64",
"product_id": "openshift4/ose-ptp@sha256:ba082241f9cc57f8b35a979d7b9096bdad4c9f6dd4cdecde0e4d6eba7645d9e2_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-ptp@sha256:ba082241f9cc57f8b35a979d7b9096bdad4c9f6dd4cdecde0e4d6eba7645d9e2?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-ptp\u0026tag=v4.6.0-202201111633.p0.g8f5a67a.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-metering-ansible-operator@sha256:f976ae1318691de3da7f208bea500c745796ab9f8de712c1801268a2f431f23f_amd64",
"product": {
"name": "openshift4/ose-metering-ansible-operator@sha256:f976ae1318691de3da7f208bea500c745796ab9f8de712c1801268a2f431f23f_amd64",
"product_id": "openshift4/ose-metering-ansible-operator@sha256:f976ae1318691de3da7f208bea500c745796ab9f8de712c1801268a2f431f23f_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-metering-ansible-operator@sha256:f976ae1318691de3da7f208bea500c745796ab9f8de712c1801268a2f431f23f?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-metering-ansible-operator\u0026tag=v4.6.0-202201111855.p0.gd74112d.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-metering-helm-container-rhel8@sha256:d5a0cbbe425d23a642743748f74d4432e53ab2e30d7af633d470e7bda82a18af_amd64",
"product": {
"name": "openshift4/ose-metering-helm-container-rhel8@sha256:d5a0cbbe425d23a642743748f74d4432e53ab2e30d7af633d470e7bda82a18af_amd64",
"product_id": "openshift4/ose-metering-helm-container-rhel8@sha256:d5a0cbbe425d23a642743748f74d4432e53ab2e30d7af633d470e7bda82a18af_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-metering-helm-container-rhel8@sha256:d5a0cbbe425d23a642743748f74d4432e53ab2e30d7af633d470e7bda82a18af?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-metering-helm-container-rhel8\u0026tag=v4.6.0-202201111633.p0.gcc06fc6.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-metering-reporting-operator@sha256:677d94835e2141a208294a4c241c8ed214a6d9c5c21c03c88c7ccf19b461d3b5_amd64",
"product": {
"name": "openshift4/ose-metering-reporting-operator@sha256:677d94835e2141a208294a4c241c8ed214a6d9c5c21c03c88c7ccf19b461d3b5_amd64",
"product_id": "openshift4/ose-metering-reporting-operator@sha256:677d94835e2141a208294a4c241c8ed214a6d9c5c21c03c88c7ccf19b461d3b5_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-metering-reporting-operator@sha256:677d94835e2141a208294a4c241c8ed214a6d9c5c21c03c88c7ccf19b461d3b5?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-metering-reporting-operator\u0026tag=v4.6.0-202201111633.p0.gd74112d.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-ptp-operator@sha256:c7fec4fe430865ff8668e960cba75cb8f5c1ea448131dbc786a977ad9b988279_amd64",
"product": {
"name": "openshift4/ose-ptp-operator@sha256:c7fec4fe430865ff8668e960cba75cb8f5c1ea448131dbc786a977ad9b988279_amd64",
"product_id": "openshift4/ose-ptp-operator@sha256:c7fec4fe430865ff8668e960cba75cb8f5c1ea448131dbc786a977ad9b988279_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-ptp-operator@sha256:c7fec4fe430865ff8668e960cba75cb8f5c1ea448131dbc786a977ad9b988279?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-ptp-operator\u0026tag=v4.6.0-202201111855.p0.g97081b3.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:065ab5c72fef744a40955cc745bef43af5853ea6a92adb9282f871cfeb50ddd4_amd64",
"product": {
"name": "openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:065ab5c72fef744a40955cc745bef43af5853ea6a92adb9282f871cfeb50ddd4_amd64",
"product_id": "openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:065ab5c72fef744a40955cc745bef43af5853ea6a92adb9282f871cfeb50ddd4_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-vertical-pod-autoscaler-rhel8@sha256:065ab5c72fef744a40955cc745bef43af5853ea6a92adb9282f871cfeb50ddd4?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-vertical-pod-autoscaler-rhel8\u0026tag=v4.6.0-202201111855.p0.ga19224c.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:ea78f087daa0036569c99345c064af69d9970b6721682f435dd5e3b424ef8892_amd64",
"product": {
"name": "openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:ea78f087daa0036569c99345c064af69d9970b6721682f435dd5e3b424ef8892_amd64",
"product_id": "openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:ea78f087daa0036569c99345c064af69d9970b6721682f435dd5e3b424ef8892_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-vertical-pod-autoscaler-rhel8-operator@sha256:ea78f087daa0036569c99345c064af69d9970b6721682f435dd5e3b424ef8892?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-vertical-pod-autoscaler-rhel8-operator\u0026tag=v4.6.0-202201111855.p0.gddfb5bf.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-metering-presto@sha256:84e9cbd74084dd42bd340ff837a9fb3de1f62babcb55c4a3a684c0b9881db385_amd64",
"product": {
"name": "openshift4/ose-metering-presto@sha256:84e9cbd74084dd42bd340ff837a9fb3de1f62babcb55c4a3a684c0b9881db385_amd64",
"product_id": "openshift4/ose-metering-presto@sha256:84e9cbd74084dd42bd340ff837a9fb3de1f62babcb55c4a3a684c0b9881db385_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-metering-presto@sha256:84e9cbd74084dd42bd340ff837a9fb3de1f62babcb55c4a3a684c0b9881db385?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-metering-presto\u0026tag=v4.6.0-202201111633.p0.g190688a.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-sriov-cni@sha256:c1ee961c1df9a16a2764d252cd3ee00ccba8faa5286352c0eff96e0a06daeb85_amd64",
"product": {
"name": "openshift4/ose-sriov-cni@sha256:c1ee961c1df9a16a2764d252cd3ee00ccba8faa5286352c0eff96e0a06daeb85_amd64",
"product_id": "openshift4/ose-sriov-cni@sha256:c1ee961c1df9a16a2764d252cd3ee00ccba8faa5286352c0eff96e0a06daeb85_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-sriov-cni@sha256:c1ee961c1df9a16a2764d252cd3ee00ccba8faa5286352c0eff96e0a06daeb85?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-sriov-cni\u0026tag=v4.6.0-202201111633.p0.gd209fd9.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-sriov-dp-admission-controller@sha256:2971cf58e8005c83acfedbdc25047fc61b2857c080da9964269384b1a580facc_amd64",
"product": {
"name": "openshift4/ose-sriov-dp-admission-controller@sha256:2971cf58e8005c83acfedbdc25047fc61b2857c080da9964269384b1a580facc_amd64",
"product_id": "openshift4/ose-sriov-dp-admission-controller@sha256:2971cf58e8005c83acfedbdc25047fc61b2857c080da9964269384b1a580facc_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-sriov-dp-admission-controller@sha256:2971cf58e8005c83acfedbdc25047fc61b2857c080da9964269384b1a580facc?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-sriov-dp-admission-controller\u0026tag=v4.6.0-202201111633.p0.g907f1f6.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-sriov-network-config-daemon@sha256:17ec16af68906589680c714c3fb858fb83389e9278ca79b8f9ec4ad953821f2c_amd64",
"product": {
"name": "openshift4/ose-sriov-network-config-daemon@sha256:17ec16af68906589680c714c3fb858fb83389e9278ca79b8f9ec4ad953821f2c_amd64",
"product_id": "openshift4/ose-sriov-network-config-daemon@sha256:17ec16af68906589680c714c3fb858fb83389e9278ca79b8f9ec4ad953821f2c_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-sriov-network-config-daemon@sha256:17ec16af68906589680c714c3fb858fb83389e9278ca79b8f9ec4ad953821f2c?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-sriov-network-config-daemon\u0026tag=v4.6.0-202201111855.p0.g67dd835.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-sriov-network-device-plugin@sha256:e1f3573ca92174ca9226d60edbffa24e2f6cd4f8b6affc4381dc92b4f7f9c7c5_amd64",
"product": {
"name": "openshift4/ose-sriov-network-device-plugin@sha256:e1f3573ca92174ca9226d60edbffa24e2f6cd4f8b6affc4381dc92b4f7f9c7c5_amd64",
"product_id": "openshift4/ose-sriov-network-device-plugin@sha256:e1f3573ca92174ca9226d60edbffa24e2f6cd4f8b6affc4381dc92b4f7f9c7c5_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-sriov-network-device-plugin@sha256:e1f3573ca92174ca9226d60edbffa24e2f6cd4f8b6affc4381dc92b4f7f9c7c5?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-sriov-network-device-plugin\u0026tag=v4.6.0-202201111633.p0.g62be5ad.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-sriov-operator-must-gather@sha256:f8683e6e50556395669789acaeb433cf533dc43f77f45dcba49cbd69d3096c1b_amd64",
"product": {
"name": "openshift4/ose-sriov-operator-must-gather@sha256:f8683e6e50556395669789acaeb433cf533dc43f77f45dcba49cbd69d3096c1b_amd64",
"product_id": "openshift4/ose-sriov-operator-must-gather@sha256:f8683e6e50556395669789acaeb433cf533dc43f77f45dcba49cbd69d3096c1b_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-sriov-operator-must-gather@sha256:f8683e6e50556395669789acaeb433cf533dc43f77f45dcba49cbd69d3096c1b?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-sriov-operator-must-gather\u0026tag=v4.6.0-202201111855.p0.g67dd835.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-sriov-network-operator@sha256:49d76edf3ab80e9be59a94ec660d8168812f3455f5f10ff71826bb96969ffcec_amd64",
"product": {
"name": "openshift4/ose-sriov-network-operator@sha256:49d76edf3ab80e9be59a94ec660d8168812f3455f5f10ff71826bb96969ffcec_amd64",
"product_id": "openshift4/ose-sriov-network-operator@sha256:49d76edf3ab80e9be59a94ec660d8168812f3455f5f10ff71826bb96969ffcec_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-sriov-network-operator@sha256:49d76edf3ab80e9be59a94ec660d8168812f3455f5f10ff71826bb96969ffcec?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-sriov-network-operator\u0026tag=v4.6.0-202201111855.p0.g67dd835.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-sriov-network-webhook@sha256:f07c522de4d1858ee086ccad7d5f9c922564b0b67b6677611074f856e4334c4e_amd64",
"product": {
"name": "openshift4/ose-sriov-network-webhook@sha256:f07c522de4d1858ee086ccad7d5f9c922564b0b67b6677611074f856e4334c4e_amd64",
"product_id": "openshift4/ose-sriov-network-webhook@sha256:f07c522de4d1858ee086ccad7d5f9c922564b0b67b6677611074f856e4334c4e_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-sriov-network-webhook@sha256:f07c522de4d1858ee086ccad7d5f9c922564b0b67b6677611074f856e4334c4e?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-sriov-network-webhook\u0026tag=v4.6.0-202201111855.p0.g67dd835.assembly.stream"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift4/ose-descheduler@sha256:e1025d0ff1b498ab133c2c8c952d74a06a26767919af075616ad3e3df7e1aa7b_s390x",
"product": {
"name": "openshift4/ose-descheduler@sha256:e1025d0ff1b498ab133c2c8c952d74a06a26767919af075616ad3e3df7e1aa7b_s390x",
"product_id": "openshift4/ose-descheduler@sha256:e1025d0ff1b498ab133c2c8c952d74a06a26767919af075616ad3e3df7e1aa7b_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-descheduler@sha256:e1025d0ff1b498ab133c2c8c952d74a06a26767919af075616ad3e3df7e1aa7b?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-descheduler\u0026tag=v4.6.0-202201111633.p0.g4c0ed6d.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-node-problem-detector-rhel8@sha256:965ad84e25c85428bc5554dc24c929a294d766616649107cea227848f14605f1_s390x",
"product": {
"name": "openshift4/ose-node-problem-detector-rhel8@sha256:965ad84e25c85428bc5554dc24c929a294d766616649107cea227848f14605f1_s390x",
"product_id": "openshift4/ose-node-problem-detector-rhel8@sha256:965ad84e25c85428bc5554dc24c929a294d766616649107cea227848f14605f1_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-node-problem-detector-rhel8@sha256:965ad84e25c85428bc5554dc24c929a294d766616649107cea227848f14605f1?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-node-problem-detector-rhel8\u0026tag=v4.6.0-202201111633.p0.gb392f6d.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-cluster-logging-operator@sha256:bf1348edada5d722cfdb83a825034eed794534da4297c2cba973ce10d422f3b6_s390x",
"product": {
"name": "openshift4/ose-cluster-logging-operator@sha256:bf1348edada5d722cfdb83a825034eed794534da4297c2cba973ce10d422f3b6_s390x",
"product_id": "openshift4/ose-cluster-logging-operator@sha256:bf1348edada5d722cfdb83a825034eed794534da4297c2cba973ce10d422f3b6_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-cluster-logging-operator@sha256:bf1348edada5d722cfdb83a825034eed794534da4297c2cba973ce10d422f3b6?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-cluster-logging-operator\u0026tag=v4.6.0-202201181437.p0.g7f7eccc.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-cluster-nfd-operator@sha256:2fbdb1983c71d76bdc84593cb94b846afbe7504270ff49cf194d29f46c2a54ce_s390x",
"product": {
"name": "openshift4/ose-cluster-nfd-operator@sha256:2fbdb1983c71d76bdc84593cb94b846afbe7504270ff49cf194d29f46c2a54ce_s390x",
"product_id": "openshift4/ose-cluster-nfd-operator@sha256:2fbdb1983c71d76bdc84593cb94b846afbe7504270ff49cf194d29f46c2a54ce_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-cluster-nfd-operator@sha256:2fbdb1983c71d76bdc84593cb94b846afbe7504270ff49cf194d29f46c2a54ce?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-cluster-nfd-operator\u0026tag=v4.6.0-202201111633.p0.g791e21e.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-elasticsearch-operator@sha256:55068deddcc722093ffbaef460407c0d62b95120489994ad35a3e103ae8bb825_s390x",
"product": {
"name": "openshift4/ose-elasticsearch-operator@sha256:55068deddcc722093ffbaef460407c0d62b95120489994ad35a3e103ae8bb825_s390x",
"product_id": "openshift4/ose-elasticsearch-operator@sha256:55068deddcc722093ffbaef460407c0d62b95120489994ad35a3e103ae8bb825_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-elasticsearch-operator@sha256:55068deddcc722093ffbaef460407c0d62b95120489994ad35a3e103ae8bb825?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-elasticsearch-operator\u0026tag=v4.6.0-202201181437.p0.gd421c69.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-sriov-infiniband-cni@sha256:bd3f71cebd3399a0c610439ef26582deb6e67ca46080fe8e6c3e2b51bb95d118_s390x",
"product": {
"name": "openshift4/ose-sriov-infiniband-cni@sha256:bd3f71cebd3399a0c610439ef26582deb6e67ca46080fe8e6c3e2b51bb95d118_s390x",
"product_id": "openshift4/ose-sriov-infiniband-cni@sha256:bd3f71cebd3399a0c610439ef26582deb6e67ca46080fe8e6c3e2b51bb95d118_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-sriov-infiniband-cni@sha256:bd3f71cebd3399a0c610439ef26582deb6e67ca46080fe8e6c3e2b51bb95d118?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-sriov-infiniband-cni\u0026tag=v4.6.0-202201111633.p0.g8082d6e.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-local-storage-diskmaker@sha256:ff35c8d9cafec29f141be52773cdbfc2b4da2197c54977554662e3c5b06443ba_s390x",
"product": {
"name": "openshift4/ose-local-storage-diskmaker@sha256:ff35c8d9cafec29f141be52773cdbfc2b4da2197c54977554662e3c5b06443ba_s390x",
"product_id": "openshift4/ose-local-storage-diskmaker@sha256:ff35c8d9cafec29f141be52773cdbfc2b4da2197c54977554662e3c5b06443ba_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-local-storage-diskmaker@sha256:ff35c8d9cafec29f141be52773cdbfc2b4da2197c54977554662e3c5b06443ba?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-local-storage-diskmaker\u0026tag=v4.6.0-202201111633.p0.gfa3468d.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-local-storage-operator@sha256:2e791e91cc04924add27dd73651cc783eb0dc134a5d936245ffcdb655fee973f_s390x",
"product": {
"name": "openshift4/ose-local-storage-operator@sha256:2e791e91cc04924add27dd73651cc783eb0dc134a5d936245ffcdb655fee973f_s390x",
"product_id": "openshift4/ose-local-storage-operator@sha256:2e791e91cc04924add27dd73651cc783eb0dc134a5d936245ffcdb655fee973f_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-local-storage-operator@sha256:2e791e91cc04924add27dd73651cc783eb0dc134a5d936245ffcdb655fee973f?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-local-storage-operator\u0026tag=v4.6.0-202201111633.p0.gfa3468d.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-local-storage-static-provisioner@sha256:fce99497254da60d9ea29f8da240b21501f00369272a83229e9afe7cde4b3a9a_s390x",
"product": {
"name": "openshift4/ose-local-storage-static-provisioner@sha256:fce99497254da60d9ea29f8da240b21501f00369272a83229e9afe7cde4b3a9a_s390x",
"product_id": "openshift4/ose-local-storage-static-provisioner@sha256:fce99497254da60d9ea29f8da240b21501f00369272a83229e9afe7cde4b3a9a_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-local-storage-static-provisioner@sha256:fce99497254da60d9ea29f8da240b21501f00369272a83229e9afe7cde4b3a9a?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-local-storage-static-provisioner\u0026tag=v4.6.0-202201111633.p0.g9ee7458.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-logging-curator5@sha256:ad1bc526e85aecd53f0b8563f6461f4e93ae7929f0e124a262781859ecad2b5d_s390x",
"product": {
"name": "openshift4/ose-logging-curator5@sha256:ad1bc526e85aecd53f0b8563f6461f4e93ae7929f0e124a262781859ecad2b5d_s390x",
"product_id": "openshift4/ose-logging-curator5@sha256:ad1bc526e85aecd53f0b8563f6461f4e93ae7929f0e124a262781859ecad2b5d_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-logging-curator5@sha256:ad1bc526e85aecd53f0b8563f6461f4e93ae7929f0e124a262781859ecad2b5d?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-logging-curator5\u0026tag=v4.6.0-202201181437.p0.g181b827.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-logging-elasticsearch6@sha256:43eaa7ac445e648a9a44b6dacb87f96708d67d2bc262ff59980d8929fb20797b_s390x",
"product": {
"name": "openshift4/ose-logging-elasticsearch6@sha256:43eaa7ac445e648a9a44b6dacb87f96708d67d2bc262ff59980d8929fb20797b_s390x",
"product_id": "openshift4/ose-logging-elasticsearch6@sha256:43eaa7ac445e648a9a44b6dacb87f96708d67d2bc262ff59980d8929fb20797b_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-logging-elasticsearch6@sha256:43eaa7ac445e648a9a44b6dacb87f96708d67d2bc262ff59980d8929fb20797b?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-logging-elasticsearch6\u0026tag=v4.6.0-202201181437.p0.g181b827.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-logging-eventrouter@sha256:3ce7b7b2c42de34e85ec322e781da324de0be3642acd1cbe7b51bc584a9266c0_s390x",
"product": {
"name": "openshift4/ose-logging-eventrouter@sha256:3ce7b7b2c42de34e85ec322e781da324de0be3642acd1cbe7b51bc584a9266c0_s390x",
"product_id": "openshift4/ose-logging-eventrouter@sha256:3ce7b7b2c42de34e85ec322e781da324de0be3642acd1cbe7b51bc584a9266c0_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-logging-eventrouter@sha256:3ce7b7b2c42de34e85ec322e781da324de0be3642acd1cbe7b51bc584a9266c0?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-logging-eventrouter\u0026tag=v4.6.0-202201111633.p0.g131cfe6.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-logging-fluentd@sha256:4868be0ee955c03af2def300abc0462f1c9644f9247584e30fdccc2d8780679e_s390x",
"product": {
"name": "openshift4/ose-logging-fluentd@sha256:4868be0ee955c03af2def300abc0462f1c9644f9247584e30fdccc2d8780679e_s390x",
"product_id": "openshift4/ose-logging-fluentd@sha256:4868be0ee955c03af2def300abc0462f1c9644f9247584e30fdccc2d8780679e_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-logging-fluentd@sha256:4868be0ee955c03af2def300abc0462f1c9644f9247584e30fdccc2d8780679e?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-logging-fluentd\u0026tag=v4.6.0-202201181437.p0.g181b827.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-logging-kibana6@sha256:1b4742afd01443ad4b3e06b3fcaee1d5eb111db7a348f8b8a993e6d25da43460_s390x",
"product": {
"name": "openshift4/ose-logging-kibana6@sha256:1b4742afd01443ad4b3e06b3fcaee1d5eb111db7a348f8b8a993e6d25da43460_s390x",
"product_id": "openshift4/ose-logging-kibana6@sha256:1b4742afd01443ad4b3e06b3fcaee1d5eb111db7a348f8b8a993e6d25da43460_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-logging-kibana6@sha256:1b4742afd01443ad4b3e06b3fcaee1d5eb111db7a348f8b8a993e6d25da43460?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-logging-kibana6\u0026tag=v4.6.0-202201181437.p0.g181b827.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-node-feature-discovery@sha256:232d317b3a859141cafea76fce1177284a2a2d58294acef23c7f73214bd5a43f_s390x",
"product": {
"name": "openshift4/ose-node-feature-discovery@sha256:232d317b3a859141cafea76fce1177284a2a2d58294acef23c7f73214bd5a43f_s390x",
"product_id": "openshift4/ose-node-feature-discovery@sha256:232d317b3a859141cafea76fce1177284a2a2d58294acef23c7f73214bd5a43f_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-node-feature-discovery@sha256:232d317b3a859141cafea76fce1177284a2a2d58294acef23c7f73214bd5a43f?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-node-feature-discovery\u0026tag=v4.6.0-202201111633.p0.ge75e467.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-ansible-operator@sha256:0ead3c605631206f123a4c3b4c7b5e1249541d993d75c1a7cbaacae57bd047e7_s390x",
"product": {
"name": "openshift4/ose-ansible-operator@sha256:0ead3c605631206f123a4c3b4c7b5e1249541d993d75c1a7cbaacae57bd047e7_s390x",
"product_id": "openshift4/ose-ansible-operator@sha256:0ead3c605631206f123a4c3b4c7b5e1249541d993d75c1a7cbaacae57bd047e7_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-ansible-operator@sha256:0ead3c605631206f123a4c3b4c7b5e1249541d993d75c1a7cbaacae57bd047e7?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-ansible-operator\u0026tag=v4.6.0-202201111855.p0.gf65b49e.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-cluster-capacity@sha256:914377c29c441b67235d5da849da9d5d2ca0c206eff6092f81cba427359a6a68_s390x",
"product": {
"name": "openshift4/ose-cluster-capacity@sha256:914377c29c441b67235d5da849da9d5d2ca0c206eff6092f81cba427359a6a68_s390x",
"product_id": "openshift4/ose-cluster-capacity@sha256:914377c29c441b67235d5da849da9d5d2ca0c206eff6092f81cba427359a6a68_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-cluster-capacity@sha256:914377c29c441b67235d5da849da9d5d2ca0c206eff6092f81cba427359a6a68?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-cluster-capacity\u0026tag=v4.6.0-202201111633.p0.g44065a4.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-egress-dns-proxy@sha256:12b125762c840f8f556b5338f26543c56358cb2a4e0da718f28c537c17978e92_s390x",
"product": {
"name": "openshift4/ose-egress-dns-proxy@sha256:12b125762c840f8f556b5338f26543c56358cb2a4e0da718f28c537c17978e92_s390x",
"product_id": "openshift4/ose-egress-dns-proxy@sha256:12b125762c840f8f556b5338f26543c56358cb2a4e0da718f28c537c17978e92_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-egress-dns-proxy@sha256:12b125762c840f8f556b5338f26543c56358cb2a4e0da718f28c537c17978e92?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-egress-dns-proxy\u0026tag=v4.6.0-202201120855.p0.g618b71d.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-egress-router@sha256:3fa086ab7418aade16598fdaab31318d6fea99d27b8e8cdc70c91aa14c970720_s390x",
"product": {
"name": "openshift4/ose-egress-router@sha256:3fa086ab7418aade16598fdaab31318d6fea99d27b8e8cdc70c91aa14c970720_s390x",
"product_id": "openshift4/ose-egress-router@sha256:3fa086ab7418aade16598fdaab31318d6fea99d27b8e8cdc70c91aa14c970720_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-egress-router@sha256:3fa086ab7418aade16598fdaab31318d6fea99d27b8e8cdc70c91aa14c970720?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-egress-router\u0026tag=v4.6.0-202201111633.p0.g618b71d.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-helm-operator@sha256:23a05fd7b6dcdeec80089baf3ed23b4d601ac33f05bbf90b518aee0096f2e93a_s390x",
"product": {
"name": "openshift4/ose-helm-operator@sha256:23a05fd7b6dcdeec80089baf3ed23b4d601ac33f05bbf90b518aee0096f2e93a_s390x",
"product_id": "openshift4/ose-helm-operator@sha256:23a05fd7b6dcdeec80089baf3ed23b4d601ac33f05bbf90b518aee0096f2e93a_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-helm-operator@sha256:23a05fd7b6dcdeec80089baf3ed23b4d601ac33f05bbf90b518aee0096f2e93a?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-helm-operator\u0026tag=v4.6.0-202201111633.p0.gf65b49e.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-service-idler-rhel8@sha256:cd5a9bac048f8cad9f2a176101617712daad243e928db57c021c6da52774d953_s390x",
"product": {
"name": "openshift4/ose-service-idler-rhel8@sha256:cd5a9bac048f8cad9f2a176101617712daad243e928db57c021c6da52774d953_s390x",
"product_id": "openshift4/ose-service-idler-rhel8@sha256:cd5a9bac048f8cad9f2a176101617712daad243e928db57c021c6da52774d953_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-service-idler-rhel8@sha256:cd5a9bac048f8cad9f2a176101617712daad243e928db57c021c6da52774d953?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-service-idler-rhel8\u0026tag=v4.6.0-202201111633.p0.g39cfc66.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-cluster-kube-descheduler-operator@sha256:3089ef3143857097229cf2b1098125c3bd889d920cbcd1e90e93870a4536a315_s390x",
"product": {
"name": "openshift4/ose-cluster-kube-descheduler-operator@sha256:3089ef3143857097229cf2b1098125c3bd889d920cbcd1e90e93870a4536a315_s390x",
"product_id": "openshift4/ose-cluster-kube-descheduler-operator@sha256:3089ef3143857097229cf2b1098125c3bd889d920cbcd1e90e93870a4536a315_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-cluster-kube-descheduler-operator@sha256:3089ef3143857097229cf2b1098125c3bd889d920cbcd1e90e93870a4536a315?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-cluster-kube-descheduler-operator\u0026tag=v4.6.0-202201111855.p0.gbd1f995.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:3089ef3143857097229cf2b1098125c3bd889d920cbcd1e90e93870a4536a315_s390x",
"product": {
"name": "openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:3089ef3143857097229cf2b1098125c3bd889d920cbcd1e90e93870a4536a315_s390x",
"product_id": "openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:3089ef3143857097229cf2b1098125c3bd889d920cbcd1e90e93870a4536a315_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-cluster-kube-descheduler-rhel8-operator@sha256:3089ef3143857097229cf2b1098125c3bd889d920cbcd1e90e93870a4536a315?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-cluster-kube-descheduler-rhel8-operator\u0026tag=v4.6.0-202201111855.p0.gbd1f995.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-clusterresourceoverride-rhel8@sha256:af98ba0a7ae3b124c167043e04b1cf494a9a3fb5a8a6870456ee74b769f3505e_s390x",
"product": {
"name": "openshift4/ose-clusterresourceoverride-rhel8@sha256:af98ba0a7ae3b124c167043e04b1cf494a9a3fb5a8a6870456ee74b769f3505e_s390x",
"product_id": "openshift4/ose-clusterresourceoverride-rhel8@sha256:af98ba0a7ae3b124c167043e04b1cf494a9a3fb5a8a6870456ee74b769f3505e_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-clusterresourceoverride-rhel8@sha256:af98ba0a7ae3b124c167043e04b1cf494a9a3fb5a8a6870456ee74b769f3505e?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-clusterresourceoverride-rhel8\u0026tag=v4.6.0-202201111633.p0.gfabfa8b.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:de31cfdda8f79d6d1712df654fb70f9b51ad59526751ee4cdded28b26924f64f_s390x",
"product": {
"name": "openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:de31cfdda8f79d6d1712df654fb70f9b51ad59526751ee4cdded28b26924f64f_s390x",
"product_id": "openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:de31cfdda8f79d6d1712df654fb70f9b51ad59526751ee4cdded28b26924f64f_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-clusterresourceoverride-rhel8-operator@sha256:de31cfdda8f79d6d1712df654fb70f9b51ad59526751ee4cdded28b26924f64f?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-clusterresourceoverride-rhel8-operator\u0026tag=v4.6.0-202201111633.p0.g9c75ad0.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-egress-http-proxy@sha256:55731345ef77fdbf7592fa6c6385674111203be5aaa5d6bb01b86ce12da290f2_s390x",
"product": {
"name": "openshift4/ose-egress-http-proxy@sha256:55731345ef77fdbf7592fa6c6385674111203be5aaa5d6bb01b86ce12da290f2_s390x",
"product_id": "openshift4/ose-egress-http-proxy@sha256:55731345ef77fdbf7592fa6c6385674111203be5aaa5d6bb01b86ce12da290f2_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-egress-http-proxy@sha256:55731345ef77fdbf7592fa6c6385674111203be5aaa5d6bb01b86ce12da290f2?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-egress-http-proxy\u0026tag=v4.6.0-202201111633.p0.g618b71d.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-elasticsearch-proxy@sha256:30b5c49a7818318dca3ee1fabed17881ff1aaf7d85129ca28375754acefa01c1_s390x",
"product": {
"name": "openshift4/ose-elasticsearch-proxy@sha256:30b5c49a7818318dca3ee1fabed17881ff1aaf7d85129ca28375754acefa01c1_s390x",
"product_id": "openshift4/ose-elasticsearch-proxy@sha256:30b5c49a7818318dca3ee1fabed17881ff1aaf7d85129ca28375754acefa01c1_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-elasticsearch-proxy@sha256:30b5c49a7818318dca3ee1fabed17881ff1aaf7d85129ca28375754acefa01c1?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-elasticsearch-proxy\u0026tag=v4.6.0-202201111633.p0.g12d80b2.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:18b19dd12254c5ce801ca4876c517a804dc1135104aada08822b8a1a01dea88b_s390x",
"product": {
"name": "openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:18b19dd12254c5ce801ca4876c517a804dc1135104aada08822b8a1a01dea88b_s390x",
"product_id": "openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:18b19dd12254c5ce801ca4876c517a804dc1135104aada08822b8a1a01dea88b_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-jenkins-agent-nodejs-10-rhel8@sha256:18b19dd12254c5ce801ca4876c517a804dc1135104aada08822b8a1a01dea88b?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-jenkins-agent-nodejs-10-rhel8\u0026tag=v4.6.0-202201111855.p0.g3c3794f.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-ptp@sha256:7ccfbebc93d0f6d2e48d1940fec540bd809ecfb81be7940431466ca950420acd_s390x",
"product": {
"name": "openshift4/ose-ptp@sha256:7ccfbebc93d0f6d2e48d1940fec540bd809ecfb81be7940431466ca950420acd_s390x",
"product_id": "openshift4/ose-ptp@sha256:7ccfbebc93d0f6d2e48d1940fec540bd809ecfb81be7940431466ca950420acd_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-ptp@sha256:7ccfbebc93d0f6d2e48d1940fec540bd809ecfb81be7940431466ca950420acd?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-ptp\u0026tag=v4.6.0-202201111633.p0.g8f5a67a.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-metering-helm-container-rhel8@sha256:3c14ff447fbbccf0c201585598492336cdc9c7abec6be7e80e8df8ce15320ddc_s390x",
"product": {
"name": "openshift4/ose-metering-helm-container-rhel8@sha256:3c14ff447fbbccf0c201585598492336cdc9c7abec6be7e80e8df8ce15320ddc_s390x",
"product_id": "openshift4/ose-metering-helm-container-rhel8@sha256:3c14ff447fbbccf0c201585598492336cdc9c7abec6be7e80e8df8ce15320ddc_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-metering-helm-container-rhel8@sha256:3c14ff447fbbccf0c201585598492336cdc9c7abec6be7e80e8df8ce15320ddc?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-metering-helm-container-rhel8\u0026tag=v4.6.0-202201111633.p0.gcc06fc6.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-ptp-operator@sha256:baf9d876219182ca7f3f684640d361a55e43570446eed059f7061e8ff429f551_s390x",
"product": {
"name": "openshift4/ose-ptp-operator@sha256:baf9d876219182ca7f3f684640d361a55e43570446eed059f7061e8ff429f551_s390x",
"product_id": "openshift4/ose-ptp-operator@sha256:baf9d876219182ca7f3f684640d361a55e43570446eed059f7061e8ff429f551_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-ptp-operator@sha256:baf9d876219182ca7f3f684640d361a55e43570446eed059f7061e8ff429f551?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-ptp-operator\u0026tag=v4.6.0-202201111855.p0.g97081b3.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:a29b643415ccdec3c5d8157253b7273a0808de56f0dfe5329242dfcca8726700_s390x",
"product": {
"name": "openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:a29b643415ccdec3c5d8157253b7273a0808de56f0dfe5329242dfcca8726700_s390x",
"product_id": "openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:a29b643415ccdec3c5d8157253b7273a0808de56f0dfe5329242dfcca8726700_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-vertical-pod-autoscaler-rhel8@sha256:a29b643415ccdec3c5d8157253b7273a0808de56f0dfe5329242dfcca8726700?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-vertical-pod-autoscaler-rhel8\u0026tag=v4.6.0-202201111855.p0.ga19224c.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:271c133e0d283cd7bec61eb7d3201218fced204b1101fafdcd06998fb17f088b_s390x",
"product": {
"name": "openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:271c133e0d283cd7bec61eb7d3201218fced204b1101fafdcd06998fb17f088b_s390x",
"product_id": "openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:271c133e0d283cd7bec61eb7d3201218fced204b1101fafdcd06998fb17f088b_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-vertical-pod-autoscaler-rhel8-operator@sha256:271c133e0d283cd7bec61eb7d3201218fced204b1101fafdcd06998fb17f088b?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-vertical-pod-autoscaler-rhel8-operator\u0026tag=v4.6.0-202201111855.p0.gddfb5bf.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-sriov-cni@sha256:e2161e3b282a02da7abc69b4d001ed19cffa1bee9e8275b5ee28874fcbd81670_s390x",
"product": {
"name": "openshift4/ose-sriov-cni@sha256:e2161e3b282a02da7abc69b4d001ed19cffa1bee9e8275b5ee28874fcbd81670_s390x",
"product_id": "openshift4/ose-sriov-cni@sha256:e2161e3b282a02da7abc69b4d001ed19cffa1bee9e8275b5ee28874fcbd81670_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-sriov-cni@sha256:e2161e3b282a02da7abc69b4d001ed19cffa1bee9e8275b5ee28874fcbd81670?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-sriov-cni\u0026tag=v4.6.0-202201111633.p0.gd209fd9.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-sriov-dp-admission-controller@sha256:9a10666afe36a5cfe9d184cc05e9505208ce48756637309767a9b1206b90c36f_s390x",
"product": {
"name": "openshift4/ose-sriov-dp-admission-controller@sha256:9a10666afe36a5cfe9d184cc05e9505208ce48756637309767a9b1206b90c36f_s390x",
"product_id": "openshift4/ose-sriov-dp-admission-controller@sha256:9a10666afe36a5cfe9d184cc05e9505208ce48756637309767a9b1206b90c36f_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-sriov-dp-admission-controller@sha256:9a10666afe36a5cfe9d184cc05e9505208ce48756637309767a9b1206b90c36f?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-sriov-dp-admission-controller\u0026tag=v4.6.0-202201111633.p0.g907f1f6.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-sriov-network-config-daemon@sha256:ddad2bc791774d3b8b98eec435a9a74bef2ca20a6dfc9b45c3020c03f3c03b73_s390x",
"product": {
"name": "openshift4/ose-sriov-network-config-daemon@sha256:ddad2bc791774d3b8b98eec435a9a74bef2ca20a6dfc9b45c3020c03f3c03b73_s390x",
"product_id": "openshift4/ose-sriov-network-config-daemon@sha256:ddad2bc791774d3b8b98eec435a9a74bef2ca20a6dfc9b45c3020c03f3c03b73_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-sriov-network-config-daemon@sha256:ddad2bc791774d3b8b98eec435a9a74bef2ca20a6dfc9b45c3020c03f3c03b73?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-sriov-network-config-daemon\u0026tag=v4.6.0-202201111855.p0.g67dd835.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-sriov-network-device-plugin@sha256:ce8ac507dc8593513b6e1b72ed497f5cb8699a28fb812290cf74f441ebf360d5_s390x",
"product": {
"name": "openshift4/ose-sriov-network-device-plugin@sha256:ce8ac507dc8593513b6e1b72ed497f5cb8699a28fb812290cf74f441ebf360d5_s390x",
"product_id": "openshift4/ose-sriov-network-device-plugin@sha256:ce8ac507dc8593513b6e1b72ed497f5cb8699a28fb812290cf74f441ebf360d5_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-sriov-network-device-plugin@sha256:ce8ac507dc8593513b6e1b72ed497f5cb8699a28fb812290cf74f441ebf360d5?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-sriov-network-device-plugin\u0026tag=v4.6.0-202201111633.p0.g62be5ad.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-sriov-operator-must-gather@sha256:2a8e8fa7b43091882a5ee187715c7aafff72e361a8a75e0878068fcdb03f8a46_s390x",
"product": {
"name": "openshift4/ose-sriov-operator-must-gather@sha256:2a8e8fa7b43091882a5ee187715c7aafff72e361a8a75e0878068fcdb03f8a46_s390x",
"product_id": "openshift4/ose-sriov-operator-must-gather@sha256:2a8e8fa7b43091882a5ee187715c7aafff72e361a8a75e0878068fcdb03f8a46_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-sriov-operator-must-gather@sha256:2a8e8fa7b43091882a5ee187715c7aafff72e361a8a75e0878068fcdb03f8a46?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-sriov-operator-must-gather\u0026tag=v4.6.0-202201111855.p0.g67dd835.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-sriov-network-operator@sha256:5dd21faf10657adb2e4bfeecdc7b04bfaa29938c19ffe57d88677553b5a1e79f_s390x",
"product": {
"name": "openshift4/ose-sriov-network-operator@sha256:5dd21faf10657adb2e4bfeecdc7b04bfaa29938c19ffe57d88677553b5a1e79f_s390x",
"product_id": "openshift4/ose-sriov-network-operator@sha256:5dd21faf10657adb2e4bfeecdc7b04bfaa29938c19ffe57d88677553b5a1e79f_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-sriov-network-operator@sha256:5dd21faf10657adb2e4bfeecdc7b04bfaa29938c19ffe57d88677553b5a1e79f?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-sriov-network-operator\u0026tag=v4.6.0-202201111855.p0.g67dd835.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-sriov-network-webhook@sha256:caf2e25693bcfd91e9e7f7892e8cab4629ee1c25563f9e8c9904142c3e84cc48_s390x",
"product": {
"name": "openshift4/ose-sriov-network-webhook@sha256:caf2e25693bcfd91e9e7f7892e8cab4629ee1c25563f9e8c9904142c3e84cc48_s390x",
"product_id": "openshift4/ose-sriov-network-webhook@sha256:caf2e25693bcfd91e9e7f7892e8cab4629ee1c25563f9e8c9904142c3e84cc48_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-sriov-network-webhook@sha256:caf2e25693bcfd91e9e7f7892e8cab4629ee1c25563f9e8c9904142c3e84cc48?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-sriov-network-webhook\u0026tag=v4.6.0-202201111855.p0.g67dd835.assembly.stream"
}
}
}
],
"category": "architecture",
"name": "s390x"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-ansible-operator@sha256:0ead3c605631206f123a4c3b4c7b5e1249541d993d75c1a7cbaacae57bd047e7_s390x as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:0ead3c605631206f123a4c3b4c7b5e1249541d993d75c1a7cbaacae57bd047e7_s390x"
},
"product_reference": "openshift4/ose-ansible-operator@sha256:0ead3c605631206f123a4c3b4c7b5e1249541d993d75c1a7cbaacae57bd047e7_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-ansible-operator@sha256:6e7666c52fca236c7708df93a64720b1bc94d9997c5cca300fb78a5301a811d3_amd64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:6e7666c52fca236c7708df93a64720b1bc94d9997c5cca300fb78a5301a811d3_amd64"
},
"product_reference": "openshift4/ose-ansible-operator@sha256:6e7666c52fca236c7708df93a64720b1bc94d9997c5cca300fb78a5301a811d3_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-ansible-operator@sha256:9851086ac084c5187482604b55b216009af51174b51b0a4ecaa22ae6965bdfac_ppc64le as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:9851086ac084c5187482604b55b216009af51174b51b0a4ecaa22ae6965bdfac_ppc64le"
},
"product_reference": "openshift4/ose-ansible-operator@sha256:9851086ac084c5187482604b55b216009af51174b51b0a4ecaa22ae6965bdfac_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cluster-capacity@sha256:538543b6ea1186ba46340e2fc0752dc397bc2bde989fa356427aa991ef52b23f_ppc64le as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:538543b6ea1186ba46340e2fc0752dc397bc2bde989fa356427aa991ef52b23f_ppc64le"
},
"product_reference": "openshift4/ose-cluster-capacity@sha256:538543b6ea1186ba46340e2fc0752dc397bc2bde989fa356427aa991ef52b23f_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cluster-capacity@sha256:552025bcda355dc99917e2a454b11df197c7033ec3468752db7f4f55385c0009_amd64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:552025bcda355dc99917e2a454b11df197c7033ec3468752db7f4f55385c0009_amd64"
},
"product_reference": "openshift4/ose-cluster-capacity@sha256:552025bcda355dc99917e2a454b11df197c7033ec3468752db7f4f55385c0009_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cluster-capacity@sha256:914377c29c441b67235d5da849da9d5d2ca0c206eff6092f81cba427359a6a68_s390x as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:914377c29c441b67235d5da849da9d5d2ca0c206eff6092f81cba427359a6a68_s390x"
},
"product_reference": "openshift4/ose-cluster-capacity@sha256:914377c29c441b67235d5da849da9d5d2ca0c206eff6092f81cba427359a6a68_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cluster-kube-descheduler-operator@sha256:3089ef3143857097229cf2b1098125c3bd889d920cbcd1e90e93870a4536a315_s390x as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:3089ef3143857097229cf2b1098125c3bd889d920cbcd1e90e93870a4536a315_s390x"
},
"product_reference": "openshift4/ose-cluster-kube-descheduler-operator@sha256:3089ef3143857097229cf2b1098125c3bd889d920cbcd1e90e93870a4536a315_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cluster-kube-descheduler-operator@sha256:3487912c66a6b61677be483ad0d48d404933d4f2c855a962b0038adefda820ac_amd64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:3487912c66a6b61677be483ad0d48d404933d4f2c855a962b0038adefda820ac_amd64"
},
"product_reference": "openshift4/ose-cluster-kube-descheduler-operator@sha256:3487912c66a6b61677be483ad0d48d404933d4f2c855a962b0038adefda820ac_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cluster-kube-descheduler-operator@sha256:b10e9335ffcb0c66cc733c493e7e90c81ecdc62fe74cb628260553141dd0e768_ppc64le as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:b10e9335ffcb0c66cc733c493e7e90c81ecdc62fe74cb628260553141dd0e768_ppc64le"
},
"product_reference": "openshift4/ose-cluster-kube-descheduler-operator@sha256:b10e9335ffcb0c66cc733c493e7e90c81ecdc62fe74cb628260553141dd0e768_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:3089ef3143857097229cf2b1098125c3bd889d920cbcd1e90e93870a4536a315_s390x as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:3089ef3143857097229cf2b1098125c3bd889d920cbcd1e90e93870a4536a315_s390x"
},
"product_reference": "openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:3089ef3143857097229cf2b1098125c3bd889d920cbcd1e90e93870a4536a315_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:3487912c66a6b61677be483ad0d48d404933d4f2c855a962b0038adefda820ac_amd64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:3487912c66a6b61677be483ad0d48d404933d4f2c855a962b0038adefda820ac_amd64"
},
"product_reference": "openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:3487912c66a6b61677be483ad0d48d404933d4f2c855a962b0038adefda820ac_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:b10e9335ffcb0c66cc733c493e7e90c81ecdc62fe74cb628260553141dd0e768_ppc64le as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:b10e9335ffcb0c66cc733c493e7e90c81ecdc62fe74cb628260553141dd0e768_ppc64le"
},
"product_reference": "openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:b10e9335ffcb0c66cc733c493e7e90c81ecdc62fe74cb628260553141dd0e768_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cluster-logging-operator@sha256:2f8c778281b547d7f8a6926b4527651f1b93cbc836b4f567251b436406ae531d_amd64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-cluster-logging-operator@sha256:2f8c778281b547d7f8a6926b4527651f1b93cbc836b4f567251b436406ae531d_amd64"
},
"product_reference": "openshift4/ose-cluster-logging-operator@sha256:2f8c778281b547d7f8a6926b4527651f1b93cbc836b4f567251b436406ae531d_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cluster-logging-operator@sha256:35b7c99ee5ef1e05c31713148ca45795d11fb8cec14f5b73a5082edde1a420dd_ppc64le as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-cluster-logging-operator@sha256:35b7c99ee5ef1e05c31713148ca45795d11fb8cec14f5b73a5082edde1a420dd_ppc64le"
},
"product_reference": "openshift4/ose-cluster-logging-operator@sha256:35b7c99ee5ef1e05c31713148ca45795d11fb8cec14f5b73a5082edde1a420dd_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cluster-logging-operator@sha256:bf1348edada5d722cfdb83a825034eed794534da4297c2cba973ce10d422f3b6_s390x as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-cluster-logging-operator@sha256:bf1348edada5d722cfdb83a825034eed794534da4297c2cba973ce10d422f3b6_s390x"
},
"product_reference": "openshift4/ose-cluster-logging-operator@sha256:bf1348edada5d722cfdb83a825034eed794534da4297c2cba973ce10d422f3b6_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cluster-nfd-operator@sha256:2fbdb1983c71d76bdc84593cb94b846afbe7504270ff49cf194d29f46c2a54ce_s390x as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-cluster-nfd-operator@sha256:2fbdb1983c71d76bdc84593cb94b846afbe7504270ff49cf194d29f46c2a54ce_s390x"
},
"product_reference": "openshift4/ose-cluster-nfd-operator@sha256:2fbdb1983c71d76bdc84593cb94b846afbe7504270ff49cf194d29f46c2a54ce_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cluster-nfd-operator@sha256:60e1a506e61226b57744b5023b8683745b602b32570c844631c5516e277cea4d_amd64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-cluster-nfd-operator@sha256:60e1a506e61226b57744b5023b8683745b602b32570c844631c5516e277cea4d_amd64"
},
"product_reference": "openshift4/ose-cluster-nfd-operator@sha256:60e1a506e61226b57744b5023b8683745b602b32570c844631c5516e277cea4d_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cluster-nfd-operator@sha256:837499b03eb6d86f40c9376d7f58ca99736fb028b9171215c9c11b3b7c9e1ea5_ppc64le as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-cluster-nfd-operator@sha256:837499b03eb6d86f40c9376d7f58ca99736fb028b9171215c9c11b3b7c9e1ea5_ppc64le"
},
"product_reference": "openshift4/ose-cluster-nfd-operator@sha256:837499b03eb6d86f40c9376d7f58ca99736fb028b9171215c9c11b3b7c9e1ea5_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:9be5d1bd86525b465f4e21734fb64cf33d06a558628abe51355818eec90d6c5b_ppc64le as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:9be5d1bd86525b465f4e21734fb64cf33d06a558628abe51355818eec90d6c5b_ppc64le"
},
"product_reference": "openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:9be5d1bd86525b465f4e21734fb64cf33d06a558628abe51355818eec90d6c5b_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:de31cfdda8f79d6d1712df654fb70f9b51ad59526751ee4cdded28b26924f64f_s390x as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:de31cfdda8f79d6d1712df654fb70f9b51ad59526751ee4cdded28b26924f64f_s390x"
},
"product_reference": "openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:de31cfdda8f79d6d1712df654fb70f9b51ad59526751ee4cdded28b26924f64f_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:f5a0bbf1cdee2baeeeef4a68f9c2778b3e32803aa39d3a5225ab14c5a834abda_amd64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:f5a0bbf1cdee2baeeeef4a68f9c2778b3e32803aa39d3a5225ab14c5a834abda_amd64"
},
"product_reference": "openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:f5a0bbf1cdee2baeeeef4a68f9c2778b3e32803aa39d3a5225ab14c5a834abda_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-clusterresourceoverride-rhel8@sha256:135edfa97d1e2c97e4d71e91f22cf412df20b1a2f985f9dace339ff6419b0afe_amd64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8@sha256:135edfa97d1e2c97e4d71e91f22cf412df20b1a2f985f9dace339ff6419b0afe_amd64"
},
"product_reference": "openshift4/ose-clusterresourceoverride-rhel8@sha256:135edfa97d1e2c97e4d71e91f22cf412df20b1a2f985f9dace339ff6419b0afe_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-clusterresourceoverride-rhel8@sha256:67a5e7a3e155fee5aea31f5ff6191071f2dafdb3cf5f8f107fee7f749bac70b3_ppc64le as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8@sha256:67a5e7a3e155fee5aea31f5ff6191071f2dafdb3cf5f8f107fee7f749bac70b3_ppc64le"
},
"product_reference": "openshift4/ose-clusterresourceoverride-rhel8@sha256:67a5e7a3e155fee5aea31f5ff6191071f2dafdb3cf5f8f107fee7f749bac70b3_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-clusterresourceoverride-rhel8@sha256:af98ba0a7ae3b124c167043e04b1cf494a9a3fb5a8a6870456ee74b769f3505e_s390x as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8@sha256:af98ba0a7ae3b124c167043e04b1cf494a9a3fb5a8a6870456ee74b769f3505e_s390x"
},
"product_reference": "openshift4/ose-clusterresourceoverride-rhel8@sha256:af98ba0a7ae3b124c167043e04b1cf494a9a3fb5a8a6870456ee74b769f3505e_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-descheduler@sha256:13b72f06cf0587747fb189781a85a79e9d3245e9add207afba714b85659ccf51_amd64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:13b72f06cf0587747fb189781a85a79e9d3245e9add207afba714b85659ccf51_amd64"
},
"product_reference": "openshift4/ose-descheduler@sha256:13b72f06cf0587747fb189781a85a79e9d3245e9add207afba714b85659ccf51_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-descheduler@sha256:e1025d0ff1b498ab133c2c8c952d74a06a26767919af075616ad3e3df7e1aa7b_s390x as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:e1025d0ff1b498ab133c2c8c952d74a06a26767919af075616ad3e3df7e1aa7b_s390x"
},
"product_reference": "openshift4/ose-descheduler@sha256:e1025d0ff1b498ab133c2c8c952d74a06a26767919af075616ad3e3df7e1aa7b_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-descheduler@sha256:e1f0421a3d7c05e9d89336b1a5d992aa794a707b45a7f19c24ba6fbf731fc030_ppc64le as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:e1f0421a3d7c05e9d89336b1a5d992aa794a707b45a7f19c24ba6fbf731fc030_ppc64le"
},
"product_reference": "openshift4/ose-descheduler@sha256:e1f0421a3d7c05e9d89336b1a5d992aa794a707b45a7f19c24ba6fbf731fc030_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-egress-dns-proxy@sha256:06a4ed599ae7598453ea474092c8515b2bead4631d5fc22848f19100b3d8d34a_amd64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-egress-dns-proxy@sha256:06a4ed599ae7598453ea474092c8515b2bead4631d5fc22848f19100b3d8d34a_amd64"
},
"product_reference": "openshift4/ose-egress-dns-proxy@sha256:06a4ed599ae7598453ea474092c8515b2bead4631d5fc22848f19100b3d8d34a_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-egress-dns-proxy@sha256:12b125762c840f8f556b5338f26543c56358cb2a4e0da718f28c537c17978e92_s390x as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-egress-dns-proxy@sha256:12b125762c840f8f556b5338f26543c56358cb2a4e0da718f28c537c17978e92_s390x"
},
"product_reference": "openshift4/ose-egress-dns-proxy@sha256:12b125762c840f8f556b5338f26543c56358cb2a4e0da718f28c537c17978e92_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-egress-dns-proxy@sha256:27f0d36b1d6e0b9f746d4645444311c80ce0b3bf2a7a1f40619e6abf5ebacdac_ppc64le as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-egress-dns-proxy@sha256:27f0d36b1d6e0b9f746d4645444311c80ce0b3bf2a7a1f40619e6abf5ebacdac_ppc64le"
},
"product_reference": "openshift4/ose-egress-dns-proxy@sha256:27f0d36b1d6e0b9f746d4645444311c80ce0b3bf2a7a1f40619e6abf5ebacdac_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-egress-http-proxy@sha256:1995f9ac67fec2ed8872a89fe7bf7bb72d9a25d50dc3f6060ae6cb7ca0b1cc50_ppc64le as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-egress-http-proxy@sha256:1995f9ac67fec2ed8872a89fe7bf7bb72d9a25d50dc3f6060ae6cb7ca0b1cc50_ppc64le"
},
"product_reference": "openshift4/ose-egress-http-proxy@sha256:1995f9ac67fec2ed8872a89fe7bf7bb72d9a25d50dc3f6060ae6cb7ca0b1cc50_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-egress-http-proxy@sha256:55731345ef77fdbf7592fa6c6385674111203be5aaa5d6bb01b86ce12da290f2_s390x as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-egress-http-proxy@sha256:55731345ef77fdbf7592fa6c6385674111203be5aaa5d6bb01b86ce12da290f2_s390x"
},
"product_reference": "openshift4/ose-egress-http-proxy@sha256:55731345ef77fdbf7592fa6c6385674111203be5aaa5d6bb01b86ce12da290f2_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-egress-http-proxy@sha256:989062e17028afc452b6049eeb2b49988dbca1857b5be4c0ebc0d540ef4a9f0c_amd64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-egress-http-proxy@sha256:989062e17028afc452b6049eeb2b49988dbca1857b5be4c0ebc0d540ef4a9f0c_amd64"
},
"product_reference": "openshift4/ose-egress-http-proxy@sha256:989062e17028afc452b6049eeb2b49988dbca1857b5be4c0ebc0d540ef4a9f0c_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-egress-router@sha256:3fa086ab7418aade16598fdaab31318d6fea99d27b8e8cdc70c91aa14c970720_s390x as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-egress-router@sha256:3fa086ab7418aade16598fdaab31318d6fea99d27b8e8cdc70c91aa14c970720_s390x"
},
"product_reference": "openshift4/ose-egress-router@sha256:3fa086ab7418aade16598fdaab31318d6fea99d27b8e8cdc70c91aa14c970720_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-egress-router@sha256:abc06cbf734379c3460d401eae44981d01f2489d85ba128d6c25ad4e9cc4ac5a_amd64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-egress-router@sha256:abc06cbf734379c3460d401eae44981d01f2489d85ba128d6c25ad4e9cc4ac5a_amd64"
},
"product_reference": "openshift4/ose-egress-router@sha256:abc06cbf734379c3460d401eae44981d01f2489d85ba128d6c25ad4e9cc4ac5a_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-egress-router@sha256:b793400ba4ca8347fed2769021f45589e96394d7f3f1b67d08e3787484193a8d_ppc64le as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-egress-router@sha256:b793400ba4ca8347fed2769021f45589e96394d7f3f1b67d08e3787484193a8d_ppc64le"
},
"product_reference": "openshift4/ose-egress-router@sha256:b793400ba4ca8347fed2769021f45589e96394d7f3f1b67d08e3787484193a8d_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-elasticsearch-operator@sha256:55068deddcc722093ffbaef460407c0d62b95120489994ad35a3e103ae8bb825_s390x as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:55068deddcc722093ffbaef460407c0d62b95120489994ad35a3e103ae8bb825_s390x"
},
"product_reference": "openshift4/ose-elasticsearch-operator@sha256:55068deddcc722093ffbaef460407c0d62b95120489994ad35a3e103ae8bb825_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-elasticsearch-operator@sha256:babd8e4facbdf98988147f9ca14aed822b9661dfd07667c03cd5c2b3cd779c61_amd64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:babd8e4facbdf98988147f9ca14aed822b9661dfd07667c03cd5c2b3cd779c61_amd64"
},
"product_reference": "openshift4/ose-elasticsearch-operator@sha256:babd8e4facbdf98988147f9ca14aed822b9661dfd07667c03cd5c2b3cd779c61_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-elasticsearch-operator@sha256:dad1e81945e33a88a10af0ba300ff838b9556b07856bb44625a1b5e06be59b5f_ppc64le as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:dad1e81945e33a88a10af0ba300ff838b9556b07856bb44625a1b5e06be59b5f_ppc64le"
},
"product_reference": "openshift4/ose-elasticsearch-operator@sha256:dad1e81945e33a88a10af0ba300ff838b9556b07856bb44625a1b5e06be59b5f_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-elasticsearch-proxy@sha256:30b5c49a7818318dca3ee1fabed17881ff1aaf7d85129ca28375754acefa01c1_s390x as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-elasticsearch-proxy@sha256:30b5c49a7818318dca3ee1fabed17881ff1aaf7d85129ca28375754acefa01c1_s390x"
},
"product_reference": "openshift4/ose-elasticsearch-proxy@sha256:30b5c49a7818318dca3ee1fabed17881ff1aaf7d85129ca28375754acefa01c1_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-elasticsearch-proxy@sha256:6f38aaca7153b53dd766acef9a056816c358a389629930fb6704cd136457f1fd_amd64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-elasticsearch-proxy@sha256:6f38aaca7153b53dd766acef9a056816c358a389629930fb6704cd136457f1fd_amd64"
},
"product_reference": "openshift4/ose-elasticsearch-proxy@sha256:6f38aaca7153b53dd766acef9a056816c358a389629930fb6704cd136457f1fd_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-elasticsearch-proxy@sha256:ec79fffde7369e36a548c594e0cab8fd2aec68f4bfb870c966873de953c82e28_ppc64le as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-elasticsearch-proxy@sha256:ec79fffde7369e36a548c594e0cab8fd2aec68f4bfb870c966873de953c82e28_ppc64le"
},
"product_reference": "openshift4/ose-elasticsearch-proxy@sha256:ec79fffde7369e36a548c594e0cab8fd2aec68f4bfb870c966873de953c82e28_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-ghostunnel@sha256:cf92e54db3dad23fa8df46847b1da1330d925bd0a6b3ac266eed31baae6c86a9_amd64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-ghostunnel@sha256:cf92e54db3dad23fa8df46847b1da1330d925bd0a6b3ac266eed31baae6c86a9_amd64"
},
"product_reference": "openshift4/ose-ghostunnel@sha256:cf92e54db3dad23fa8df46847b1da1330d925bd0a6b3ac266eed31baae6c86a9_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-helm-operator@sha256:0c87dc49ed5f7fe9b495fc4ce9c04533a3cb30bcf35776730fb23d68fb7d935c_amd64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-helm-operator@sha256:0c87dc49ed5f7fe9b495fc4ce9c04533a3cb30bcf35776730fb23d68fb7d935c_amd64"
},
"product_reference": "openshift4/ose-helm-operator@sha256:0c87dc49ed5f7fe9b495fc4ce9c04533a3cb30bcf35776730fb23d68fb7d935c_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-helm-operator@sha256:23a05fd7b6dcdeec80089baf3ed23b4d601ac33f05bbf90b518aee0096f2e93a_s390x as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-helm-operator@sha256:23a05fd7b6dcdeec80089baf3ed23b4d601ac33f05bbf90b518aee0096f2e93a_s390x"
},
"product_reference": "openshift4/ose-helm-operator@sha256:23a05fd7b6dcdeec80089baf3ed23b4d601ac33f05bbf90b518aee0096f2e93a_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-helm-operator@sha256:8123030facf3f2e1150a988fb48c04edb8bf8725fd1385fb5d6e00209a90aafc_ppc64le as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-helm-operator@sha256:8123030facf3f2e1150a988fb48c04edb8bf8725fd1385fb5d6e00209a90aafc_ppc64le"
},
"product_reference": "openshift4/ose-helm-operator@sha256:8123030facf3f2e1150a988fb48c04edb8bf8725fd1385fb5d6e00209a90aafc_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:18b19dd12254c5ce801ca4876c517a804dc1135104aada08822b8a1a01dea88b_s390x as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:18b19dd12254c5ce801ca4876c517a804dc1135104aada08822b8a1a01dea88b_s390x"
},
"product_reference": "openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:18b19dd12254c5ce801ca4876c517a804dc1135104aada08822b8a1a01dea88b_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:53e4efe77d61d5c975e0d2bda0a5721624fa9b9bbe845b879320745dc5808146_amd64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:53e4efe77d61d5c975e0d2bda0a5721624fa9b9bbe845b879320745dc5808146_amd64"
},
"product_reference": "openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:53e4efe77d61d5c975e0d2bda0a5721624fa9b9bbe845b879320745dc5808146_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:f616d7ce6a927e4d07db54915e10c23052054883092b54cba31263fa2deeb143_ppc64le as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:f616d7ce6a927e4d07db54915e10c23052054883092b54cba31263fa2deeb143_ppc64le"
},
"product_reference": "openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:f616d7ce6a927e4d07db54915e10c23052054883092b54cba31263fa2deeb143_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-local-storage-diskmaker@sha256:5c917f6e16f53c787ab98ded89e6de10172ebbbc427ddd7b39274f6849fda279_ppc64le as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:5c917f6e16f53c787ab98ded89e6de10172ebbbc427ddd7b39274f6849fda279_ppc64le"
},
"product_reference": "openshift4/ose-local-storage-diskmaker@sha256:5c917f6e16f53c787ab98ded89e6de10172ebbbc427ddd7b39274f6849fda279_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-local-storage-diskmaker@sha256:f0803d7e103a6386db864d892b06a8506e1e8427f5439ade0b2b576cd57f39e1_amd64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:f0803d7e103a6386db864d892b06a8506e1e8427f5439ade0b2b576cd57f39e1_amd64"
},
"product_reference": "openshift4/ose-local-storage-diskmaker@sha256:f0803d7e103a6386db864d892b06a8506e1e8427f5439ade0b2b576cd57f39e1_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-local-storage-diskmaker@sha256:ff35c8d9cafec29f141be52773cdbfc2b4da2197c54977554662e3c5b06443ba_s390x as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:ff35c8d9cafec29f141be52773cdbfc2b4da2197c54977554662e3c5b06443ba_s390x"
},
"product_reference": "openshift4/ose-local-storage-diskmaker@sha256:ff35c8d9cafec29f141be52773cdbfc2b4da2197c54977554662e3c5b06443ba_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-local-storage-operator@sha256:2e791e91cc04924add27dd73651cc783eb0dc134a5d936245ffcdb655fee973f_s390x as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-local-storage-operator@sha256:2e791e91cc04924add27dd73651cc783eb0dc134a5d936245ffcdb655fee973f_s390x"
},
"product_reference": "openshift4/ose-local-storage-operator@sha256:2e791e91cc04924add27dd73651cc783eb0dc134a5d936245ffcdb655fee973f_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-local-storage-operator@sha256:79d85a7a26cb26e7636c3e0057394739e5e7e553c460ea83130a75a1e047e139_ppc64le as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-local-storage-operator@sha256:79d85a7a26cb26e7636c3e0057394739e5e7e553c460ea83130a75a1e047e139_ppc64le"
},
"product_reference": "openshift4/ose-local-storage-operator@sha256:79d85a7a26cb26e7636c3e0057394739e5e7e553c460ea83130a75a1e047e139_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-local-storage-operator@sha256:7ce40d96b827a92da571e809f563072c8dbcfeb4dd105e5e80c774ad7dd75424_amd64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-local-storage-operator@sha256:7ce40d96b827a92da571e809f563072c8dbcfeb4dd105e5e80c774ad7dd75424_amd64"
},
"product_reference": "openshift4/ose-local-storage-operator@sha256:7ce40d96b827a92da571e809f563072c8dbcfeb4dd105e5e80c774ad7dd75424_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-local-storage-static-provisioner@sha256:88f085beb4edf3cdc7e03e08ec0bf896fd17fd5e8629891e1359b500ddee3d40_amd64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:88f085beb4edf3cdc7e03e08ec0bf896fd17fd5e8629891e1359b500ddee3d40_amd64"
},
"product_reference": "openshift4/ose-local-storage-static-provisioner@sha256:88f085beb4edf3cdc7e03e08ec0bf896fd17fd5e8629891e1359b500ddee3d40_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-local-storage-static-provisioner@sha256:a112dd127655109b81ae6f9fa5d7458642c517a84a6fabb2ff76f19cf4b73cff_ppc64le as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:a112dd127655109b81ae6f9fa5d7458642c517a84a6fabb2ff76f19cf4b73cff_ppc64le"
},
"product_reference": "openshift4/ose-local-storage-static-provisioner@sha256:a112dd127655109b81ae6f9fa5d7458642c517a84a6fabb2ff76f19cf4b73cff_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-local-storage-static-provisioner@sha256:fce99497254da60d9ea29f8da240b21501f00369272a83229e9afe7cde4b3a9a_s390x as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:fce99497254da60d9ea29f8da240b21501f00369272a83229e9afe7cde4b3a9a_s390x"
},
"product_reference": "openshift4/ose-local-storage-static-provisioner@sha256:fce99497254da60d9ea29f8da240b21501f00369272a83229e9afe7cde4b3a9a_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-logging-curator5@sha256:ad1bc526e85aecd53f0b8563f6461f4e93ae7929f0e124a262781859ecad2b5d_s390x as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-logging-curator5@sha256:ad1bc526e85aecd53f0b8563f6461f4e93ae7929f0e124a262781859ecad2b5d_s390x"
},
"product_reference": "openshift4/ose-logging-curator5@sha256:ad1bc526e85aecd53f0b8563f6461f4e93ae7929f0e124a262781859ecad2b5d_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-logging-curator5@sha256:ef9ca522e2e42d28263fe567dfd1455872a13b779d009f569f86a9806f7727b5_amd64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-logging-curator5@sha256:ef9ca522e2e42d28263fe567dfd1455872a13b779d009f569f86a9806f7727b5_amd64"
},
"product_reference": "openshift4/ose-logging-curator5@sha256:ef9ca522e2e42d28263fe567dfd1455872a13b779d009f569f86a9806f7727b5_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-logging-curator5@sha256:f291f5cf001e32843171cced32c9266b3801cf8838d44fd150f7064c8edd15bc_ppc64le as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-logging-curator5@sha256:f291f5cf001e32843171cced32c9266b3801cf8838d44fd150f7064c8edd15bc_ppc64le"
},
"product_reference": "openshift4/ose-logging-curator5@sha256:f291f5cf001e32843171cced32c9266b3801cf8838d44fd150f7064c8edd15bc_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-logging-elasticsearch6@sha256:08069eb8d8084532872995971c4613487efe93e338fb091db122b9bf48228927_amd64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:08069eb8d8084532872995971c4613487efe93e338fb091db122b9bf48228927_amd64"
},
"product_reference": "openshift4/ose-logging-elasticsearch6@sha256:08069eb8d8084532872995971c4613487efe93e338fb091db122b9bf48228927_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-logging-elasticsearch6@sha256:43eaa7ac445e648a9a44b6dacb87f96708d67d2bc262ff59980d8929fb20797b_s390x as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:43eaa7ac445e648a9a44b6dacb87f96708d67d2bc262ff59980d8929fb20797b_s390x"
},
"product_reference": "openshift4/ose-logging-elasticsearch6@sha256:43eaa7ac445e648a9a44b6dacb87f96708d67d2bc262ff59980d8929fb20797b_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-logging-elasticsearch6@sha256:494cca490e8be47a3dd458f04791a11f80fca0255534fe926b5654e62d02950b_ppc64le as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:494cca490e8be47a3dd458f04791a11f80fca0255534fe926b5654e62d02950b_ppc64le"
},
"product_reference": "openshift4/ose-logging-elasticsearch6@sha256:494cca490e8be47a3dd458f04791a11f80fca0255534fe926b5654e62d02950b_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-logging-eventrouter@sha256:0a4d48dd5651c1fd6038d6f1780c5bf012a6fad3dbb5442cb2331bac22ef30e6_ppc64le as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-logging-eventrouter@sha256:0a4d48dd5651c1fd6038d6f1780c5bf012a6fad3dbb5442cb2331bac22ef30e6_ppc64le"
},
"product_reference": "openshift4/ose-logging-eventrouter@sha256:0a4d48dd5651c1fd6038d6f1780c5bf012a6fad3dbb5442cb2331bac22ef30e6_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-logging-eventrouter@sha256:3ce7b7b2c42de34e85ec322e781da324de0be3642acd1cbe7b51bc584a9266c0_s390x as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-logging-eventrouter@sha256:3ce7b7b2c42de34e85ec322e781da324de0be3642acd1cbe7b51bc584a9266c0_s390x"
},
"product_reference": "openshift4/ose-logging-eventrouter@sha256:3ce7b7b2c42de34e85ec322e781da324de0be3642acd1cbe7b51bc584a9266c0_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-logging-eventrouter@sha256:d174e013bab68f62d077d3994b3419e02bb48f7df30b7ba9416f3531898faa0f_amd64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-logging-eventrouter@sha256:d174e013bab68f62d077d3994b3419e02bb48f7df30b7ba9416f3531898faa0f_amd64"
},
"product_reference": "openshift4/ose-logging-eventrouter@sha256:d174e013bab68f62d077d3994b3419e02bb48f7df30b7ba9416f3531898faa0f_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-logging-fluentd@sha256:4868be0ee955c03af2def300abc0462f1c9644f9247584e30fdccc2d8780679e_s390x as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-logging-fluentd@sha256:4868be0ee955c03af2def300abc0462f1c9644f9247584e30fdccc2d8780679e_s390x"
},
"product_reference": "openshift4/ose-logging-fluentd@sha256:4868be0ee955c03af2def300abc0462f1c9644f9247584e30fdccc2d8780679e_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-logging-fluentd@sha256:81b925ab3a62be690462b3b04d2dc837bac84650fb57f4adce339d69493cde44_ppc64le as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-logging-fluentd@sha256:81b925ab3a62be690462b3b04d2dc837bac84650fb57f4adce339d69493cde44_ppc64le"
},
"product_reference": "openshift4/ose-logging-fluentd@sha256:81b925ab3a62be690462b3b04d2dc837bac84650fb57f4adce339d69493cde44_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-logging-fluentd@sha256:a8cfdeddcc6a910f5cb320afa136544575c6c8a957270973ce0fd09c090cada6_amd64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-logging-fluentd@sha256:a8cfdeddcc6a910f5cb320afa136544575c6c8a957270973ce0fd09c090cada6_amd64"
},
"product_reference": "openshift4/ose-logging-fluentd@sha256:a8cfdeddcc6a910f5cb320afa136544575c6c8a957270973ce0fd09c090cada6_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-logging-kibana6@sha256:1b4742afd01443ad4b3e06b3fcaee1d5eb111db7a348f8b8a993e6d25da43460_s390x as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:1b4742afd01443ad4b3e06b3fcaee1d5eb111db7a348f8b8a993e6d25da43460_s390x"
},
"product_reference": "openshift4/ose-logging-kibana6@sha256:1b4742afd01443ad4b3e06b3fcaee1d5eb111db7a348f8b8a993e6d25da43460_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-logging-kibana6@sha256:713c0cf0011d8b9b965fce87c21c1822ec3e6b30a12d523cfae899e3df538376_amd64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:713c0cf0011d8b9b965fce87c21c1822ec3e6b30a12d523cfae899e3df538376_amd64"
},
"product_reference": "openshift4/ose-logging-kibana6@sha256:713c0cf0011d8b9b965fce87c21c1822ec3e6b30a12d523cfae899e3df538376_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-logging-kibana6@sha256:96126e249c57434c3641c8bfdee4ffd009c5fc20cfa1ef2763ab33fbdca68d3b_ppc64le as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:96126e249c57434c3641c8bfdee4ffd009c5fc20cfa1ef2763ab33fbdca68d3b_ppc64le"
},
"product_reference": "openshift4/ose-logging-kibana6@sha256:96126e249c57434c3641c8bfdee4ffd009c5fc20cfa1ef2763ab33fbdca68d3b_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-metering-ansible-operator@sha256:f976ae1318691de3da7f208bea500c745796ab9f8de712c1801268a2f431f23f_amd64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-metering-ansible-operator@sha256:f976ae1318691de3da7f208bea500c745796ab9f8de712c1801268a2f431f23f_amd64"
},
"product_reference": "openshift4/ose-metering-ansible-operator@sha256:f976ae1318691de3da7f208bea500c745796ab9f8de712c1801268a2f431f23f_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-metering-hadoop@sha256:7c5a754163f73dbd38557b80f9c0b0286877774350177744ea6b199b0d62784f_amd64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-metering-hadoop@sha256:7c5a754163f73dbd38557b80f9c0b0286877774350177744ea6b199b0d62784f_amd64"
},
"product_reference": "openshift4/ose-metering-hadoop@sha256:7c5a754163f73dbd38557b80f9c0b0286877774350177744ea6b199b0d62784f_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-metering-helm-container-rhel8@sha256:3c14ff447fbbccf0c201585598492336cdc9c7abec6be7e80e8df8ce15320ddc_s390x as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-metering-helm-container-rhel8@sha256:3c14ff447fbbccf0c201585598492336cdc9c7abec6be7e80e8df8ce15320ddc_s390x"
},
"product_reference": "openshift4/ose-metering-helm-container-rhel8@sha256:3c14ff447fbbccf0c201585598492336cdc9c7abec6be7e80e8df8ce15320ddc_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-metering-helm-container-rhel8@sha256:8280180d103a31b2e8594b2eb3711c205a956b2443624f6244488c86f0cab328_ppc64le as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-metering-helm-container-rhel8@sha256:8280180d103a31b2e8594b2eb3711c205a956b2443624f6244488c86f0cab328_ppc64le"
},
"product_reference": "openshift4/ose-metering-helm-container-rhel8@sha256:8280180d103a31b2e8594b2eb3711c205a956b2443624f6244488c86f0cab328_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-metering-helm-container-rhel8@sha256:d5a0cbbe425d23a642743748f74d4432e53ab2e30d7af633d470e7bda82a18af_amd64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-metering-helm-container-rhel8@sha256:d5a0cbbe425d23a642743748f74d4432e53ab2e30d7af633d470e7bda82a18af_amd64"
},
"product_reference": "openshift4/ose-metering-helm-container-rhel8@sha256:d5a0cbbe425d23a642743748f74d4432e53ab2e30d7af633d470e7bda82a18af_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-metering-hive@sha256:b7e2a84f2e134b4316a8db9edebacd9bd8bb2a7daa7bf000da1d8802c45a2b12_amd64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-metering-hive@sha256:b7e2a84f2e134b4316a8db9edebacd9bd8bb2a7daa7bf000da1d8802c45a2b12_amd64"
},
"product_reference": "openshift4/ose-metering-hive@sha256:b7e2a84f2e134b4316a8db9edebacd9bd8bb2a7daa7bf000da1d8802c45a2b12_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-metering-presto@sha256:84e9cbd74084dd42bd340ff837a9fb3de1f62babcb55c4a3a684c0b9881db385_amd64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-metering-presto@sha256:84e9cbd74084dd42bd340ff837a9fb3de1f62babcb55c4a3a684c0b9881db385_amd64"
},
"product_reference": "openshift4/ose-metering-presto@sha256:84e9cbd74084dd42bd340ff837a9fb3de1f62babcb55c4a3a684c0b9881db385_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-metering-reporting-operator@sha256:677d94835e2141a208294a4c241c8ed214a6d9c5c21c03c88c7ccf19b461d3b5_amd64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-metering-reporting-operator@sha256:677d94835e2141a208294a4c241c8ed214a6d9c5c21c03c88c7ccf19b461d3b5_amd64"
},
"product_reference": "openshift4/ose-metering-reporting-operator@sha256:677d94835e2141a208294a4c241c8ed214a6d9c5c21c03c88c7ccf19b461d3b5_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-node-feature-discovery@sha256:232d317b3a859141cafea76fce1177284a2a2d58294acef23c7f73214bd5a43f_s390x as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-node-feature-discovery@sha256:232d317b3a859141cafea76fce1177284a2a2d58294acef23c7f73214bd5a43f_s390x"
},
"product_reference": "openshift4/ose-node-feature-discovery@sha256:232d317b3a859141cafea76fce1177284a2a2d58294acef23c7f73214bd5a43f_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-node-feature-discovery@sha256:949915f8d3fa7b0d99e8b01fdf6cc6a28c16942a6978fa7cbb604467a5b9bd04_amd64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-node-feature-discovery@sha256:949915f8d3fa7b0d99e8b01fdf6cc6a28c16942a6978fa7cbb604467a5b9bd04_amd64"
},
"product_reference": "openshift4/ose-node-feature-discovery@sha256:949915f8d3fa7b0d99e8b01fdf6cc6a28c16942a6978fa7cbb604467a5b9bd04_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-node-feature-discovery@sha256:bd3a05f7433b159efc5dd4aa12afffa6e9121ae612a93722425ddcef6fbaf9d3_ppc64le as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-node-feature-discovery@sha256:bd3a05f7433b159efc5dd4aa12afffa6e9121ae612a93722425ddcef6fbaf9d3_ppc64le"
},
"product_reference": "openshift4/ose-node-feature-discovery@sha256:bd3a05f7433b159efc5dd4aa12afffa6e9121ae612a93722425ddcef6fbaf9d3_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-node-problem-detector-rhel8@sha256:25f3e6e8ec060df5cd6ad82035cf6f7c973890829c95ef5a006af292882c5f17_ppc64le as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-node-problem-detector-rhel8@sha256:25f3e6e8ec060df5cd6ad82035cf6f7c973890829c95ef5a006af292882c5f17_ppc64le"
},
"product_reference": "openshift4/ose-node-problem-detector-rhel8@sha256:25f3e6e8ec060df5cd6ad82035cf6f7c973890829c95ef5a006af292882c5f17_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-node-problem-detector-rhel8@sha256:965ad84e25c85428bc5554dc24c929a294d766616649107cea227848f14605f1_s390x as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-node-problem-detector-rhel8@sha256:965ad84e25c85428bc5554dc24c929a294d766616649107cea227848f14605f1_s390x"
},
"product_reference": "openshift4/ose-node-problem-detector-rhel8@sha256:965ad84e25c85428bc5554dc24c929a294d766616649107cea227848f14605f1_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-node-problem-detector-rhel8@sha256:edd9b7d3df9f5f741c0d83607eabd20c0666960825dc21018813aee95fa0216a_amd64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-node-problem-detector-rhel8@sha256:edd9b7d3df9f5f741c0d83607eabd20c0666960825dc21018813aee95fa0216a_amd64"
},
"product_reference": "openshift4/ose-node-problem-detector-rhel8@sha256:edd9b7d3df9f5f741c0d83607eabd20c0666960825dc21018813aee95fa0216a_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-ptp-operator@sha256:3b88fd834e952da56657207ef1c29d5cb05b0a71a68cdd6c6af00ab846166e47_ppc64le as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:3b88fd834e952da56657207ef1c29d5cb05b0a71a68cdd6c6af00ab846166e47_ppc64le"
},
"product_reference": "openshift4/ose-ptp-operator@sha256:3b88fd834e952da56657207ef1c29d5cb05b0a71a68cdd6c6af00ab846166e47_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-ptp-operator@sha256:baf9d876219182ca7f3f684640d361a55e43570446eed059f7061e8ff429f551_s390x as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:baf9d876219182ca7f3f684640d361a55e43570446eed059f7061e8ff429f551_s390x"
},
"product_reference": "openshift4/ose-ptp-operator@sha256:baf9d876219182ca7f3f684640d361a55e43570446eed059f7061e8ff429f551_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-ptp-operator@sha256:c7fec4fe430865ff8668e960cba75cb8f5c1ea448131dbc786a977ad9b988279_amd64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:c7fec4fe430865ff8668e960cba75cb8f5c1ea448131dbc786a977ad9b988279_amd64"
},
"product_reference": "openshift4/ose-ptp-operator@sha256:c7fec4fe430865ff8668e960cba75cb8f5c1ea448131dbc786a977ad9b988279_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-ptp@sha256:78251c9f29301cf945e7cd21059e26a4efa81f387351343391da8851fd47ad55_ppc64le as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:78251c9f29301cf945e7cd21059e26a4efa81f387351343391da8851fd47ad55_ppc64le"
},
"product_reference": "openshift4/ose-ptp@sha256:78251c9f29301cf945e7cd21059e26a4efa81f387351343391da8851fd47ad55_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-ptp@sha256:7ccfbebc93d0f6d2e48d1940fec540bd809ecfb81be7940431466ca950420acd_s390x as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:7ccfbebc93d0f6d2e48d1940fec540bd809ecfb81be7940431466ca950420acd_s390x"
},
"product_reference": "openshift4/ose-ptp@sha256:7ccfbebc93d0f6d2e48d1940fec540bd809ecfb81be7940431466ca950420acd_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-ptp@sha256:ba082241f9cc57f8b35a979d7b9096bdad4c9f6dd4cdecde0e4d6eba7645d9e2_amd64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:ba082241f9cc57f8b35a979d7b9096bdad4c9f6dd4cdecde0e4d6eba7645d9e2_amd64"
},
"product_reference": "openshift4/ose-ptp@sha256:ba082241f9cc57f8b35a979d7b9096bdad4c9f6dd4cdecde0e4d6eba7645d9e2_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-service-idler-rhel8@sha256:b3ddfec490c5c285d373ea2eeea18361bdebbc377593157be592f8c903ab93e3_ppc64le as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-service-idler-rhel8@sha256:b3ddfec490c5c285d373ea2eeea18361bdebbc377593157be592f8c903ab93e3_ppc64le"
},
"product_reference": "openshift4/ose-service-idler-rhel8@sha256:b3ddfec490c5c285d373ea2eeea18361bdebbc377593157be592f8c903ab93e3_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-service-idler-rhel8@sha256:cd5a9bac048f8cad9f2a176101617712daad243e928db57c021c6da52774d953_s390x as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-service-idler-rhel8@sha256:cd5a9bac048f8cad9f2a176101617712daad243e928db57c021c6da52774d953_s390x"
},
"product_reference": "openshift4/ose-service-idler-rhel8@sha256:cd5a9bac048f8cad9f2a176101617712daad243e928db57c021c6da52774d953_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-service-idler-rhel8@sha256:e223fe4e6a2e1de6d0faa3c3b1164e914bdb9315f679416d3aecffd4f8544f06_amd64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-service-idler-rhel8@sha256:e223fe4e6a2e1de6d0faa3c3b1164e914bdb9315f679416d3aecffd4f8544f06_amd64"
},
"product_reference": "openshift4/ose-service-idler-rhel8@sha256:e223fe4e6a2e1de6d0faa3c3b1164e914bdb9315f679416d3aecffd4f8544f06_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-sriov-cni@sha256:4a6d5d05e952393f41912f0b07e57ed2c6f1be49bd1bf6be2ad8dabffc9bf5a1_ppc64le as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-sriov-cni@sha256:4a6d5d05e952393f41912f0b07e57ed2c6f1be49bd1bf6be2ad8dabffc9bf5a1_ppc64le"
},
"product_reference": "openshift4/ose-sriov-cni@sha256:4a6d5d05e952393f41912f0b07e57ed2c6f1be49bd1bf6be2ad8dabffc9bf5a1_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-sriov-cni@sha256:c1ee961c1df9a16a2764d252cd3ee00ccba8faa5286352c0eff96e0a06daeb85_amd64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-sriov-cni@sha256:c1ee961c1df9a16a2764d252cd3ee00ccba8faa5286352c0eff96e0a06daeb85_amd64"
},
"product_reference": "openshift4/ose-sriov-cni@sha256:c1ee961c1df9a16a2764d252cd3ee00ccba8faa5286352c0eff96e0a06daeb85_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-sriov-cni@sha256:e2161e3b282a02da7abc69b4d001ed19cffa1bee9e8275b5ee28874fcbd81670_s390x as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-sriov-cni@sha256:e2161e3b282a02da7abc69b4d001ed19cffa1bee9e8275b5ee28874fcbd81670_s390x"
},
"product_reference": "openshift4/ose-sriov-cni@sha256:e2161e3b282a02da7abc69b4d001ed19cffa1bee9e8275b5ee28874fcbd81670_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-sriov-dp-admission-controller@sha256:277aef8937aa7892c1bf281de09177c46af5717d0107ca3a249cd43c4d9d60b2_ppc64le as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:277aef8937aa7892c1bf281de09177c46af5717d0107ca3a249cd43c4d9d60b2_ppc64le"
},
"product_reference": "openshift4/ose-sriov-dp-admission-controller@sha256:277aef8937aa7892c1bf281de09177c46af5717d0107ca3a249cd43c4d9d60b2_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-sriov-dp-admission-controller@sha256:2971cf58e8005c83acfedbdc25047fc61b2857c080da9964269384b1a580facc_amd64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:2971cf58e8005c83acfedbdc25047fc61b2857c080da9964269384b1a580facc_amd64"
},
"product_reference": "openshift4/ose-sriov-dp-admission-controller@sha256:2971cf58e8005c83acfedbdc25047fc61b2857c080da9964269384b1a580facc_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-sriov-dp-admission-controller@sha256:9a10666afe36a5cfe9d184cc05e9505208ce48756637309767a9b1206b90c36f_s390x as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:9a10666afe36a5cfe9d184cc05e9505208ce48756637309767a9b1206b90c36f_s390x"
},
"product_reference": "openshift4/ose-sriov-dp-admission-controller@sha256:9a10666afe36a5cfe9d184cc05e9505208ce48756637309767a9b1206b90c36f_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-sriov-infiniband-cni@sha256:44b6e854ecd47519615b68965464e94b31e9a44a698df0574f858cf6f9f47b8c_ppc64le as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-sriov-infiniband-cni@sha256:44b6e854ecd47519615b68965464e94b31e9a44a698df0574f858cf6f9f47b8c_ppc64le"
},
"product_reference": "openshift4/ose-sriov-infiniband-cni@sha256:44b6e854ecd47519615b68965464e94b31e9a44a698df0574f858cf6f9f47b8c_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-sriov-infiniband-cni@sha256:bd3f71cebd3399a0c610439ef26582deb6e67ca46080fe8e6c3e2b51bb95d118_s390x as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-sriov-infiniband-cni@sha256:bd3f71cebd3399a0c610439ef26582deb6e67ca46080fe8e6c3e2b51bb95d118_s390x"
},
"product_reference": "openshift4/ose-sriov-infiniband-cni@sha256:bd3f71cebd3399a0c610439ef26582deb6e67ca46080fe8e6c3e2b51bb95d118_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-sriov-infiniband-cni@sha256:fc1db84a3523bdddfd54725ecd4f75ae2271f4e97d649009ca8f9ae94a25cc1a_amd64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-sriov-infiniband-cni@sha256:fc1db84a3523bdddfd54725ecd4f75ae2271f4e97d649009ca8f9ae94a25cc1a_amd64"
},
"product_reference": "openshift4/ose-sriov-infiniband-cni@sha256:fc1db84a3523bdddfd54725ecd4f75ae2271f4e97d649009ca8f9ae94a25cc1a_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-sriov-network-config-daemon@sha256:17ec16af68906589680c714c3fb858fb83389e9278ca79b8f9ec4ad953821f2c_amd64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:17ec16af68906589680c714c3fb858fb83389e9278ca79b8f9ec4ad953821f2c_amd64"
},
"product_reference": "openshift4/ose-sriov-network-config-daemon@sha256:17ec16af68906589680c714c3fb858fb83389e9278ca79b8f9ec4ad953821f2c_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-sriov-network-config-daemon@sha256:a81cd86608af1bf295b247df68549ca62a980d6063f87fe6855f52ef69f9d933_ppc64le as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:a81cd86608af1bf295b247df68549ca62a980d6063f87fe6855f52ef69f9d933_ppc64le"
},
"product_reference": "openshift4/ose-sriov-network-config-daemon@sha256:a81cd86608af1bf295b247df68549ca62a980d6063f87fe6855f52ef69f9d933_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-sriov-network-config-daemon@sha256:ddad2bc791774d3b8b98eec435a9a74bef2ca20a6dfc9b45c3020c03f3c03b73_s390x as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:ddad2bc791774d3b8b98eec435a9a74bef2ca20a6dfc9b45c3020c03f3c03b73_s390x"
},
"product_reference": "openshift4/ose-sriov-network-config-daemon@sha256:ddad2bc791774d3b8b98eec435a9a74bef2ca20a6dfc9b45c3020c03f3c03b73_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-sriov-network-device-plugin@sha256:5203b4e517f0255d2e530f61c7dfa21784987074540eb83845e52d6a66d8e875_ppc64le as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:5203b4e517f0255d2e530f61c7dfa21784987074540eb83845e52d6a66d8e875_ppc64le"
},
"product_reference": "openshift4/ose-sriov-network-device-plugin@sha256:5203b4e517f0255d2e530f61c7dfa21784987074540eb83845e52d6a66d8e875_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-sriov-network-device-plugin@sha256:ce8ac507dc8593513b6e1b72ed497f5cb8699a28fb812290cf74f441ebf360d5_s390x as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:ce8ac507dc8593513b6e1b72ed497f5cb8699a28fb812290cf74f441ebf360d5_s390x"
},
"product_reference": "openshift4/ose-sriov-network-device-plugin@sha256:ce8ac507dc8593513b6e1b72ed497f5cb8699a28fb812290cf74f441ebf360d5_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-sriov-network-device-plugin@sha256:e1f3573ca92174ca9226d60edbffa24e2f6cd4f8b6affc4381dc92b4f7f9c7c5_amd64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:e1f3573ca92174ca9226d60edbffa24e2f6cd4f8b6affc4381dc92b4f7f9c7c5_amd64"
},
"product_reference": "openshift4/ose-sriov-network-device-plugin@sha256:e1f3573ca92174ca9226d60edbffa24e2f6cd4f8b6affc4381dc92b4f7f9c7c5_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-sriov-network-operator@sha256:185cba65f61575ba943dd5cb2726a0ac9f46a2f7a70d215f20b5364236c9670d_ppc64le as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-sriov-network-operator@sha256:185cba65f61575ba943dd5cb2726a0ac9f46a2f7a70d215f20b5364236c9670d_ppc64le"
},
"product_reference": "openshift4/ose-sriov-network-operator@sha256:185cba65f61575ba943dd5cb2726a0ac9f46a2f7a70d215f20b5364236c9670d_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-sriov-network-operator@sha256:49d76edf3ab80e9be59a94ec660d8168812f3455f5f10ff71826bb96969ffcec_amd64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-sriov-network-operator@sha256:49d76edf3ab80e9be59a94ec660d8168812f3455f5f10ff71826bb96969ffcec_amd64"
},
"product_reference": "openshift4/ose-sriov-network-operator@sha256:49d76edf3ab80e9be59a94ec660d8168812f3455f5f10ff71826bb96969ffcec_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-sriov-network-operator@sha256:5dd21faf10657adb2e4bfeecdc7b04bfaa29938c19ffe57d88677553b5a1e79f_s390x as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-sriov-network-operator@sha256:5dd21faf10657adb2e4bfeecdc7b04bfaa29938c19ffe57d88677553b5a1e79f_s390x"
},
"product_reference": "openshift4/ose-sriov-network-operator@sha256:5dd21faf10657adb2e4bfeecdc7b04bfaa29938c19ffe57d88677553b5a1e79f_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-sriov-network-webhook@sha256:290d63c1f882428084ed263cb9bf6fa6be0ef839ac0b864248dab92cee6790a7_ppc64le as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:290d63c1f882428084ed263cb9bf6fa6be0ef839ac0b864248dab92cee6790a7_ppc64le"
},
"product_reference": "openshift4/ose-sriov-network-webhook@sha256:290d63c1f882428084ed263cb9bf6fa6be0ef839ac0b864248dab92cee6790a7_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-sriov-network-webhook@sha256:caf2e25693bcfd91e9e7f7892e8cab4629ee1c25563f9e8c9904142c3e84cc48_s390x as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:caf2e25693bcfd91e9e7f7892e8cab4629ee1c25563f9e8c9904142c3e84cc48_s390x"
},
"product_reference": "openshift4/ose-sriov-network-webhook@sha256:caf2e25693bcfd91e9e7f7892e8cab4629ee1c25563f9e8c9904142c3e84cc48_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-sriov-network-webhook@sha256:f07c522de4d1858ee086ccad7d5f9c922564b0b67b6677611074f856e4334c4e_amd64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:f07c522de4d1858ee086ccad7d5f9c922564b0b67b6677611074f856e4334c4e_amd64"
},
"product_reference": "openshift4/ose-sriov-network-webhook@sha256:f07c522de4d1858ee086ccad7d5f9c922564b0b67b6677611074f856e4334c4e_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-sriov-operator-must-gather@sha256:2a8e8fa7b43091882a5ee187715c7aafff72e361a8a75e0878068fcdb03f8a46_s390x as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-sriov-operator-must-gather@sha256:2a8e8fa7b43091882a5ee187715c7aafff72e361a8a75e0878068fcdb03f8a46_s390x"
},
"product_reference": "openshift4/ose-sriov-operator-must-gather@sha256:2a8e8fa7b43091882a5ee187715c7aafff72e361a8a75e0878068fcdb03f8a46_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-sriov-operator-must-gather@sha256:4297f0d0f045f58a11353fad6c9de6baaa31a6cb7903ad51f6b01bee4b9703f0_ppc64le as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-sriov-operator-must-gather@sha256:4297f0d0f045f58a11353fad6c9de6baaa31a6cb7903ad51f6b01bee4b9703f0_ppc64le"
},
"product_reference": "openshift4/ose-sriov-operator-must-gather@sha256:4297f0d0f045f58a11353fad6c9de6baaa31a6cb7903ad51f6b01bee4b9703f0_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-sriov-operator-must-gather@sha256:f8683e6e50556395669789acaeb433cf533dc43f77f45dcba49cbd69d3096c1b_amd64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-sriov-operator-must-gather@sha256:f8683e6e50556395669789acaeb433cf533dc43f77f45dcba49cbd69d3096c1b_amd64"
},
"product_reference": "openshift4/ose-sriov-operator-must-gather@sha256:f8683e6e50556395669789acaeb433cf533dc43f77f45dcba49cbd69d3096c1b_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:271c133e0d283cd7bec61eb7d3201218fced204b1101fafdcd06998fb17f088b_s390x as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:271c133e0d283cd7bec61eb7d3201218fced204b1101fafdcd06998fb17f088b_s390x"
},
"product_reference": "openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:271c133e0d283cd7bec61eb7d3201218fced204b1101fafdcd06998fb17f088b_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:b4a504d3d1fc1d1a8a2284edbf787dc3fc4279389c8f7a4f537da0f9d84f49de_ppc64le as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:b4a504d3d1fc1d1a8a2284edbf787dc3fc4279389c8f7a4f537da0f9d84f49de_ppc64le"
},
"product_reference": "openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:b4a504d3d1fc1d1a8a2284edbf787dc3fc4279389c8f7a4f537da0f9d84f49de_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:ea78f087daa0036569c99345c064af69d9970b6721682f435dd5e3b424ef8892_amd64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:ea78f087daa0036569c99345c064af69d9970b6721682f435dd5e3b424ef8892_amd64"
},
"product_reference": "openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:ea78f087daa0036569c99345c064af69d9970b6721682f435dd5e3b424ef8892_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:065ab5c72fef744a40955cc745bef43af5853ea6a92adb9282f871cfeb50ddd4_amd64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:065ab5c72fef744a40955cc745bef43af5853ea6a92adb9282f871cfeb50ddd4_amd64"
},
"product_reference": "openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:065ab5c72fef744a40955cc745bef43af5853ea6a92adb9282f871cfeb50ddd4_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:0d541b24cd4e5f6fda0c0f6a652a600ce5b7107076dc0572a3da6b5d166220f7_ppc64le as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:0d541b24cd4e5f6fda0c0f6a652a600ce5b7107076dc0572a3da6b5d166220f7_ppc64le"
},
"product_reference": "openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:0d541b24cd4e5f6fda0c0f6a652a600ce5b7107076dc0572a3da6b5d166220f7_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:a29b643415ccdec3c5d8157253b7273a0808de56f0dfe5329242dfcca8726700_s390x as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:a29b643415ccdec3c5d8157253b7273a0808de56f0dfe5329242dfcca8726700_s390x"
},
"product_reference": "openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:a29b643415ccdec3c5d8157253b7273a0808de56f0dfe5329242dfcca8726700_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.6"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-44832",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2021-12-28T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:0ead3c605631206f123a4c3b4c7b5e1249541d993d75c1a7cbaacae57bd047e7_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:6e7666c52fca236c7708df93a64720b1bc94d9997c5cca300fb78a5301a811d3_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:9851086ac084c5187482604b55b216009af51174b51b0a4ecaa22ae6965bdfac_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:538543b6ea1186ba46340e2fc0752dc397bc2bde989fa356427aa991ef52b23f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:552025bcda355dc99917e2a454b11df197c7033ec3468752db7f4f55385c0009_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:914377c29c441b67235d5da849da9d5d2ca0c206eff6092f81cba427359a6a68_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:3089ef3143857097229cf2b1098125c3bd889d920cbcd1e90e93870a4536a315_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:3487912c66a6b61677be483ad0d48d404933d4f2c855a962b0038adefda820ac_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:b10e9335ffcb0c66cc733c493e7e90c81ecdc62fe74cb628260553141dd0e768_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:3089ef3143857097229cf2b1098125c3bd889d920cbcd1e90e93870a4536a315_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:3487912c66a6b61677be483ad0d48d404933d4f2c855a962b0038adefda820ac_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:b10e9335ffcb0c66cc733c493e7e90c81ecdc62fe74cb628260553141dd0e768_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-logging-operator@sha256:2f8c778281b547d7f8a6926b4527651f1b93cbc836b4f567251b436406ae531d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-logging-operator@sha256:35b7c99ee5ef1e05c31713148ca45795d11fb8cec14f5b73a5082edde1a420dd_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-logging-operator@sha256:bf1348edada5d722cfdb83a825034eed794534da4297c2cba973ce10d422f3b6_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-nfd-operator@sha256:2fbdb1983c71d76bdc84593cb94b846afbe7504270ff49cf194d29f46c2a54ce_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-nfd-operator@sha256:60e1a506e61226b57744b5023b8683745b602b32570c844631c5516e277cea4d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-nfd-operator@sha256:837499b03eb6d86f40c9376d7f58ca99736fb028b9171215c9c11b3b7c9e1ea5_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:9be5d1bd86525b465f4e21734fb64cf33d06a558628abe51355818eec90d6c5b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:de31cfdda8f79d6d1712df654fb70f9b51ad59526751ee4cdded28b26924f64f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:f5a0bbf1cdee2baeeeef4a68f9c2778b3e32803aa39d3a5225ab14c5a834abda_amd64",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8@sha256:135edfa97d1e2c97e4d71e91f22cf412df20b1a2f985f9dace339ff6419b0afe_amd64",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8@sha256:67a5e7a3e155fee5aea31f5ff6191071f2dafdb3cf5f8f107fee7f749bac70b3_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8@sha256:af98ba0a7ae3b124c167043e04b1cf494a9a3fb5a8a6870456ee74b769f3505e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:13b72f06cf0587747fb189781a85a79e9d3245e9add207afba714b85659ccf51_amd64",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:e1025d0ff1b498ab133c2c8c952d74a06a26767919af075616ad3e3df7e1aa7b_s390x",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:e1f0421a3d7c05e9d89336b1a5d992aa794a707b45a7f19c24ba6fbf731fc030_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-egress-dns-proxy@sha256:06a4ed599ae7598453ea474092c8515b2bead4631d5fc22848f19100b3d8d34a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-egress-dns-proxy@sha256:12b125762c840f8f556b5338f26543c56358cb2a4e0da718f28c537c17978e92_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-dns-proxy@sha256:27f0d36b1d6e0b9f746d4645444311c80ce0b3bf2a7a1f40619e6abf5ebacdac_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-egress-http-proxy@sha256:1995f9ac67fec2ed8872a89fe7bf7bb72d9a25d50dc3f6060ae6cb7ca0b1cc50_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-egress-http-proxy@sha256:55731345ef77fdbf7592fa6c6385674111203be5aaa5d6bb01b86ce12da290f2_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-http-proxy@sha256:989062e17028afc452b6049eeb2b49988dbca1857b5be4c0ebc0d540ef4a9f0c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-egress-router@sha256:3fa086ab7418aade16598fdaab31318d6fea99d27b8e8cdc70c91aa14c970720_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-router@sha256:abc06cbf734379c3460d401eae44981d01f2489d85ba128d6c25ad4e9cc4ac5a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-egress-router@sha256:b793400ba4ca8347fed2769021f45589e96394d7f3f1b67d08e3787484193a8d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:55068deddcc722093ffbaef460407c0d62b95120489994ad35a3e103ae8bb825_s390x",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:babd8e4facbdf98988147f9ca14aed822b9661dfd07667c03cd5c2b3cd779c61_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:dad1e81945e33a88a10af0ba300ff838b9556b07856bb44625a1b5e06be59b5f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-proxy@sha256:30b5c49a7818318dca3ee1fabed17881ff1aaf7d85129ca28375754acefa01c1_s390x",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-proxy@sha256:6f38aaca7153b53dd766acef9a056816c358a389629930fb6704cd136457f1fd_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-proxy@sha256:ec79fffde7369e36a548c594e0cab8fd2aec68f4bfb870c966873de953c82e28_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ghostunnel@sha256:cf92e54db3dad23fa8df46847b1da1330d925bd0a6b3ac266eed31baae6c86a9_amd64",
"8Base-RHOSE-4.6:openshift4/ose-helm-operator@sha256:0c87dc49ed5f7fe9b495fc4ce9c04533a3cb30bcf35776730fb23d68fb7d935c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-helm-operator@sha256:23a05fd7b6dcdeec80089baf3ed23b4d601ac33f05bbf90b518aee0096f2e93a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-helm-operator@sha256:8123030facf3f2e1150a988fb48c04edb8bf8725fd1385fb5d6e00209a90aafc_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:18b19dd12254c5ce801ca4876c517a804dc1135104aada08822b8a1a01dea88b_s390x",
"8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:53e4efe77d61d5c975e0d2bda0a5721624fa9b9bbe845b879320745dc5808146_amd64",
"8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:f616d7ce6a927e4d07db54915e10c23052054883092b54cba31263fa2deeb143_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:5c917f6e16f53c787ab98ded89e6de10172ebbbc427ddd7b39274f6849fda279_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:f0803d7e103a6386db864d892b06a8506e1e8427f5439ade0b2b576cd57f39e1_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:ff35c8d9cafec29f141be52773cdbfc2b4da2197c54977554662e3c5b06443ba_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-operator@sha256:2e791e91cc04924add27dd73651cc783eb0dc134a5d936245ffcdb655fee973f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-operator@sha256:79d85a7a26cb26e7636c3e0057394739e5e7e553c460ea83130a75a1e047e139_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-operator@sha256:7ce40d96b827a92da571e809f563072c8dbcfeb4dd105e5e80c774ad7dd75424_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:88f085beb4edf3cdc7e03e08ec0bf896fd17fd5e8629891e1359b500ddee3d40_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:a112dd127655109b81ae6f9fa5d7458642c517a84a6fabb2ff76f19cf4b73cff_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:fce99497254da60d9ea29f8da240b21501f00369272a83229e9afe7cde4b3a9a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-curator5@sha256:ad1bc526e85aecd53f0b8563f6461f4e93ae7929f0e124a262781859ecad2b5d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-curator5@sha256:ef9ca522e2e42d28263fe567dfd1455872a13b779d009f569f86a9806f7727b5_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-curator5@sha256:f291f5cf001e32843171cced32c9266b3801cf8838d44fd150f7064c8edd15bc_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-eventrouter@sha256:0a4d48dd5651c1fd6038d6f1780c5bf012a6fad3dbb5442cb2331bac22ef30e6_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-eventrouter@sha256:3ce7b7b2c42de34e85ec322e781da324de0be3642acd1cbe7b51bc584a9266c0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-eventrouter@sha256:d174e013bab68f62d077d3994b3419e02bb48f7df30b7ba9416f3531898faa0f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-fluentd@sha256:4868be0ee955c03af2def300abc0462f1c9644f9247584e30fdccc2d8780679e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-fluentd@sha256:81b925ab3a62be690462b3b04d2dc837bac84650fb57f4adce339d69493cde44_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-fluentd@sha256:a8cfdeddcc6a910f5cb320afa136544575c6c8a957270973ce0fd09c090cada6_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:1b4742afd01443ad4b3e06b3fcaee1d5eb111db7a348f8b8a993e6d25da43460_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:713c0cf0011d8b9b965fce87c21c1822ec3e6b30a12d523cfae899e3df538376_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:96126e249c57434c3641c8bfdee4ffd009c5fc20cfa1ef2763ab33fbdca68d3b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-metering-ansible-operator@sha256:f976ae1318691de3da7f208bea500c745796ab9f8de712c1801268a2f431f23f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-hadoop@sha256:7c5a754163f73dbd38557b80f9c0b0286877774350177744ea6b199b0d62784f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-helm-container-rhel8@sha256:3c14ff447fbbccf0c201585598492336cdc9c7abec6be7e80e8df8ce15320ddc_s390x",
"8Base-RHOSE-4.6:openshift4/ose-metering-helm-container-rhel8@sha256:8280180d103a31b2e8594b2eb3711c205a956b2443624f6244488c86f0cab328_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-metering-helm-container-rhel8@sha256:d5a0cbbe425d23a642743748f74d4432e53ab2e30d7af633d470e7bda82a18af_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-hive@sha256:b7e2a84f2e134b4316a8db9edebacd9bd8bb2a7daa7bf000da1d8802c45a2b12_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-presto@sha256:84e9cbd74084dd42bd340ff837a9fb3de1f62babcb55c4a3a684c0b9881db385_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-reporting-operator@sha256:677d94835e2141a208294a4c241c8ed214a6d9c5c21c03c88c7ccf19b461d3b5_amd64",
"8Base-RHOSE-4.6:openshift4/ose-node-feature-discovery@sha256:232d317b3a859141cafea76fce1177284a2a2d58294acef23c7f73214bd5a43f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-node-feature-discovery@sha256:949915f8d3fa7b0d99e8b01fdf6cc6a28c16942a6978fa7cbb604467a5b9bd04_amd64",
"8Base-RHOSE-4.6:openshift4/ose-node-feature-discovery@sha256:bd3a05f7433b159efc5dd4aa12afffa6e9121ae612a93722425ddcef6fbaf9d3_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-node-problem-detector-rhel8@sha256:25f3e6e8ec060df5cd6ad82035cf6f7c973890829c95ef5a006af292882c5f17_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-node-problem-detector-rhel8@sha256:965ad84e25c85428bc5554dc24c929a294d766616649107cea227848f14605f1_s390x",
"8Base-RHOSE-4.6:openshift4/ose-node-problem-detector-rhel8@sha256:edd9b7d3df9f5f741c0d83607eabd20c0666960825dc21018813aee95fa0216a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:3b88fd834e952da56657207ef1c29d5cb05b0a71a68cdd6c6af00ab846166e47_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:baf9d876219182ca7f3f684640d361a55e43570446eed059f7061e8ff429f551_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:c7fec4fe430865ff8668e960cba75cb8f5c1ea448131dbc786a977ad9b988279_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:78251c9f29301cf945e7cd21059e26a4efa81f387351343391da8851fd47ad55_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:7ccfbebc93d0f6d2e48d1940fec540bd809ecfb81be7940431466ca950420acd_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:ba082241f9cc57f8b35a979d7b9096bdad4c9f6dd4cdecde0e4d6eba7645d9e2_amd64",
"8Base-RHOSE-4.6:openshift4/ose-service-idler-rhel8@sha256:b3ddfec490c5c285d373ea2eeea18361bdebbc377593157be592f8c903ab93e3_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-service-idler-rhel8@sha256:cd5a9bac048f8cad9f2a176101617712daad243e928db57c021c6da52774d953_s390x",
"8Base-RHOSE-4.6:openshift4/ose-service-idler-rhel8@sha256:e223fe4e6a2e1de6d0faa3c3b1164e914bdb9315f679416d3aecffd4f8544f06_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-cni@sha256:4a6d5d05e952393f41912f0b07e57ed2c6f1be49bd1bf6be2ad8dabffc9bf5a1_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-cni@sha256:c1ee961c1df9a16a2764d252cd3ee00ccba8faa5286352c0eff96e0a06daeb85_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-cni@sha256:e2161e3b282a02da7abc69b4d001ed19cffa1bee9e8275b5ee28874fcbd81670_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:277aef8937aa7892c1bf281de09177c46af5717d0107ca3a249cd43c4d9d60b2_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:2971cf58e8005c83acfedbdc25047fc61b2857c080da9964269384b1a580facc_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:9a10666afe36a5cfe9d184cc05e9505208ce48756637309767a9b1206b90c36f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-infiniband-cni@sha256:44b6e854ecd47519615b68965464e94b31e9a44a698df0574f858cf6f9f47b8c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-infiniband-cni@sha256:bd3f71cebd3399a0c610439ef26582deb6e67ca46080fe8e6c3e2b51bb95d118_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-infiniband-cni@sha256:fc1db84a3523bdddfd54725ecd4f75ae2271f4e97d649009ca8f9ae94a25cc1a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:17ec16af68906589680c714c3fb858fb83389e9278ca79b8f9ec4ad953821f2c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:a81cd86608af1bf295b247df68549ca62a980d6063f87fe6855f52ef69f9d933_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:ddad2bc791774d3b8b98eec435a9a74bef2ca20a6dfc9b45c3020c03f3c03b73_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:5203b4e517f0255d2e530f61c7dfa21784987074540eb83845e52d6a66d8e875_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:ce8ac507dc8593513b6e1b72ed497f5cb8699a28fb812290cf74f441ebf360d5_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:e1f3573ca92174ca9226d60edbffa24e2f6cd4f8b6affc4381dc92b4f7f9c7c5_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-operator@sha256:185cba65f61575ba943dd5cb2726a0ac9f46a2f7a70d215f20b5364236c9670d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-operator@sha256:49d76edf3ab80e9be59a94ec660d8168812f3455f5f10ff71826bb96969ffcec_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-operator@sha256:5dd21faf10657adb2e4bfeecdc7b04bfaa29938c19ffe57d88677553b5a1e79f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:290d63c1f882428084ed263cb9bf6fa6be0ef839ac0b864248dab92cee6790a7_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:caf2e25693bcfd91e9e7f7892e8cab4629ee1c25563f9e8c9904142c3e84cc48_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:f07c522de4d1858ee086ccad7d5f9c922564b0b67b6677611074f856e4334c4e_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-operator-must-gather@sha256:2a8e8fa7b43091882a5ee187715c7aafff72e361a8a75e0878068fcdb03f8a46_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-operator-must-gather@sha256:4297f0d0f045f58a11353fad6c9de6baaa31a6cb7903ad51f6b01bee4b9703f0_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-operator-must-gather@sha256:f8683e6e50556395669789acaeb433cf533dc43f77f45dcba49cbd69d3096c1b_amd64",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:271c133e0d283cd7bec61eb7d3201218fced204b1101fafdcd06998fb17f088b_s390x",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:b4a504d3d1fc1d1a8a2284edbf787dc3fc4279389c8f7a4f537da0f9d84f49de_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:ea78f087daa0036569c99345c064af69d9970b6721682f435dd5e3b424ef8892_amd64",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:065ab5c72fef744a40955cc745bef43af5853ea6a92adb9282f871cfeb50ddd4_amd64",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:0d541b24cd4e5f6fda0c0f6a652a600ce5b7107076dc0572a3da6b5d166220f7_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:a29b643415ccdec3c5d8157253b7273a0808de56f0dfe5329242dfcca8726700_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2035951"
}
],
"notes": [
{
"category": "description",
"text": "Apache Log4j2 versions 2.0-beta7 through 2.17.0 (excluding security fix releases 2.3.2 and 2.12.4) are vulnerable to a remote code execution (RCE) attack where an attacker with permission to modify the logging configuration file can construct a malicious configuration using a JDBC Appender with a data source referencing a JNDI URI which can execute remote code. This issue is fixed by limiting JNDI data source names to the java protocol in Log4j2 versions 2.17.1, 2.12.4, and 2.3.2.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "log4j-core: remote code execution via JDBC Appender",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Log4j 1.x is not impacted by this vulnerability. Therefore versions of log4j shipped with Red Hat Enterprise Linux are NOT affected by this flaw.\n\nFor Elasticsearch, as shipped in OpenShift Container Platform and OpenShift Logging, access to the log4j2.properties configuration is limited only to the cluster administrators and exploitation requires cluster logging changes, what reduced the impact of this vulnerability significantly [0].\n\n[0] https://discuss.elastic.co/t/apache-log4j2-remote-code-execution-rce-vulnerability-cve-2021-44228-esa-2021-31/291476#update-jan-6-5",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:08069eb8d8084532872995971c4613487efe93e338fb091db122b9bf48228927_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:43eaa7ac445e648a9a44b6dacb87f96708d67d2bc262ff59980d8929fb20797b_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:494cca490e8be47a3dd458f04791a11f80fca0255534fe926b5654e62d02950b_ppc64le"
],
"known_not_affected": [
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:0ead3c605631206f123a4c3b4c7b5e1249541d993d75c1a7cbaacae57bd047e7_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:6e7666c52fca236c7708df93a64720b1bc94d9997c5cca300fb78a5301a811d3_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:9851086ac084c5187482604b55b216009af51174b51b0a4ecaa22ae6965bdfac_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:538543b6ea1186ba46340e2fc0752dc397bc2bde989fa356427aa991ef52b23f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:552025bcda355dc99917e2a454b11df197c7033ec3468752db7f4f55385c0009_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:914377c29c441b67235d5da849da9d5d2ca0c206eff6092f81cba427359a6a68_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:3089ef3143857097229cf2b1098125c3bd889d920cbcd1e90e93870a4536a315_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:3487912c66a6b61677be483ad0d48d404933d4f2c855a962b0038adefda820ac_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:b10e9335ffcb0c66cc733c493e7e90c81ecdc62fe74cb628260553141dd0e768_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:3089ef3143857097229cf2b1098125c3bd889d920cbcd1e90e93870a4536a315_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:3487912c66a6b61677be483ad0d48d404933d4f2c855a962b0038adefda820ac_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:b10e9335ffcb0c66cc733c493e7e90c81ecdc62fe74cb628260553141dd0e768_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-logging-operator@sha256:2f8c778281b547d7f8a6926b4527651f1b93cbc836b4f567251b436406ae531d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-logging-operator@sha256:35b7c99ee5ef1e05c31713148ca45795d11fb8cec14f5b73a5082edde1a420dd_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-logging-operator@sha256:bf1348edada5d722cfdb83a825034eed794534da4297c2cba973ce10d422f3b6_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-nfd-operator@sha256:2fbdb1983c71d76bdc84593cb94b846afbe7504270ff49cf194d29f46c2a54ce_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-nfd-operator@sha256:60e1a506e61226b57744b5023b8683745b602b32570c844631c5516e277cea4d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-nfd-operator@sha256:837499b03eb6d86f40c9376d7f58ca99736fb028b9171215c9c11b3b7c9e1ea5_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:9be5d1bd86525b465f4e21734fb64cf33d06a558628abe51355818eec90d6c5b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:de31cfdda8f79d6d1712df654fb70f9b51ad59526751ee4cdded28b26924f64f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:f5a0bbf1cdee2baeeeef4a68f9c2778b3e32803aa39d3a5225ab14c5a834abda_amd64",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8@sha256:135edfa97d1e2c97e4d71e91f22cf412df20b1a2f985f9dace339ff6419b0afe_amd64",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8@sha256:67a5e7a3e155fee5aea31f5ff6191071f2dafdb3cf5f8f107fee7f749bac70b3_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8@sha256:af98ba0a7ae3b124c167043e04b1cf494a9a3fb5a8a6870456ee74b769f3505e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:13b72f06cf0587747fb189781a85a79e9d3245e9add207afba714b85659ccf51_amd64",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:e1025d0ff1b498ab133c2c8c952d74a06a26767919af075616ad3e3df7e1aa7b_s390x",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:e1f0421a3d7c05e9d89336b1a5d992aa794a707b45a7f19c24ba6fbf731fc030_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-egress-dns-proxy@sha256:06a4ed599ae7598453ea474092c8515b2bead4631d5fc22848f19100b3d8d34a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-egress-dns-proxy@sha256:12b125762c840f8f556b5338f26543c56358cb2a4e0da718f28c537c17978e92_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-dns-proxy@sha256:27f0d36b1d6e0b9f746d4645444311c80ce0b3bf2a7a1f40619e6abf5ebacdac_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-egress-http-proxy@sha256:1995f9ac67fec2ed8872a89fe7bf7bb72d9a25d50dc3f6060ae6cb7ca0b1cc50_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-egress-http-proxy@sha256:55731345ef77fdbf7592fa6c6385674111203be5aaa5d6bb01b86ce12da290f2_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-http-proxy@sha256:989062e17028afc452b6049eeb2b49988dbca1857b5be4c0ebc0d540ef4a9f0c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-egress-router@sha256:3fa086ab7418aade16598fdaab31318d6fea99d27b8e8cdc70c91aa14c970720_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-router@sha256:abc06cbf734379c3460d401eae44981d01f2489d85ba128d6c25ad4e9cc4ac5a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-egress-router@sha256:b793400ba4ca8347fed2769021f45589e96394d7f3f1b67d08e3787484193a8d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:55068deddcc722093ffbaef460407c0d62b95120489994ad35a3e103ae8bb825_s390x",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:babd8e4facbdf98988147f9ca14aed822b9661dfd07667c03cd5c2b3cd779c61_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:dad1e81945e33a88a10af0ba300ff838b9556b07856bb44625a1b5e06be59b5f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-proxy@sha256:30b5c49a7818318dca3ee1fabed17881ff1aaf7d85129ca28375754acefa01c1_s390x",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-proxy@sha256:6f38aaca7153b53dd766acef9a056816c358a389629930fb6704cd136457f1fd_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-proxy@sha256:ec79fffde7369e36a548c594e0cab8fd2aec68f4bfb870c966873de953c82e28_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ghostunnel@sha256:cf92e54db3dad23fa8df46847b1da1330d925bd0a6b3ac266eed31baae6c86a9_amd64",
"8Base-RHOSE-4.6:openshift4/ose-helm-operator@sha256:0c87dc49ed5f7fe9b495fc4ce9c04533a3cb30bcf35776730fb23d68fb7d935c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-helm-operator@sha256:23a05fd7b6dcdeec80089baf3ed23b4d601ac33f05bbf90b518aee0096f2e93a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-helm-operator@sha256:8123030facf3f2e1150a988fb48c04edb8bf8725fd1385fb5d6e00209a90aafc_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:18b19dd12254c5ce801ca4876c517a804dc1135104aada08822b8a1a01dea88b_s390x",
"8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:53e4efe77d61d5c975e0d2bda0a5721624fa9b9bbe845b879320745dc5808146_amd64",
"8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:f616d7ce6a927e4d07db54915e10c23052054883092b54cba31263fa2deeb143_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:5c917f6e16f53c787ab98ded89e6de10172ebbbc427ddd7b39274f6849fda279_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:f0803d7e103a6386db864d892b06a8506e1e8427f5439ade0b2b576cd57f39e1_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:ff35c8d9cafec29f141be52773cdbfc2b4da2197c54977554662e3c5b06443ba_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-operator@sha256:2e791e91cc04924add27dd73651cc783eb0dc134a5d936245ffcdb655fee973f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-operator@sha256:79d85a7a26cb26e7636c3e0057394739e5e7e553c460ea83130a75a1e047e139_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-operator@sha256:7ce40d96b827a92da571e809f563072c8dbcfeb4dd105e5e80c774ad7dd75424_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:88f085beb4edf3cdc7e03e08ec0bf896fd17fd5e8629891e1359b500ddee3d40_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:a112dd127655109b81ae6f9fa5d7458642c517a84a6fabb2ff76f19cf4b73cff_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:fce99497254da60d9ea29f8da240b21501f00369272a83229e9afe7cde4b3a9a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-curator5@sha256:ad1bc526e85aecd53f0b8563f6461f4e93ae7929f0e124a262781859ecad2b5d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-curator5@sha256:ef9ca522e2e42d28263fe567dfd1455872a13b779d009f569f86a9806f7727b5_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-curator5@sha256:f291f5cf001e32843171cced32c9266b3801cf8838d44fd150f7064c8edd15bc_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-eventrouter@sha256:0a4d48dd5651c1fd6038d6f1780c5bf012a6fad3dbb5442cb2331bac22ef30e6_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-eventrouter@sha256:3ce7b7b2c42de34e85ec322e781da324de0be3642acd1cbe7b51bc584a9266c0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-eventrouter@sha256:d174e013bab68f62d077d3994b3419e02bb48f7df30b7ba9416f3531898faa0f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-fluentd@sha256:4868be0ee955c03af2def300abc0462f1c9644f9247584e30fdccc2d8780679e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-fluentd@sha256:81b925ab3a62be690462b3b04d2dc837bac84650fb57f4adce339d69493cde44_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-fluentd@sha256:a8cfdeddcc6a910f5cb320afa136544575c6c8a957270973ce0fd09c090cada6_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:1b4742afd01443ad4b3e06b3fcaee1d5eb111db7a348f8b8a993e6d25da43460_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:713c0cf0011d8b9b965fce87c21c1822ec3e6b30a12d523cfae899e3df538376_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:96126e249c57434c3641c8bfdee4ffd009c5fc20cfa1ef2763ab33fbdca68d3b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-metering-ansible-operator@sha256:f976ae1318691de3da7f208bea500c745796ab9f8de712c1801268a2f431f23f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-hadoop@sha256:7c5a754163f73dbd38557b80f9c0b0286877774350177744ea6b199b0d62784f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-helm-container-rhel8@sha256:3c14ff447fbbccf0c201585598492336cdc9c7abec6be7e80e8df8ce15320ddc_s390x",
"8Base-RHOSE-4.6:openshift4/ose-metering-helm-container-rhel8@sha256:8280180d103a31b2e8594b2eb3711c205a956b2443624f6244488c86f0cab328_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-metering-helm-container-rhel8@sha256:d5a0cbbe425d23a642743748f74d4432e53ab2e30d7af633d470e7bda82a18af_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-hive@sha256:b7e2a84f2e134b4316a8db9edebacd9bd8bb2a7daa7bf000da1d8802c45a2b12_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-presto@sha256:84e9cbd74084dd42bd340ff837a9fb3de1f62babcb55c4a3a684c0b9881db385_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-reporting-operator@sha256:677d94835e2141a208294a4c241c8ed214a6d9c5c21c03c88c7ccf19b461d3b5_amd64",
"8Base-RHOSE-4.6:openshift4/ose-node-feature-discovery@sha256:232d317b3a859141cafea76fce1177284a2a2d58294acef23c7f73214bd5a43f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-node-feature-discovery@sha256:949915f8d3fa7b0d99e8b01fdf6cc6a28c16942a6978fa7cbb604467a5b9bd04_amd64",
"8Base-RHOSE-4.6:openshift4/ose-node-feature-discovery@sha256:bd3a05f7433b159efc5dd4aa12afffa6e9121ae612a93722425ddcef6fbaf9d3_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-node-problem-detector-rhel8@sha256:25f3e6e8ec060df5cd6ad82035cf6f7c973890829c95ef5a006af292882c5f17_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-node-problem-detector-rhel8@sha256:965ad84e25c85428bc5554dc24c929a294d766616649107cea227848f14605f1_s390x",
"8Base-RHOSE-4.6:openshift4/ose-node-problem-detector-rhel8@sha256:edd9b7d3df9f5f741c0d83607eabd20c0666960825dc21018813aee95fa0216a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:3b88fd834e952da56657207ef1c29d5cb05b0a71a68cdd6c6af00ab846166e47_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:baf9d876219182ca7f3f684640d361a55e43570446eed059f7061e8ff429f551_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:c7fec4fe430865ff8668e960cba75cb8f5c1ea448131dbc786a977ad9b988279_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:78251c9f29301cf945e7cd21059e26a4efa81f387351343391da8851fd47ad55_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:7ccfbebc93d0f6d2e48d1940fec540bd809ecfb81be7940431466ca950420acd_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:ba082241f9cc57f8b35a979d7b9096bdad4c9f6dd4cdecde0e4d6eba7645d9e2_amd64",
"8Base-RHOSE-4.6:openshift4/ose-service-idler-rhel8@sha256:b3ddfec490c5c285d373ea2eeea18361bdebbc377593157be592f8c903ab93e3_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-service-idler-rhel8@sha256:cd5a9bac048f8cad9f2a176101617712daad243e928db57c021c6da52774d953_s390x",
"8Base-RHOSE-4.6:openshift4/ose-service-idler-rhel8@sha256:e223fe4e6a2e1de6d0faa3c3b1164e914bdb9315f679416d3aecffd4f8544f06_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-cni@sha256:4a6d5d05e952393f41912f0b07e57ed2c6f1be49bd1bf6be2ad8dabffc9bf5a1_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-cni@sha256:c1ee961c1df9a16a2764d252cd3ee00ccba8faa5286352c0eff96e0a06daeb85_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-cni@sha256:e2161e3b282a02da7abc69b4d001ed19cffa1bee9e8275b5ee28874fcbd81670_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:277aef8937aa7892c1bf281de09177c46af5717d0107ca3a249cd43c4d9d60b2_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:2971cf58e8005c83acfedbdc25047fc61b2857c080da9964269384b1a580facc_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:9a10666afe36a5cfe9d184cc05e9505208ce48756637309767a9b1206b90c36f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-infiniband-cni@sha256:44b6e854ecd47519615b68965464e94b31e9a44a698df0574f858cf6f9f47b8c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-infiniband-cni@sha256:bd3f71cebd3399a0c610439ef26582deb6e67ca46080fe8e6c3e2b51bb95d118_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-infiniband-cni@sha256:fc1db84a3523bdddfd54725ecd4f75ae2271f4e97d649009ca8f9ae94a25cc1a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:17ec16af68906589680c714c3fb858fb83389e9278ca79b8f9ec4ad953821f2c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:a81cd86608af1bf295b247df68549ca62a980d6063f87fe6855f52ef69f9d933_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:ddad2bc791774d3b8b98eec435a9a74bef2ca20a6dfc9b45c3020c03f3c03b73_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:5203b4e517f0255d2e530f61c7dfa21784987074540eb83845e52d6a66d8e875_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:ce8ac507dc8593513b6e1b72ed497f5cb8699a28fb812290cf74f441ebf360d5_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:e1f3573ca92174ca9226d60edbffa24e2f6cd4f8b6affc4381dc92b4f7f9c7c5_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-operator@sha256:185cba65f61575ba943dd5cb2726a0ac9f46a2f7a70d215f20b5364236c9670d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-operator@sha256:49d76edf3ab80e9be59a94ec660d8168812f3455f5f10ff71826bb96969ffcec_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-operator@sha256:5dd21faf10657adb2e4bfeecdc7b04bfaa29938c19ffe57d88677553b5a1e79f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:290d63c1f882428084ed263cb9bf6fa6be0ef839ac0b864248dab92cee6790a7_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:caf2e25693bcfd91e9e7f7892e8cab4629ee1c25563f9e8c9904142c3e84cc48_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:f07c522de4d1858ee086ccad7d5f9c922564b0b67b6677611074f856e4334c4e_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-operator-must-gather@sha256:2a8e8fa7b43091882a5ee187715c7aafff72e361a8a75e0878068fcdb03f8a46_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-operator-must-gather@sha256:4297f0d0f045f58a11353fad6c9de6baaa31a6cb7903ad51f6b01bee4b9703f0_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-operator-must-gather@sha256:f8683e6e50556395669789acaeb433cf533dc43f77f45dcba49cbd69d3096c1b_amd64",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:271c133e0d283cd7bec61eb7d3201218fced204b1101fafdcd06998fb17f088b_s390x",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:b4a504d3d1fc1d1a8a2284edbf787dc3fc4279389c8f7a4f537da0f9d84f49de_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:ea78f087daa0036569c99345c064af69d9970b6721682f435dd5e3b424ef8892_amd64",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:065ab5c72fef744a40955cc745bef43af5853ea6a92adb9282f871cfeb50ddd4_amd64",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:0d541b24cd4e5f6fda0c0f6a652a600ce5b7107076dc0572a3da6b5d166220f7_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:a29b643415ccdec3c5d8157253b7273a0808de56f0dfe5329242dfcca8726700_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-44832"
},
{
"category": "external",
"summary": "RHBZ#2035951",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2035951"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-44832",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44832"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-44832",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-44832"
},
{
"category": "external",
"summary": "https://issues.apache.org/jira/browse/LOG4J2-3293",
"url": "https://issues.apache.org/jira/browse/LOG4J2-3293"
}
],
"release_date": "2021-12-28T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-01-27T08:24:22+00:00",
"details": "For OpenShift Container Platform 4.6 see the following documentation, which\nwill be updated shortly for this release, for important instructions on how\nto upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.6/release_notes/ocp-4-6-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.6/updating/updating-cluster-cli.html",
"product_ids": [
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:08069eb8d8084532872995971c4613487efe93e338fb091db122b9bf48228927_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:43eaa7ac445e648a9a44b6dacb87f96708d67d2bc262ff59980d8929fb20797b_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:494cca490e8be47a3dd458f04791a11f80fca0255534fe926b5654e62d02950b_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:0181"
},
{
"category": "workaround",
"details": "As per upstream:\n- In prior releases confirm that if the JDBC Appender is being used it is not configured to use any protocol other than Java.\n- Note that only the log4j-core JAR file is impacted by this vulnerability. Applications using only the log4j-api JAR file without the log4j-core JAR file are not impacted by this vulnerability.",
"product_ids": [
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:0ead3c605631206f123a4c3b4c7b5e1249541d993d75c1a7cbaacae57bd047e7_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:6e7666c52fca236c7708df93a64720b1bc94d9997c5cca300fb78a5301a811d3_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:9851086ac084c5187482604b55b216009af51174b51b0a4ecaa22ae6965bdfac_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:538543b6ea1186ba46340e2fc0752dc397bc2bde989fa356427aa991ef52b23f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:552025bcda355dc99917e2a454b11df197c7033ec3468752db7f4f55385c0009_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:914377c29c441b67235d5da849da9d5d2ca0c206eff6092f81cba427359a6a68_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:3089ef3143857097229cf2b1098125c3bd889d920cbcd1e90e93870a4536a315_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:3487912c66a6b61677be483ad0d48d404933d4f2c855a962b0038adefda820ac_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:b10e9335ffcb0c66cc733c493e7e90c81ecdc62fe74cb628260553141dd0e768_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:3089ef3143857097229cf2b1098125c3bd889d920cbcd1e90e93870a4536a315_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:3487912c66a6b61677be483ad0d48d404933d4f2c855a962b0038adefda820ac_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:b10e9335ffcb0c66cc733c493e7e90c81ecdc62fe74cb628260553141dd0e768_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-logging-operator@sha256:2f8c778281b547d7f8a6926b4527651f1b93cbc836b4f567251b436406ae531d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-logging-operator@sha256:35b7c99ee5ef1e05c31713148ca45795d11fb8cec14f5b73a5082edde1a420dd_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-logging-operator@sha256:bf1348edada5d722cfdb83a825034eed794534da4297c2cba973ce10d422f3b6_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-nfd-operator@sha256:2fbdb1983c71d76bdc84593cb94b846afbe7504270ff49cf194d29f46c2a54ce_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-nfd-operator@sha256:60e1a506e61226b57744b5023b8683745b602b32570c844631c5516e277cea4d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-nfd-operator@sha256:837499b03eb6d86f40c9376d7f58ca99736fb028b9171215c9c11b3b7c9e1ea5_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:9be5d1bd86525b465f4e21734fb64cf33d06a558628abe51355818eec90d6c5b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:de31cfdda8f79d6d1712df654fb70f9b51ad59526751ee4cdded28b26924f64f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:f5a0bbf1cdee2baeeeef4a68f9c2778b3e32803aa39d3a5225ab14c5a834abda_amd64",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8@sha256:135edfa97d1e2c97e4d71e91f22cf412df20b1a2f985f9dace339ff6419b0afe_amd64",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8@sha256:67a5e7a3e155fee5aea31f5ff6191071f2dafdb3cf5f8f107fee7f749bac70b3_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8@sha256:af98ba0a7ae3b124c167043e04b1cf494a9a3fb5a8a6870456ee74b769f3505e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:13b72f06cf0587747fb189781a85a79e9d3245e9add207afba714b85659ccf51_amd64",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:e1025d0ff1b498ab133c2c8c952d74a06a26767919af075616ad3e3df7e1aa7b_s390x",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:e1f0421a3d7c05e9d89336b1a5d992aa794a707b45a7f19c24ba6fbf731fc030_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-egress-dns-proxy@sha256:06a4ed599ae7598453ea474092c8515b2bead4631d5fc22848f19100b3d8d34a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-egress-dns-proxy@sha256:12b125762c840f8f556b5338f26543c56358cb2a4e0da718f28c537c17978e92_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-dns-proxy@sha256:27f0d36b1d6e0b9f746d4645444311c80ce0b3bf2a7a1f40619e6abf5ebacdac_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-egress-http-proxy@sha256:1995f9ac67fec2ed8872a89fe7bf7bb72d9a25d50dc3f6060ae6cb7ca0b1cc50_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-egress-http-proxy@sha256:55731345ef77fdbf7592fa6c6385674111203be5aaa5d6bb01b86ce12da290f2_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-http-proxy@sha256:989062e17028afc452b6049eeb2b49988dbca1857b5be4c0ebc0d540ef4a9f0c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-egress-router@sha256:3fa086ab7418aade16598fdaab31318d6fea99d27b8e8cdc70c91aa14c970720_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-router@sha256:abc06cbf734379c3460d401eae44981d01f2489d85ba128d6c25ad4e9cc4ac5a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-egress-router@sha256:b793400ba4ca8347fed2769021f45589e96394d7f3f1b67d08e3787484193a8d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:55068deddcc722093ffbaef460407c0d62b95120489994ad35a3e103ae8bb825_s390x",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:babd8e4facbdf98988147f9ca14aed822b9661dfd07667c03cd5c2b3cd779c61_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:dad1e81945e33a88a10af0ba300ff838b9556b07856bb44625a1b5e06be59b5f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-proxy@sha256:30b5c49a7818318dca3ee1fabed17881ff1aaf7d85129ca28375754acefa01c1_s390x",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-proxy@sha256:6f38aaca7153b53dd766acef9a056816c358a389629930fb6704cd136457f1fd_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-proxy@sha256:ec79fffde7369e36a548c594e0cab8fd2aec68f4bfb870c966873de953c82e28_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ghostunnel@sha256:cf92e54db3dad23fa8df46847b1da1330d925bd0a6b3ac266eed31baae6c86a9_amd64",
"8Base-RHOSE-4.6:openshift4/ose-helm-operator@sha256:0c87dc49ed5f7fe9b495fc4ce9c04533a3cb30bcf35776730fb23d68fb7d935c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-helm-operator@sha256:23a05fd7b6dcdeec80089baf3ed23b4d601ac33f05bbf90b518aee0096f2e93a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-helm-operator@sha256:8123030facf3f2e1150a988fb48c04edb8bf8725fd1385fb5d6e00209a90aafc_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:18b19dd12254c5ce801ca4876c517a804dc1135104aada08822b8a1a01dea88b_s390x",
"8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:53e4efe77d61d5c975e0d2bda0a5721624fa9b9bbe845b879320745dc5808146_amd64",
"8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:f616d7ce6a927e4d07db54915e10c23052054883092b54cba31263fa2deeb143_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:5c917f6e16f53c787ab98ded89e6de10172ebbbc427ddd7b39274f6849fda279_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:f0803d7e103a6386db864d892b06a8506e1e8427f5439ade0b2b576cd57f39e1_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:ff35c8d9cafec29f141be52773cdbfc2b4da2197c54977554662e3c5b06443ba_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-operator@sha256:2e791e91cc04924add27dd73651cc783eb0dc134a5d936245ffcdb655fee973f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-operator@sha256:79d85a7a26cb26e7636c3e0057394739e5e7e553c460ea83130a75a1e047e139_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-operator@sha256:7ce40d96b827a92da571e809f563072c8dbcfeb4dd105e5e80c774ad7dd75424_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:88f085beb4edf3cdc7e03e08ec0bf896fd17fd5e8629891e1359b500ddee3d40_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:a112dd127655109b81ae6f9fa5d7458642c517a84a6fabb2ff76f19cf4b73cff_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:fce99497254da60d9ea29f8da240b21501f00369272a83229e9afe7cde4b3a9a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-curator5@sha256:ad1bc526e85aecd53f0b8563f6461f4e93ae7929f0e124a262781859ecad2b5d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-curator5@sha256:ef9ca522e2e42d28263fe567dfd1455872a13b779d009f569f86a9806f7727b5_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-curator5@sha256:f291f5cf001e32843171cced32c9266b3801cf8838d44fd150f7064c8edd15bc_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:08069eb8d8084532872995971c4613487efe93e338fb091db122b9bf48228927_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:43eaa7ac445e648a9a44b6dacb87f96708d67d2bc262ff59980d8929fb20797b_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:494cca490e8be47a3dd458f04791a11f80fca0255534fe926b5654e62d02950b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-eventrouter@sha256:0a4d48dd5651c1fd6038d6f1780c5bf012a6fad3dbb5442cb2331bac22ef30e6_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-eventrouter@sha256:3ce7b7b2c42de34e85ec322e781da324de0be3642acd1cbe7b51bc584a9266c0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-eventrouter@sha256:d174e013bab68f62d077d3994b3419e02bb48f7df30b7ba9416f3531898faa0f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-fluentd@sha256:4868be0ee955c03af2def300abc0462f1c9644f9247584e30fdccc2d8780679e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-fluentd@sha256:81b925ab3a62be690462b3b04d2dc837bac84650fb57f4adce339d69493cde44_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-fluentd@sha256:a8cfdeddcc6a910f5cb320afa136544575c6c8a957270973ce0fd09c090cada6_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:1b4742afd01443ad4b3e06b3fcaee1d5eb111db7a348f8b8a993e6d25da43460_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:713c0cf0011d8b9b965fce87c21c1822ec3e6b30a12d523cfae899e3df538376_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:96126e249c57434c3641c8bfdee4ffd009c5fc20cfa1ef2763ab33fbdca68d3b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-metering-ansible-operator@sha256:f976ae1318691de3da7f208bea500c745796ab9f8de712c1801268a2f431f23f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-hadoop@sha256:7c5a754163f73dbd38557b80f9c0b0286877774350177744ea6b199b0d62784f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-helm-container-rhel8@sha256:3c14ff447fbbccf0c201585598492336cdc9c7abec6be7e80e8df8ce15320ddc_s390x",
"8Base-RHOSE-4.6:openshift4/ose-metering-helm-container-rhel8@sha256:8280180d103a31b2e8594b2eb3711c205a956b2443624f6244488c86f0cab328_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-metering-helm-container-rhel8@sha256:d5a0cbbe425d23a642743748f74d4432e53ab2e30d7af633d470e7bda82a18af_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-hive@sha256:b7e2a84f2e134b4316a8db9edebacd9bd8bb2a7daa7bf000da1d8802c45a2b12_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-presto@sha256:84e9cbd74084dd42bd340ff837a9fb3de1f62babcb55c4a3a684c0b9881db385_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-reporting-operator@sha256:677d94835e2141a208294a4c241c8ed214a6d9c5c21c03c88c7ccf19b461d3b5_amd64",
"8Base-RHOSE-4.6:openshift4/ose-node-feature-discovery@sha256:232d317b3a859141cafea76fce1177284a2a2d58294acef23c7f73214bd5a43f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-node-feature-discovery@sha256:949915f8d3fa7b0d99e8b01fdf6cc6a28c16942a6978fa7cbb604467a5b9bd04_amd64",
"8Base-RHOSE-4.6:openshift4/ose-node-feature-discovery@sha256:bd3a05f7433b159efc5dd4aa12afffa6e9121ae612a93722425ddcef6fbaf9d3_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-node-problem-detector-rhel8@sha256:25f3e6e8ec060df5cd6ad82035cf6f7c973890829c95ef5a006af292882c5f17_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-node-problem-detector-rhel8@sha256:965ad84e25c85428bc5554dc24c929a294d766616649107cea227848f14605f1_s390x",
"8Base-RHOSE-4.6:openshift4/ose-node-problem-detector-rhel8@sha256:edd9b7d3df9f5f741c0d83607eabd20c0666960825dc21018813aee95fa0216a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:3b88fd834e952da56657207ef1c29d5cb05b0a71a68cdd6c6af00ab846166e47_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:baf9d876219182ca7f3f684640d361a55e43570446eed059f7061e8ff429f551_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:c7fec4fe430865ff8668e960cba75cb8f5c1ea448131dbc786a977ad9b988279_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:78251c9f29301cf945e7cd21059e26a4efa81f387351343391da8851fd47ad55_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:7ccfbebc93d0f6d2e48d1940fec540bd809ecfb81be7940431466ca950420acd_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:ba082241f9cc57f8b35a979d7b9096bdad4c9f6dd4cdecde0e4d6eba7645d9e2_amd64",
"8Base-RHOSE-4.6:openshift4/ose-service-idler-rhel8@sha256:b3ddfec490c5c285d373ea2eeea18361bdebbc377593157be592f8c903ab93e3_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-service-idler-rhel8@sha256:cd5a9bac048f8cad9f2a176101617712daad243e928db57c021c6da52774d953_s390x",
"8Base-RHOSE-4.6:openshift4/ose-service-idler-rhel8@sha256:e223fe4e6a2e1de6d0faa3c3b1164e914bdb9315f679416d3aecffd4f8544f06_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-cni@sha256:4a6d5d05e952393f41912f0b07e57ed2c6f1be49bd1bf6be2ad8dabffc9bf5a1_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-cni@sha256:c1ee961c1df9a16a2764d252cd3ee00ccba8faa5286352c0eff96e0a06daeb85_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-cni@sha256:e2161e3b282a02da7abc69b4d001ed19cffa1bee9e8275b5ee28874fcbd81670_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:277aef8937aa7892c1bf281de09177c46af5717d0107ca3a249cd43c4d9d60b2_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:2971cf58e8005c83acfedbdc25047fc61b2857c080da9964269384b1a580facc_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:9a10666afe36a5cfe9d184cc05e9505208ce48756637309767a9b1206b90c36f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-infiniband-cni@sha256:44b6e854ecd47519615b68965464e94b31e9a44a698df0574f858cf6f9f47b8c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-infiniband-cni@sha256:bd3f71cebd3399a0c610439ef26582deb6e67ca46080fe8e6c3e2b51bb95d118_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-infiniband-cni@sha256:fc1db84a3523bdddfd54725ecd4f75ae2271f4e97d649009ca8f9ae94a25cc1a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:17ec16af68906589680c714c3fb858fb83389e9278ca79b8f9ec4ad953821f2c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:a81cd86608af1bf295b247df68549ca62a980d6063f87fe6855f52ef69f9d933_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:ddad2bc791774d3b8b98eec435a9a74bef2ca20a6dfc9b45c3020c03f3c03b73_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:5203b4e517f0255d2e530f61c7dfa21784987074540eb83845e52d6a66d8e875_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:ce8ac507dc8593513b6e1b72ed497f5cb8699a28fb812290cf74f441ebf360d5_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:e1f3573ca92174ca9226d60edbffa24e2f6cd4f8b6affc4381dc92b4f7f9c7c5_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-operator@sha256:185cba65f61575ba943dd5cb2726a0ac9f46a2f7a70d215f20b5364236c9670d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-operator@sha256:49d76edf3ab80e9be59a94ec660d8168812f3455f5f10ff71826bb96969ffcec_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-operator@sha256:5dd21faf10657adb2e4bfeecdc7b04bfaa29938c19ffe57d88677553b5a1e79f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:290d63c1f882428084ed263cb9bf6fa6be0ef839ac0b864248dab92cee6790a7_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:caf2e25693bcfd91e9e7f7892e8cab4629ee1c25563f9e8c9904142c3e84cc48_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:f07c522de4d1858ee086ccad7d5f9c922564b0b67b6677611074f856e4334c4e_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-operator-must-gather@sha256:2a8e8fa7b43091882a5ee187715c7aafff72e361a8a75e0878068fcdb03f8a46_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-operator-must-gather@sha256:4297f0d0f045f58a11353fad6c9de6baaa31a6cb7903ad51f6b01bee4b9703f0_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-operator-must-gather@sha256:f8683e6e50556395669789acaeb433cf533dc43f77f45dcba49cbd69d3096c1b_amd64",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:271c133e0d283cd7bec61eb7d3201218fced204b1101fafdcd06998fb17f088b_s390x",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:b4a504d3d1fc1d1a8a2284edbf787dc3fc4279389c8f7a4f537da0f9d84f49de_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:ea78f087daa0036569c99345c064af69d9970b6721682f435dd5e3b424ef8892_amd64",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:065ab5c72fef744a40955cc745bef43af5853ea6a92adb9282f871cfeb50ddd4_amd64",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:0d541b24cd4e5f6fda0c0f6a652a600ce5b7107076dc0572a3da6b5d166220f7_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:a29b643415ccdec3c5d8157253b7273a0808de56f0dfe5329242dfcca8726700_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:08069eb8d8084532872995971c4613487efe93e338fb091db122b9bf48228927_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:43eaa7ac445e648a9a44b6dacb87f96708d67d2bc262ff59980d8929fb20797b_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:494cca490e8be47a3dd458f04791a11f80fca0255534fe926b5654e62d02950b_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "log4j-core: remote code execution via JDBC Appender"
}
]
}
RHSA-2022_0138
Vulnerability from csaf_redhat - Published: 2022-01-13 15:25 - Updated: 2024-12-01 12:43Summary
Red Hat Security Advisory: Red Hat AMQ Streams 2.0.0 release and security update
Notes
Topic
Red Hat AMQ Streams 2.0.0 is now available from the Red Hat Customer Portal.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat AMQ Streams, based on the Apache Kafka project, offers a distributed backbone that allows microservices and other applications to share data with extremely high throughput and extremely low latency.
This release of Red Hat AMQ Streams 2.0.0 serves as a replacement for Red Hat AMQ Streams 1.8.4, and includes security and bug fixes, and enhancements.
Security Fix(es):
* jetty: crafted URIs allow bypassing security constraints (CVE-2021-34429)
* netty-codec: Bzip2Decoder doesn't allow setting size restrictions for decompressed data (CVE-2021-37136)
* netty-codec: SnappyFrameDecoder doesn't restrict chunk length and may buffer skippable chunks in an unnecessary way (CVE-2021-37137)
* Kafka: Timing Attack Vulnerability for Apache Kafka Connect and Clients (CVE-2021-38153)
* log4j-core: remote code execution via JDBC Appender (CVE-2021-44832)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Red Hat AMQ Streams 2.0.0 is now available from the Red Hat Customer Portal.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat AMQ Streams, based on the Apache Kafka project, offers a distributed backbone that allows microservices and other applications to share data with extremely high throughput and extremely low latency. \n\nThis release of Red Hat AMQ Streams 2.0.0 serves as a replacement for Red Hat AMQ Streams 1.8.4, and includes security and bug fixes, and enhancements.\n\nSecurity Fix(es):\n\n* jetty: crafted URIs allow bypassing security constraints (CVE-2021-34429)\n\n* netty-codec: Bzip2Decoder doesn\u0027t allow setting size restrictions for decompressed data (CVE-2021-37136)\n\n* netty-codec: SnappyFrameDecoder doesn\u0027t restrict chunk length and may buffer skippable chunks in an unnecessary way (CVE-2021-37137)\n\n* Kafka: Timing Attack Vulnerability for Apache Kafka Connect and Clients (CVE-2021-38153)\n\n* log4j-core: remote code execution via JDBC Appender (CVE-2021-44832)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2022:0138",
"url": "https://access.redhat.com/errata/RHSA-2022:0138"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=distributions\u0026product=jboss.amq.streams\u0026version=2.0.0",
"url": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=distributions\u0026product=jboss.amq.streams\u0026version=2.0.0"
},
{
"category": "external",
"summary": "1985223",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1985223"
},
{
"category": "external",
"summary": "2004133",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2004133"
},
{
"category": "external",
"summary": "2004135",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2004135"
},
{
"category": "external",
"summary": "2009041",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2009041"
},
{
"category": "external",
"summary": "2035951",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2035951"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2022/rhsa-2022_0138.json"
}
],
"title": "Red Hat Security Advisory: Red Hat AMQ Streams 2.0.0 release and security update",
"tracking": {
"current_release_date": "2024-12-01T12:43:15+00:00",
"generator": {
"date": "2024-12-01T12:43:15+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.1"
}
},
"id": "RHSA-2022:0138",
"initial_release_date": "2022-01-13T15:25:07+00:00",
"revision_history": [
{
"date": "2022-01-13T15:25:07+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2022-01-13T15:25:08+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-12-01T12:43:15+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat AMQ Streams 2.0.0",
"product": {
"name": "Red Hat AMQ Streams 2.0.0",
"product_id": "Red Hat AMQ Streams 2.0.0",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:amq_streams:2"
}
}
}
],
"category": "product_family",
"name": "Red Hat JBoss AMQ"
}
],
"category": "vendor",
"name": "Red Hat"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-34429",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"discovery_date": "2021-07-23T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1985223"
}
],
"notes": [
{
"category": "description",
"text": "For Eclipse Jetty versions 9.4.37-9.4.42, 10.0.1-10.0.5 \u0026 11.0.1-11.0.5, URIs can be crafted using some encoded characters to access the content of the WEB-INF directory and/or bypass some security constraints. This is a variation of the vulnerability reported in CVE-2021-28164/GHSA-v7ff-8wcx-gmc5.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jetty: crafted URIs allow bypassing security constraints",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "OCP 3.11 is out of the support scope for Moderate and Low impact vulnerabilities because is already in the Maintenance Support phase, hence the affected OCP 3.11 component has been marked as \"ooss\".\n\nRed Hat OpenStack Platform\u0027s OpenDaylight will not be updated for this flaw because it was deprecated as of OpenStack Platform 14 and is only receiving security fixes for Critical flaws.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AMQ Streams 2.0.0"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-34429"
},
{
"category": "external",
"summary": "RHBZ#1985223",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1985223"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-34429",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-34429"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-34429",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-34429"
}
],
"release_date": "2021-07-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-01-13T15:25:07+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat AMQ Streams 2.0.0"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:0138"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"Red Hat AMQ Streams 2.0.0"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jetty: crafted URIs allow bypassing security constraints"
},
{
"cve": "CVE-2021-37136",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2021-09-14T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2004133"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Netty\u0027s netty-codec due to size restrictions for decompressed data in the Bzip2Decoder. By sending a specially-crafted input, a remote attacker could cause a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "netty-codec: Bzip2Decoder doesn\u0027t allow setting size restrictions for decompressed data",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "In the OpenShift Container Platform (OCP), the Hive/Presto/Hadoop components that comprise the OCP Metering stack ship the vulnerable version of netty-codec package. Since the release of OCP 4.6, the Metering product has been deprecated [1], so the affected components are marked as wontfix. This may be fixed in the future.\n\nStarting in OCP 4.7, the elasticsearch component is shipping as a part of the OpenShift Logging product (openshift-logging/elasticsearch6-rhel8). The elasticsearch component delivered in OCP 4.6 is marked as `Out of support scope` because these versions are already under Maintenance Phase of the support.\n\n[1] https://docs.openshift.com/container-platform/4.6/release_notes/ocp-4-6-release-notes.html#ocp-4-6-metering-operator-deprecated",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AMQ Streams 2.0.0"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-37136"
},
{
"category": "external",
"summary": "RHBZ#2004133",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2004133"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-37136",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-37136"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-37136",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-37136"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/security/advisories/GHSA-grg4-wf29-r9vv",
"url": "https://github.com/netty/netty/security/advisories/GHSA-grg4-wf29-r9vv"
}
],
"release_date": "2021-09-09T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-01-13T15:25:07+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat AMQ Streams 2.0.0"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:0138"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat AMQ Streams 2.0.0"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "netty-codec: Bzip2Decoder doesn\u0027t allow setting size restrictions for decompressed data"
},
{
"cve": "CVE-2021-37137",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2021-09-14T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2004135"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Netty\u0027s netty-codec due to unrestricted chunk lengths in the SnappyFrameDecoder. By sending a specially-crafted input, a remote attacker could cause excessive memory usage resulting in a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "netty-codec: SnappyFrameDecoder doesn\u0027t restrict chunk length and may buffer skippable chunks in an unnecessary way",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "In OpenShift Container Platform (OCP), the Hive/Presto/Hadoop components that comprise the OCP Metering stack, ship the vulnerable version of netty-codec package.\nSince the release of OCP 4.6, the Metering product has been deprecated [1], hence the affected components are marked as wontfix.\nThis may be fixed in the future.\n\nStarting in OCP 4.7, the elasticsearch component is shipping as a part of the OpenShift Logging product (openshift-logging/elasticsearch6-rhel8). The elasticsearch component delivered in OCP 4.6 is marked as `Out of support scope` because these versions are already under Maintenance Phase of the support.\n\n[1] https://docs.openshift.com/container-platform/4.6/release_notes/ocp-4-6-release-notes.html#ocp-4-6-metering-operator-deprecated",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AMQ Streams 2.0.0"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-37137"
},
{
"category": "external",
"summary": "RHBZ#2004135",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2004135"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-37137",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-37137"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-37137",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-37137"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/security/advisories/GHSA-grg4-wf29-r9vv",
"url": "https://github.com/netty/netty/security/advisories/GHSA-grg4-wf29-r9vv"
}
],
"release_date": "2021-09-09T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-01-13T15:25:07+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat AMQ Streams 2.0.0"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:0138"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat AMQ Streams 2.0.0"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "netty-codec: SnappyFrameDecoder doesn\u0027t restrict chunk length and may buffer skippable chunks in an unnecessary way"
},
{
"cve": "CVE-2021-38153",
"cwe": {
"id": "CWE-367",
"name": "Time-of-check Time-of-use (TOCTOU) Race Condition"
},
"discovery_date": "2021-09-21T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2009041"
}
],
"notes": [
{
"category": "description",
"text": "Some components in Apache Kafka use `Arrays.equals` to validate a password or key, which is vulnerable to timing attacks that make brute force attacks for such credentials more likely to be successful. Users should upgrade to 2.8.1 or higher, or 3.0.0 or higher where this vulnerability has been fixed. The affected versions include Apache Kafka 2.0.0, 2.0.1, 2.1.0, 2.1.1, 2.2.0, 2.2.1, 2.2.2, 2.3.0, 2.3.1, 2.4.0, 2.4.1, 2.5.0, 2.5.1, 2.6.0, 2.6.1, 2.6.2, 2.7.0, 2.7.1, and 2.8.0.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Kafka: Timing Attack Vulnerability for Apache Kafka Connect and Clients",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AMQ Streams 2.0.0"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-38153"
},
{
"category": "external",
"summary": "RHBZ#2009041",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2009041"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-38153",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-38153"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-38153",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-38153"
}
],
"release_date": "2021-09-21T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-01-13T15:25:07+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat AMQ Streams 2.0.0"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:0138"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"Red Hat AMQ Streams 2.0.0"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "Kafka: Timing Attack Vulnerability for Apache Kafka Connect and Clients"
},
{
"cve": "CVE-2021-44832",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2021-12-28T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2035951"
}
],
"notes": [
{
"category": "description",
"text": "Apache Log4j2 versions 2.0-beta7 through 2.17.0 (excluding security fix releases 2.3.2 and 2.12.4) are vulnerable to a remote code execution (RCE) attack where an attacker with permission to modify the logging configuration file can construct a malicious configuration using a JDBC Appender with a data source referencing a JNDI URI which can execute remote code. This issue is fixed by limiting JNDI data source names to the java protocol in Log4j2 versions 2.17.1, 2.12.4, and 2.3.2.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "log4j-core: remote code execution via JDBC Appender",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Log4j 1.x is not impacted by this vulnerability. Therefore versions of log4j shipped with Red Hat Enterprise Linux are NOT affected by this flaw.\n\nFor Elasticsearch, as shipped in OpenShift Container Platform and OpenShift Logging, access to the log4j2.properties configuration is limited only to the cluster administrators and exploitation requires cluster logging changes, what reduced the impact of this vulnerability significantly [0].\n\n[0] https://discuss.elastic.co/t/apache-log4j2-remote-code-execution-rce-vulnerability-cve-2021-44228-esa-2021-31/291476#update-jan-6-5",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AMQ Streams 2.0.0"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-44832"
},
{
"category": "external",
"summary": "RHBZ#2035951",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2035951"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-44832",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44832"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-44832",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-44832"
},
{
"category": "external",
"summary": "https://issues.apache.org/jira/browse/LOG4J2-3293",
"url": "https://issues.apache.org/jira/browse/LOG4J2-3293"
}
],
"release_date": "2021-12-28T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-01-13T15:25:07+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat AMQ Streams 2.0.0"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:0138"
},
{
"category": "workaround",
"details": "As per upstream:\n- In prior releases confirm that if the JDBC Appender is being used it is not configured to use any protocol other than Java.\n- Note that only the log4j-core JAR file is impacted by this vulnerability. Applications using only the log4j-api JAR file without the log4j-core JAR file are not impacted by this vulnerability.",
"product_ids": [
"Red Hat AMQ Streams 2.0.0"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat AMQ Streams 2.0.0"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "log4j-core: remote code execution via JDBC Appender"
},
{
"cve": "CVE-2021-45046",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2021-12-14T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2032580"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Apache Log4j logging library in versions from 2.0.0 and before 2.16.0. A remote attacker with control over Thread Context Map (MDC) input data could craft malicious input using a JNDI Lookup pattern resulting in remote code execution (RCE) in a limited number of environments.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "log4j-core: DoS in log4j 2.x with thread context message pattern and context lookup pattern (incomplete fix for CVE-2021-44228)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Although we have matched Apache\u0027s CVSS score, with the exception of the scope metric which will remain unaltered at \"unchanged\"; as we believe code execution would be at the permission levels of the running JVM and not exceeding that of the original CVE-2021-44228 flaw.\n \nWe have given this vulnerability an impact rating of Moderate, this is because of the unlikely nature of log4j lookup mapping values being derived from attacker controlled values. This is not the default configuration for end-applications using log4j 2.x and would require explicit action from a privileged user (a developer or administrator) to access the vulnerability. \nIn certain non-default configurations, it was found that the fix to address CVE-2021-44228 in Apache Log4j 2.15.0 was insufficient.\n\nThis issue affects the log4j version between 2.0 and 2.15. Log4j 1.x is NOT impacted by this vulnerability. \n\nPrerequisites to exploit this flaw are :\n\n- A remotely accessible endpoint with any protocol (HTTP, TCP, etc) that allows an attacker to send arbitrary data,\n- A log statement in the endpoint that logs the attacker controlled data.\n- Log4j configuration file should be explicitly configured to use a non-default Pattern Layout with a Context Lookup eg. ($${ctx:loginId}) \n\nIn most cases, the mitigation suggested for CVE-2021-44228 (i.e. to set the system property `log4j2.noFormatMsgLookup` to `true) does NOT mitigate this specific vulnerability. \nLog4j 2.16.0 fixes this issue by removing support for message lookup patterns and disabling JNDI functionality by default.\n\nFor Elasticsearch, as shipped in OpenShift 3.11, the \"log4j2.formatMsgNoLookups=true\" system property mitigation is sufficient as there are no included non-standard configurations that allow for exploitation:\n\nhttps://github.com/openshift/openshift-ansible/blob/release-3.11/roles/openshift_logging_elasticsearch/templates/log4j2.properties.j2\n\nhttps://discuss.elastic.co/t/apache-log4j2-remote-code-execution-rce-vulnerability-cve-2021-44228-esa-2021-31/291476\n\nFor CodeReady Studio the fix for this flaw is available on CodeReady Studio 12.21.3 and above versions.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AMQ Streams 2.0.0"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-45046"
},
{
"category": "external",
"summary": "RHBZ#2032580",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2032580"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-45046",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-45046"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-45046",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-45046"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2021-44228",
"url": "https://access.redhat.com/security/cve/CVE-2021-44228"
},
{
"category": "external",
"summary": "https://logging.apache.org/log4j/2.x/security.html",
"url": "https://logging.apache.org/log4j/2.x/security.html"
},
{
"category": "external",
"summary": "https://www.openwall.com/lists/oss-security/2021/12/14/4",
"url": "https://www.openwall.com/lists/oss-security/2021/12/14/4"
},
{
"category": "external",
"summary": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog",
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
}
],
"release_date": "2021-12-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-01-13T15:25:07+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat AMQ Streams 2.0.0"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:0138"
},
{
"category": "workaround",
"details": "For Log4j versions up to and including 2.15.0, this issue can be mitigated by removing the JndiLookup class from the classpath (example: zip -q -d log4j-core-*.jar org/apache/logging/log4j/core/lookup/JndiLookup.class).",
"product_ids": [
"Red Hat AMQ Streams 2.0.0"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat AMQ Streams 2.0.0"
]
}
],
"threats": [
{
"category": "exploit_status",
"date": "2023-05-01T00:00:00+00:00",
"details": "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
},
{
"category": "impact",
"details": "Moderate"
}
],
"title": "log4j-core: DoS in log4j 2.x with thread context message pattern and context lookup pattern (incomplete fix for CVE-2021-44228)"
}
]
}
RHSA-2022:0226
Vulnerability from csaf_redhat - Published: 2022-01-20 21:39 - Updated: 2025-11-21 18:28Summary
Red Hat Security Advisory: Red Hat OpenShift Enterprise Logging bug fix and security update (5.1.7)
Notes
Topic
An update is now available for OpenShift Logging (5.1.7)
Red Hat Product Security has rated this update as having a security impact of
Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives
a detailed severity rating, is available for each vulnerability from the CVE
link(s) in the References section.
Details
OpenShift Logging Bug Fix Release (5.1.7)
Security Fix(es):
* nodejs-ua-parser-js: ReDoS via malicious User-Agent header (CVE-2021-27292)
* log4j-core: remote code execution via JDBC Appender (CVE-2021-44832)
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update is now available for OpenShift Logging (5.1.7)\n\nRed Hat Product Security has rated this update as having a security impact of\nModerate. A Common Vulnerability Scoring System (CVSS) base score, which gives\na detailed severity rating, is available for each vulnerability from the CVE\nlink(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "OpenShift Logging Bug Fix Release (5.1.7)\n\nSecurity Fix(es):\n\n* nodejs-ua-parser-js: ReDoS via malicious User-Agent header (CVE-2021-27292)\n\n* log4j-core: remote code execution via JDBC Appender (CVE-2021-44832)",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2022:0226",
"url": "https://access.redhat.com/errata/RHSA-2022:0226"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "1940613",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1940613"
},
{
"category": "external",
"summary": "2035951",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2035951"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2022/rhsa-2022_0226.json"
}
],
"title": "Red Hat Security Advisory: Red Hat OpenShift Enterprise Logging bug fix and security update (5.1.7)",
"tracking": {
"current_release_date": "2025-11-21T18:28:02+00:00",
"generator": {
"date": "2025-11-21T18:28:02+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.12"
}
},
"id": "RHSA-2022:0226",
"initial_release_date": "2022-01-20T21:39:00+00:00",
"revision_history": [
{
"date": "2022-01-20T21:39:00+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2022-01-20T21:39:00+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-11-21T18:28:02+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "OpenShift Logging 5.1",
"product": {
"name": "OpenShift Logging 5.1",
"product_id": "8Base-OSE-LOGGING-5.1",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:logging:5.1::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenShift Enterprise"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-logging/cluster-logging-rhel8-operator@sha256:5f1436f57bc60663619d099cc54eac735a4ea885eb224a659b0aad66f14dcc36_s390x",
"product": {
"name": "openshift-logging/cluster-logging-rhel8-operator@sha256:5f1436f57bc60663619d099cc54eac735a4ea885eb224a659b0aad66f14dcc36_s390x",
"product_id": "openshift-logging/cluster-logging-rhel8-operator@sha256:5f1436f57bc60663619d099cc54eac735a4ea885eb224a659b0aad66f14dcc36_s390x",
"product_identification_helper": {
"purl": "pkg:oci/cluster-logging-rhel8-operator@sha256:5f1436f57bc60663619d099cc54eac735a4ea885eb224a659b0aad66f14dcc36?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/cluster-logging-rhel8-operator\u0026tag=v5.1.7-2"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch-rhel8-operator@sha256:747bf587b1cb27d3fc872f40938a8f3ded033c97eab756712ca2a427fbeee4f0_s390x",
"product": {
"name": "openshift-logging/elasticsearch-rhel8-operator@sha256:747bf587b1cb27d3fc872f40938a8f3ded033c97eab756712ca2a427fbeee4f0_s390x",
"product_id": "openshift-logging/elasticsearch-rhel8-operator@sha256:747bf587b1cb27d3fc872f40938a8f3ded033c97eab756712ca2a427fbeee4f0_s390x",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch-rhel8-operator@sha256:747bf587b1cb27d3fc872f40938a8f3ded033c97eab756712ca2a427fbeee4f0?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch-rhel8-operator\u0026tag=v5.1.7-2"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:7eca37c2de3ab91f5561bc30d6057dcc7e32dd3e41af9c78739b2c840d26f3d4_s390x",
"product": {
"name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:7eca37c2de3ab91f5561bc30d6057dcc7e32dd3e41af9c78739b2c840d26f3d4_s390x",
"product_id": "openshift-logging/elasticsearch-proxy-rhel8@sha256:7eca37c2de3ab91f5561bc30d6057dcc7e32dd3e41af9c78739b2c840d26f3d4_s390x",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch-proxy-rhel8@sha256:7eca37c2de3ab91f5561bc30d6057dcc7e32dd3e41af9c78739b2c840d26f3d4?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch-proxy-rhel8\u0026tag=v1.0.0-102"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch6-rhel8@sha256:3e971f5c333ced1166981d713355fd55f984108cd50bf458b9ea29eb637df9ce_s390x",
"product": {
"name": "openshift-logging/elasticsearch6-rhel8@sha256:3e971f5c333ced1166981d713355fd55f984108cd50bf458b9ea29eb637df9ce_s390x",
"product_id": "openshift-logging/elasticsearch6-rhel8@sha256:3e971f5c333ced1166981d713355fd55f984108cd50bf458b9ea29eb637df9ce_s390x",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch6-rhel8@sha256:3e971f5c333ced1166981d713355fd55f984108cd50bf458b9ea29eb637df9ce?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch6-rhel8\u0026tag=v6.8.1-98"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/eventrouter-rhel8@sha256:499aa444f1c77cc0e238577b35ce707a6233b7c10695aa058f036694cc65f62d_s390x",
"product": {
"name": "openshift-logging/eventrouter-rhel8@sha256:499aa444f1c77cc0e238577b35ce707a6233b7c10695aa058f036694cc65f62d_s390x",
"product_id": "openshift-logging/eventrouter-rhel8@sha256:499aa444f1c77cc0e238577b35ce707a6233b7c10695aa058f036694cc65f62d_s390x",
"product_identification_helper": {
"purl": "pkg:oci/eventrouter-rhel8@sha256:499aa444f1c77cc0e238577b35ce707a6233b7c10695aa058f036694cc65f62d?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/eventrouter-rhel8\u0026tag=v0.3.0-97"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/fluentd-rhel8@sha256:dd94d77116595d5aede41e3fdd38681767a0ac294b743b9d608268fef97720d1_s390x",
"product": {
"name": "openshift-logging/fluentd-rhel8@sha256:dd94d77116595d5aede41e3fdd38681767a0ac294b743b9d608268fef97720d1_s390x",
"product_id": "openshift-logging/fluentd-rhel8@sha256:dd94d77116595d5aede41e3fdd38681767a0ac294b743b9d608268fef97720d1_s390x",
"product_identification_helper": {
"purl": "pkg:oci/fluentd-rhel8@sha256:dd94d77116595d5aede41e3fdd38681767a0ac294b743b9d608268fef97720d1?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/fluentd-rhel8\u0026tag=v1.7.4-102"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/kibana6-rhel8@sha256:318f21b10f1b22d14a0bf0d895c597e29f498442bc90fb5c26886e696fbe68a5_s390x",
"product": {
"name": "openshift-logging/kibana6-rhel8@sha256:318f21b10f1b22d14a0bf0d895c597e29f498442bc90fb5c26886e696fbe68a5_s390x",
"product_id": "openshift-logging/kibana6-rhel8@sha256:318f21b10f1b22d14a0bf0d895c597e29f498442bc90fb5c26886e696fbe68a5_s390x",
"product_identification_helper": {
"purl": "pkg:oci/kibana6-rhel8@sha256:318f21b10f1b22d14a0bf0d895c597e29f498442bc90fb5c26886e696fbe68a5?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/kibana6-rhel8\u0026tag=v6.8.1-108"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-logging/cluster-logging-rhel8-operator@sha256:f96340f2ae0699d07b36e2e0e47bdda190635c276eb9122513f57b2f0ffd25f7_ppc64le",
"product": {
"name": "openshift-logging/cluster-logging-rhel8-operator@sha256:f96340f2ae0699d07b36e2e0e47bdda190635c276eb9122513f57b2f0ffd25f7_ppc64le",
"product_id": "openshift-logging/cluster-logging-rhel8-operator@sha256:f96340f2ae0699d07b36e2e0e47bdda190635c276eb9122513f57b2f0ffd25f7_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/cluster-logging-rhel8-operator@sha256:f96340f2ae0699d07b36e2e0e47bdda190635c276eb9122513f57b2f0ffd25f7?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/cluster-logging-rhel8-operator\u0026tag=v5.1.7-2"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch-rhel8-operator@sha256:0d759e02a84eaf59cffc0143b51fd922363f0488a537562731e5c71bbd555a92_ppc64le",
"product": {
"name": "openshift-logging/elasticsearch-rhel8-operator@sha256:0d759e02a84eaf59cffc0143b51fd922363f0488a537562731e5c71bbd555a92_ppc64le",
"product_id": "openshift-logging/elasticsearch-rhel8-operator@sha256:0d759e02a84eaf59cffc0143b51fd922363f0488a537562731e5c71bbd555a92_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch-rhel8-operator@sha256:0d759e02a84eaf59cffc0143b51fd922363f0488a537562731e5c71bbd555a92?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch-rhel8-operator\u0026tag=v5.1.7-2"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:b9025248fa3fe48e38e12409b77b93782a2c2977fd48cf43de74bfbf8ed4a016_ppc64le",
"product": {
"name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:b9025248fa3fe48e38e12409b77b93782a2c2977fd48cf43de74bfbf8ed4a016_ppc64le",
"product_id": "openshift-logging/elasticsearch-proxy-rhel8@sha256:b9025248fa3fe48e38e12409b77b93782a2c2977fd48cf43de74bfbf8ed4a016_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch-proxy-rhel8@sha256:b9025248fa3fe48e38e12409b77b93782a2c2977fd48cf43de74bfbf8ed4a016?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch-proxy-rhel8\u0026tag=v1.0.0-102"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch6-rhel8@sha256:9b1a4b2ca3c32aa6a8a5bbcb28af0e6bbd0ea5368ab317e8a0dc7ba5f9b0ddc4_ppc64le",
"product": {
"name": "openshift-logging/elasticsearch6-rhel8@sha256:9b1a4b2ca3c32aa6a8a5bbcb28af0e6bbd0ea5368ab317e8a0dc7ba5f9b0ddc4_ppc64le",
"product_id": "openshift-logging/elasticsearch6-rhel8@sha256:9b1a4b2ca3c32aa6a8a5bbcb28af0e6bbd0ea5368ab317e8a0dc7ba5f9b0ddc4_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch6-rhel8@sha256:9b1a4b2ca3c32aa6a8a5bbcb28af0e6bbd0ea5368ab317e8a0dc7ba5f9b0ddc4?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch6-rhel8\u0026tag=v6.8.1-98"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/eventrouter-rhel8@sha256:b7706ebba12fba423afe2b333677aa4fa16ecd72cfcd2c5b076dfb34d5d400e6_ppc64le",
"product": {
"name": "openshift-logging/eventrouter-rhel8@sha256:b7706ebba12fba423afe2b333677aa4fa16ecd72cfcd2c5b076dfb34d5d400e6_ppc64le",
"product_id": "openshift-logging/eventrouter-rhel8@sha256:b7706ebba12fba423afe2b333677aa4fa16ecd72cfcd2c5b076dfb34d5d400e6_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/eventrouter-rhel8@sha256:b7706ebba12fba423afe2b333677aa4fa16ecd72cfcd2c5b076dfb34d5d400e6?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/eventrouter-rhel8\u0026tag=v0.3.0-97"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/fluentd-rhel8@sha256:63a5e130e712bf0292167f0aa8c3018b77bdb73042160fd14057d4678ff613ff_ppc64le",
"product": {
"name": "openshift-logging/fluentd-rhel8@sha256:63a5e130e712bf0292167f0aa8c3018b77bdb73042160fd14057d4678ff613ff_ppc64le",
"product_id": "openshift-logging/fluentd-rhel8@sha256:63a5e130e712bf0292167f0aa8c3018b77bdb73042160fd14057d4678ff613ff_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/fluentd-rhel8@sha256:63a5e130e712bf0292167f0aa8c3018b77bdb73042160fd14057d4678ff613ff?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/fluentd-rhel8\u0026tag=v1.7.4-102"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/kibana6-rhel8@sha256:b43d04bc71797caab0d1b6bb5f14d18a04b09fee5272e9e03d50056dbb2116fc_ppc64le",
"product": {
"name": "openshift-logging/kibana6-rhel8@sha256:b43d04bc71797caab0d1b6bb5f14d18a04b09fee5272e9e03d50056dbb2116fc_ppc64le",
"product_id": "openshift-logging/kibana6-rhel8@sha256:b43d04bc71797caab0d1b6bb5f14d18a04b09fee5272e9e03d50056dbb2116fc_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/kibana6-rhel8@sha256:b43d04bc71797caab0d1b6bb5f14d18a04b09fee5272e9e03d50056dbb2116fc?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/kibana6-rhel8\u0026tag=v6.8.1-108"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-logging/cluster-logging-rhel8-operator@sha256:8715b4821f39144aeb5d015e0621c859b45d3175c0f8415bd1542f7f7f063dec_amd64",
"product": {
"name": "openshift-logging/cluster-logging-rhel8-operator@sha256:8715b4821f39144aeb5d015e0621c859b45d3175c0f8415bd1542f7f7f063dec_amd64",
"product_id": "openshift-logging/cluster-logging-rhel8-operator@sha256:8715b4821f39144aeb5d015e0621c859b45d3175c0f8415bd1542f7f7f063dec_amd64",
"product_identification_helper": {
"purl": "pkg:oci/cluster-logging-rhel8-operator@sha256:8715b4821f39144aeb5d015e0621c859b45d3175c0f8415bd1542f7f7f063dec?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/cluster-logging-rhel8-operator\u0026tag=v5.1.7-2"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/cluster-logging-operator-bundle@sha256:cd21e02ce7d7900dd20083b561b98161199561726c310c1ff3f619b700a660d9_amd64",
"product": {
"name": "openshift-logging/cluster-logging-operator-bundle@sha256:cd21e02ce7d7900dd20083b561b98161199561726c310c1ff3f619b700a660d9_amd64",
"product_id": "openshift-logging/cluster-logging-operator-bundle@sha256:cd21e02ce7d7900dd20083b561b98161199561726c310c1ff3f619b700a660d9_amd64",
"product_identification_helper": {
"purl": "pkg:oci/cluster-logging-operator-bundle@sha256:cd21e02ce7d7900dd20083b561b98161199561726c310c1ff3f619b700a660d9?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/cluster-logging-operator-bundle\u0026tag=v5.1.7-3"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch-rhel8-operator@sha256:df696bb6cc563e646f51ccd409c961cfb06b39f361857392ec80f30add0927ab_amd64",
"product": {
"name": "openshift-logging/elasticsearch-rhel8-operator@sha256:df696bb6cc563e646f51ccd409c961cfb06b39f361857392ec80f30add0927ab_amd64",
"product_id": "openshift-logging/elasticsearch-rhel8-operator@sha256:df696bb6cc563e646f51ccd409c961cfb06b39f361857392ec80f30add0927ab_amd64",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch-rhel8-operator@sha256:df696bb6cc563e646f51ccd409c961cfb06b39f361857392ec80f30add0927ab?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch-rhel8-operator\u0026tag=v5.1.7-2"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch-operator-bundle@sha256:8c60be512aa5cbec4247f2bcbcb0d829edc2f4b2c28ebd78673be8c15b4c4d99_amd64",
"product": {
"name": "openshift-logging/elasticsearch-operator-bundle@sha256:8c60be512aa5cbec4247f2bcbcb0d829edc2f4b2c28ebd78673be8c15b4c4d99_amd64",
"product_id": "openshift-logging/elasticsearch-operator-bundle@sha256:8c60be512aa5cbec4247f2bcbcb0d829edc2f4b2c28ebd78673be8c15b4c4d99_amd64",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch-operator-bundle@sha256:8c60be512aa5cbec4247f2bcbcb0d829edc2f4b2c28ebd78673be8c15b4c4d99?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch-operator-bundle\u0026tag=v5.1.7-3"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:75ad4b059c54e8c089de590a7dd0425a07049fb4721e83e894bf72dba2580fe7_amd64",
"product": {
"name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:75ad4b059c54e8c089de590a7dd0425a07049fb4721e83e894bf72dba2580fe7_amd64",
"product_id": "openshift-logging/elasticsearch-proxy-rhel8@sha256:75ad4b059c54e8c089de590a7dd0425a07049fb4721e83e894bf72dba2580fe7_amd64",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch-proxy-rhel8@sha256:75ad4b059c54e8c089de590a7dd0425a07049fb4721e83e894bf72dba2580fe7?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch-proxy-rhel8\u0026tag=v1.0.0-102"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch6-rhel8@sha256:007deae6e82e1d870385f2c9ed90c1783f9fdb3aca0b97349a66a97e4380b9b4_amd64",
"product": {
"name": "openshift-logging/elasticsearch6-rhel8@sha256:007deae6e82e1d870385f2c9ed90c1783f9fdb3aca0b97349a66a97e4380b9b4_amd64",
"product_id": "openshift-logging/elasticsearch6-rhel8@sha256:007deae6e82e1d870385f2c9ed90c1783f9fdb3aca0b97349a66a97e4380b9b4_amd64",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch6-rhel8@sha256:007deae6e82e1d870385f2c9ed90c1783f9fdb3aca0b97349a66a97e4380b9b4?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch6-rhel8\u0026tag=v6.8.1-98"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/eventrouter-rhel8@sha256:b21561dc5237b5c9bc65ffdfa8e62d364a02631e0e06307883463357229ff06f_amd64",
"product": {
"name": "openshift-logging/eventrouter-rhel8@sha256:b21561dc5237b5c9bc65ffdfa8e62d364a02631e0e06307883463357229ff06f_amd64",
"product_id": "openshift-logging/eventrouter-rhel8@sha256:b21561dc5237b5c9bc65ffdfa8e62d364a02631e0e06307883463357229ff06f_amd64",
"product_identification_helper": {
"purl": "pkg:oci/eventrouter-rhel8@sha256:b21561dc5237b5c9bc65ffdfa8e62d364a02631e0e06307883463357229ff06f?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/eventrouter-rhel8\u0026tag=v0.3.0-97"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/fluentd-rhel8@sha256:2eb43cd05fa769240e683de25d8913ea1379c0f69d656dec66efd7d4f5e70217_amd64",
"product": {
"name": "openshift-logging/fluentd-rhel8@sha256:2eb43cd05fa769240e683de25d8913ea1379c0f69d656dec66efd7d4f5e70217_amd64",
"product_id": "openshift-logging/fluentd-rhel8@sha256:2eb43cd05fa769240e683de25d8913ea1379c0f69d656dec66efd7d4f5e70217_amd64",
"product_identification_helper": {
"purl": "pkg:oci/fluentd-rhel8@sha256:2eb43cd05fa769240e683de25d8913ea1379c0f69d656dec66efd7d4f5e70217?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/fluentd-rhel8\u0026tag=v1.7.4-102"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/kibana6-rhel8@sha256:86302d1e4e1729fd7364b4db5061b4762c683f9d27ed09a7e1489406ac783d21_amd64",
"product": {
"name": "openshift-logging/kibana6-rhel8@sha256:86302d1e4e1729fd7364b4db5061b4762c683f9d27ed09a7e1489406ac783d21_amd64",
"product_id": "openshift-logging/kibana6-rhel8@sha256:86302d1e4e1729fd7364b4db5061b4762c683f9d27ed09a7e1489406ac783d21_amd64",
"product_identification_helper": {
"purl": "pkg:oci/kibana6-rhel8@sha256:86302d1e4e1729fd7364b4db5061b4762c683f9d27ed09a7e1489406ac783d21?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/kibana6-rhel8\u0026tag=v6.8.1-108"
}
}
}
],
"category": "architecture",
"name": "amd64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/cluster-logging-operator-bundle@sha256:cd21e02ce7d7900dd20083b561b98161199561726c310c1ff3f619b700a660d9_amd64 as a component of OpenShift Logging 5.1",
"product_id": "8Base-OSE-LOGGING-5.1:openshift-logging/cluster-logging-operator-bundle@sha256:cd21e02ce7d7900dd20083b561b98161199561726c310c1ff3f619b700a660d9_amd64"
},
"product_reference": "openshift-logging/cluster-logging-operator-bundle@sha256:cd21e02ce7d7900dd20083b561b98161199561726c310c1ff3f619b700a660d9_amd64",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/cluster-logging-rhel8-operator@sha256:5f1436f57bc60663619d099cc54eac735a4ea885eb224a659b0aad66f14dcc36_s390x as a component of OpenShift Logging 5.1",
"product_id": "8Base-OSE-LOGGING-5.1:openshift-logging/cluster-logging-rhel8-operator@sha256:5f1436f57bc60663619d099cc54eac735a4ea885eb224a659b0aad66f14dcc36_s390x"
},
"product_reference": "openshift-logging/cluster-logging-rhel8-operator@sha256:5f1436f57bc60663619d099cc54eac735a4ea885eb224a659b0aad66f14dcc36_s390x",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/cluster-logging-rhel8-operator@sha256:8715b4821f39144aeb5d015e0621c859b45d3175c0f8415bd1542f7f7f063dec_amd64 as a component of OpenShift Logging 5.1",
"product_id": "8Base-OSE-LOGGING-5.1:openshift-logging/cluster-logging-rhel8-operator@sha256:8715b4821f39144aeb5d015e0621c859b45d3175c0f8415bd1542f7f7f063dec_amd64"
},
"product_reference": "openshift-logging/cluster-logging-rhel8-operator@sha256:8715b4821f39144aeb5d015e0621c859b45d3175c0f8415bd1542f7f7f063dec_amd64",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/cluster-logging-rhel8-operator@sha256:f96340f2ae0699d07b36e2e0e47bdda190635c276eb9122513f57b2f0ffd25f7_ppc64le as a component of OpenShift Logging 5.1",
"product_id": "8Base-OSE-LOGGING-5.1:openshift-logging/cluster-logging-rhel8-operator@sha256:f96340f2ae0699d07b36e2e0e47bdda190635c276eb9122513f57b2f0ffd25f7_ppc64le"
},
"product_reference": "openshift-logging/cluster-logging-rhel8-operator@sha256:f96340f2ae0699d07b36e2e0e47bdda190635c276eb9122513f57b2f0ffd25f7_ppc64le",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch-operator-bundle@sha256:8c60be512aa5cbec4247f2bcbcb0d829edc2f4b2c28ebd78673be8c15b4c4d99_amd64 as a component of OpenShift Logging 5.1",
"product_id": "8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch-operator-bundle@sha256:8c60be512aa5cbec4247f2bcbcb0d829edc2f4b2c28ebd78673be8c15b4c4d99_amd64"
},
"product_reference": "openshift-logging/elasticsearch-operator-bundle@sha256:8c60be512aa5cbec4247f2bcbcb0d829edc2f4b2c28ebd78673be8c15b4c4d99_amd64",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:75ad4b059c54e8c089de590a7dd0425a07049fb4721e83e894bf72dba2580fe7_amd64 as a component of OpenShift Logging 5.1",
"product_id": "8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch-proxy-rhel8@sha256:75ad4b059c54e8c089de590a7dd0425a07049fb4721e83e894bf72dba2580fe7_amd64"
},
"product_reference": "openshift-logging/elasticsearch-proxy-rhel8@sha256:75ad4b059c54e8c089de590a7dd0425a07049fb4721e83e894bf72dba2580fe7_amd64",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:7eca37c2de3ab91f5561bc30d6057dcc7e32dd3e41af9c78739b2c840d26f3d4_s390x as a component of OpenShift Logging 5.1",
"product_id": "8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch-proxy-rhel8@sha256:7eca37c2de3ab91f5561bc30d6057dcc7e32dd3e41af9c78739b2c840d26f3d4_s390x"
},
"product_reference": "openshift-logging/elasticsearch-proxy-rhel8@sha256:7eca37c2de3ab91f5561bc30d6057dcc7e32dd3e41af9c78739b2c840d26f3d4_s390x",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:b9025248fa3fe48e38e12409b77b93782a2c2977fd48cf43de74bfbf8ed4a016_ppc64le as a component of OpenShift Logging 5.1",
"product_id": "8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch-proxy-rhel8@sha256:b9025248fa3fe48e38e12409b77b93782a2c2977fd48cf43de74bfbf8ed4a016_ppc64le"
},
"product_reference": "openshift-logging/elasticsearch-proxy-rhel8@sha256:b9025248fa3fe48e38e12409b77b93782a2c2977fd48cf43de74bfbf8ed4a016_ppc64le",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch-rhel8-operator@sha256:0d759e02a84eaf59cffc0143b51fd922363f0488a537562731e5c71bbd555a92_ppc64le as a component of OpenShift Logging 5.1",
"product_id": "8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch-rhel8-operator@sha256:0d759e02a84eaf59cffc0143b51fd922363f0488a537562731e5c71bbd555a92_ppc64le"
},
"product_reference": "openshift-logging/elasticsearch-rhel8-operator@sha256:0d759e02a84eaf59cffc0143b51fd922363f0488a537562731e5c71bbd555a92_ppc64le",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch-rhel8-operator@sha256:747bf587b1cb27d3fc872f40938a8f3ded033c97eab756712ca2a427fbeee4f0_s390x as a component of OpenShift Logging 5.1",
"product_id": "8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch-rhel8-operator@sha256:747bf587b1cb27d3fc872f40938a8f3ded033c97eab756712ca2a427fbeee4f0_s390x"
},
"product_reference": "openshift-logging/elasticsearch-rhel8-operator@sha256:747bf587b1cb27d3fc872f40938a8f3ded033c97eab756712ca2a427fbeee4f0_s390x",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch-rhel8-operator@sha256:df696bb6cc563e646f51ccd409c961cfb06b39f361857392ec80f30add0927ab_amd64 as a component of OpenShift Logging 5.1",
"product_id": "8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch-rhel8-operator@sha256:df696bb6cc563e646f51ccd409c961cfb06b39f361857392ec80f30add0927ab_amd64"
},
"product_reference": "openshift-logging/elasticsearch-rhel8-operator@sha256:df696bb6cc563e646f51ccd409c961cfb06b39f361857392ec80f30add0927ab_amd64",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch6-rhel8@sha256:007deae6e82e1d870385f2c9ed90c1783f9fdb3aca0b97349a66a97e4380b9b4_amd64 as a component of OpenShift Logging 5.1",
"product_id": "8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch6-rhel8@sha256:007deae6e82e1d870385f2c9ed90c1783f9fdb3aca0b97349a66a97e4380b9b4_amd64"
},
"product_reference": "openshift-logging/elasticsearch6-rhel8@sha256:007deae6e82e1d870385f2c9ed90c1783f9fdb3aca0b97349a66a97e4380b9b4_amd64",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch6-rhel8@sha256:3e971f5c333ced1166981d713355fd55f984108cd50bf458b9ea29eb637df9ce_s390x as a component of OpenShift Logging 5.1",
"product_id": "8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch6-rhel8@sha256:3e971f5c333ced1166981d713355fd55f984108cd50bf458b9ea29eb637df9ce_s390x"
},
"product_reference": "openshift-logging/elasticsearch6-rhel8@sha256:3e971f5c333ced1166981d713355fd55f984108cd50bf458b9ea29eb637df9ce_s390x",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch6-rhel8@sha256:9b1a4b2ca3c32aa6a8a5bbcb28af0e6bbd0ea5368ab317e8a0dc7ba5f9b0ddc4_ppc64le as a component of OpenShift Logging 5.1",
"product_id": "8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch6-rhel8@sha256:9b1a4b2ca3c32aa6a8a5bbcb28af0e6bbd0ea5368ab317e8a0dc7ba5f9b0ddc4_ppc64le"
},
"product_reference": "openshift-logging/elasticsearch6-rhel8@sha256:9b1a4b2ca3c32aa6a8a5bbcb28af0e6bbd0ea5368ab317e8a0dc7ba5f9b0ddc4_ppc64le",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/eventrouter-rhel8@sha256:499aa444f1c77cc0e238577b35ce707a6233b7c10695aa058f036694cc65f62d_s390x as a component of OpenShift Logging 5.1",
"product_id": "8Base-OSE-LOGGING-5.1:openshift-logging/eventrouter-rhel8@sha256:499aa444f1c77cc0e238577b35ce707a6233b7c10695aa058f036694cc65f62d_s390x"
},
"product_reference": "openshift-logging/eventrouter-rhel8@sha256:499aa444f1c77cc0e238577b35ce707a6233b7c10695aa058f036694cc65f62d_s390x",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/eventrouter-rhel8@sha256:b21561dc5237b5c9bc65ffdfa8e62d364a02631e0e06307883463357229ff06f_amd64 as a component of OpenShift Logging 5.1",
"product_id": "8Base-OSE-LOGGING-5.1:openshift-logging/eventrouter-rhel8@sha256:b21561dc5237b5c9bc65ffdfa8e62d364a02631e0e06307883463357229ff06f_amd64"
},
"product_reference": "openshift-logging/eventrouter-rhel8@sha256:b21561dc5237b5c9bc65ffdfa8e62d364a02631e0e06307883463357229ff06f_amd64",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/eventrouter-rhel8@sha256:b7706ebba12fba423afe2b333677aa4fa16ecd72cfcd2c5b076dfb34d5d400e6_ppc64le as a component of OpenShift Logging 5.1",
"product_id": "8Base-OSE-LOGGING-5.1:openshift-logging/eventrouter-rhel8@sha256:b7706ebba12fba423afe2b333677aa4fa16ecd72cfcd2c5b076dfb34d5d400e6_ppc64le"
},
"product_reference": "openshift-logging/eventrouter-rhel8@sha256:b7706ebba12fba423afe2b333677aa4fa16ecd72cfcd2c5b076dfb34d5d400e6_ppc64le",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/fluentd-rhel8@sha256:2eb43cd05fa769240e683de25d8913ea1379c0f69d656dec66efd7d4f5e70217_amd64 as a component of OpenShift Logging 5.1",
"product_id": "8Base-OSE-LOGGING-5.1:openshift-logging/fluentd-rhel8@sha256:2eb43cd05fa769240e683de25d8913ea1379c0f69d656dec66efd7d4f5e70217_amd64"
},
"product_reference": "openshift-logging/fluentd-rhel8@sha256:2eb43cd05fa769240e683de25d8913ea1379c0f69d656dec66efd7d4f5e70217_amd64",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/fluentd-rhel8@sha256:63a5e130e712bf0292167f0aa8c3018b77bdb73042160fd14057d4678ff613ff_ppc64le as a component of OpenShift Logging 5.1",
"product_id": "8Base-OSE-LOGGING-5.1:openshift-logging/fluentd-rhel8@sha256:63a5e130e712bf0292167f0aa8c3018b77bdb73042160fd14057d4678ff613ff_ppc64le"
},
"product_reference": "openshift-logging/fluentd-rhel8@sha256:63a5e130e712bf0292167f0aa8c3018b77bdb73042160fd14057d4678ff613ff_ppc64le",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/fluentd-rhel8@sha256:dd94d77116595d5aede41e3fdd38681767a0ac294b743b9d608268fef97720d1_s390x as a component of OpenShift Logging 5.1",
"product_id": "8Base-OSE-LOGGING-5.1:openshift-logging/fluentd-rhel8@sha256:dd94d77116595d5aede41e3fdd38681767a0ac294b743b9d608268fef97720d1_s390x"
},
"product_reference": "openshift-logging/fluentd-rhel8@sha256:dd94d77116595d5aede41e3fdd38681767a0ac294b743b9d608268fef97720d1_s390x",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/kibana6-rhel8@sha256:318f21b10f1b22d14a0bf0d895c597e29f498442bc90fb5c26886e696fbe68a5_s390x as a component of OpenShift Logging 5.1",
"product_id": "8Base-OSE-LOGGING-5.1:openshift-logging/kibana6-rhel8@sha256:318f21b10f1b22d14a0bf0d895c597e29f498442bc90fb5c26886e696fbe68a5_s390x"
},
"product_reference": "openshift-logging/kibana6-rhel8@sha256:318f21b10f1b22d14a0bf0d895c597e29f498442bc90fb5c26886e696fbe68a5_s390x",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/kibana6-rhel8@sha256:86302d1e4e1729fd7364b4db5061b4762c683f9d27ed09a7e1489406ac783d21_amd64 as a component of OpenShift Logging 5.1",
"product_id": "8Base-OSE-LOGGING-5.1:openshift-logging/kibana6-rhel8@sha256:86302d1e4e1729fd7364b4db5061b4762c683f9d27ed09a7e1489406ac783d21_amd64"
},
"product_reference": "openshift-logging/kibana6-rhel8@sha256:86302d1e4e1729fd7364b4db5061b4762c683f9d27ed09a7e1489406ac783d21_amd64",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/kibana6-rhel8@sha256:b43d04bc71797caab0d1b6bb5f14d18a04b09fee5272e9e03d50056dbb2116fc_ppc64le as a component of OpenShift Logging 5.1",
"product_id": "8Base-OSE-LOGGING-5.1:openshift-logging/kibana6-rhel8@sha256:b43d04bc71797caab0d1b6bb5f14d18a04b09fee5272e9e03d50056dbb2116fc_ppc64le"
},
"product_reference": "openshift-logging/kibana6-rhel8@sha256:b43d04bc71797caab0d1b6bb5f14d18a04b09fee5272e9e03d50056dbb2116fc_ppc64le",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.1"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-27292",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2021-03-17T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OSE-LOGGING-5.1:openshift-logging/cluster-logging-operator-bundle@sha256:cd21e02ce7d7900dd20083b561b98161199561726c310c1ff3f619b700a660d9_amd64",
"8Base-OSE-LOGGING-5.1:openshift-logging/cluster-logging-rhel8-operator@sha256:5f1436f57bc60663619d099cc54eac735a4ea885eb224a659b0aad66f14dcc36_s390x",
"8Base-OSE-LOGGING-5.1:openshift-logging/cluster-logging-rhel8-operator@sha256:8715b4821f39144aeb5d015e0621c859b45d3175c0f8415bd1542f7f7f063dec_amd64",
"8Base-OSE-LOGGING-5.1:openshift-logging/cluster-logging-rhel8-operator@sha256:f96340f2ae0699d07b36e2e0e47bdda190635c276eb9122513f57b2f0ffd25f7_ppc64le",
"8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch-operator-bundle@sha256:8c60be512aa5cbec4247f2bcbcb0d829edc2f4b2c28ebd78673be8c15b4c4d99_amd64",
"8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch-proxy-rhel8@sha256:75ad4b059c54e8c089de590a7dd0425a07049fb4721e83e894bf72dba2580fe7_amd64",
"8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch-proxy-rhel8@sha256:7eca37c2de3ab91f5561bc30d6057dcc7e32dd3e41af9c78739b2c840d26f3d4_s390x",
"8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch-proxy-rhel8@sha256:b9025248fa3fe48e38e12409b77b93782a2c2977fd48cf43de74bfbf8ed4a016_ppc64le",
"8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch-rhel8-operator@sha256:0d759e02a84eaf59cffc0143b51fd922363f0488a537562731e5c71bbd555a92_ppc64le",
"8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch-rhel8-operator@sha256:747bf587b1cb27d3fc872f40938a8f3ded033c97eab756712ca2a427fbeee4f0_s390x",
"8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch-rhel8-operator@sha256:df696bb6cc563e646f51ccd409c961cfb06b39f361857392ec80f30add0927ab_amd64",
"8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch6-rhel8@sha256:007deae6e82e1d870385f2c9ed90c1783f9fdb3aca0b97349a66a97e4380b9b4_amd64",
"8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch6-rhel8@sha256:3e971f5c333ced1166981d713355fd55f984108cd50bf458b9ea29eb637df9ce_s390x",
"8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch6-rhel8@sha256:9b1a4b2ca3c32aa6a8a5bbcb28af0e6bbd0ea5368ab317e8a0dc7ba5f9b0ddc4_ppc64le",
"8Base-OSE-LOGGING-5.1:openshift-logging/eventrouter-rhel8@sha256:499aa444f1c77cc0e238577b35ce707a6233b7c10695aa058f036694cc65f62d_s390x",
"8Base-OSE-LOGGING-5.1:openshift-logging/eventrouter-rhel8@sha256:b21561dc5237b5c9bc65ffdfa8e62d364a02631e0e06307883463357229ff06f_amd64",
"8Base-OSE-LOGGING-5.1:openshift-logging/eventrouter-rhel8@sha256:b7706ebba12fba423afe2b333677aa4fa16ecd72cfcd2c5b076dfb34d5d400e6_ppc64le",
"8Base-OSE-LOGGING-5.1:openshift-logging/fluentd-rhel8@sha256:2eb43cd05fa769240e683de25d8913ea1379c0f69d656dec66efd7d4f5e70217_amd64",
"8Base-OSE-LOGGING-5.1:openshift-logging/fluentd-rhel8@sha256:63a5e130e712bf0292167f0aa8c3018b77bdb73042160fd14057d4678ff613ff_ppc64le",
"8Base-OSE-LOGGING-5.1:openshift-logging/fluentd-rhel8@sha256:dd94d77116595d5aede41e3fdd38681767a0ac294b743b9d608268fef97720d1_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1940613"
}
],
"notes": [
{
"category": "description",
"text": "A regular expression denial of service (ReDoS) vulnerability was found in the npm library `ua-parser-js`. If a supplied user agent matches the `Noble` string and contains many spaces then the regex will conduct backtracking, taking an ever increasing amount of time depending on the number of spaces supplied. An attacker can use this vulnerability to potentially craft a malicious user agent resulting in a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "nodejs-ua-parser-js: ReDoS via malicious User-Agent header",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "While some components do package a vulnerable version of ua-parser-js, access to them requires OpenShift OAuth credentials and hence have been marked with a Low impact. This applies to the following products:\n - OpenShift Container Platform (OCP)\n - OpenShift ServiceMesh (OSSM) \n - Red Hat OpenShift Jaeger (RHOSJ)\n - Red Hat OpenShift Logging\n\nThe OCP presto-container does ship the vulnerable component, however since OCP 4.6 the Metering product has been deprecated [1], set as wont-fix and may be fixed in a future release.\n\nRed Hat Advanced Cluster Management for Kubernetes (RHACM) ships graphql-tools that pulls 0.7.23 version of ua-parser-js that uses the affected code.\n\n[1] - https://access.redhat.com/solutions/5707561",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OSE-LOGGING-5.1:openshift-logging/kibana6-rhel8@sha256:318f21b10f1b22d14a0bf0d895c597e29f498442bc90fb5c26886e696fbe68a5_s390x",
"8Base-OSE-LOGGING-5.1:openshift-logging/kibana6-rhel8@sha256:86302d1e4e1729fd7364b4db5061b4762c683f9d27ed09a7e1489406ac783d21_amd64",
"8Base-OSE-LOGGING-5.1:openshift-logging/kibana6-rhel8@sha256:b43d04bc71797caab0d1b6bb5f14d18a04b09fee5272e9e03d50056dbb2116fc_ppc64le"
],
"known_not_affected": [
"8Base-OSE-LOGGING-5.1:openshift-logging/cluster-logging-operator-bundle@sha256:cd21e02ce7d7900dd20083b561b98161199561726c310c1ff3f619b700a660d9_amd64",
"8Base-OSE-LOGGING-5.1:openshift-logging/cluster-logging-rhel8-operator@sha256:5f1436f57bc60663619d099cc54eac735a4ea885eb224a659b0aad66f14dcc36_s390x",
"8Base-OSE-LOGGING-5.1:openshift-logging/cluster-logging-rhel8-operator@sha256:8715b4821f39144aeb5d015e0621c859b45d3175c0f8415bd1542f7f7f063dec_amd64",
"8Base-OSE-LOGGING-5.1:openshift-logging/cluster-logging-rhel8-operator@sha256:f96340f2ae0699d07b36e2e0e47bdda190635c276eb9122513f57b2f0ffd25f7_ppc64le",
"8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch-operator-bundle@sha256:8c60be512aa5cbec4247f2bcbcb0d829edc2f4b2c28ebd78673be8c15b4c4d99_amd64",
"8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch-proxy-rhel8@sha256:75ad4b059c54e8c089de590a7dd0425a07049fb4721e83e894bf72dba2580fe7_amd64",
"8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch-proxy-rhel8@sha256:7eca37c2de3ab91f5561bc30d6057dcc7e32dd3e41af9c78739b2c840d26f3d4_s390x",
"8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch-proxy-rhel8@sha256:b9025248fa3fe48e38e12409b77b93782a2c2977fd48cf43de74bfbf8ed4a016_ppc64le",
"8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch-rhel8-operator@sha256:0d759e02a84eaf59cffc0143b51fd922363f0488a537562731e5c71bbd555a92_ppc64le",
"8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch-rhel8-operator@sha256:747bf587b1cb27d3fc872f40938a8f3ded033c97eab756712ca2a427fbeee4f0_s390x",
"8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch-rhel8-operator@sha256:df696bb6cc563e646f51ccd409c961cfb06b39f361857392ec80f30add0927ab_amd64",
"8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch6-rhel8@sha256:007deae6e82e1d870385f2c9ed90c1783f9fdb3aca0b97349a66a97e4380b9b4_amd64",
"8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch6-rhel8@sha256:3e971f5c333ced1166981d713355fd55f984108cd50bf458b9ea29eb637df9ce_s390x",
"8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch6-rhel8@sha256:9b1a4b2ca3c32aa6a8a5bbcb28af0e6bbd0ea5368ab317e8a0dc7ba5f9b0ddc4_ppc64le",
"8Base-OSE-LOGGING-5.1:openshift-logging/eventrouter-rhel8@sha256:499aa444f1c77cc0e238577b35ce707a6233b7c10695aa058f036694cc65f62d_s390x",
"8Base-OSE-LOGGING-5.1:openshift-logging/eventrouter-rhel8@sha256:b21561dc5237b5c9bc65ffdfa8e62d364a02631e0e06307883463357229ff06f_amd64",
"8Base-OSE-LOGGING-5.1:openshift-logging/eventrouter-rhel8@sha256:b7706ebba12fba423afe2b333677aa4fa16ecd72cfcd2c5b076dfb34d5d400e6_ppc64le",
"8Base-OSE-LOGGING-5.1:openshift-logging/fluentd-rhel8@sha256:2eb43cd05fa769240e683de25d8913ea1379c0f69d656dec66efd7d4f5e70217_amd64",
"8Base-OSE-LOGGING-5.1:openshift-logging/fluentd-rhel8@sha256:63a5e130e712bf0292167f0aa8c3018b77bdb73042160fd14057d4678ff613ff_ppc64le",
"8Base-OSE-LOGGING-5.1:openshift-logging/fluentd-rhel8@sha256:dd94d77116595d5aede41e3fdd38681767a0ac294b743b9d608268fef97720d1_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-27292"
},
{
"category": "external",
"summary": "RHBZ#1940613",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1940613"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-27292",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-27292"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-27292",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-27292"
},
{
"category": "external",
"summary": "https://gist.github.com/b-c-ds/6941d80d6b4e694df4bc269493b7be76",
"url": "https://gist.github.com/b-c-ds/6941d80d6b4e694df4bc269493b7be76"
}
],
"release_date": "2021-02-11T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-01-20T21:39:00+00:00",
"details": "For OpenShift Container Platform 4.8 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:\n\nhttps://docs.openshift.com/container-platform/4.8/release_notes/ocp-4-8-release-notes.html\n\nFor Red Hat OpenShift Logging 5.1, see the following instructions to apply this update:\n\nhttps://docs.openshift.com/container-platform/4.8/logging/cluster-logging-upgrading.html",
"product_ids": [
"8Base-OSE-LOGGING-5.1:openshift-logging/kibana6-rhel8@sha256:318f21b10f1b22d14a0bf0d895c597e29f498442bc90fb5c26886e696fbe68a5_s390x",
"8Base-OSE-LOGGING-5.1:openshift-logging/kibana6-rhel8@sha256:86302d1e4e1729fd7364b4db5061b4762c683f9d27ed09a7e1489406ac783d21_amd64",
"8Base-OSE-LOGGING-5.1:openshift-logging/kibana6-rhel8@sha256:b43d04bc71797caab0d1b6bb5f14d18a04b09fee5272e9e03d50056dbb2116fc_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:0226"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-OSE-LOGGING-5.1:openshift-logging/cluster-logging-operator-bundle@sha256:cd21e02ce7d7900dd20083b561b98161199561726c310c1ff3f619b700a660d9_amd64",
"8Base-OSE-LOGGING-5.1:openshift-logging/cluster-logging-rhel8-operator@sha256:5f1436f57bc60663619d099cc54eac735a4ea885eb224a659b0aad66f14dcc36_s390x",
"8Base-OSE-LOGGING-5.1:openshift-logging/cluster-logging-rhel8-operator@sha256:8715b4821f39144aeb5d015e0621c859b45d3175c0f8415bd1542f7f7f063dec_amd64",
"8Base-OSE-LOGGING-5.1:openshift-logging/cluster-logging-rhel8-operator@sha256:f96340f2ae0699d07b36e2e0e47bdda190635c276eb9122513f57b2f0ffd25f7_ppc64le",
"8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch-operator-bundle@sha256:8c60be512aa5cbec4247f2bcbcb0d829edc2f4b2c28ebd78673be8c15b4c4d99_amd64",
"8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch-proxy-rhel8@sha256:75ad4b059c54e8c089de590a7dd0425a07049fb4721e83e894bf72dba2580fe7_amd64",
"8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch-proxy-rhel8@sha256:7eca37c2de3ab91f5561bc30d6057dcc7e32dd3e41af9c78739b2c840d26f3d4_s390x",
"8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch-proxy-rhel8@sha256:b9025248fa3fe48e38e12409b77b93782a2c2977fd48cf43de74bfbf8ed4a016_ppc64le",
"8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch-rhel8-operator@sha256:0d759e02a84eaf59cffc0143b51fd922363f0488a537562731e5c71bbd555a92_ppc64le",
"8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch-rhel8-operator@sha256:747bf587b1cb27d3fc872f40938a8f3ded033c97eab756712ca2a427fbeee4f0_s390x",
"8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch-rhel8-operator@sha256:df696bb6cc563e646f51ccd409c961cfb06b39f361857392ec80f30add0927ab_amd64",
"8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch6-rhel8@sha256:007deae6e82e1d870385f2c9ed90c1783f9fdb3aca0b97349a66a97e4380b9b4_amd64",
"8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch6-rhel8@sha256:3e971f5c333ced1166981d713355fd55f984108cd50bf458b9ea29eb637df9ce_s390x",
"8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch6-rhel8@sha256:9b1a4b2ca3c32aa6a8a5bbcb28af0e6bbd0ea5368ab317e8a0dc7ba5f9b0ddc4_ppc64le",
"8Base-OSE-LOGGING-5.1:openshift-logging/eventrouter-rhel8@sha256:499aa444f1c77cc0e238577b35ce707a6233b7c10695aa058f036694cc65f62d_s390x",
"8Base-OSE-LOGGING-5.1:openshift-logging/eventrouter-rhel8@sha256:b21561dc5237b5c9bc65ffdfa8e62d364a02631e0e06307883463357229ff06f_amd64",
"8Base-OSE-LOGGING-5.1:openshift-logging/eventrouter-rhel8@sha256:b7706ebba12fba423afe2b333677aa4fa16ecd72cfcd2c5b076dfb34d5d400e6_ppc64le",
"8Base-OSE-LOGGING-5.1:openshift-logging/fluentd-rhel8@sha256:2eb43cd05fa769240e683de25d8913ea1379c0f69d656dec66efd7d4f5e70217_amd64",
"8Base-OSE-LOGGING-5.1:openshift-logging/fluentd-rhel8@sha256:63a5e130e712bf0292167f0aa8c3018b77bdb73042160fd14057d4678ff613ff_ppc64le",
"8Base-OSE-LOGGING-5.1:openshift-logging/fluentd-rhel8@sha256:dd94d77116595d5aede41e3fdd38681767a0ac294b743b9d608268fef97720d1_s390x",
"8Base-OSE-LOGGING-5.1:openshift-logging/kibana6-rhel8@sha256:318f21b10f1b22d14a0bf0d895c597e29f498442bc90fb5c26886e696fbe68a5_s390x",
"8Base-OSE-LOGGING-5.1:openshift-logging/kibana6-rhel8@sha256:86302d1e4e1729fd7364b4db5061b4762c683f9d27ed09a7e1489406ac783d21_amd64",
"8Base-OSE-LOGGING-5.1:openshift-logging/kibana6-rhel8@sha256:b43d04bc71797caab0d1b6bb5f14d18a04b09fee5272e9e03d50056dbb2116fc_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "nodejs-ua-parser-js: ReDoS via malicious User-Agent header"
},
{
"cve": "CVE-2021-44832",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2021-12-28T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OSE-LOGGING-5.1:openshift-logging/cluster-logging-operator-bundle@sha256:cd21e02ce7d7900dd20083b561b98161199561726c310c1ff3f619b700a660d9_amd64",
"8Base-OSE-LOGGING-5.1:openshift-logging/cluster-logging-rhel8-operator@sha256:5f1436f57bc60663619d099cc54eac735a4ea885eb224a659b0aad66f14dcc36_s390x",
"8Base-OSE-LOGGING-5.1:openshift-logging/cluster-logging-rhel8-operator@sha256:8715b4821f39144aeb5d015e0621c859b45d3175c0f8415bd1542f7f7f063dec_amd64",
"8Base-OSE-LOGGING-5.1:openshift-logging/cluster-logging-rhel8-operator@sha256:f96340f2ae0699d07b36e2e0e47bdda190635c276eb9122513f57b2f0ffd25f7_ppc64le",
"8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch-operator-bundle@sha256:8c60be512aa5cbec4247f2bcbcb0d829edc2f4b2c28ebd78673be8c15b4c4d99_amd64",
"8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch-proxy-rhel8@sha256:75ad4b059c54e8c089de590a7dd0425a07049fb4721e83e894bf72dba2580fe7_amd64",
"8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch-proxy-rhel8@sha256:7eca37c2de3ab91f5561bc30d6057dcc7e32dd3e41af9c78739b2c840d26f3d4_s390x",
"8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch-proxy-rhel8@sha256:b9025248fa3fe48e38e12409b77b93782a2c2977fd48cf43de74bfbf8ed4a016_ppc64le",
"8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch-rhel8-operator@sha256:0d759e02a84eaf59cffc0143b51fd922363f0488a537562731e5c71bbd555a92_ppc64le",
"8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch-rhel8-operator@sha256:747bf587b1cb27d3fc872f40938a8f3ded033c97eab756712ca2a427fbeee4f0_s390x",
"8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch-rhel8-operator@sha256:df696bb6cc563e646f51ccd409c961cfb06b39f361857392ec80f30add0927ab_amd64",
"8Base-OSE-LOGGING-5.1:openshift-logging/eventrouter-rhel8@sha256:499aa444f1c77cc0e238577b35ce707a6233b7c10695aa058f036694cc65f62d_s390x",
"8Base-OSE-LOGGING-5.1:openshift-logging/eventrouter-rhel8@sha256:b21561dc5237b5c9bc65ffdfa8e62d364a02631e0e06307883463357229ff06f_amd64",
"8Base-OSE-LOGGING-5.1:openshift-logging/eventrouter-rhel8@sha256:b7706ebba12fba423afe2b333677aa4fa16ecd72cfcd2c5b076dfb34d5d400e6_ppc64le",
"8Base-OSE-LOGGING-5.1:openshift-logging/fluentd-rhel8@sha256:2eb43cd05fa769240e683de25d8913ea1379c0f69d656dec66efd7d4f5e70217_amd64",
"8Base-OSE-LOGGING-5.1:openshift-logging/fluentd-rhel8@sha256:63a5e130e712bf0292167f0aa8c3018b77bdb73042160fd14057d4678ff613ff_ppc64le",
"8Base-OSE-LOGGING-5.1:openshift-logging/fluentd-rhel8@sha256:dd94d77116595d5aede41e3fdd38681767a0ac294b743b9d608268fef97720d1_s390x",
"8Base-OSE-LOGGING-5.1:openshift-logging/kibana6-rhel8@sha256:318f21b10f1b22d14a0bf0d895c597e29f498442bc90fb5c26886e696fbe68a5_s390x",
"8Base-OSE-LOGGING-5.1:openshift-logging/kibana6-rhel8@sha256:86302d1e4e1729fd7364b4db5061b4762c683f9d27ed09a7e1489406ac783d21_amd64",
"8Base-OSE-LOGGING-5.1:openshift-logging/kibana6-rhel8@sha256:b43d04bc71797caab0d1b6bb5f14d18a04b09fee5272e9e03d50056dbb2116fc_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2035951"
}
],
"notes": [
{
"category": "description",
"text": "Apache Log4j2 versions 2.0-beta7 through 2.17.0 (excluding security fix releases 2.3.2 and 2.12.4) are vulnerable to a remote code execution (RCE) attack where an attacker with permission to modify the logging configuration file can construct a malicious configuration using a JDBC Appender with a data source referencing a JNDI URI which can execute remote code. This issue is fixed by limiting JNDI data source names to the java protocol in Log4j2 versions 2.17.1, 2.12.4, and 2.3.2.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "log4j-core: remote code execution via JDBC Appender",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Log4j 1.x is not impacted by this vulnerability. Therefore versions of log4j shipped with Red Hat Enterprise Linux are NOT affected by this flaw.\n\nFor Elasticsearch, as shipped in OpenShift Container Platform and OpenShift Logging, access to the log4j2.properties configuration is limited only to the cluster administrators and exploitation requires cluster logging changes, what reduced the impact of this vulnerability significantly [0].\n\n[0] https://discuss.elastic.co/t/apache-log4j2-remote-code-execution-rce-vulnerability-cve-2021-44228-esa-2021-31/291476#update-jan-6-5",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch6-rhel8@sha256:007deae6e82e1d870385f2c9ed90c1783f9fdb3aca0b97349a66a97e4380b9b4_amd64",
"8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch6-rhel8@sha256:3e971f5c333ced1166981d713355fd55f984108cd50bf458b9ea29eb637df9ce_s390x",
"8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch6-rhel8@sha256:9b1a4b2ca3c32aa6a8a5bbcb28af0e6bbd0ea5368ab317e8a0dc7ba5f9b0ddc4_ppc64le"
],
"known_not_affected": [
"8Base-OSE-LOGGING-5.1:openshift-logging/cluster-logging-operator-bundle@sha256:cd21e02ce7d7900dd20083b561b98161199561726c310c1ff3f619b700a660d9_amd64",
"8Base-OSE-LOGGING-5.1:openshift-logging/cluster-logging-rhel8-operator@sha256:5f1436f57bc60663619d099cc54eac735a4ea885eb224a659b0aad66f14dcc36_s390x",
"8Base-OSE-LOGGING-5.1:openshift-logging/cluster-logging-rhel8-operator@sha256:8715b4821f39144aeb5d015e0621c859b45d3175c0f8415bd1542f7f7f063dec_amd64",
"8Base-OSE-LOGGING-5.1:openshift-logging/cluster-logging-rhel8-operator@sha256:f96340f2ae0699d07b36e2e0e47bdda190635c276eb9122513f57b2f0ffd25f7_ppc64le",
"8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch-operator-bundle@sha256:8c60be512aa5cbec4247f2bcbcb0d829edc2f4b2c28ebd78673be8c15b4c4d99_amd64",
"8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch-proxy-rhel8@sha256:75ad4b059c54e8c089de590a7dd0425a07049fb4721e83e894bf72dba2580fe7_amd64",
"8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch-proxy-rhel8@sha256:7eca37c2de3ab91f5561bc30d6057dcc7e32dd3e41af9c78739b2c840d26f3d4_s390x",
"8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch-proxy-rhel8@sha256:b9025248fa3fe48e38e12409b77b93782a2c2977fd48cf43de74bfbf8ed4a016_ppc64le",
"8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch-rhel8-operator@sha256:0d759e02a84eaf59cffc0143b51fd922363f0488a537562731e5c71bbd555a92_ppc64le",
"8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch-rhel8-operator@sha256:747bf587b1cb27d3fc872f40938a8f3ded033c97eab756712ca2a427fbeee4f0_s390x",
"8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch-rhel8-operator@sha256:df696bb6cc563e646f51ccd409c961cfb06b39f361857392ec80f30add0927ab_amd64",
"8Base-OSE-LOGGING-5.1:openshift-logging/eventrouter-rhel8@sha256:499aa444f1c77cc0e238577b35ce707a6233b7c10695aa058f036694cc65f62d_s390x",
"8Base-OSE-LOGGING-5.1:openshift-logging/eventrouter-rhel8@sha256:b21561dc5237b5c9bc65ffdfa8e62d364a02631e0e06307883463357229ff06f_amd64",
"8Base-OSE-LOGGING-5.1:openshift-logging/eventrouter-rhel8@sha256:b7706ebba12fba423afe2b333677aa4fa16ecd72cfcd2c5b076dfb34d5d400e6_ppc64le",
"8Base-OSE-LOGGING-5.1:openshift-logging/fluentd-rhel8@sha256:2eb43cd05fa769240e683de25d8913ea1379c0f69d656dec66efd7d4f5e70217_amd64",
"8Base-OSE-LOGGING-5.1:openshift-logging/fluentd-rhel8@sha256:63a5e130e712bf0292167f0aa8c3018b77bdb73042160fd14057d4678ff613ff_ppc64le",
"8Base-OSE-LOGGING-5.1:openshift-logging/fluentd-rhel8@sha256:dd94d77116595d5aede41e3fdd38681767a0ac294b743b9d608268fef97720d1_s390x",
"8Base-OSE-LOGGING-5.1:openshift-logging/kibana6-rhel8@sha256:318f21b10f1b22d14a0bf0d895c597e29f498442bc90fb5c26886e696fbe68a5_s390x",
"8Base-OSE-LOGGING-5.1:openshift-logging/kibana6-rhel8@sha256:86302d1e4e1729fd7364b4db5061b4762c683f9d27ed09a7e1489406ac783d21_amd64",
"8Base-OSE-LOGGING-5.1:openshift-logging/kibana6-rhel8@sha256:b43d04bc71797caab0d1b6bb5f14d18a04b09fee5272e9e03d50056dbb2116fc_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-44832"
},
{
"category": "external",
"summary": "RHBZ#2035951",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2035951"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-44832",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44832"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-44832",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-44832"
},
{
"category": "external",
"summary": "https://issues.apache.org/jira/browse/LOG4J2-3293",
"url": "https://issues.apache.org/jira/browse/LOG4J2-3293"
}
],
"release_date": "2021-12-28T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-01-20T21:39:00+00:00",
"details": "For OpenShift Container Platform 4.8 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:\n\nhttps://docs.openshift.com/container-platform/4.8/release_notes/ocp-4-8-release-notes.html\n\nFor Red Hat OpenShift Logging 5.1, see the following instructions to apply this update:\n\nhttps://docs.openshift.com/container-platform/4.8/logging/cluster-logging-upgrading.html",
"product_ids": [
"8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch6-rhel8@sha256:007deae6e82e1d870385f2c9ed90c1783f9fdb3aca0b97349a66a97e4380b9b4_amd64",
"8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch6-rhel8@sha256:3e971f5c333ced1166981d713355fd55f984108cd50bf458b9ea29eb637df9ce_s390x",
"8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch6-rhel8@sha256:9b1a4b2ca3c32aa6a8a5bbcb28af0e6bbd0ea5368ab317e8a0dc7ba5f9b0ddc4_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:0226"
},
{
"category": "workaround",
"details": "As per upstream:\n- In prior releases confirm that if the JDBC Appender is being used it is not configured to use any protocol other than Java.\n- Note that only the log4j-core JAR file is impacted by this vulnerability. Applications using only the log4j-api JAR file without the log4j-core JAR file are not impacted by this vulnerability.",
"product_ids": [
"8Base-OSE-LOGGING-5.1:openshift-logging/cluster-logging-operator-bundle@sha256:cd21e02ce7d7900dd20083b561b98161199561726c310c1ff3f619b700a660d9_amd64",
"8Base-OSE-LOGGING-5.1:openshift-logging/cluster-logging-rhel8-operator@sha256:5f1436f57bc60663619d099cc54eac735a4ea885eb224a659b0aad66f14dcc36_s390x",
"8Base-OSE-LOGGING-5.1:openshift-logging/cluster-logging-rhel8-operator@sha256:8715b4821f39144aeb5d015e0621c859b45d3175c0f8415bd1542f7f7f063dec_amd64",
"8Base-OSE-LOGGING-5.1:openshift-logging/cluster-logging-rhel8-operator@sha256:f96340f2ae0699d07b36e2e0e47bdda190635c276eb9122513f57b2f0ffd25f7_ppc64le",
"8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch-operator-bundle@sha256:8c60be512aa5cbec4247f2bcbcb0d829edc2f4b2c28ebd78673be8c15b4c4d99_amd64",
"8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch-proxy-rhel8@sha256:75ad4b059c54e8c089de590a7dd0425a07049fb4721e83e894bf72dba2580fe7_amd64",
"8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch-proxy-rhel8@sha256:7eca37c2de3ab91f5561bc30d6057dcc7e32dd3e41af9c78739b2c840d26f3d4_s390x",
"8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch-proxy-rhel8@sha256:b9025248fa3fe48e38e12409b77b93782a2c2977fd48cf43de74bfbf8ed4a016_ppc64le",
"8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch-rhel8-operator@sha256:0d759e02a84eaf59cffc0143b51fd922363f0488a537562731e5c71bbd555a92_ppc64le",
"8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch-rhel8-operator@sha256:747bf587b1cb27d3fc872f40938a8f3ded033c97eab756712ca2a427fbeee4f0_s390x",
"8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch-rhel8-operator@sha256:df696bb6cc563e646f51ccd409c961cfb06b39f361857392ec80f30add0927ab_amd64",
"8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch6-rhel8@sha256:007deae6e82e1d870385f2c9ed90c1783f9fdb3aca0b97349a66a97e4380b9b4_amd64",
"8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch6-rhel8@sha256:3e971f5c333ced1166981d713355fd55f984108cd50bf458b9ea29eb637df9ce_s390x",
"8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch6-rhel8@sha256:9b1a4b2ca3c32aa6a8a5bbcb28af0e6bbd0ea5368ab317e8a0dc7ba5f9b0ddc4_ppc64le",
"8Base-OSE-LOGGING-5.1:openshift-logging/eventrouter-rhel8@sha256:499aa444f1c77cc0e238577b35ce707a6233b7c10695aa058f036694cc65f62d_s390x",
"8Base-OSE-LOGGING-5.1:openshift-logging/eventrouter-rhel8@sha256:b21561dc5237b5c9bc65ffdfa8e62d364a02631e0e06307883463357229ff06f_amd64",
"8Base-OSE-LOGGING-5.1:openshift-logging/eventrouter-rhel8@sha256:b7706ebba12fba423afe2b333677aa4fa16ecd72cfcd2c5b076dfb34d5d400e6_ppc64le",
"8Base-OSE-LOGGING-5.1:openshift-logging/fluentd-rhel8@sha256:2eb43cd05fa769240e683de25d8913ea1379c0f69d656dec66efd7d4f5e70217_amd64",
"8Base-OSE-LOGGING-5.1:openshift-logging/fluentd-rhel8@sha256:63a5e130e712bf0292167f0aa8c3018b77bdb73042160fd14057d4678ff613ff_ppc64le",
"8Base-OSE-LOGGING-5.1:openshift-logging/fluentd-rhel8@sha256:dd94d77116595d5aede41e3fdd38681767a0ac294b743b9d608268fef97720d1_s390x",
"8Base-OSE-LOGGING-5.1:openshift-logging/kibana6-rhel8@sha256:318f21b10f1b22d14a0bf0d895c597e29f498442bc90fb5c26886e696fbe68a5_s390x",
"8Base-OSE-LOGGING-5.1:openshift-logging/kibana6-rhel8@sha256:86302d1e4e1729fd7364b4db5061b4762c683f9d27ed09a7e1489406ac783d21_amd64",
"8Base-OSE-LOGGING-5.1:openshift-logging/kibana6-rhel8@sha256:b43d04bc71797caab0d1b6bb5f14d18a04b09fee5272e9e03d50056dbb2116fc_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-OSE-LOGGING-5.1:openshift-logging/cluster-logging-operator-bundle@sha256:cd21e02ce7d7900dd20083b561b98161199561726c310c1ff3f619b700a660d9_amd64",
"8Base-OSE-LOGGING-5.1:openshift-logging/cluster-logging-rhel8-operator@sha256:5f1436f57bc60663619d099cc54eac735a4ea885eb224a659b0aad66f14dcc36_s390x",
"8Base-OSE-LOGGING-5.1:openshift-logging/cluster-logging-rhel8-operator@sha256:8715b4821f39144aeb5d015e0621c859b45d3175c0f8415bd1542f7f7f063dec_amd64",
"8Base-OSE-LOGGING-5.1:openshift-logging/cluster-logging-rhel8-operator@sha256:f96340f2ae0699d07b36e2e0e47bdda190635c276eb9122513f57b2f0ffd25f7_ppc64le",
"8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch-operator-bundle@sha256:8c60be512aa5cbec4247f2bcbcb0d829edc2f4b2c28ebd78673be8c15b4c4d99_amd64",
"8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch-proxy-rhel8@sha256:75ad4b059c54e8c089de590a7dd0425a07049fb4721e83e894bf72dba2580fe7_amd64",
"8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch-proxy-rhel8@sha256:7eca37c2de3ab91f5561bc30d6057dcc7e32dd3e41af9c78739b2c840d26f3d4_s390x",
"8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch-proxy-rhel8@sha256:b9025248fa3fe48e38e12409b77b93782a2c2977fd48cf43de74bfbf8ed4a016_ppc64le",
"8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch-rhel8-operator@sha256:0d759e02a84eaf59cffc0143b51fd922363f0488a537562731e5c71bbd555a92_ppc64le",
"8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch-rhel8-operator@sha256:747bf587b1cb27d3fc872f40938a8f3ded033c97eab756712ca2a427fbeee4f0_s390x",
"8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch-rhel8-operator@sha256:df696bb6cc563e646f51ccd409c961cfb06b39f361857392ec80f30add0927ab_amd64",
"8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch6-rhel8@sha256:007deae6e82e1d870385f2c9ed90c1783f9fdb3aca0b97349a66a97e4380b9b4_amd64",
"8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch6-rhel8@sha256:3e971f5c333ced1166981d713355fd55f984108cd50bf458b9ea29eb637df9ce_s390x",
"8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch6-rhel8@sha256:9b1a4b2ca3c32aa6a8a5bbcb28af0e6bbd0ea5368ab317e8a0dc7ba5f9b0ddc4_ppc64le",
"8Base-OSE-LOGGING-5.1:openshift-logging/eventrouter-rhel8@sha256:499aa444f1c77cc0e238577b35ce707a6233b7c10695aa058f036694cc65f62d_s390x",
"8Base-OSE-LOGGING-5.1:openshift-logging/eventrouter-rhel8@sha256:b21561dc5237b5c9bc65ffdfa8e62d364a02631e0e06307883463357229ff06f_amd64",
"8Base-OSE-LOGGING-5.1:openshift-logging/eventrouter-rhel8@sha256:b7706ebba12fba423afe2b333677aa4fa16ecd72cfcd2c5b076dfb34d5d400e6_ppc64le",
"8Base-OSE-LOGGING-5.1:openshift-logging/fluentd-rhel8@sha256:2eb43cd05fa769240e683de25d8913ea1379c0f69d656dec66efd7d4f5e70217_amd64",
"8Base-OSE-LOGGING-5.1:openshift-logging/fluentd-rhel8@sha256:63a5e130e712bf0292167f0aa8c3018b77bdb73042160fd14057d4678ff613ff_ppc64le",
"8Base-OSE-LOGGING-5.1:openshift-logging/fluentd-rhel8@sha256:dd94d77116595d5aede41e3fdd38681767a0ac294b743b9d608268fef97720d1_s390x",
"8Base-OSE-LOGGING-5.1:openshift-logging/kibana6-rhel8@sha256:318f21b10f1b22d14a0bf0d895c597e29f498442bc90fb5c26886e696fbe68a5_s390x",
"8Base-OSE-LOGGING-5.1:openshift-logging/kibana6-rhel8@sha256:86302d1e4e1729fd7364b4db5061b4762c683f9d27ed09a7e1489406ac783d21_amd64",
"8Base-OSE-LOGGING-5.1:openshift-logging/kibana6-rhel8@sha256:b43d04bc71797caab0d1b6bb5f14d18a04b09fee5272e9e03d50056dbb2116fc_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "log4j-core: remote code execution via JDBC Appender"
}
]
}
RHSA-2022:0485
Vulnerability from csaf_redhat - Published: 2022-02-16 15:04 - Updated: 2025-11-21 18:28Summary
Red Hat Security Advisory: OpenShift Container Platform 4.8.31 security update
Notes
Topic
Red Hat OpenShift Container Platform release 4.8.31 is now available with
updates to packages and images that fix several bugs and add enhancements.
This release includes a security update for Red Hat OpenShift Container Platform 4.8.
Red Hat Product Security has rated this update as having a security impact
of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
gives a detailed severity rating, is available for each vulnerability from
the CVE link(s) in the References section.
Details
Red Hat OpenShift Container Platform is Red Hat's cloud computing
Kubernetes application platform solution designed for on-premise or private
cloud deployments.
This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.8.31. See the following advisory for the container images for this release:
https://access.redhat.com/errata/RHBA-2022:0484
Security Fix(es):
* log4j-core: remote code execution via JDBC Appender (CVE-2021-44832)
For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.
All OpenShift Container Platform 4.8 users are advised to upgrade to these updated packages and images when they are available in the appropriate release channel. To check for available updates, use the OpenShift Console or the CLI oc command. Instructions for upgrading a cluster are available at https://docs.openshift.com/container-platform/4.8/updating/updating-cluster-cli.html
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Red Hat OpenShift Container Platform release 4.8.31 is now available with\nupdates to packages and images that fix several bugs and add enhancements.\n\nThis release includes a security update for Red Hat OpenShift Container Platform 4.8.\n\nRed Hat Product Security has rated this update as having a security impact\nof Moderate. A Common Vulnerability Scoring System (CVSS) base score, which\ngives a detailed severity rating, is available for each vulnerability from\nthe CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat OpenShift Container Platform is Red Hat\u0027s cloud computing\nKubernetes application platform solution designed for on-premise or private\ncloud deployments.\n\nThis advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.8.31. See the following advisory for the container images for this release:\n\nhttps://access.redhat.com/errata/RHBA-2022:0484\n\nSecurity Fix(es):\n\n* log4j-core: remote code execution via JDBC Appender (CVE-2021-44832)\n\nFor more details about the security issue(s), including the impact, a CVSS\nscore, acknowledgments, and other related information, refer to the CVE\npage(s) listed in the References section.\n\nAll OpenShift Container Platform 4.8 users are advised to upgrade to these updated packages and images when they are available in the appropriate release channel. To check for available updates, use the OpenShift Console or the CLI oc command. Instructions for upgrading a cluster are available at https://docs.openshift.com/container-platform/4.8/updating/updating-cluster-cli.html",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2022:0485",
"url": "https://access.redhat.com/errata/RHSA-2022:0485"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "2035951",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2035951"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2022/rhsa-2022_0485.json"
}
],
"title": "Red Hat Security Advisory: OpenShift Container Platform 4.8.31 security update",
"tracking": {
"current_release_date": "2025-11-21T18:28:38+00:00",
"generator": {
"date": "2025-11-21T18:28:38+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.12"
}
},
"id": "RHSA-2022:0485",
"initial_release_date": "2022-02-16T15:04:02+00:00",
"revision_history": [
{
"date": "2022-02-16T15:04:02+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2022-02-16T15:04:03+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-11-21T18:28:38+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat OpenShift Container Platform 4.8",
"product": {
"name": "Red Hat OpenShift Container Platform 4.8",
"product_id": "8Base-RHOSE-4.8",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift:4.8::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenShift Enterprise"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift4/ose-descheduler@sha256:b5ad38974bb046acc284d81615f89be45cc88ee94dd202715a84048ff666de39_ppc64le",
"product": {
"name": "openshift4/ose-descheduler@sha256:b5ad38974bb046acc284d81615f89be45cc88ee94dd202715a84048ff666de39_ppc64le",
"product_id": "openshift4/ose-descheduler@sha256:b5ad38974bb046acc284d81615f89be45cc88ee94dd202715a84048ff666de39_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-descheduler@sha256:b5ad38974bb046acc284d81615f89be45cc88ee94dd202715a84048ff666de39?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-descheduler\u0026tag=v4.8.0-202201261123.p0.g37691a4.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-node-problem-detector-rhel8@sha256:05c5fff8726da0dbd9270314bf227eda559969e5abcbabd25078fa7e4f1e99eb_ppc64le",
"product": {
"name": "openshift4/ose-node-problem-detector-rhel8@sha256:05c5fff8726da0dbd9270314bf227eda559969e5abcbabd25078fa7e4f1e99eb_ppc64le",
"product_id": "openshift4/ose-node-problem-detector-rhel8@sha256:05c5fff8726da0dbd9270314bf227eda559969e5abcbabd25078fa7e4f1e99eb_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-node-problem-detector-rhel8@sha256:05c5fff8726da0dbd9270314bf227eda559969e5abcbabd25078fa7e4f1e99eb?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-node-problem-detector-rhel8\u0026tag=v4.8.0-202201261123.p0.g8e44437.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-cluster-nfd-operator@sha256:69325720dac7c66e759da3a932d6d11694b446809a2acd705bcd010662f119ac_ppc64le",
"product": {
"name": "openshift4/ose-cluster-nfd-operator@sha256:69325720dac7c66e759da3a932d6d11694b446809a2acd705bcd010662f119ac_ppc64le",
"product_id": "openshift4/ose-cluster-nfd-operator@sha256:69325720dac7c66e759da3a932d6d11694b446809a2acd705bcd010662f119ac_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-cluster-nfd-operator@sha256:69325720dac7c66e759da3a932d6d11694b446809a2acd705bcd010662f119ac?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-cluster-nfd-operator\u0026tag=v4.8.0-202201261123.p0.gb9eec62.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-sriov-infiniband-cni@sha256:d3a01146298d996f4d5cc8114cb31c38fc332bbaa6056dbbc0c06580033df02f_ppc64le",
"product": {
"name": "openshift4/ose-sriov-infiniband-cni@sha256:d3a01146298d996f4d5cc8114cb31c38fc332bbaa6056dbbc0c06580033df02f_ppc64le",
"product_id": "openshift4/ose-sriov-infiniband-cni@sha256:d3a01146298d996f4d5cc8114cb31c38fc332bbaa6056dbbc0c06580033df02f_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-sriov-infiniband-cni@sha256:d3a01146298d996f4d5cc8114cb31c38fc332bbaa6056dbbc0c06580033df02f?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-sriov-infiniband-cni\u0026tag=v4.8.0-202201261123.p0.g9edcb7c.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-local-storage-diskmaker@sha256:5e7b1da76d30b757db38feef9ac254d1e36b04fe8d6ffab13ba147d0cff88974_ppc64le",
"product": {
"name": "openshift4/ose-local-storage-diskmaker@sha256:5e7b1da76d30b757db38feef9ac254d1e36b04fe8d6ffab13ba147d0cff88974_ppc64le",
"product_id": "openshift4/ose-local-storage-diskmaker@sha256:5e7b1da76d30b757db38feef9ac254d1e36b04fe8d6ffab13ba147d0cff88974_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-local-storage-diskmaker@sha256:5e7b1da76d30b757db38feef9ac254d1e36b04fe8d6ffab13ba147d0cff88974?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-local-storage-diskmaker\u0026tag=v4.8.0-202202070834.p0.g7887ed0.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-local-storage-operator@sha256:1867e7f843577448af26b84cdfb7489b295c5db3eb0faa1eac334b491bf96848_ppc64le",
"product": {
"name": "openshift4/ose-local-storage-operator@sha256:1867e7f843577448af26b84cdfb7489b295c5db3eb0faa1eac334b491bf96848_ppc64le",
"product_id": "openshift4/ose-local-storage-operator@sha256:1867e7f843577448af26b84cdfb7489b295c5db3eb0faa1eac334b491bf96848_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-local-storage-operator@sha256:1867e7f843577448af26b84cdfb7489b295c5db3eb0faa1eac334b491bf96848?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-local-storage-operator\u0026tag=v4.8.0-202202070834.p0.g7887ed0.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-local-storage-static-provisioner@sha256:030c266a9d55bd63d837fae36a1550a2607e684e8ccfd78fb229b2a028d8897f_ppc64le",
"product": {
"name": "openshift4/ose-local-storage-static-provisioner@sha256:030c266a9d55bd63d837fae36a1550a2607e684e8ccfd78fb229b2a028d8897f_ppc64le",
"product_id": "openshift4/ose-local-storage-static-provisioner@sha256:030c266a9d55bd63d837fae36a1550a2607e684e8ccfd78fb229b2a028d8897f_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-local-storage-static-provisioner@sha256:030c266a9d55bd63d837fae36a1550a2607e684e8ccfd78fb229b2a028d8897f?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-local-storage-static-provisioner\u0026tag=v4.8.0-202201261123.p0.ga829a11.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-node-feature-discovery@sha256:6db511807c1e544de32eb9baba909766c53eac4a721852420c6aabc8de4b8684_ppc64le",
"product": {
"name": "openshift4/ose-node-feature-discovery@sha256:6db511807c1e544de32eb9baba909766c53eac4a721852420c6aabc8de4b8684_ppc64le",
"product_id": "openshift4/ose-node-feature-discovery@sha256:6db511807c1e544de32eb9baba909766c53eac4a721852420c6aabc8de4b8684_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-node-feature-discovery@sha256:6db511807c1e544de32eb9baba909766c53eac4a721852420c6aabc8de4b8684?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-node-feature-discovery\u0026tag=v4.8.0-202201261123.p0.ga531700.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-ansible-operator@sha256:16268bec56efd542c49bdd5ce8934d7edfe81ee2e11f716bfba09afda1096ccd_ppc64le",
"product": {
"name": "openshift4/ose-ansible-operator@sha256:16268bec56efd542c49bdd5ce8934d7edfe81ee2e11f716bfba09afda1096ccd_ppc64le",
"product_id": "openshift4/ose-ansible-operator@sha256:16268bec56efd542c49bdd5ce8934d7edfe81ee2e11f716bfba09afda1096ccd_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-ansible-operator@sha256:16268bec56efd542c49bdd5ce8934d7edfe81ee2e11f716bfba09afda1096ccd?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-ansible-operator\u0026tag=v4.8.0-202201261123.p0.gb35596f.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-cluster-capacity@sha256:29eb94fd8e5cf6bd471ed30b0cd1d7f647588c14c93a148f8f332cd21ee94542_ppc64le",
"product": {
"name": "openshift4/ose-cluster-capacity@sha256:29eb94fd8e5cf6bd471ed30b0cd1d7f647588c14c93a148f8f332cd21ee94542_ppc64le",
"product_id": "openshift4/ose-cluster-capacity@sha256:29eb94fd8e5cf6bd471ed30b0cd1d7f647588c14c93a148f8f332cd21ee94542_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-cluster-capacity@sha256:29eb94fd8e5cf6bd471ed30b0cd1d7f647588c14c93a148f8f332cd21ee94542?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-cluster-capacity\u0026tag=v4.8.0-202201261123.p0.g44c178f.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-egress-dns-proxy@sha256:45e93e144f0401c1b18a98864544e8e57439a5aae0937796a52cfbb5b5657620_ppc64le",
"product": {
"name": "openshift4/ose-egress-dns-proxy@sha256:45e93e144f0401c1b18a98864544e8e57439a5aae0937796a52cfbb5b5657620_ppc64le",
"product_id": "openshift4/ose-egress-dns-proxy@sha256:45e93e144f0401c1b18a98864544e8e57439a5aae0937796a52cfbb5b5657620_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-egress-dns-proxy@sha256:45e93e144f0401c1b18a98864544e8e57439a5aae0937796a52cfbb5b5657620?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-egress-dns-proxy\u0026tag=v4.8.0-202201261123.p0.gad38e11.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-egress-router@sha256:4b3083b15eb27c5f3359498c3d76eab277f55264b1d1f50a560176e2cf471bde_ppc64le",
"product": {
"name": "openshift4/ose-egress-router@sha256:4b3083b15eb27c5f3359498c3d76eab277f55264b1d1f50a560176e2cf471bde_ppc64le",
"product_id": "openshift4/ose-egress-router@sha256:4b3083b15eb27c5f3359498c3d76eab277f55264b1d1f50a560176e2cf471bde_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-egress-router@sha256:4b3083b15eb27c5f3359498c3d76eab277f55264b1d1f50a560176e2cf471bde?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-egress-router\u0026tag=v4.8.0-202201261123.p0.gad38e11.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-helm-operator@sha256:2da0cd361bc6553072e88c8360dcf6d892ca6c3d34c98bdfa611105559373e98_ppc64le",
"product": {
"name": "openshift4/ose-helm-operator@sha256:2da0cd361bc6553072e88c8360dcf6d892ca6c3d34c98bdfa611105559373e98_ppc64le",
"product_id": "openshift4/ose-helm-operator@sha256:2da0cd361bc6553072e88c8360dcf6d892ca6c3d34c98bdfa611105559373e98_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-helm-operator@sha256:2da0cd361bc6553072e88c8360dcf6d892ca6c3d34c98bdfa611105559373e98?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-helm-operator\u0026tag=v4.8.0-202201261123.p0.gb35596f.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-operator-sdk-rhel8@sha256:16080cfd97370db5530d0e58f87bfc2c9c784c2536ce3adc6a159f7ab9575ac9_ppc64le",
"product": {
"name": "openshift4/ose-operator-sdk-rhel8@sha256:16080cfd97370db5530d0e58f87bfc2c9c784c2536ce3adc6a159f7ab9575ac9_ppc64le",
"product_id": "openshift4/ose-operator-sdk-rhel8@sha256:16080cfd97370db5530d0e58f87bfc2c9c784c2536ce3adc6a159f7ab9575ac9_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-operator-sdk-rhel8@sha256:16080cfd97370db5530d0e58f87bfc2c9c784c2536ce3adc6a159f7ab9575ac9?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-operator-sdk-rhel8\u0026tag=v4.8.0-202201261123.p0.gb35596f.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-service-idler-rhel8@sha256:748ff477aab34a52314b3a25c8bc7af0b79938e33c5b0b03d63c2be288884556_ppc64le",
"product": {
"name": "openshift4/ose-service-idler-rhel8@sha256:748ff477aab34a52314b3a25c8bc7af0b79938e33c5b0b03d63c2be288884556_ppc64le",
"product_id": "openshift4/ose-service-idler-rhel8@sha256:748ff477aab34a52314b3a25c8bc7af0b79938e33c5b0b03d63c2be288884556_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-service-idler-rhel8@sha256:748ff477aab34a52314b3a25c8bc7af0b79938e33c5b0b03d63c2be288884556?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-service-idler-rhel8\u0026tag=v4.8.0-202201261123.p0.g39cfc66.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-kubernetes-nmstate-handler-rhel8@sha256:6df1c3e3f99b59c1dcc1ba4bc50aef9638ec28eeb4a358316b6b5c5eb9ce1c1a_ppc64le",
"product": {
"name": "openshift4/ose-kubernetes-nmstate-handler-rhel8@sha256:6df1c3e3f99b59c1dcc1ba4bc50aef9638ec28eeb4a358316b6b5c5eb9ce1c1a_ppc64le",
"product_id": "openshift4/ose-kubernetes-nmstate-handler-rhel8@sha256:6df1c3e3f99b59c1dcc1ba4bc50aef9638ec28eeb4a358316b6b5c5eb9ce1c1a_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-kubernetes-nmstate-handler-rhel8@sha256:6df1c3e3f99b59c1dcc1ba4bc50aef9638ec28eeb4a358316b6b5c5eb9ce1c1a?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-kubernetes-nmstate-handler-rhel8\u0026tag=v4.8.0-202201261123.p0.g458be7e.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-cluster-kube-descheduler-operator@sha256:7de02a3794875b503787352cc1ba1774ca2bc48e717668323b135f2b4d03bab2_ppc64le",
"product": {
"name": "openshift4/ose-cluster-kube-descheduler-operator@sha256:7de02a3794875b503787352cc1ba1774ca2bc48e717668323b135f2b4d03bab2_ppc64le",
"product_id": "openshift4/ose-cluster-kube-descheduler-operator@sha256:7de02a3794875b503787352cc1ba1774ca2bc48e717668323b135f2b4d03bab2_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-cluster-kube-descheduler-operator@sha256:7de02a3794875b503787352cc1ba1774ca2bc48e717668323b135f2b4d03bab2?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-cluster-kube-descheduler-operator\u0026tag=v4.8.0-202201261123.p0.g1af4c42.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:7de02a3794875b503787352cc1ba1774ca2bc48e717668323b135f2b4d03bab2_ppc64le",
"product": {
"name": "openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:7de02a3794875b503787352cc1ba1774ca2bc48e717668323b135f2b4d03bab2_ppc64le",
"product_id": "openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:7de02a3794875b503787352cc1ba1774ca2bc48e717668323b135f2b4d03bab2_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-cluster-kube-descheduler-rhel8-operator@sha256:7de02a3794875b503787352cc1ba1774ca2bc48e717668323b135f2b4d03bab2?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-cluster-kube-descheduler-rhel8-operator\u0026tag=v4.8.0-202201261123.p0.g1af4c42.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-clusterresourceoverride-rhel8@sha256:4361d04e51268ebc0048167a60b69b789b9e4158e819979a2996fc2a79a0183e_ppc64le",
"product": {
"name": "openshift4/ose-clusterresourceoverride-rhel8@sha256:4361d04e51268ebc0048167a60b69b789b9e4158e819979a2996fc2a79a0183e_ppc64le",
"product_id": "openshift4/ose-clusterresourceoverride-rhel8@sha256:4361d04e51268ebc0048167a60b69b789b9e4158e819979a2996fc2a79a0183e_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-clusterresourceoverride-rhel8@sha256:4361d04e51268ebc0048167a60b69b789b9e4158e819979a2996fc2a79a0183e?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-clusterresourceoverride-rhel8\u0026tag=v4.8.0-202201261123.p0.g2a9f548.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:e78a6496a8fe3bf67a1575cab28d8f9829ff2c9506cec53dc28cd08f1382641a_ppc64le",
"product": {
"name": "openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:e78a6496a8fe3bf67a1575cab28d8f9829ff2c9506cec53dc28cd08f1382641a_ppc64le",
"product_id": "openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:e78a6496a8fe3bf67a1575cab28d8f9829ff2c9506cec53dc28cd08f1382641a_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-clusterresourceoverride-rhel8-operator@sha256:e78a6496a8fe3bf67a1575cab28d8f9829ff2c9506cec53dc28cd08f1382641a?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-clusterresourceoverride-rhel8-operator\u0026tag=v4.8.0-202201261123.p0.gfcdcef8.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-egress-http-proxy@sha256:cef6c19c4b400e88a5231b626970ca205af002ae004f0e40c2bb5b3281abb44b_ppc64le",
"product": {
"name": "openshift4/ose-egress-http-proxy@sha256:cef6c19c4b400e88a5231b626970ca205af002ae004f0e40c2bb5b3281abb44b_ppc64le",
"product_id": "openshift4/ose-egress-http-proxy@sha256:cef6c19c4b400e88a5231b626970ca205af002ae004f0e40c2bb5b3281abb44b_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-egress-http-proxy@sha256:cef6c19c4b400e88a5231b626970ca205af002ae004f0e40c2bb5b3281abb44b?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-egress-http-proxy\u0026tag=v4.8.0-202201261123.p0.gad38e11.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/kubernetes-nmstate-rhel8-operator@sha256:04af6b907f56fe1255345a4d5dd23908e6fe51b63da2d86812f0301f97b8abe8_ppc64le",
"product": {
"name": "openshift4/kubernetes-nmstate-rhel8-operator@sha256:04af6b907f56fe1255345a4d5dd23908e6fe51b63da2d86812f0301f97b8abe8_ppc64le",
"product_id": "openshift4/kubernetes-nmstate-rhel8-operator@sha256:04af6b907f56fe1255345a4d5dd23908e6fe51b63da2d86812f0301f97b8abe8_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/kubernetes-nmstate-rhel8-operator@sha256:04af6b907f56fe1255345a4d5dd23908e6fe51b63da2d86812f0301f97b8abe8?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/kubernetes-nmstate-rhel8-operator\u0026tag=v4.8.0-202201261123.p0.g458be7e.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-ptp@sha256:b72f280d30c133785e64681fbc8c9464c1d495815d066947a8904b6a1eac7554_ppc64le",
"product": {
"name": "openshift4/ose-ptp@sha256:b72f280d30c133785e64681fbc8c9464c1d495815d066947a8904b6a1eac7554_ppc64le",
"product_id": "openshift4/ose-ptp@sha256:b72f280d30c133785e64681fbc8c9464c1d495815d066947a8904b6a1eac7554_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-ptp@sha256:b72f280d30c133785e64681fbc8c9464c1d495815d066947a8904b6a1eac7554?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-ptp\u0026tag=v4.8.0-202201261123.p0.g2ae5850.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-local-storage-mustgather-rhel8@sha256:b83bc8b9652ca1d2ff55733ba68f8eaca1542e5318b6860935d12244b240a3f2_ppc64le",
"product": {
"name": "openshift4/ose-local-storage-mustgather-rhel8@sha256:b83bc8b9652ca1d2ff55733ba68f8eaca1542e5318b6860935d12244b240a3f2_ppc64le",
"product_id": "openshift4/ose-local-storage-mustgather-rhel8@sha256:b83bc8b9652ca1d2ff55733ba68f8eaca1542e5318b6860935d12244b240a3f2_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-local-storage-mustgather-rhel8@sha256:b83bc8b9652ca1d2ff55733ba68f8eaca1542e5318b6860935d12244b240a3f2?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-local-storage-mustgather-rhel8\u0026tag=v4.8.0-202202071729.p0.g7887ed0.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-metering-helm-container-rhel8@sha256:687162ae42b470a8fcfa409380f335265fe608bac5d3bc9511046cf4640f5017_ppc64le",
"product": {
"name": "openshift4/ose-metering-helm-container-rhel8@sha256:687162ae42b470a8fcfa409380f335265fe608bac5d3bc9511046cf4640f5017_ppc64le",
"product_id": "openshift4/ose-metering-helm-container-rhel8@sha256:687162ae42b470a8fcfa409380f335265fe608bac5d3bc9511046cf4640f5017_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-metering-helm-container-rhel8@sha256:687162ae42b470a8fcfa409380f335265fe608bac5d3bc9511046cf4640f5017?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-metering-helm-container-rhel8\u0026tag=v4.8.0-202201261123.p0.g8aaede2.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-ptp-operator@sha256:4217ce881595e87ceab2fa0cf973b0fc991e0ebf73f6d5b267aaaecc3a03ad88_ppc64le",
"product": {
"name": "openshift4/ose-ptp-operator@sha256:4217ce881595e87ceab2fa0cf973b0fc991e0ebf73f6d5b267aaaecc3a03ad88_ppc64le",
"product_id": "openshift4/ose-ptp-operator@sha256:4217ce881595e87ceab2fa0cf973b0fc991e0ebf73f6d5b267aaaecc3a03ad88_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-ptp-operator@sha256:4217ce881595e87ceab2fa0cf973b0fc991e0ebf73f6d5b267aaaecc3a03ad88?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-ptp-operator\u0026tag=v4.8.0-202201261123.p0.gd71faa4.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:a2ec2c2c86e2dbc1471758f25942d74489bf011bcc905d4e27edb38f57835ac3_ppc64le",
"product": {
"name": "openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:a2ec2c2c86e2dbc1471758f25942d74489bf011bcc905d4e27edb38f57835ac3_ppc64le",
"product_id": "openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:a2ec2c2c86e2dbc1471758f25942d74489bf011bcc905d4e27edb38f57835ac3_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-vertical-pod-autoscaler-rhel8@sha256:a2ec2c2c86e2dbc1471758f25942d74489bf011bcc905d4e27edb38f57835ac3?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-vertical-pod-autoscaler-rhel8\u0026tag=v4.8.0-202201261123.p0.g7bbde4c.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:9e1d1bf31fa04b05b46e04cb564361ae8387fa06da5ec019a475a11ef7ff9358_ppc64le",
"product": {
"name": "openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:9e1d1bf31fa04b05b46e04cb564361ae8387fa06da5ec019a475a11ef7ff9358_ppc64le",
"product_id": "openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:9e1d1bf31fa04b05b46e04cb564361ae8387fa06da5ec019a475a11ef7ff9358_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-vertical-pod-autoscaler-rhel8-operator@sha256:9e1d1bf31fa04b05b46e04cb564361ae8387fa06da5ec019a475a11ef7ff9358?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-vertical-pod-autoscaler-rhel8-operator\u0026tag=v4.8.0-202201261123.p0.gef8ad45.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ptp-must-gather-rhel8@sha256:94572c353a049edb1ebc935a73a15e78ef399b9f15f3bb9b8bf376f1b37dff87_ppc64le",
"product": {
"name": "openshift4/ptp-must-gather-rhel8@sha256:94572c353a049edb1ebc935a73a15e78ef399b9f15f3bb9b8bf376f1b37dff87_ppc64le",
"product_id": "openshift4/ptp-must-gather-rhel8@sha256:94572c353a049edb1ebc935a73a15e78ef399b9f15f3bb9b8bf376f1b37dff87_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ptp-must-gather-rhel8@sha256:94572c353a049edb1ebc935a73a15e78ef399b9f15f3bb9b8bf376f1b37dff87?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ptp-must-gather-rhel8\u0026tag=v4.8.0-202201261123.p0.gd71faa4.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-sriov-cni@sha256:4ead46ef89a7fc3c96a27426f1594f9403abe2d149f1a06f4e8c23a1435793a0_ppc64le",
"product": {
"name": "openshift4/ose-sriov-cni@sha256:4ead46ef89a7fc3c96a27426f1594f9403abe2d149f1a06f4e8c23a1435793a0_ppc64le",
"product_id": "openshift4/ose-sriov-cni@sha256:4ead46ef89a7fc3c96a27426f1594f9403abe2d149f1a06f4e8c23a1435793a0_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-sriov-cni@sha256:4ead46ef89a7fc3c96a27426f1594f9403abe2d149f1a06f4e8c23a1435793a0?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-sriov-cni\u0026tag=v4.8.0-202201261123.p0.gcc1edca.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-sriov-dp-admission-controller@sha256:92fdeb3673145a77ff34decadc8a406cd05ce83afbbc848821717d2bc127f4db_ppc64le",
"product": {
"name": "openshift4/ose-sriov-dp-admission-controller@sha256:92fdeb3673145a77ff34decadc8a406cd05ce83afbbc848821717d2bc127f4db_ppc64le",
"product_id": "openshift4/ose-sriov-dp-admission-controller@sha256:92fdeb3673145a77ff34decadc8a406cd05ce83afbbc848821717d2bc127f4db_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-sriov-dp-admission-controller@sha256:92fdeb3673145a77ff34decadc8a406cd05ce83afbbc848821717d2bc127f4db?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-sriov-dp-admission-controller\u0026tag=v4.8.0-202201261123.p0.gd34636e.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-sriov-network-config-daemon@sha256:5d684abc03e26dd161328261d5c4c05f18afb91b92bb2e9e3934f371f7ae5e9c_ppc64le",
"product": {
"name": "openshift4/ose-sriov-network-config-daemon@sha256:5d684abc03e26dd161328261d5c4c05f18afb91b92bb2e9e3934f371f7ae5e9c_ppc64le",
"product_id": "openshift4/ose-sriov-network-config-daemon@sha256:5d684abc03e26dd161328261d5c4c05f18afb91b92bb2e9e3934f371f7ae5e9c_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-sriov-network-config-daemon@sha256:5d684abc03e26dd161328261d5c4c05f18afb91b92bb2e9e3934f371f7ae5e9c?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-sriov-network-config-daemon\u0026tag=v4.8.0-202201261123.p0.g6ad9128.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-sriov-network-device-plugin@sha256:f54ddc9b51cc0878cb4771c8b55bee97ed02b003395f19ef9500c91cceccf134_ppc64le",
"product": {
"name": "openshift4/ose-sriov-network-device-plugin@sha256:f54ddc9b51cc0878cb4771c8b55bee97ed02b003395f19ef9500c91cceccf134_ppc64le",
"product_id": "openshift4/ose-sriov-network-device-plugin@sha256:f54ddc9b51cc0878cb4771c8b55bee97ed02b003395f19ef9500c91cceccf134_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-sriov-network-device-plugin@sha256:f54ddc9b51cc0878cb4771c8b55bee97ed02b003395f19ef9500c91cceccf134?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-sriov-network-device-plugin\u0026tag=v4.8.0-202201261123.p0.g83bc63d.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-sriov-operator-must-gather@sha256:92b3d9d0f17b66c8856e795745282d0cc856cd2c8bf66dfa3beb9b0675fa5e1d_ppc64le",
"product": {
"name": "openshift4/ose-sriov-operator-must-gather@sha256:92b3d9d0f17b66c8856e795745282d0cc856cd2c8bf66dfa3beb9b0675fa5e1d_ppc64le",
"product_id": "openshift4/ose-sriov-operator-must-gather@sha256:92b3d9d0f17b66c8856e795745282d0cc856cd2c8bf66dfa3beb9b0675fa5e1d_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-sriov-operator-must-gather@sha256:92b3d9d0f17b66c8856e795745282d0cc856cd2c8bf66dfa3beb9b0675fa5e1d?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-sriov-operator-must-gather\u0026tag=v4.8.0-202201261123.p0.g6ad9128.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-sriov-network-operator@sha256:66ad156d2d59b0d47cedc94b9118e6e1107325ab5ba44375613f892d64d09956_ppc64le",
"product": {
"name": "openshift4/ose-sriov-network-operator@sha256:66ad156d2d59b0d47cedc94b9118e6e1107325ab5ba44375613f892d64d09956_ppc64le",
"product_id": "openshift4/ose-sriov-network-operator@sha256:66ad156d2d59b0d47cedc94b9118e6e1107325ab5ba44375613f892d64d09956_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-sriov-network-operator@sha256:66ad156d2d59b0d47cedc94b9118e6e1107325ab5ba44375613f892d64d09956?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-sriov-network-operator\u0026tag=v4.8.0-202201261123.p0.g6ad9128.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-sriov-network-webhook@sha256:3e648c0a96ae8024e5443782eb2afe8e3a2c716ee9dd20263fe3cad2d4c293dd_ppc64le",
"product": {
"name": "openshift4/ose-sriov-network-webhook@sha256:3e648c0a96ae8024e5443782eb2afe8e3a2c716ee9dd20263fe3cad2d4c293dd_ppc64le",
"product_id": "openshift4/ose-sriov-network-webhook@sha256:3e648c0a96ae8024e5443782eb2afe8e3a2c716ee9dd20263fe3cad2d4c293dd_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-sriov-network-webhook@sha256:3e648c0a96ae8024e5443782eb2afe8e3a2c716ee9dd20263fe3cad2d4c293dd?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-sriov-network-webhook\u0026tag=v4.8.0-202201261123.p0.g6ad9128.assembly.stream"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift4/ose-descheduler@sha256:4f9de0b544a418c728d7921b031268687b315273256b1b964de87602b552f559_s390x",
"product": {
"name": "openshift4/ose-descheduler@sha256:4f9de0b544a418c728d7921b031268687b315273256b1b964de87602b552f559_s390x",
"product_id": "openshift4/ose-descheduler@sha256:4f9de0b544a418c728d7921b031268687b315273256b1b964de87602b552f559_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-descheduler@sha256:4f9de0b544a418c728d7921b031268687b315273256b1b964de87602b552f559?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-descheduler\u0026tag=v4.8.0-202201261123.p0.g37691a4.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-node-problem-detector-rhel8@sha256:5244cc96a46219c5ba7c1c52fd52c5c8a70d6534567caa47f01ed7fbc9a8e4e8_s390x",
"product": {
"name": "openshift4/ose-node-problem-detector-rhel8@sha256:5244cc96a46219c5ba7c1c52fd52c5c8a70d6534567caa47f01ed7fbc9a8e4e8_s390x",
"product_id": "openshift4/ose-node-problem-detector-rhel8@sha256:5244cc96a46219c5ba7c1c52fd52c5c8a70d6534567caa47f01ed7fbc9a8e4e8_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-node-problem-detector-rhel8@sha256:5244cc96a46219c5ba7c1c52fd52c5c8a70d6534567caa47f01ed7fbc9a8e4e8?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-node-problem-detector-rhel8\u0026tag=v4.8.0-202201261123.p0.g8e44437.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-cluster-nfd-operator@sha256:050f5694076ad7712ea486db9c3a6da60f14a6bcdefb93f09ae5a5d0d2350216_s390x",
"product": {
"name": "openshift4/ose-cluster-nfd-operator@sha256:050f5694076ad7712ea486db9c3a6da60f14a6bcdefb93f09ae5a5d0d2350216_s390x",
"product_id": "openshift4/ose-cluster-nfd-operator@sha256:050f5694076ad7712ea486db9c3a6da60f14a6bcdefb93f09ae5a5d0d2350216_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-cluster-nfd-operator@sha256:050f5694076ad7712ea486db9c3a6da60f14a6bcdefb93f09ae5a5d0d2350216?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-cluster-nfd-operator\u0026tag=v4.8.0-202201261123.p0.gb9eec62.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-sriov-infiniband-cni@sha256:4419994e773ba864245ad4763cecd5383e1782cf81f53977580ed5c70581a2a1_s390x",
"product": {
"name": "openshift4/ose-sriov-infiniband-cni@sha256:4419994e773ba864245ad4763cecd5383e1782cf81f53977580ed5c70581a2a1_s390x",
"product_id": "openshift4/ose-sriov-infiniband-cni@sha256:4419994e773ba864245ad4763cecd5383e1782cf81f53977580ed5c70581a2a1_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-sriov-infiniband-cni@sha256:4419994e773ba864245ad4763cecd5383e1782cf81f53977580ed5c70581a2a1?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-sriov-infiniband-cni\u0026tag=v4.8.0-202201261123.p0.g9edcb7c.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-local-storage-diskmaker@sha256:4fb057e9824cccd554b9295e8c1b4cfc16ffb3eecc2211fa1e1a312f7a79c949_s390x",
"product": {
"name": "openshift4/ose-local-storage-diskmaker@sha256:4fb057e9824cccd554b9295e8c1b4cfc16ffb3eecc2211fa1e1a312f7a79c949_s390x",
"product_id": "openshift4/ose-local-storage-diskmaker@sha256:4fb057e9824cccd554b9295e8c1b4cfc16ffb3eecc2211fa1e1a312f7a79c949_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-local-storage-diskmaker@sha256:4fb057e9824cccd554b9295e8c1b4cfc16ffb3eecc2211fa1e1a312f7a79c949?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-local-storage-diskmaker\u0026tag=v4.8.0-202202070834.p0.g7887ed0.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-local-storage-operator@sha256:b0ca8c3ea4511b5255ef9638f01fefaa6f2e93400a0409360c81d26e8ef8f493_s390x",
"product": {
"name": "openshift4/ose-local-storage-operator@sha256:b0ca8c3ea4511b5255ef9638f01fefaa6f2e93400a0409360c81d26e8ef8f493_s390x",
"product_id": "openshift4/ose-local-storage-operator@sha256:b0ca8c3ea4511b5255ef9638f01fefaa6f2e93400a0409360c81d26e8ef8f493_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-local-storage-operator@sha256:b0ca8c3ea4511b5255ef9638f01fefaa6f2e93400a0409360c81d26e8ef8f493?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-local-storage-operator\u0026tag=v4.8.0-202202070834.p0.g7887ed0.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-local-storage-static-provisioner@sha256:2365ccb37a8f91f4ce8c0681e304f98f9468ccd3e7e9cb6bfe7e7179cdad9998_s390x",
"product": {
"name": "openshift4/ose-local-storage-static-provisioner@sha256:2365ccb37a8f91f4ce8c0681e304f98f9468ccd3e7e9cb6bfe7e7179cdad9998_s390x",
"product_id": "openshift4/ose-local-storage-static-provisioner@sha256:2365ccb37a8f91f4ce8c0681e304f98f9468ccd3e7e9cb6bfe7e7179cdad9998_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-local-storage-static-provisioner@sha256:2365ccb37a8f91f4ce8c0681e304f98f9468ccd3e7e9cb6bfe7e7179cdad9998?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-local-storage-static-provisioner\u0026tag=v4.8.0-202201261123.p0.ga829a11.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-node-feature-discovery@sha256:a2c9410fb28d810e26166c6d07af2885e4ac88ec73d95bf152da6e26e00f8086_s390x",
"product": {
"name": "openshift4/ose-node-feature-discovery@sha256:a2c9410fb28d810e26166c6d07af2885e4ac88ec73d95bf152da6e26e00f8086_s390x",
"product_id": "openshift4/ose-node-feature-discovery@sha256:a2c9410fb28d810e26166c6d07af2885e4ac88ec73d95bf152da6e26e00f8086_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-node-feature-discovery@sha256:a2c9410fb28d810e26166c6d07af2885e4ac88ec73d95bf152da6e26e00f8086?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-node-feature-discovery\u0026tag=v4.8.0-202201261123.p0.ga531700.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-ansible-operator@sha256:678e89a0851566628a99981a5e395fc2a88936e5f1552a7f205e0c4dc4f34e58_s390x",
"product": {
"name": "openshift4/ose-ansible-operator@sha256:678e89a0851566628a99981a5e395fc2a88936e5f1552a7f205e0c4dc4f34e58_s390x",
"product_id": "openshift4/ose-ansible-operator@sha256:678e89a0851566628a99981a5e395fc2a88936e5f1552a7f205e0c4dc4f34e58_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-ansible-operator@sha256:678e89a0851566628a99981a5e395fc2a88936e5f1552a7f205e0c4dc4f34e58?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-ansible-operator\u0026tag=v4.8.0-202201261123.p0.gb35596f.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-cluster-capacity@sha256:91d7fad60dbc99ea4b1393d9f47de64d145dd3302b199edb7922efbc3a223c40_s390x",
"product": {
"name": "openshift4/ose-cluster-capacity@sha256:91d7fad60dbc99ea4b1393d9f47de64d145dd3302b199edb7922efbc3a223c40_s390x",
"product_id": "openshift4/ose-cluster-capacity@sha256:91d7fad60dbc99ea4b1393d9f47de64d145dd3302b199edb7922efbc3a223c40_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-cluster-capacity@sha256:91d7fad60dbc99ea4b1393d9f47de64d145dd3302b199edb7922efbc3a223c40?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-cluster-capacity\u0026tag=v4.8.0-202201261123.p0.g44c178f.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-egress-dns-proxy@sha256:fa2b319dade615c79b26363fa35ff7519b890ceca1a316ba7b4a13ac2dfe3392_s390x",
"product": {
"name": "openshift4/ose-egress-dns-proxy@sha256:fa2b319dade615c79b26363fa35ff7519b890ceca1a316ba7b4a13ac2dfe3392_s390x",
"product_id": "openshift4/ose-egress-dns-proxy@sha256:fa2b319dade615c79b26363fa35ff7519b890ceca1a316ba7b4a13ac2dfe3392_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-egress-dns-proxy@sha256:fa2b319dade615c79b26363fa35ff7519b890ceca1a316ba7b4a13ac2dfe3392?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-egress-dns-proxy\u0026tag=v4.8.0-202201261123.p0.gad38e11.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-egress-router@sha256:c8948bfb7437e445a58323c456979829d738f69d192b308af112793a44ece6be_s390x",
"product": {
"name": "openshift4/ose-egress-router@sha256:c8948bfb7437e445a58323c456979829d738f69d192b308af112793a44ece6be_s390x",
"product_id": "openshift4/ose-egress-router@sha256:c8948bfb7437e445a58323c456979829d738f69d192b308af112793a44ece6be_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-egress-router@sha256:c8948bfb7437e445a58323c456979829d738f69d192b308af112793a44ece6be?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-egress-router\u0026tag=v4.8.0-202201261123.p0.gad38e11.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-helm-operator@sha256:aded3473d75a263d10d7f4f3db50366a00b1c592608c187f35e43dcf33d4cc92_s390x",
"product": {
"name": "openshift4/ose-helm-operator@sha256:aded3473d75a263d10d7f4f3db50366a00b1c592608c187f35e43dcf33d4cc92_s390x",
"product_id": "openshift4/ose-helm-operator@sha256:aded3473d75a263d10d7f4f3db50366a00b1c592608c187f35e43dcf33d4cc92_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-helm-operator@sha256:aded3473d75a263d10d7f4f3db50366a00b1c592608c187f35e43dcf33d4cc92?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-helm-operator\u0026tag=v4.8.0-202201261123.p0.gb35596f.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-operator-sdk-rhel8@sha256:7cb3e37cdab015a525dd1e7e9830c50d290ab64d939755aa733182fde5822282_s390x",
"product": {
"name": "openshift4/ose-operator-sdk-rhel8@sha256:7cb3e37cdab015a525dd1e7e9830c50d290ab64d939755aa733182fde5822282_s390x",
"product_id": "openshift4/ose-operator-sdk-rhel8@sha256:7cb3e37cdab015a525dd1e7e9830c50d290ab64d939755aa733182fde5822282_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-operator-sdk-rhel8@sha256:7cb3e37cdab015a525dd1e7e9830c50d290ab64d939755aa733182fde5822282?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-operator-sdk-rhel8\u0026tag=v4.8.0-202201261123.p0.gb35596f.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-service-idler-rhel8@sha256:7655843623686ef2110b391115053ec888b3bfba3e93f7fa015a4ddf59a2c6e1_s390x",
"product": {
"name": "openshift4/ose-service-idler-rhel8@sha256:7655843623686ef2110b391115053ec888b3bfba3e93f7fa015a4ddf59a2c6e1_s390x",
"product_id": "openshift4/ose-service-idler-rhel8@sha256:7655843623686ef2110b391115053ec888b3bfba3e93f7fa015a4ddf59a2c6e1_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-service-idler-rhel8@sha256:7655843623686ef2110b391115053ec888b3bfba3e93f7fa015a4ddf59a2c6e1?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-service-idler-rhel8\u0026tag=v4.8.0-202201261123.p0.g39cfc66.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-kubernetes-nmstate-handler-rhel8@sha256:3a1ede2d5f064cdc9c3dcae93122e30fe6acb8962905ea739484840c028767eb_s390x",
"product": {
"name": "openshift4/ose-kubernetes-nmstate-handler-rhel8@sha256:3a1ede2d5f064cdc9c3dcae93122e30fe6acb8962905ea739484840c028767eb_s390x",
"product_id": "openshift4/ose-kubernetes-nmstate-handler-rhel8@sha256:3a1ede2d5f064cdc9c3dcae93122e30fe6acb8962905ea739484840c028767eb_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-kubernetes-nmstate-handler-rhel8@sha256:3a1ede2d5f064cdc9c3dcae93122e30fe6acb8962905ea739484840c028767eb?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-kubernetes-nmstate-handler-rhel8\u0026tag=v4.8.0-202201261123.p0.g458be7e.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-cluster-kube-descheduler-operator@sha256:4210a5b83b7a6dce2e8b5e9c74b2c2858b4441c7e7046dc1bc47d13bade5b344_s390x",
"product": {
"name": "openshift4/ose-cluster-kube-descheduler-operator@sha256:4210a5b83b7a6dce2e8b5e9c74b2c2858b4441c7e7046dc1bc47d13bade5b344_s390x",
"product_id": "openshift4/ose-cluster-kube-descheduler-operator@sha256:4210a5b83b7a6dce2e8b5e9c74b2c2858b4441c7e7046dc1bc47d13bade5b344_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-cluster-kube-descheduler-operator@sha256:4210a5b83b7a6dce2e8b5e9c74b2c2858b4441c7e7046dc1bc47d13bade5b344?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-cluster-kube-descheduler-operator\u0026tag=v4.8.0-202201261123.p0.g1af4c42.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:4210a5b83b7a6dce2e8b5e9c74b2c2858b4441c7e7046dc1bc47d13bade5b344_s390x",
"product": {
"name": "openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:4210a5b83b7a6dce2e8b5e9c74b2c2858b4441c7e7046dc1bc47d13bade5b344_s390x",
"product_id": "openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:4210a5b83b7a6dce2e8b5e9c74b2c2858b4441c7e7046dc1bc47d13bade5b344_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-cluster-kube-descheduler-rhel8-operator@sha256:4210a5b83b7a6dce2e8b5e9c74b2c2858b4441c7e7046dc1bc47d13bade5b344?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-cluster-kube-descheduler-rhel8-operator\u0026tag=v4.8.0-202201261123.p0.g1af4c42.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-clusterresourceoverride-rhel8@sha256:862a2025b5f3a3e7569fe6fcdb08d008318daf7b7818dbff9bc571d053360ab1_s390x",
"product": {
"name": "openshift4/ose-clusterresourceoverride-rhel8@sha256:862a2025b5f3a3e7569fe6fcdb08d008318daf7b7818dbff9bc571d053360ab1_s390x",
"product_id": "openshift4/ose-clusterresourceoverride-rhel8@sha256:862a2025b5f3a3e7569fe6fcdb08d008318daf7b7818dbff9bc571d053360ab1_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-clusterresourceoverride-rhel8@sha256:862a2025b5f3a3e7569fe6fcdb08d008318daf7b7818dbff9bc571d053360ab1?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-clusterresourceoverride-rhel8\u0026tag=v4.8.0-202201261123.p0.g2a9f548.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:a2b533899da262cc3dcdec64b353b4373c692c65795d092735110ffe14b1f405_s390x",
"product": {
"name": "openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:a2b533899da262cc3dcdec64b353b4373c692c65795d092735110ffe14b1f405_s390x",
"product_id": "openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:a2b533899da262cc3dcdec64b353b4373c692c65795d092735110ffe14b1f405_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-clusterresourceoverride-rhel8-operator@sha256:a2b533899da262cc3dcdec64b353b4373c692c65795d092735110ffe14b1f405?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-clusterresourceoverride-rhel8-operator\u0026tag=v4.8.0-202201261123.p0.gfcdcef8.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-egress-http-proxy@sha256:39a831a45748dfd91a1d20f68481fbc82bd3fefa4cb5ff87aab478770582de2f_s390x",
"product": {
"name": "openshift4/ose-egress-http-proxy@sha256:39a831a45748dfd91a1d20f68481fbc82bd3fefa4cb5ff87aab478770582de2f_s390x",
"product_id": "openshift4/ose-egress-http-proxy@sha256:39a831a45748dfd91a1d20f68481fbc82bd3fefa4cb5ff87aab478770582de2f_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-egress-http-proxy@sha256:39a831a45748dfd91a1d20f68481fbc82bd3fefa4cb5ff87aab478770582de2f?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-egress-http-proxy\u0026tag=v4.8.0-202201261123.p0.gad38e11.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/kubernetes-nmstate-rhel8-operator@sha256:401efb6b2a736bc00475df75c05178f2b5a01a917e416b166ba77b084984bbb0_s390x",
"product": {
"name": "openshift4/kubernetes-nmstate-rhel8-operator@sha256:401efb6b2a736bc00475df75c05178f2b5a01a917e416b166ba77b084984bbb0_s390x",
"product_id": "openshift4/kubernetes-nmstate-rhel8-operator@sha256:401efb6b2a736bc00475df75c05178f2b5a01a917e416b166ba77b084984bbb0_s390x",
"product_identification_helper": {
"purl": "pkg:oci/kubernetes-nmstate-rhel8-operator@sha256:401efb6b2a736bc00475df75c05178f2b5a01a917e416b166ba77b084984bbb0?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/kubernetes-nmstate-rhel8-operator\u0026tag=v4.8.0-202201261123.p0.g458be7e.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-ptp@sha256:50f1a02f7ddd5e78a607a2d87e1a1d87e6d40dbab914c81a4b7c926446ae7c3f_s390x",
"product": {
"name": "openshift4/ose-ptp@sha256:50f1a02f7ddd5e78a607a2d87e1a1d87e6d40dbab914c81a4b7c926446ae7c3f_s390x",
"product_id": "openshift4/ose-ptp@sha256:50f1a02f7ddd5e78a607a2d87e1a1d87e6d40dbab914c81a4b7c926446ae7c3f_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-ptp@sha256:50f1a02f7ddd5e78a607a2d87e1a1d87e6d40dbab914c81a4b7c926446ae7c3f?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-ptp\u0026tag=v4.8.0-202201261123.p0.g2ae5850.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-local-storage-mustgather-rhel8@sha256:7aa0f9ceaa8663081cf19d8a2c689d6356d467ce5ccfb1a6140101f5a47973b6_s390x",
"product": {
"name": "openshift4/ose-local-storage-mustgather-rhel8@sha256:7aa0f9ceaa8663081cf19d8a2c689d6356d467ce5ccfb1a6140101f5a47973b6_s390x",
"product_id": "openshift4/ose-local-storage-mustgather-rhel8@sha256:7aa0f9ceaa8663081cf19d8a2c689d6356d467ce5ccfb1a6140101f5a47973b6_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-local-storage-mustgather-rhel8@sha256:7aa0f9ceaa8663081cf19d8a2c689d6356d467ce5ccfb1a6140101f5a47973b6?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-local-storage-mustgather-rhel8\u0026tag=v4.8.0-202202071729.p0.g7887ed0.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-metering-helm-container-rhel8@sha256:604d7a9033dd87cb30f0e9b35275432e0a6c7637e3cdf54c4710759e4f40ed18_s390x",
"product": {
"name": "openshift4/ose-metering-helm-container-rhel8@sha256:604d7a9033dd87cb30f0e9b35275432e0a6c7637e3cdf54c4710759e4f40ed18_s390x",
"product_id": "openshift4/ose-metering-helm-container-rhel8@sha256:604d7a9033dd87cb30f0e9b35275432e0a6c7637e3cdf54c4710759e4f40ed18_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-metering-helm-container-rhel8@sha256:604d7a9033dd87cb30f0e9b35275432e0a6c7637e3cdf54c4710759e4f40ed18?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-metering-helm-container-rhel8\u0026tag=v4.8.0-202201261123.p0.g8aaede2.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-ptp-operator@sha256:d2e84963c0a4b8c4837c600dcd45a4ec85582dcb277cc5a342772cfaf37a02d6_s390x",
"product": {
"name": "openshift4/ose-ptp-operator@sha256:d2e84963c0a4b8c4837c600dcd45a4ec85582dcb277cc5a342772cfaf37a02d6_s390x",
"product_id": "openshift4/ose-ptp-operator@sha256:d2e84963c0a4b8c4837c600dcd45a4ec85582dcb277cc5a342772cfaf37a02d6_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-ptp-operator@sha256:d2e84963c0a4b8c4837c600dcd45a4ec85582dcb277cc5a342772cfaf37a02d6?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-ptp-operator\u0026tag=v4.8.0-202201261123.p0.gd71faa4.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:818f036319edf0d327b3d7b8c474e62181b645091bd78039f8af6bc9d06ec3c2_s390x",
"product": {
"name": "openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:818f036319edf0d327b3d7b8c474e62181b645091bd78039f8af6bc9d06ec3c2_s390x",
"product_id": "openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:818f036319edf0d327b3d7b8c474e62181b645091bd78039f8af6bc9d06ec3c2_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-vertical-pod-autoscaler-rhel8@sha256:818f036319edf0d327b3d7b8c474e62181b645091bd78039f8af6bc9d06ec3c2?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-vertical-pod-autoscaler-rhel8\u0026tag=v4.8.0-202201261123.p0.g7bbde4c.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:c1b1addb2f2a7c84de8e0c50e6015921bc5f8f19c6c3defe090fc643e2a59fc4_s390x",
"product": {
"name": "openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:c1b1addb2f2a7c84de8e0c50e6015921bc5f8f19c6c3defe090fc643e2a59fc4_s390x",
"product_id": "openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:c1b1addb2f2a7c84de8e0c50e6015921bc5f8f19c6c3defe090fc643e2a59fc4_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-vertical-pod-autoscaler-rhel8-operator@sha256:c1b1addb2f2a7c84de8e0c50e6015921bc5f8f19c6c3defe090fc643e2a59fc4?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-vertical-pod-autoscaler-rhel8-operator\u0026tag=v4.8.0-202201261123.p0.gef8ad45.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ptp-must-gather-rhel8@sha256:16135e26bab08312237920621dfdda19de439cafa3496336a5bb036ba6aab810_s390x",
"product": {
"name": "openshift4/ptp-must-gather-rhel8@sha256:16135e26bab08312237920621dfdda19de439cafa3496336a5bb036ba6aab810_s390x",
"product_id": "openshift4/ptp-must-gather-rhel8@sha256:16135e26bab08312237920621dfdda19de439cafa3496336a5bb036ba6aab810_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ptp-must-gather-rhel8@sha256:16135e26bab08312237920621dfdda19de439cafa3496336a5bb036ba6aab810?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ptp-must-gather-rhel8\u0026tag=v4.8.0-202201261123.p0.gd71faa4.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-sriov-cni@sha256:de25d1ab45eec3791e0429c14cd159c2cf0e06f60538eea58a3884ba8ec0c437_s390x",
"product": {
"name": "openshift4/ose-sriov-cni@sha256:de25d1ab45eec3791e0429c14cd159c2cf0e06f60538eea58a3884ba8ec0c437_s390x",
"product_id": "openshift4/ose-sriov-cni@sha256:de25d1ab45eec3791e0429c14cd159c2cf0e06f60538eea58a3884ba8ec0c437_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-sriov-cni@sha256:de25d1ab45eec3791e0429c14cd159c2cf0e06f60538eea58a3884ba8ec0c437?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-sriov-cni\u0026tag=v4.8.0-202201261123.p0.gcc1edca.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-sriov-dp-admission-controller@sha256:035ee520fd3303409a8a622fbfdc092495705533e687afd5a507269ff2888672_s390x",
"product": {
"name": "openshift4/ose-sriov-dp-admission-controller@sha256:035ee520fd3303409a8a622fbfdc092495705533e687afd5a507269ff2888672_s390x",
"product_id": "openshift4/ose-sriov-dp-admission-controller@sha256:035ee520fd3303409a8a622fbfdc092495705533e687afd5a507269ff2888672_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-sriov-dp-admission-controller@sha256:035ee520fd3303409a8a622fbfdc092495705533e687afd5a507269ff2888672?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-sriov-dp-admission-controller\u0026tag=v4.8.0-202201261123.p0.gd34636e.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-sriov-network-config-daemon@sha256:edee9914747f7b1a871dfbf8e0ada436fd853f9cb8b4f25bd6a3ae8f2d8b0851_s390x",
"product": {
"name": "openshift4/ose-sriov-network-config-daemon@sha256:edee9914747f7b1a871dfbf8e0ada436fd853f9cb8b4f25bd6a3ae8f2d8b0851_s390x",
"product_id": "openshift4/ose-sriov-network-config-daemon@sha256:edee9914747f7b1a871dfbf8e0ada436fd853f9cb8b4f25bd6a3ae8f2d8b0851_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-sriov-network-config-daemon@sha256:edee9914747f7b1a871dfbf8e0ada436fd853f9cb8b4f25bd6a3ae8f2d8b0851?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-sriov-network-config-daemon\u0026tag=v4.8.0-202201261123.p0.g6ad9128.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-sriov-network-device-plugin@sha256:d5567efab982e51026761e1cb5a120f2eed54033550cbac5c4b78620b5a775ce_s390x",
"product": {
"name": "openshift4/ose-sriov-network-device-plugin@sha256:d5567efab982e51026761e1cb5a120f2eed54033550cbac5c4b78620b5a775ce_s390x",
"product_id": "openshift4/ose-sriov-network-device-plugin@sha256:d5567efab982e51026761e1cb5a120f2eed54033550cbac5c4b78620b5a775ce_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-sriov-network-device-plugin@sha256:d5567efab982e51026761e1cb5a120f2eed54033550cbac5c4b78620b5a775ce?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-sriov-network-device-plugin\u0026tag=v4.8.0-202201261123.p0.g83bc63d.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-sriov-operator-must-gather@sha256:baa3b6da137bc048f57d656f938c71d26e8240f4a5a7d99dab584a1662d19188_s390x",
"product": {
"name": "openshift4/ose-sriov-operator-must-gather@sha256:baa3b6da137bc048f57d656f938c71d26e8240f4a5a7d99dab584a1662d19188_s390x",
"product_id": "openshift4/ose-sriov-operator-must-gather@sha256:baa3b6da137bc048f57d656f938c71d26e8240f4a5a7d99dab584a1662d19188_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-sriov-operator-must-gather@sha256:baa3b6da137bc048f57d656f938c71d26e8240f4a5a7d99dab584a1662d19188?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-sriov-operator-must-gather\u0026tag=v4.8.0-202201261123.p0.g6ad9128.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-sriov-network-operator@sha256:34af2eab98fe5ead527de11fd495642f49e955e17064cc8cf1674b13b362efac_s390x",
"product": {
"name": "openshift4/ose-sriov-network-operator@sha256:34af2eab98fe5ead527de11fd495642f49e955e17064cc8cf1674b13b362efac_s390x",
"product_id": "openshift4/ose-sriov-network-operator@sha256:34af2eab98fe5ead527de11fd495642f49e955e17064cc8cf1674b13b362efac_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-sriov-network-operator@sha256:34af2eab98fe5ead527de11fd495642f49e955e17064cc8cf1674b13b362efac?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-sriov-network-operator\u0026tag=v4.8.0-202201261123.p0.g6ad9128.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-sriov-network-webhook@sha256:59dead9be2c8e873496653be6570c8aeffb1a9b420ba00200aae3506f1a1798e_s390x",
"product": {
"name": "openshift4/ose-sriov-network-webhook@sha256:59dead9be2c8e873496653be6570c8aeffb1a9b420ba00200aae3506f1a1798e_s390x",
"product_id": "openshift4/ose-sriov-network-webhook@sha256:59dead9be2c8e873496653be6570c8aeffb1a9b420ba00200aae3506f1a1798e_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-sriov-network-webhook@sha256:59dead9be2c8e873496653be6570c8aeffb1a9b420ba00200aae3506f1a1798e?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-sriov-network-webhook\u0026tag=v4.8.0-202201261123.p0.g6ad9128.assembly.stream"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift4/ose-descheduler@sha256:c646e3a5e81cff6f9e5fd0d590acff2a8ae1c0a36cb7bc5210f6285d8dc06817_amd64",
"product": {
"name": "openshift4/ose-descheduler@sha256:c646e3a5e81cff6f9e5fd0d590acff2a8ae1c0a36cb7bc5210f6285d8dc06817_amd64",
"product_id": "openshift4/ose-descheduler@sha256:c646e3a5e81cff6f9e5fd0d590acff2a8ae1c0a36cb7bc5210f6285d8dc06817_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-descheduler@sha256:c646e3a5e81cff6f9e5fd0d590acff2a8ae1c0a36cb7bc5210f6285d8dc06817?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-descheduler\u0026tag=v4.8.0-202201261123.p0.g37691a4.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-node-problem-detector-rhel8@sha256:3fddde918aae7343b55fb4bdd8273d8a928030d95465cb4c699d92958761a7a1_amd64",
"product": {
"name": "openshift4/ose-node-problem-detector-rhel8@sha256:3fddde918aae7343b55fb4bdd8273d8a928030d95465cb4c699d92958761a7a1_amd64",
"product_id": "openshift4/ose-node-problem-detector-rhel8@sha256:3fddde918aae7343b55fb4bdd8273d8a928030d95465cb4c699d92958761a7a1_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-node-problem-detector-rhel8@sha256:3fddde918aae7343b55fb4bdd8273d8a928030d95465cb4c699d92958761a7a1?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-node-problem-detector-rhel8\u0026tag=v4.8.0-202201261123.p0.g8e44437.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-cluster-nfd-operator@sha256:3e804e2a87f3d4466ec45163ec1b8a7f5f8621a8dafba7359639319def652df7_amd64",
"product": {
"name": "openshift4/ose-cluster-nfd-operator@sha256:3e804e2a87f3d4466ec45163ec1b8a7f5f8621a8dafba7359639319def652df7_amd64",
"product_id": "openshift4/ose-cluster-nfd-operator@sha256:3e804e2a87f3d4466ec45163ec1b8a7f5f8621a8dafba7359639319def652df7_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-cluster-nfd-operator@sha256:3e804e2a87f3d4466ec45163ec1b8a7f5f8621a8dafba7359639319def652df7?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-cluster-nfd-operator\u0026tag=v4.8.0-202201261123.p0.gb9eec62.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-ghostunnel@sha256:d24324d2a5f5db35706160389fd0504529847b610b67c946426dd2d5c580333c_amd64",
"product": {
"name": "openshift4/ose-ghostunnel@sha256:d24324d2a5f5db35706160389fd0504529847b610b67c946426dd2d5c580333c_amd64",
"product_id": "openshift4/ose-ghostunnel@sha256:d24324d2a5f5db35706160389fd0504529847b610b67c946426dd2d5c580333c_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-ghostunnel@sha256:d24324d2a5f5db35706160389fd0504529847b610b67c946426dd2d5c580333c?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-ghostunnel\u0026tag=v4.8.0-202201261123.p0.g3f61070.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-metering-hadoop@sha256:3a6ae11db1f9f60674295b5b9feebbc19e1c8318390a00dd1314f56adace118c_amd64",
"product": {
"name": "openshift4/ose-metering-hadoop@sha256:3a6ae11db1f9f60674295b5b9feebbc19e1c8318390a00dd1314f56adace118c_amd64",
"product_id": "openshift4/ose-metering-hadoop@sha256:3a6ae11db1f9f60674295b5b9feebbc19e1c8318390a00dd1314f56adace118c_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-metering-hadoop@sha256:3a6ae11db1f9f60674295b5b9feebbc19e1c8318390a00dd1314f56adace118c?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-metering-hadoop\u0026tag=v4.8.0-202201271626.p0.gebd9cb4.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-metering-hive@sha256:5431d1a3f9f479600db352feee682ce8e31d9b1d62f7c06e7fe0138a1aca7044_amd64",
"product": {
"name": "openshift4/ose-metering-hive@sha256:5431d1a3f9f479600db352feee682ce8e31d9b1d62f7c06e7fe0138a1aca7044_amd64",
"product_id": "openshift4/ose-metering-hive@sha256:5431d1a3f9f479600db352feee682ce8e31d9b1d62f7c06e7fe0138a1aca7044_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-metering-hive@sha256:5431d1a3f9f479600db352feee682ce8e31d9b1d62f7c06e7fe0138a1aca7044?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-metering-hive\u0026tag=v4.8.0-202201271626.p0.g8fb24af.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-sriov-infiniband-cni@sha256:e316ddfe57eb0f75f1d05f6b449f7f2746b345155729e037012d9081bcdfe11a_amd64",
"product": {
"name": "openshift4/ose-sriov-infiniband-cni@sha256:e316ddfe57eb0f75f1d05f6b449f7f2746b345155729e037012d9081bcdfe11a_amd64",
"product_id": "openshift4/ose-sriov-infiniband-cni@sha256:e316ddfe57eb0f75f1d05f6b449f7f2746b345155729e037012d9081bcdfe11a_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-sriov-infiniband-cni@sha256:e316ddfe57eb0f75f1d05f6b449f7f2746b345155729e037012d9081bcdfe11a?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-sriov-infiniband-cni\u0026tag=v4.8.0-202201261123.p0.g9edcb7c.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-local-storage-diskmaker@sha256:75bc3a0ac9201a825d2aaa1a8af28db620c40e95e25b5e1b6b3e00e507bccdcc_amd64",
"product": {
"name": "openshift4/ose-local-storage-diskmaker@sha256:75bc3a0ac9201a825d2aaa1a8af28db620c40e95e25b5e1b6b3e00e507bccdcc_amd64",
"product_id": "openshift4/ose-local-storage-diskmaker@sha256:75bc3a0ac9201a825d2aaa1a8af28db620c40e95e25b5e1b6b3e00e507bccdcc_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-local-storage-diskmaker@sha256:75bc3a0ac9201a825d2aaa1a8af28db620c40e95e25b5e1b6b3e00e507bccdcc?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-local-storage-diskmaker\u0026tag=v4.8.0-202202070834.p0.g7887ed0.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-local-storage-operator@sha256:8bf7c9546ffbab5678776abe5a25460f3ffdc166ffbfb65f4a674bac26e0dfae_amd64",
"product": {
"name": "openshift4/ose-local-storage-operator@sha256:8bf7c9546ffbab5678776abe5a25460f3ffdc166ffbfb65f4a674bac26e0dfae_amd64",
"product_id": "openshift4/ose-local-storage-operator@sha256:8bf7c9546ffbab5678776abe5a25460f3ffdc166ffbfb65f4a674bac26e0dfae_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-local-storage-operator@sha256:8bf7c9546ffbab5678776abe5a25460f3ffdc166ffbfb65f4a674bac26e0dfae?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-local-storage-operator\u0026tag=v4.8.0-202202070834.p0.g7887ed0.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-local-storage-static-provisioner@sha256:bcff1893ff84874958f43dd84a22f56f7648dfda34236f4ad87e2a964cf33cd9_amd64",
"product": {
"name": "openshift4/ose-local-storage-static-provisioner@sha256:bcff1893ff84874958f43dd84a22f56f7648dfda34236f4ad87e2a964cf33cd9_amd64",
"product_id": "openshift4/ose-local-storage-static-provisioner@sha256:bcff1893ff84874958f43dd84a22f56f7648dfda34236f4ad87e2a964cf33cd9_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-local-storage-static-provisioner@sha256:bcff1893ff84874958f43dd84a22f56f7648dfda34236f4ad87e2a964cf33cd9?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-local-storage-static-provisioner\u0026tag=v4.8.0-202201261123.p0.ga829a11.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-node-feature-discovery@sha256:d66763784469579e744a627d49d9e125f0d6c69ac3542336fd28c73180af98bb_amd64",
"product": {
"name": "openshift4/ose-node-feature-discovery@sha256:d66763784469579e744a627d49d9e125f0d6c69ac3542336fd28c73180af98bb_amd64",
"product_id": "openshift4/ose-node-feature-discovery@sha256:d66763784469579e744a627d49d9e125f0d6c69ac3542336fd28c73180af98bb_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-node-feature-discovery@sha256:d66763784469579e744a627d49d9e125f0d6c69ac3542336fd28c73180af98bb?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-node-feature-discovery\u0026tag=v4.8.0-202201261123.p0.ga531700.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-ansible-operator@sha256:317b636846f5a4da94b8a44eb87b9d34721da8b819debdcfecb726b8d74537c4_amd64",
"product": {
"name": "openshift4/ose-ansible-operator@sha256:317b636846f5a4da94b8a44eb87b9d34721da8b819debdcfecb726b8d74537c4_amd64",
"product_id": "openshift4/ose-ansible-operator@sha256:317b636846f5a4da94b8a44eb87b9d34721da8b819debdcfecb726b8d74537c4_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-ansible-operator@sha256:317b636846f5a4da94b8a44eb87b9d34721da8b819debdcfecb726b8d74537c4?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-ansible-operator\u0026tag=v4.8.0-202201261123.p0.gb35596f.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-cluster-capacity@sha256:a8b224b9187b51c7b6251488f84bc86ec5e54bad0515c1516d6f535a2ad5a6d7_amd64",
"product": {
"name": "openshift4/ose-cluster-capacity@sha256:a8b224b9187b51c7b6251488f84bc86ec5e54bad0515c1516d6f535a2ad5a6d7_amd64",
"product_id": "openshift4/ose-cluster-capacity@sha256:a8b224b9187b51c7b6251488f84bc86ec5e54bad0515c1516d6f535a2ad5a6d7_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-cluster-capacity@sha256:a8b224b9187b51c7b6251488f84bc86ec5e54bad0515c1516d6f535a2ad5a6d7?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-cluster-capacity\u0026tag=v4.8.0-202201261123.p0.g44c178f.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-egress-dns-proxy@sha256:7e578789946a853c299254cc9092f815c59333551fc7bcdf0cec4ee8bd0975f7_amd64",
"product": {
"name": "openshift4/ose-egress-dns-proxy@sha256:7e578789946a853c299254cc9092f815c59333551fc7bcdf0cec4ee8bd0975f7_amd64",
"product_id": "openshift4/ose-egress-dns-proxy@sha256:7e578789946a853c299254cc9092f815c59333551fc7bcdf0cec4ee8bd0975f7_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-egress-dns-proxy@sha256:7e578789946a853c299254cc9092f815c59333551fc7bcdf0cec4ee8bd0975f7?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-egress-dns-proxy\u0026tag=v4.8.0-202201261123.p0.gad38e11.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-egress-router@sha256:9c5ea6554b499063a4056685d22bc4b8e553bacbacd8f5b6c6c70029b7c691c2_amd64",
"product": {
"name": "openshift4/ose-egress-router@sha256:9c5ea6554b499063a4056685d22bc4b8e553bacbacd8f5b6c6c70029b7c691c2_amd64",
"product_id": "openshift4/ose-egress-router@sha256:9c5ea6554b499063a4056685d22bc4b8e553bacbacd8f5b6c6c70029b7c691c2_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-egress-router@sha256:9c5ea6554b499063a4056685d22bc4b8e553bacbacd8f5b6c6c70029b7c691c2?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-egress-router\u0026tag=v4.8.0-202201261123.p0.gad38e11.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-helm-operator@sha256:df4243dbedfc6b134f48d8e839c859a55070dd816fcebf64da40f1ff86d1a6e8_amd64",
"product": {
"name": "openshift4/ose-helm-operator@sha256:df4243dbedfc6b134f48d8e839c859a55070dd816fcebf64da40f1ff86d1a6e8_amd64",
"product_id": "openshift4/ose-helm-operator@sha256:df4243dbedfc6b134f48d8e839c859a55070dd816fcebf64da40f1ff86d1a6e8_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-helm-operator@sha256:df4243dbedfc6b134f48d8e839c859a55070dd816fcebf64da40f1ff86d1a6e8?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-helm-operator\u0026tag=v4.8.0-202201261123.p0.gb35596f.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-operator-sdk-rhel8@sha256:7f191475c9dd43d6b40efd4b565bf677af22b1b654e0f5d8829b4831abc715d5_amd64",
"product": {
"name": "openshift4/ose-operator-sdk-rhel8@sha256:7f191475c9dd43d6b40efd4b565bf677af22b1b654e0f5d8829b4831abc715d5_amd64",
"product_id": "openshift4/ose-operator-sdk-rhel8@sha256:7f191475c9dd43d6b40efd4b565bf677af22b1b654e0f5d8829b4831abc715d5_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-operator-sdk-rhel8@sha256:7f191475c9dd43d6b40efd4b565bf677af22b1b654e0f5d8829b4831abc715d5?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-operator-sdk-rhel8\u0026tag=v4.8.0-202201261123.p0.gb35596f.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-service-idler-rhel8@sha256:dbc79719030b91a0879a1646a677fe7858f8e6552c496cfd5025430e6672d3c3_amd64",
"product": {
"name": "openshift4/ose-service-idler-rhel8@sha256:dbc79719030b91a0879a1646a677fe7858f8e6552c496cfd5025430e6672d3c3_amd64",
"product_id": "openshift4/ose-service-idler-rhel8@sha256:dbc79719030b91a0879a1646a677fe7858f8e6552c496cfd5025430e6672d3c3_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-service-idler-rhel8@sha256:dbc79719030b91a0879a1646a677fe7858f8e6552c496cfd5025430e6672d3c3?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-service-idler-rhel8\u0026tag=v4.8.0-202201261123.p0.g39cfc66.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-kubernetes-nmstate-handler-rhel8@sha256:13d228ad69d3d76bd7af3eab87c2122016c29aca7930d83b7b084726ea62b3b6_amd64",
"product": {
"name": "openshift4/ose-kubernetes-nmstate-handler-rhel8@sha256:13d228ad69d3d76bd7af3eab87c2122016c29aca7930d83b7b084726ea62b3b6_amd64",
"product_id": "openshift4/ose-kubernetes-nmstate-handler-rhel8@sha256:13d228ad69d3d76bd7af3eab87c2122016c29aca7930d83b7b084726ea62b3b6_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-kubernetes-nmstate-handler-rhel8@sha256:13d228ad69d3d76bd7af3eab87c2122016c29aca7930d83b7b084726ea62b3b6?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-kubernetes-nmstate-handler-rhel8\u0026tag=v4.8.0-202201261123.p0.g458be7e.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-cluster-kube-descheduler-operator@sha256:24380dc5d13f84e5b3d35bcf6e183ab697a8b9f997c4808027dbe396a075e389_amd64",
"product": {
"name": "openshift4/ose-cluster-kube-descheduler-operator@sha256:24380dc5d13f84e5b3d35bcf6e183ab697a8b9f997c4808027dbe396a075e389_amd64",
"product_id": "openshift4/ose-cluster-kube-descheduler-operator@sha256:24380dc5d13f84e5b3d35bcf6e183ab697a8b9f997c4808027dbe396a075e389_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-cluster-kube-descheduler-operator@sha256:24380dc5d13f84e5b3d35bcf6e183ab697a8b9f997c4808027dbe396a075e389?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-cluster-kube-descheduler-operator\u0026tag=v4.8.0-202201261123.p0.g1af4c42.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:24380dc5d13f84e5b3d35bcf6e183ab697a8b9f997c4808027dbe396a075e389_amd64",
"product": {
"name": "openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:24380dc5d13f84e5b3d35bcf6e183ab697a8b9f997c4808027dbe396a075e389_amd64",
"product_id": "openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:24380dc5d13f84e5b3d35bcf6e183ab697a8b9f997c4808027dbe396a075e389_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-cluster-kube-descheduler-rhel8-operator@sha256:24380dc5d13f84e5b3d35bcf6e183ab697a8b9f997c4808027dbe396a075e389?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-cluster-kube-descheduler-rhel8-operator\u0026tag=v4.8.0-202201261123.p0.g1af4c42.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-clusterresourceoverride-rhel8@sha256:7f80896dc1acc9d9af477d753e7fafe3d828e5b35fb123fda05c272c93efaae4_amd64",
"product": {
"name": "openshift4/ose-clusterresourceoverride-rhel8@sha256:7f80896dc1acc9d9af477d753e7fafe3d828e5b35fb123fda05c272c93efaae4_amd64",
"product_id": "openshift4/ose-clusterresourceoverride-rhel8@sha256:7f80896dc1acc9d9af477d753e7fafe3d828e5b35fb123fda05c272c93efaae4_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-clusterresourceoverride-rhel8@sha256:7f80896dc1acc9d9af477d753e7fafe3d828e5b35fb123fda05c272c93efaae4?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-clusterresourceoverride-rhel8\u0026tag=v4.8.0-202201261123.p0.g2a9f548.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:f426e6f2bbd416978f1bc731e061eb908cd34736180e92a6d76cbcc00d494ea0_amd64",
"product": {
"name": "openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:f426e6f2bbd416978f1bc731e061eb908cd34736180e92a6d76cbcc00d494ea0_amd64",
"product_id": "openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:f426e6f2bbd416978f1bc731e061eb908cd34736180e92a6d76cbcc00d494ea0_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-clusterresourceoverride-rhel8-operator@sha256:f426e6f2bbd416978f1bc731e061eb908cd34736180e92a6d76cbcc00d494ea0?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-clusterresourceoverride-rhel8-operator\u0026tag=v4.8.0-202201261123.p0.gfcdcef8.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-egress-http-proxy@sha256:26f61e722fc9110448b6c851d8c9e0e49c8d31ee6bbc678ea27767fe8351ad5b_amd64",
"product": {
"name": "openshift4/ose-egress-http-proxy@sha256:26f61e722fc9110448b6c851d8c9e0e49c8d31ee6bbc678ea27767fe8351ad5b_amd64",
"product_id": "openshift4/ose-egress-http-proxy@sha256:26f61e722fc9110448b6c851d8c9e0e49c8d31ee6bbc678ea27767fe8351ad5b_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-egress-http-proxy@sha256:26f61e722fc9110448b6c851d8c9e0e49c8d31ee6bbc678ea27767fe8351ad5b?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-egress-http-proxy\u0026tag=v4.8.0-202201261123.p0.gad38e11.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/kubernetes-nmstate-rhel8-operator@sha256:bf92e1a223de2fe51d8e702f7bcd924e83378b99a249e76f1f8db7167a34e155_amd64",
"product": {
"name": "openshift4/kubernetes-nmstate-rhel8-operator@sha256:bf92e1a223de2fe51d8e702f7bcd924e83378b99a249e76f1f8db7167a34e155_amd64",
"product_id": "openshift4/kubernetes-nmstate-rhel8-operator@sha256:bf92e1a223de2fe51d8e702f7bcd924e83378b99a249e76f1f8db7167a34e155_amd64",
"product_identification_helper": {
"purl": "pkg:oci/kubernetes-nmstate-rhel8-operator@sha256:bf92e1a223de2fe51d8e702f7bcd924e83378b99a249e76f1f8db7167a34e155?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/kubernetes-nmstate-rhel8-operator\u0026tag=v4.8.0-202201261123.p0.g458be7e.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-ptp@sha256:3265800679156b9f4efebfe7f3d887ff804fa5eff6a33fcf4fdec96510a7d0a4_amd64",
"product": {
"name": "openshift4/ose-ptp@sha256:3265800679156b9f4efebfe7f3d887ff804fa5eff6a33fcf4fdec96510a7d0a4_amd64",
"product_id": "openshift4/ose-ptp@sha256:3265800679156b9f4efebfe7f3d887ff804fa5eff6a33fcf4fdec96510a7d0a4_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-ptp@sha256:3265800679156b9f4efebfe7f3d887ff804fa5eff6a33fcf4fdec96510a7d0a4?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-ptp\u0026tag=v4.8.0-202201261123.p0.g2ae5850.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-local-storage-mustgather-rhel8@sha256:06a330662e9a8f5aeae9ae9f85db9f25d8b96821f86437a9198ef626979b9b23_amd64",
"product": {
"name": "openshift4/ose-local-storage-mustgather-rhel8@sha256:06a330662e9a8f5aeae9ae9f85db9f25d8b96821f86437a9198ef626979b9b23_amd64",
"product_id": "openshift4/ose-local-storage-mustgather-rhel8@sha256:06a330662e9a8f5aeae9ae9f85db9f25d8b96821f86437a9198ef626979b9b23_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-local-storage-mustgather-rhel8@sha256:06a330662e9a8f5aeae9ae9f85db9f25d8b96821f86437a9198ef626979b9b23?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-local-storage-mustgather-rhel8\u0026tag=v4.8.0-202202071729.p0.g7887ed0.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-metering-ansible-operator@sha256:7576005fb1ee5c89807a5c74c17a6beebdde06f39950d421354c8827e38dad37_amd64",
"product": {
"name": "openshift4/ose-metering-ansible-operator@sha256:7576005fb1ee5c89807a5c74c17a6beebdde06f39950d421354c8827e38dad37_amd64",
"product_id": "openshift4/ose-metering-ansible-operator@sha256:7576005fb1ee5c89807a5c74c17a6beebdde06f39950d421354c8827e38dad37_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-metering-ansible-operator@sha256:7576005fb1ee5c89807a5c74c17a6beebdde06f39950d421354c8827e38dad37?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-metering-ansible-operator\u0026tag=v4.8.0-202202071729.p0.g0d7ecfb.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-metering-helm-container-rhel8@sha256:982bc5a04515bf30e88eff06b742ee4b0720d26b2039aef229e89ea52bc4322a_amd64",
"product": {
"name": "openshift4/ose-metering-helm-container-rhel8@sha256:982bc5a04515bf30e88eff06b742ee4b0720d26b2039aef229e89ea52bc4322a_amd64",
"product_id": "openshift4/ose-metering-helm-container-rhel8@sha256:982bc5a04515bf30e88eff06b742ee4b0720d26b2039aef229e89ea52bc4322a_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-metering-helm-container-rhel8@sha256:982bc5a04515bf30e88eff06b742ee4b0720d26b2039aef229e89ea52bc4322a?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-metering-helm-container-rhel8\u0026tag=v4.8.0-202201261123.p0.g8aaede2.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-metering-reporting-operator@sha256:5bcd150f1b2752413a16deb287e08250e357ce220216df626ad5a9086c16ce6e_amd64",
"product": {
"name": "openshift4/ose-metering-reporting-operator@sha256:5bcd150f1b2752413a16deb287e08250e357ce220216df626ad5a9086c16ce6e_amd64",
"product_id": "openshift4/ose-metering-reporting-operator@sha256:5bcd150f1b2752413a16deb287e08250e357ce220216df626ad5a9086c16ce6e_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-metering-reporting-operator@sha256:5bcd150f1b2752413a16deb287e08250e357ce220216df626ad5a9086c16ce6e?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-metering-reporting-operator\u0026tag=v4.8.0-202201261123.p0.g0d7ecfb.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-ptp-operator@sha256:bb73adc511485987f4b20db03ef164ea82c28bf1fb3cf5c50ecaa3b8bd5e268f_amd64",
"product": {
"name": "openshift4/ose-ptp-operator@sha256:bb73adc511485987f4b20db03ef164ea82c28bf1fb3cf5c50ecaa3b8bd5e268f_amd64",
"product_id": "openshift4/ose-ptp-operator@sha256:bb73adc511485987f4b20db03ef164ea82c28bf1fb3cf5c50ecaa3b8bd5e268f_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-ptp-operator@sha256:bb73adc511485987f4b20db03ef164ea82c28bf1fb3cf5c50ecaa3b8bd5e268f?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-ptp-operator\u0026tag=v4.8.0-202201261123.p0.gd71faa4.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:5ff00e93833c3d916988979303e7bc0fe21b1da50ecbfbbf4d0545ef45b535ab_amd64",
"product": {
"name": "openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:5ff00e93833c3d916988979303e7bc0fe21b1da50ecbfbbf4d0545ef45b535ab_amd64",
"product_id": "openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:5ff00e93833c3d916988979303e7bc0fe21b1da50ecbfbbf4d0545ef45b535ab_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-vertical-pod-autoscaler-rhel8@sha256:5ff00e93833c3d916988979303e7bc0fe21b1da50ecbfbbf4d0545ef45b535ab?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-vertical-pod-autoscaler-rhel8\u0026tag=v4.8.0-202201261123.p0.g7bbde4c.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:8894179aee32aea7d875499179bfc1783a1d81e052ee47499cb3b34ae7d4d18b_amd64",
"product": {
"name": "openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:8894179aee32aea7d875499179bfc1783a1d81e052ee47499cb3b34ae7d4d18b_amd64",
"product_id": "openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:8894179aee32aea7d875499179bfc1783a1d81e052ee47499cb3b34ae7d4d18b_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-vertical-pod-autoscaler-rhel8-operator@sha256:8894179aee32aea7d875499179bfc1783a1d81e052ee47499cb3b34ae7d4d18b?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-vertical-pod-autoscaler-rhel8-operator\u0026tag=v4.8.0-202201261123.p0.gef8ad45.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-metering-presto@sha256:cd1d23fd5dff2a78fba377fbb3b1c63d922877af09f17e1c1f898eeaa4891c03_amd64",
"product": {
"name": "openshift4/ose-metering-presto@sha256:cd1d23fd5dff2a78fba377fbb3b1c63d922877af09f17e1c1f898eeaa4891c03_amd64",
"product_id": "openshift4/ose-metering-presto@sha256:cd1d23fd5dff2a78fba377fbb3b1c63d922877af09f17e1c1f898eeaa4891c03_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-metering-presto@sha256:cd1d23fd5dff2a78fba377fbb3b1c63d922877af09f17e1c1f898eeaa4891c03?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-metering-presto\u0026tag=v4.8.0-202201271626.p0.gf1abc62.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ptp-must-gather-rhel8@sha256:7e7c5e847bec122955563c7c2ed9de3d798155ea77ad13c528fdc173b817e811_amd64",
"product": {
"name": "openshift4/ptp-must-gather-rhel8@sha256:7e7c5e847bec122955563c7c2ed9de3d798155ea77ad13c528fdc173b817e811_amd64",
"product_id": "openshift4/ptp-must-gather-rhel8@sha256:7e7c5e847bec122955563c7c2ed9de3d798155ea77ad13c528fdc173b817e811_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ptp-must-gather-rhel8@sha256:7e7c5e847bec122955563c7c2ed9de3d798155ea77ad13c528fdc173b817e811?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ptp-must-gather-rhel8\u0026tag=v4.8.0-202201261123.p0.gd71faa4.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-sriov-cni@sha256:128e08b126309830bece2d61b1095318a44fdb6437a1264a98922b92a9b56339_amd64",
"product": {
"name": "openshift4/ose-sriov-cni@sha256:128e08b126309830bece2d61b1095318a44fdb6437a1264a98922b92a9b56339_amd64",
"product_id": "openshift4/ose-sriov-cni@sha256:128e08b126309830bece2d61b1095318a44fdb6437a1264a98922b92a9b56339_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-sriov-cni@sha256:128e08b126309830bece2d61b1095318a44fdb6437a1264a98922b92a9b56339?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-sriov-cni\u0026tag=v4.8.0-202201261123.p0.gcc1edca.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-sriov-dp-admission-controller@sha256:3740692124ba1131c412665eb689db7d1fc90bc96df32905efa4c81295834a1d_amd64",
"product": {
"name": "openshift4/ose-sriov-dp-admission-controller@sha256:3740692124ba1131c412665eb689db7d1fc90bc96df32905efa4c81295834a1d_amd64",
"product_id": "openshift4/ose-sriov-dp-admission-controller@sha256:3740692124ba1131c412665eb689db7d1fc90bc96df32905efa4c81295834a1d_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-sriov-dp-admission-controller@sha256:3740692124ba1131c412665eb689db7d1fc90bc96df32905efa4c81295834a1d?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-sriov-dp-admission-controller\u0026tag=v4.8.0-202201261123.p0.gd34636e.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-sriov-network-config-daemon@sha256:e2210baeb0be9422275445e978f4f2ca2813476f0fdc39b239b9edb4add588a0_amd64",
"product": {
"name": "openshift4/ose-sriov-network-config-daemon@sha256:e2210baeb0be9422275445e978f4f2ca2813476f0fdc39b239b9edb4add588a0_amd64",
"product_id": "openshift4/ose-sriov-network-config-daemon@sha256:e2210baeb0be9422275445e978f4f2ca2813476f0fdc39b239b9edb4add588a0_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-sriov-network-config-daemon@sha256:e2210baeb0be9422275445e978f4f2ca2813476f0fdc39b239b9edb4add588a0?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-sriov-network-config-daemon\u0026tag=v4.8.0-202201261123.p0.g6ad9128.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-sriov-network-device-plugin@sha256:7165575c0b49cf25bdafbb7390199d2a957322147fadfdce1401afc10dfcb37d_amd64",
"product": {
"name": "openshift4/ose-sriov-network-device-plugin@sha256:7165575c0b49cf25bdafbb7390199d2a957322147fadfdce1401afc10dfcb37d_amd64",
"product_id": "openshift4/ose-sriov-network-device-plugin@sha256:7165575c0b49cf25bdafbb7390199d2a957322147fadfdce1401afc10dfcb37d_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-sriov-network-device-plugin@sha256:7165575c0b49cf25bdafbb7390199d2a957322147fadfdce1401afc10dfcb37d?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-sriov-network-device-plugin\u0026tag=v4.8.0-202201261123.p0.g83bc63d.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-sriov-operator-must-gather@sha256:e8dc9605891487bf743f20225f2bff4add607946d9b97da24f06bc0a3a5c4b6d_amd64",
"product": {
"name": "openshift4/ose-sriov-operator-must-gather@sha256:e8dc9605891487bf743f20225f2bff4add607946d9b97da24f06bc0a3a5c4b6d_amd64",
"product_id": "openshift4/ose-sriov-operator-must-gather@sha256:e8dc9605891487bf743f20225f2bff4add607946d9b97da24f06bc0a3a5c4b6d_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-sriov-operator-must-gather@sha256:e8dc9605891487bf743f20225f2bff4add607946d9b97da24f06bc0a3a5c4b6d?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-sriov-operator-must-gather\u0026tag=v4.8.0-202201261123.p0.g6ad9128.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-sriov-network-operator@sha256:53bd17fd25accba8ed846c3906bfc140851c43cab9e599103a6df559d89b8323_amd64",
"product": {
"name": "openshift4/ose-sriov-network-operator@sha256:53bd17fd25accba8ed846c3906bfc140851c43cab9e599103a6df559d89b8323_amd64",
"product_id": "openshift4/ose-sriov-network-operator@sha256:53bd17fd25accba8ed846c3906bfc140851c43cab9e599103a6df559d89b8323_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-sriov-network-operator@sha256:53bd17fd25accba8ed846c3906bfc140851c43cab9e599103a6df559d89b8323?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-sriov-network-operator\u0026tag=v4.8.0-202201261123.p0.g6ad9128.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-sriov-network-webhook@sha256:e86bcdbfd6ac7e6cfb846d5a639a32f87f5500230044a8c299c28cfce1850f54_amd64",
"product": {
"name": "openshift4/ose-sriov-network-webhook@sha256:e86bcdbfd6ac7e6cfb846d5a639a32f87f5500230044a8c299c28cfce1850f54_amd64",
"product_id": "openshift4/ose-sriov-network-webhook@sha256:e86bcdbfd6ac7e6cfb846d5a639a32f87f5500230044a8c299c28cfce1850f54_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-sriov-network-webhook@sha256:e86bcdbfd6ac7e6cfb846d5a639a32f87f5500230044a8c299c28cfce1850f54?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-sriov-network-webhook\u0026tag=v4.8.0-202201261123.p0.g6ad9128.assembly.stream"
}
}
}
],
"category": "architecture",
"name": "amd64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/kubernetes-nmstate-rhel8-operator@sha256:04af6b907f56fe1255345a4d5dd23908e6fe51b63da2d86812f0301f97b8abe8_ppc64le as a component of Red Hat OpenShift Container Platform 4.8",
"product_id": "8Base-RHOSE-4.8:openshift4/kubernetes-nmstate-rhel8-operator@sha256:04af6b907f56fe1255345a4d5dd23908e6fe51b63da2d86812f0301f97b8abe8_ppc64le"
},
"product_reference": "openshift4/kubernetes-nmstate-rhel8-operator@sha256:04af6b907f56fe1255345a4d5dd23908e6fe51b63da2d86812f0301f97b8abe8_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/kubernetes-nmstate-rhel8-operator@sha256:401efb6b2a736bc00475df75c05178f2b5a01a917e416b166ba77b084984bbb0_s390x as a component of Red Hat OpenShift Container Platform 4.8",
"product_id": "8Base-RHOSE-4.8:openshift4/kubernetes-nmstate-rhel8-operator@sha256:401efb6b2a736bc00475df75c05178f2b5a01a917e416b166ba77b084984bbb0_s390x"
},
"product_reference": "openshift4/kubernetes-nmstate-rhel8-operator@sha256:401efb6b2a736bc00475df75c05178f2b5a01a917e416b166ba77b084984bbb0_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/kubernetes-nmstate-rhel8-operator@sha256:bf92e1a223de2fe51d8e702f7bcd924e83378b99a249e76f1f8db7167a34e155_amd64 as a component of Red Hat OpenShift Container Platform 4.8",
"product_id": "8Base-RHOSE-4.8:openshift4/kubernetes-nmstate-rhel8-operator@sha256:bf92e1a223de2fe51d8e702f7bcd924e83378b99a249e76f1f8db7167a34e155_amd64"
},
"product_reference": "openshift4/kubernetes-nmstate-rhel8-operator@sha256:bf92e1a223de2fe51d8e702f7bcd924e83378b99a249e76f1f8db7167a34e155_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-ansible-operator@sha256:16268bec56efd542c49bdd5ce8934d7edfe81ee2e11f716bfba09afda1096ccd_ppc64le as a component of Red Hat OpenShift Container Platform 4.8",
"product_id": "8Base-RHOSE-4.8:openshift4/ose-ansible-operator@sha256:16268bec56efd542c49bdd5ce8934d7edfe81ee2e11f716bfba09afda1096ccd_ppc64le"
},
"product_reference": "openshift4/ose-ansible-operator@sha256:16268bec56efd542c49bdd5ce8934d7edfe81ee2e11f716bfba09afda1096ccd_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-ansible-operator@sha256:317b636846f5a4da94b8a44eb87b9d34721da8b819debdcfecb726b8d74537c4_amd64 as a component of Red Hat OpenShift Container Platform 4.8",
"product_id": "8Base-RHOSE-4.8:openshift4/ose-ansible-operator@sha256:317b636846f5a4da94b8a44eb87b9d34721da8b819debdcfecb726b8d74537c4_amd64"
},
"product_reference": "openshift4/ose-ansible-operator@sha256:317b636846f5a4da94b8a44eb87b9d34721da8b819debdcfecb726b8d74537c4_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-ansible-operator@sha256:678e89a0851566628a99981a5e395fc2a88936e5f1552a7f205e0c4dc4f34e58_s390x as a component of Red Hat OpenShift Container Platform 4.8",
"product_id": "8Base-RHOSE-4.8:openshift4/ose-ansible-operator@sha256:678e89a0851566628a99981a5e395fc2a88936e5f1552a7f205e0c4dc4f34e58_s390x"
},
"product_reference": "openshift4/ose-ansible-operator@sha256:678e89a0851566628a99981a5e395fc2a88936e5f1552a7f205e0c4dc4f34e58_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cluster-capacity@sha256:29eb94fd8e5cf6bd471ed30b0cd1d7f647588c14c93a148f8f332cd21ee94542_ppc64le as a component of Red Hat OpenShift Container Platform 4.8",
"product_id": "8Base-RHOSE-4.8:openshift4/ose-cluster-capacity@sha256:29eb94fd8e5cf6bd471ed30b0cd1d7f647588c14c93a148f8f332cd21ee94542_ppc64le"
},
"product_reference": "openshift4/ose-cluster-capacity@sha256:29eb94fd8e5cf6bd471ed30b0cd1d7f647588c14c93a148f8f332cd21ee94542_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cluster-capacity@sha256:91d7fad60dbc99ea4b1393d9f47de64d145dd3302b199edb7922efbc3a223c40_s390x as a component of Red Hat OpenShift Container Platform 4.8",
"product_id": "8Base-RHOSE-4.8:openshift4/ose-cluster-capacity@sha256:91d7fad60dbc99ea4b1393d9f47de64d145dd3302b199edb7922efbc3a223c40_s390x"
},
"product_reference": "openshift4/ose-cluster-capacity@sha256:91d7fad60dbc99ea4b1393d9f47de64d145dd3302b199edb7922efbc3a223c40_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cluster-capacity@sha256:a8b224b9187b51c7b6251488f84bc86ec5e54bad0515c1516d6f535a2ad5a6d7_amd64 as a component of Red Hat OpenShift Container Platform 4.8",
"product_id": "8Base-RHOSE-4.8:openshift4/ose-cluster-capacity@sha256:a8b224b9187b51c7b6251488f84bc86ec5e54bad0515c1516d6f535a2ad5a6d7_amd64"
},
"product_reference": "openshift4/ose-cluster-capacity@sha256:a8b224b9187b51c7b6251488f84bc86ec5e54bad0515c1516d6f535a2ad5a6d7_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cluster-kube-descheduler-operator@sha256:24380dc5d13f84e5b3d35bcf6e183ab697a8b9f997c4808027dbe396a075e389_amd64 as a component of Red Hat OpenShift Container Platform 4.8",
"product_id": "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-descheduler-operator@sha256:24380dc5d13f84e5b3d35bcf6e183ab697a8b9f997c4808027dbe396a075e389_amd64"
},
"product_reference": "openshift4/ose-cluster-kube-descheduler-operator@sha256:24380dc5d13f84e5b3d35bcf6e183ab697a8b9f997c4808027dbe396a075e389_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cluster-kube-descheduler-operator@sha256:4210a5b83b7a6dce2e8b5e9c74b2c2858b4441c7e7046dc1bc47d13bade5b344_s390x as a component of Red Hat OpenShift Container Platform 4.8",
"product_id": "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-descheduler-operator@sha256:4210a5b83b7a6dce2e8b5e9c74b2c2858b4441c7e7046dc1bc47d13bade5b344_s390x"
},
"product_reference": "openshift4/ose-cluster-kube-descheduler-operator@sha256:4210a5b83b7a6dce2e8b5e9c74b2c2858b4441c7e7046dc1bc47d13bade5b344_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cluster-kube-descheduler-operator@sha256:7de02a3794875b503787352cc1ba1774ca2bc48e717668323b135f2b4d03bab2_ppc64le as a component of Red Hat OpenShift Container Platform 4.8",
"product_id": "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-descheduler-operator@sha256:7de02a3794875b503787352cc1ba1774ca2bc48e717668323b135f2b4d03bab2_ppc64le"
},
"product_reference": "openshift4/ose-cluster-kube-descheduler-operator@sha256:7de02a3794875b503787352cc1ba1774ca2bc48e717668323b135f2b4d03bab2_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:24380dc5d13f84e5b3d35bcf6e183ab697a8b9f997c4808027dbe396a075e389_amd64 as a component of Red Hat OpenShift Container Platform 4.8",
"product_id": "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:24380dc5d13f84e5b3d35bcf6e183ab697a8b9f997c4808027dbe396a075e389_amd64"
},
"product_reference": "openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:24380dc5d13f84e5b3d35bcf6e183ab697a8b9f997c4808027dbe396a075e389_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:4210a5b83b7a6dce2e8b5e9c74b2c2858b4441c7e7046dc1bc47d13bade5b344_s390x as a component of Red Hat OpenShift Container Platform 4.8",
"product_id": "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:4210a5b83b7a6dce2e8b5e9c74b2c2858b4441c7e7046dc1bc47d13bade5b344_s390x"
},
"product_reference": "openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:4210a5b83b7a6dce2e8b5e9c74b2c2858b4441c7e7046dc1bc47d13bade5b344_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:7de02a3794875b503787352cc1ba1774ca2bc48e717668323b135f2b4d03bab2_ppc64le as a component of Red Hat OpenShift Container Platform 4.8",
"product_id": "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:7de02a3794875b503787352cc1ba1774ca2bc48e717668323b135f2b4d03bab2_ppc64le"
},
"product_reference": "openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:7de02a3794875b503787352cc1ba1774ca2bc48e717668323b135f2b4d03bab2_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cluster-nfd-operator@sha256:050f5694076ad7712ea486db9c3a6da60f14a6bcdefb93f09ae5a5d0d2350216_s390x as a component of Red Hat OpenShift Container Platform 4.8",
"product_id": "8Base-RHOSE-4.8:openshift4/ose-cluster-nfd-operator@sha256:050f5694076ad7712ea486db9c3a6da60f14a6bcdefb93f09ae5a5d0d2350216_s390x"
},
"product_reference": "openshift4/ose-cluster-nfd-operator@sha256:050f5694076ad7712ea486db9c3a6da60f14a6bcdefb93f09ae5a5d0d2350216_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cluster-nfd-operator@sha256:3e804e2a87f3d4466ec45163ec1b8a7f5f8621a8dafba7359639319def652df7_amd64 as a component of Red Hat OpenShift Container Platform 4.8",
"product_id": "8Base-RHOSE-4.8:openshift4/ose-cluster-nfd-operator@sha256:3e804e2a87f3d4466ec45163ec1b8a7f5f8621a8dafba7359639319def652df7_amd64"
},
"product_reference": "openshift4/ose-cluster-nfd-operator@sha256:3e804e2a87f3d4466ec45163ec1b8a7f5f8621a8dafba7359639319def652df7_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cluster-nfd-operator@sha256:69325720dac7c66e759da3a932d6d11694b446809a2acd705bcd010662f119ac_ppc64le as a component of Red Hat OpenShift Container Platform 4.8",
"product_id": "8Base-RHOSE-4.8:openshift4/ose-cluster-nfd-operator@sha256:69325720dac7c66e759da3a932d6d11694b446809a2acd705bcd010662f119ac_ppc64le"
},
"product_reference": "openshift4/ose-cluster-nfd-operator@sha256:69325720dac7c66e759da3a932d6d11694b446809a2acd705bcd010662f119ac_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:a2b533899da262cc3dcdec64b353b4373c692c65795d092735110ffe14b1f405_s390x as a component of Red Hat OpenShift Container Platform 4.8",
"product_id": "8Base-RHOSE-4.8:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:a2b533899da262cc3dcdec64b353b4373c692c65795d092735110ffe14b1f405_s390x"
},
"product_reference": "openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:a2b533899da262cc3dcdec64b353b4373c692c65795d092735110ffe14b1f405_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:e78a6496a8fe3bf67a1575cab28d8f9829ff2c9506cec53dc28cd08f1382641a_ppc64le as a component of Red Hat OpenShift Container Platform 4.8",
"product_id": "8Base-RHOSE-4.8:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:e78a6496a8fe3bf67a1575cab28d8f9829ff2c9506cec53dc28cd08f1382641a_ppc64le"
},
"product_reference": "openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:e78a6496a8fe3bf67a1575cab28d8f9829ff2c9506cec53dc28cd08f1382641a_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:f426e6f2bbd416978f1bc731e061eb908cd34736180e92a6d76cbcc00d494ea0_amd64 as a component of Red Hat OpenShift Container Platform 4.8",
"product_id": "8Base-RHOSE-4.8:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:f426e6f2bbd416978f1bc731e061eb908cd34736180e92a6d76cbcc00d494ea0_amd64"
},
"product_reference": "openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:f426e6f2bbd416978f1bc731e061eb908cd34736180e92a6d76cbcc00d494ea0_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-clusterresourceoverride-rhel8@sha256:4361d04e51268ebc0048167a60b69b789b9e4158e819979a2996fc2a79a0183e_ppc64le as a component of Red Hat OpenShift Container Platform 4.8",
"product_id": "8Base-RHOSE-4.8:openshift4/ose-clusterresourceoverride-rhel8@sha256:4361d04e51268ebc0048167a60b69b789b9e4158e819979a2996fc2a79a0183e_ppc64le"
},
"product_reference": "openshift4/ose-clusterresourceoverride-rhel8@sha256:4361d04e51268ebc0048167a60b69b789b9e4158e819979a2996fc2a79a0183e_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-clusterresourceoverride-rhel8@sha256:7f80896dc1acc9d9af477d753e7fafe3d828e5b35fb123fda05c272c93efaae4_amd64 as a component of Red Hat OpenShift Container Platform 4.8",
"product_id": "8Base-RHOSE-4.8:openshift4/ose-clusterresourceoverride-rhel8@sha256:7f80896dc1acc9d9af477d753e7fafe3d828e5b35fb123fda05c272c93efaae4_amd64"
},
"product_reference": "openshift4/ose-clusterresourceoverride-rhel8@sha256:7f80896dc1acc9d9af477d753e7fafe3d828e5b35fb123fda05c272c93efaae4_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-clusterresourceoverride-rhel8@sha256:862a2025b5f3a3e7569fe6fcdb08d008318daf7b7818dbff9bc571d053360ab1_s390x as a component of Red Hat OpenShift Container Platform 4.8",
"product_id": "8Base-RHOSE-4.8:openshift4/ose-clusterresourceoverride-rhel8@sha256:862a2025b5f3a3e7569fe6fcdb08d008318daf7b7818dbff9bc571d053360ab1_s390x"
},
"product_reference": "openshift4/ose-clusterresourceoverride-rhel8@sha256:862a2025b5f3a3e7569fe6fcdb08d008318daf7b7818dbff9bc571d053360ab1_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-descheduler@sha256:4f9de0b544a418c728d7921b031268687b315273256b1b964de87602b552f559_s390x as a component of Red Hat OpenShift Container Platform 4.8",
"product_id": "8Base-RHOSE-4.8:openshift4/ose-descheduler@sha256:4f9de0b544a418c728d7921b031268687b315273256b1b964de87602b552f559_s390x"
},
"product_reference": "openshift4/ose-descheduler@sha256:4f9de0b544a418c728d7921b031268687b315273256b1b964de87602b552f559_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-descheduler@sha256:b5ad38974bb046acc284d81615f89be45cc88ee94dd202715a84048ff666de39_ppc64le as a component of Red Hat OpenShift Container Platform 4.8",
"product_id": "8Base-RHOSE-4.8:openshift4/ose-descheduler@sha256:b5ad38974bb046acc284d81615f89be45cc88ee94dd202715a84048ff666de39_ppc64le"
},
"product_reference": "openshift4/ose-descheduler@sha256:b5ad38974bb046acc284d81615f89be45cc88ee94dd202715a84048ff666de39_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-descheduler@sha256:c646e3a5e81cff6f9e5fd0d590acff2a8ae1c0a36cb7bc5210f6285d8dc06817_amd64 as a component of Red Hat OpenShift Container Platform 4.8",
"product_id": "8Base-RHOSE-4.8:openshift4/ose-descheduler@sha256:c646e3a5e81cff6f9e5fd0d590acff2a8ae1c0a36cb7bc5210f6285d8dc06817_amd64"
},
"product_reference": "openshift4/ose-descheduler@sha256:c646e3a5e81cff6f9e5fd0d590acff2a8ae1c0a36cb7bc5210f6285d8dc06817_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-egress-dns-proxy@sha256:45e93e144f0401c1b18a98864544e8e57439a5aae0937796a52cfbb5b5657620_ppc64le as a component of Red Hat OpenShift Container Platform 4.8",
"product_id": "8Base-RHOSE-4.8:openshift4/ose-egress-dns-proxy@sha256:45e93e144f0401c1b18a98864544e8e57439a5aae0937796a52cfbb5b5657620_ppc64le"
},
"product_reference": "openshift4/ose-egress-dns-proxy@sha256:45e93e144f0401c1b18a98864544e8e57439a5aae0937796a52cfbb5b5657620_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-egress-dns-proxy@sha256:7e578789946a853c299254cc9092f815c59333551fc7bcdf0cec4ee8bd0975f7_amd64 as a component of Red Hat OpenShift Container Platform 4.8",
"product_id": "8Base-RHOSE-4.8:openshift4/ose-egress-dns-proxy@sha256:7e578789946a853c299254cc9092f815c59333551fc7bcdf0cec4ee8bd0975f7_amd64"
},
"product_reference": "openshift4/ose-egress-dns-proxy@sha256:7e578789946a853c299254cc9092f815c59333551fc7bcdf0cec4ee8bd0975f7_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-egress-dns-proxy@sha256:fa2b319dade615c79b26363fa35ff7519b890ceca1a316ba7b4a13ac2dfe3392_s390x as a component of Red Hat OpenShift Container Platform 4.8",
"product_id": "8Base-RHOSE-4.8:openshift4/ose-egress-dns-proxy@sha256:fa2b319dade615c79b26363fa35ff7519b890ceca1a316ba7b4a13ac2dfe3392_s390x"
},
"product_reference": "openshift4/ose-egress-dns-proxy@sha256:fa2b319dade615c79b26363fa35ff7519b890ceca1a316ba7b4a13ac2dfe3392_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-egress-http-proxy@sha256:26f61e722fc9110448b6c851d8c9e0e49c8d31ee6bbc678ea27767fe8351ad5b_amd64 as a component of Red Hat OpenShift Container Platform 4.8",
"product_id": "8Base-RHOSE-4.8:openshift4/ose-egress-http-proxy@sha256:26f61e722fc9110448b6c851d8c9e0e49c8d31ee6bbc678ea27767fe8351ad5b_amd64"
},
"product_reference": "openshift4/ose-egress-http-proxy@sha256:26f61e722fc9110448b6c851d8c9e0e49c8d31ee6bbc678ea27767fe8351ad5b_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-egress-http-proxy@sha256:39a831a45748dfd91a1d20f68481fbc82bd3fefa4cb5ff87aab478770582de2f_s390x as a component of Red Hat OpenShift Container Platform 4.8",
"product_id": "8Base-RHOSE-4.8:openshift4/ose-egress-http-proxy@sha256:39a831a45748dfd91a1d20f68481fbc82bd3fefa4cb5ff87aab478770582de2f_s390x"
},
"product_reference": "openshift4/ose-egress-http-proxy@sha256:39a831a45748dfd91a1d20f68481fbc82bd3fefa4cb5ff87aab478770582de2f_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-egress-http-proxy@sha256:cef6c19c4b400e88a5231b626970ca205af002ae004f0e40c2bb5b3281abb44b_ppc64le as a component of Red Hat OpenShift Container Platform 4.8",
"product_id": "8Base-RHOSE-4.8:openshift4/ose-egress-http-proxy@sha256:cef6c19c4b400e88a5231b626970ca205af002ae004f0e40c2bb5b3281abb44b_ppc64le"
},
"product_reference": "openshift4/ose-egress-http-proxy@sha256:cef6c19c4b400e88a5231b626970ca205af002ae004f0e40c2bb5b3281abb44b_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-egress-router@sha256:4b3083b15eb27c5f3359498c3d76eab277f55264b1d1f50a560176e2cf471bde_ppc64le as a component of Red Hat OpenShift Container Platform 4.8",
"product_id": "8Base-RHOSE-4.8:openshift4/ose-egress-router@sha256:4b3083b15eb27c5f3359498c3d76eab277f55264b1d1f50a560176e2cf471bde_ppc64le"
},
"product_reference": "openshift4/ose-egress-router@sha256:4b3083b15eb27c5f3359498c3d76eab277f55264b1d1f50a560176e2cf471bde_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-egress-router@sha256:9c5ea6554b499063a4056685d22bc4b8e553bacbacd8f5b6c6c70029b7c691c2_amd64 as a component of Red Hat OpenShift Container Platform 4.8",
"product_id": "8Base-RHOSE-4.8:openshift4/ose-egress-router@sha256:9c5ea6554b499063a4056685d22bc4b8e553bacbacd8f5b6c6c70029b7c691c2_amd64"
},
"product_reference": "openshift4/ose-egress-router@sha256:9c5ea6554b499063a4056685d22bc4b8e553bacbacd8f5b6c6c70029b7c691c2_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-egress-router@sha256:c8948bfb7437e445a58323c456979829d738f69d192b308af112793a44ece6be_s390x as a component of Red Hat OpenShift Container Platform 4.8",
"product_id": "8Base-RHOSE-4.8:openshift4/ose-egress-router@sha256:c8948bfb7437e445a58323c456979829d738f69d192b308af112793a44ece6be_s390x"
},
"product_reference": "openshift4/ose-egress-router@sha256:c8948bfb7437e445a58323c456979829d738f69d192b308af112793a44ece6be_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-ghostunnel@sha256:d24324d2a5f5db35706160389fd0504529847b610b67c946426dd2d5c580333c_amd64 as a component of Red Hat OpenShift Container Platform 4.8",
"product_id": "8Base-RHOSE-4.8:openshift4/ose-ghostunnel@sha256:d24324d2a5f5db35706160389fd0504529847b610b67c946426dd2d5c580333c_amd64"
},
"product_reference": "openshift4/ose-ghostunnel@sha256:d24324d2a5f5db35706160389fd0504529847b610b67c946426dd2d5c580333c_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-helm-operator@sha256:2da0cd361bc6553072e88c8360dcf6d892ca6c3d34c98bdfa611105559373e98_ppc64le as a component of Red Hat OpenShift Container Platform 4.8",
"product_id": "8Base-RHOSE-4.8:openshift4/ose-helm-operator@sha256:2da0cd361bc6553072e88c8360dcf6d892ca6c3d34c98bdfa611105559373e98_ppc64le"
},
"product_reference": "openshift4/ose-helm-operator@sha256:2da0cd361bc6553072e88c8360dcf6d892ca6c3d34c98bdfa611105559373e98_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-helm-operator@sha256:aded3473d75a263d10d7f4f3db50366a00b1c592608c187f35e43dcf33d4cc92_s390x as a component of Red Hat OpenShift Container Platform 4.8",
"product_id": "8Base-RHOSE-4.8:openshift4/ose-helm-operator@sha256:aded3473d75a263d10d7f4f3db50366a00b1c592608c187f35e43dcf33d4cc92_s390x"
},
"product_reference": "openshift4/ose-helm-operator@sha256:aded3473d75a263d10d7f4f3db50366a00b1c592608c187f35e43dcf33d4cc92_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-helm-operator@sha256:df4243dbedfc6b134f48d8e839c859a55070dd816fcebf64da40f1ff86d1a6e8_amd64 as a component of Red Hat OpenShift Container Platform 4.8",
"product_id": "8Base-RHOSE-4.8:openshift4/ose-helm-operator@sha256:df4243dbedfc6b134f48d8e839c859a55070dd816fcebf64da40f1ff86d1a6e8_amd64"
},
"product_reference": "openshift4/ose-helm-operator@sha256:df4243dbedfc6b134f48d8e839c859a55070dd816fcebf64da40f1ff86d1a6e8_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-kubernetes-nmstate-handler-rhel8@sha256:13d228ad69d3d76bd7af3eab87c2122016c29aca7930d83b7b084726ea62b3b6_amd64 as a component of Red Hat OpenShift Container Platform 4.8",
"product_id": "8Base-RHOSE-4.8:openshift4/ose-kubernetes-nmstate-handler-rhel8@sha256:13d228ad69d3d76bd7af3eab87c2122016c29aca7930d83b7b084726ea62b3b6_amd64"
},
"product_reference": "openshift4/ose-kubernetes-nmstate-handler-rhel8@sha256:13d228ad69d3d76bd7af3eab87c2122016c29aca7930d83b7b084726ea62b3b6_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-kubernetes-nmstate-handler-rhel8@sha256:3a1ede2d5f064cdc9c3dcae93122e30fe6acb8962905ea739484840c028767eb_s390x as a component of Red Hat OpenShift Container Platform 4.8",
"product_id": "8Base-RHOSE-4.8:openshift4/ose-kubernetes-nmstate-handler-rhel8@sha256:3a1ede2d5f064cdc9c3dcae93122e30fe6acb8962905ea739484840c028767eb_s390x"
},
"product_reference": "openshift4/ose-kubernetes-nmstate-handler-rhel8@sha256:3a1ede2d5f064cdc9c3dcae93122e30fe6acb8962905ea739484840c028767eb_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-kubernetes-nmstate-handler-rhel8@sha256:6df1c3e3f99b59c1dcc1ba4bc50aef9638ec28eeb4a358316b6b5c5eb9ce1c1a_ppc64le as a component of Red Hat OpenShift Container Platform 4.8",
"product_id": "8Base-RHOSE-4.8:openshift4/ose-kubernetes-nmstate-handler-rhel8@sha256:6df1c3e3f99b59c1dcc1ba4bc50aef9638ec28eeb4a358316b6b5c5eb9ce1c1a_ppc64le"
},
"product_reference": "openshift4/ose-kubernetes-nmstate-handler-rhel8@sha256:6df1c3e3f99b59c1dcc1ba4bc50aef9638ec28eeb4a358316b6b5c5eb9ce1c1a_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-local-storage-diskmaker@sha256:4fb057e9824cccd554b9295e8c1b4cfc16ffb3eecc2211fa1e1a312f7a79c949_s390x as a component of Red Hat OpenShift Container Platform 4.8",
"product_id": "8Base-RHOSE-4.8:openshift4/ose-local-storage-diskmaker@sha256:4fb057e9824cccd554b9295e8c1b4cfc16ffb3eecc2211fa1e1a312f7a79c949_s390x"
},
"product_reference": "openshift4/ose-local-storage-diskmaker@sha256:4fb057e9824cccd554b9295e8c1b4cfc16ffb3eecc2211fa1e1a312f7a79c949_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-local-storage-diskmaker@sha256:5e7b1da76d30b757db38feef9ac254d1e36b04fe8d6ffab13ba147d0cff88974_ppc64le as a component of Red Hat OpenShift Container Platform 4.8",
"product_id": "8Base-RHOSE-4.8:openshift4/ose-local-storage-diskmaker@sha256:5e7b1da76d30b757db38feef9ac254d1e36b04fe8d6ffab13ba147d0cff88974_ppc64le"
},
"product_reference": "openshift4/ose-local-storage-diskmaker@sha256:5e7b1da76d30b757db38feef9ac254d1e36b04fe8d6ffab13ba147d0cff88974_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-local-storage-diskmaker@sha256:75bc3a0ac9201a825d2aaa1a8af28db620c40e95e25b5e1b6b3e00e507bccdcc_amd64 as a component of Red Hat OpenShift Container Platform 4.8",
"product_id": "8Base-RHOSE-4.8:openshift4/ose-local-storage-diskmaker@sha256:75bc3a0ac9201a825d2aaa1a8af28db620c40e95e25b5e1b6b3e00e507bccdcc_amd64"
},
"product_reference": "openshift4/ose-local-storage-diskmaker@sha256:75bc3a0ac9201a825d2aaa1a8af28db620c40e95e25b5e1b6b3e00e507bccdcc_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-local-storage-mustgather-rhel8@sha256:06a330662e9a8f5aeae9ae9f85db9f25d8b96821f86437a9198ef626979b9b23_amd64 as a component of Red Hat OpenShift Container Platform 4.8",
"product_id": "8Base-RHOSE-4.8:openshift4/ose-local-storage-mustgather-rhel8@sha256:06a330662e9a8f5aeae9ae9f85db9f25d8b96821f86437a9198ef626979b9b23_amd64"
},
"product_reference": "openshift4/ose-local-storage-mustgather-rhel8@sha256:06a330662e9a8f5aeae9ae9f85db9f25d8b96821f86437a9198ef626979b9b23_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-local-storage-mustgather-rhel8@sha256:7aa0f9ceaa8663081cf19d8a2c689d6356d467ce5ccfb1a6140101f5a47973b6_s390x as a component of Red Hat OpenShift Container Platform 4.8",
"product_id": "8Base-RHOSE-4.8:openshift4/ose-local-storage-mustgather-rhel8@sha256:7aa0f9ceaa8663081cf19d8a2c689d6356d467ce5ccfb1a6140101f5a47973b6_s390x"
},
"product_reference": "openshift4/ose-local-storage-mustgather-rhel8@sha256:7aa0f9ceaa8663081cf19d8a2c689d6356d467ce5ccfb1a6140101f5a47973b6_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-local-storage-mustgather-rhel8@sha256:b83bc8b9652ca1d2ff55733ba68f8eaca1542e5318b6860935d12244b240a3f2_ppc64le as a component of Red Hat OpenShift Container Platform 4.8",
"product_id": "8Base-RHOSE-4.8:openshift4/ose-local-storage-mustgather-rhel8@sha256:b83bc8b9652ca1d2ff55733ba68f8eaca1542e5318b6860935d12244b240a3f2_ppc64le"
},
"product_reference": "openshift4/ose-local-storage-mustgather-rhel8@sha256:b83bc8b9652ca1d2ff55733ba68f8eaca1542e5318b6860935d12244b240a3f2_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-local-storage-operator@sha256:1867e7f843577448af26b84cdfb7489b295c5db3eb0faa1eac334b491bf96848_ppc64le as a component of Red Hat OpenShift Container Platform 4.8",
"product_id": "8Base-RHOSE-4.8:openshift4/ose-local-storage-operator@sha256:1867e7f843577448af26b84cdfb7489b295c5db3eb0faa1eac334b491bf96848_ppc64le"
},
"product_reference": "openshift4/ose-local-storage-operator@sha256:1867e7f843577448af26b84cdfb7489b295c5db3eb0faa1eac334b491bf96848_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-local-storage-operator@sha256:8bf7c9546ffbab5678776abe5a25460f3ffdc166ffbfb65f4a674bac26e0dfae_amd64 as a component of Red Hat OpenShift Container Platform 4.8",
"product_id": "8Base-RHOSE-4.8:openshift4/ose-local-storage-operator@sha256:8bf7c9546ffbab5678776abe5a25460f3ffdc166ffbfb65f4a674bac26e0dfae_amd64"
},
"product_reference": "openshift4/ose-local-storage-operator@sha256:8bf7c9546ffbab5678776abe5a25460f3ffdc166ffbfb65f4a674bac26e0dfae_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-local-storage-operator@sha256:b0ca8c3ea4511b5255ef9638f01fefaa6f2e93400a0409360c81d26e8ef8f493_s390x as a component of Red Hat OpenShift Container Platform 4.8",
"product_id": "8Base-RHOSE-4.8:openshift4/ose-local-storage-operator@sha256:b0ca8c3ea4511b5255ef9638f01fefaa6f2e93400a0409360c81d26e8ef8f493_s390x"
},
"product_reference": "openshift4/ose-local-storage-operator@sha256:b0ca8c3ea4511b5255ef9638f01fefaa6f2e93400a0409360c81d26e8ef8f493_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-local-storage-static-provisioner@sha256:030c266a9d55bd63d837fae36a1550a2607e684e8ccfd78fb229b2a028d8897f_ppc64le as a component of Red Hat OpenShift Container Platform 4.8",
"product_id": "8Base-RHOSE-4.8:openshift4/ose-local-storage-static-provisioner@sha256:030c266a9d55bd63d837fae36a1550a2607e684e8ccfd78fb229b2a028d8897f_ppc64le"
},
"product_reference": "openshift4/ose-local-storage-static-provisioner@sha256:030c266a9d55bd63d837fae36a1550a2607e684e8ccfd78fb229b2a028d8897f_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-local-storage-static-provisioner@sha256:2365ccb37a8f91f4ce8c0681e304f98f9468ccd3e7e9cb6bfe7e7179cdad9998_s390x as a component of Red Hat OpenShift Container Platform 4.8",
"product_id": "8Base-RHOSE-4.8:openshift4/ose-local-storage-static-provisioner@sha256:2365ccb37a8f91f4ce8c0681e304f98f9468ccd3e7e9cb6bfe7e7179cdad9998_s390x"
},
"product_reference": "openshift4/ose-local-storage-static-provisioner@sha256:2365ccb37a8f91f4ce8c0681e304f98f9468ccd3e7e9cb6bfe7e7179cdad9998_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-local-storage-static-provisioner@sha256:bcff1893ff84874958f43dd84a22f56f7648dfda34236f4ad87e2a964cf33cd9_amd64 as a component of Red Hat OpenShift Container Platform 4.8",
"product_id": "8Base-RHOSE-4.8:openshift4/ose-local-storage-static-provisioner@sha256:bcff1893ff84874958f43dd84a22f56f7648dfda34236f4ad87e2a964cf33cd9_amd64"
},
"product_reference": "openshift4/ose-local-storage-static-provisioner@sha256:bcff1893ff84874958f43dd84a22f56f7648dfda34236f4ad87e2a964cf33cd9_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-metering-ansible-operator@sha256:7576005fb1ee5c89807a5c74c17a6beebdde06f39950d421354c8827e38dad37_amd64 as a component of Red Hat OpenShift Container Platform 4.8",
"product_id": "8Base-RHOSE-4.8:openshift4/ose-metering-ansible-operator@sha256:7576005fb1ee5c89807a5c74c17a6beebdde06f39950d421354c8827e38dad37_amd64"
},
"product_reference": "openshift4/ose-metering-ansible-operator@sha256:7576005fb1ee5c89807a5c74c17a6beebdde06f39950d421354c8827e38dad37_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-metering-hadoop@sha256:3a6ae11db1f9f60674295b5b9feebbc19e1c8318390a00dd1314f56adace118c_amd64 as a component of Red Hat OpenShift Container Platform 4.8",
"product_id": "8Base-RHOSE-4.8:openshift4/ose-metering-hadoop@sha256:3a6ae11db1f9f60674295b5b9feebbc19e1c8318390a00dd1314f56adace118c_amd64"
},
"product_reference": "openshift4/ose-metering-hadoop@sha256:3a6ae11db1f9f60674295b5b9feebbc19e1c8318390a00dd1314f56adace118c_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-metering-helm-container-rhel8@sha256:604d7a9033dd87cb30f0e9b35275432e0a6c7637e3cdf54c4710759e4f40ed18_s390x as a component of Red Hat OpenShift Container Platform 4.8",
"product_id": "8Base-RHOSE-4.8:openshift4/ose-metering-helm-container-rhel8@sha256:604d7a9033dd87cb30f0e9b35275432e0a6c7637e3cdf54c4710759e4f40ed18_s390x"
},
"product_reference": "openshift4/ose-metering-helm-container-rhel8@sha256:604d7a9033dd87cb30f0e9b35275432e0a6c7637e3cdf54c4710759e4f40ed18_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-metering-helm-container-rhel8@sha256:687162ae42b470a8fcfa409380f335265fe608bac5d3bc9511046cf4640f5017_ppc64le as a component of Red Hat OpenShift Container Platform 4.8",
"product_id": "8Base-RHOSE-4.8:openshift4/ose-metering-helm-container-rhel8@sha256:687162ae42b470a8fcfa409380f335265fe608bac5d3bc9511046cf4640f5017_ppc64le"
},
"product_reference": "openshift4/ose-metering-helm-container-rhel8@sha256:687162ae42b470a8fcfa409380f335265fe608bac5d3bc9511046cf4640f5017_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-metering-helm-container-rhel8@sha256:982bc5a04515bf30e88eff06b742ee4b0720d26b2039aef229e89ea52bc4322a_amd64 as a component of Red Hat OpenShift Container Platform 4.8",
"product_id": "8Base-RHOSE-4.8:openshift4/ose-metering-helm-container-rhel8@sha256:982bc5a04515bf30e88eff06b742ee4b0720d26b2039aef229e89ea52bc4322a_amd64"
},
"product_reference": "openshift4/ose-metering-helm-container-rhel8@sha256:982bc5a04515bf30e88eff06b742ee4b0720d26b2039aef229e89ea52bc4322a_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-metering-hive@sha256:5431d1a3f9f479600db352feee682ce8e31d9b1d62f7c06e7fe0138a1aca7044_amd64 as a component of Red Hat OpenShift Container Platform 4.8",
"product_id": "8Base-RHOSE-4.8:openshift4/ose-metering-hive@sha256:5431d1a3f9f479600db352feee682ce8e31d9b1d62f7c06e7fe0138a1aca7044_amd64"
},
"product_reference": "openshift4/ose-metering-hive@sha256:5431d1a3f9f479600db352feee682ce8e31d9b1d62f7c06e7fe0138a1aca7044_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-metering-presto@sha256:cd1d23fd5dff2a78fba377fbb3b1c63d922877af09f17e1c1f898eeaa4891c03_amd64 as a component of Red Hat OpenShift Container Platform 4.8",
"product_id": "8Base-RHOSE-4.8:openshift4/ose-metering-presto@sha256:cd1d23fd5dff2a78fba377fbb3b1c63d922877af09f17e1c1f898eeaa4891c03_amd64"
},
"product_reference": "openshift4/ose-metering-presto@sha256:cd1d23fd5dff2a78fba377fbb3b1c63d922877af09f17e1c1f898eeaa4891c03_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-metering-reporting-operator@sha256:5bcd150f1b2752413a16deb287e08250e357ce220216df626ad5a9086c16ce6e_amd64 as a component of Red Hat OpenShift Container Platform 4.8",
"product_id": "8Base-RHOSE-4.8:openshift4/ose-metering-reporting-operator@sha256:5bcd150f1b2752413a16deb287e08250e357ce220216df626ad5a9086c16ce6e_amd64"
},
"product_reference": "openshift4/ose-metering-reporting-operator@sha256:5bcd150f1b2752413a16deb287e08250e357ce220216df626ad5a9086c16ce6e_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-node-feature-discovery@sha256:6db511807c1e544de32eb9baba909766c53eac4a721852420c6aabc8de4b8684_ppc64le as a component of Red Hat OpenShift Container Platform 4.8",
"product_id": "8Base-RHOSE-4.8:openshift4/ose-node-feature-discovery@sha256:6db511807c1e544de32eb9baba909766c53eac4a721852420c6aabc8de4b8684_ppc64le"
},
"product_reference": "openshift4/ose-node-feature-discovery@sha256:6db511807c1e544de32eb9baba909766c53eac4a721852420c6aabc8de4b8684_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-node-feature-discovery@sha256:a2c9410fb28d810e26166c6d07af2885e4ac88ec73d95bf152da6e26e00f8086_s390x as a component of Red Hat OpenShift Container Platform 4.8",
"product_id": "8Base-RHOSE-4.8:openshift4/ose-node-feature-discovery@sha256:a2c9410fb28d810e26166c6d07af2885e4ac88ec73d95bf152da6e26e00f8086_s390x"
},
"product_reference": "openshift4/ose-node-feature-discovery@sha256:a2c9410fb28d810e26166c6d07af2885e4ac88ec73d95bf152da6e26e00f8086_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-node-feature-discovery@sha256:d66763784469579e744a627d49d9e125f0d6c69ac3542336fd28c73180af98bb_amd64 as a component of Red Hat OpenShift Container Platform 4.8",
"product_id": "8Base-RHOSE-4.8:openshift4/ose-node-feature-discovery@sha256:d66763784469579e744a627d49d9e125f0d6c69ac3542336fd28c73180af98bb_amd64"
},
"product_reference": "openshift4/ose-node-feature-discovery@sha256:d66763784469579e744a627d49d9e125f0d6c69ac3542336fd28c73180af98bb_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-node-problem-detector-rhel8@sha256:05c5fff8726da0dbd9270314bf227eda559969e5abcbabd25078fa7e4f1e99eb_ppc64le as a component of Red Hat OpenShift Container Platform 4.8",
"product_id": "8Base-RHOSE-4.8:openshift4/ose-node-problem-detector-rhel8@sha256:05c5fff8726da0dbd9270314bf227eda559969e5abcbabd25078fa7e4f1e99eb_ppc64le"
},
"product_reference": "openshift4/ose-node-problem-detector-rhel8@sha256:05c5fff8726da0dbd9270314bf227eda559969e5abcbabd25078fa7e4f1e99eb_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-node-problem-detector-rhel8@sha256:3fddde918aae7343b55fb4bdd8273d8a928030d95465cb4c699d92958761a7a1_amd64 as a component of Red Hat OpenShift Container Platform 4.8",
"product_id": "8Base-RHOSE-4.8:openshift4/ose-node-problem-detector-rhel8@sha256:3fddde918aae7343b55fb4bdd8273d8a928030d95465cb4c699d92958761a7a1_amd64"
},
"product_reference": "openshift4/ose-node-problem-detector-rhel8@sha256:3fddde918aae7343b55fb4bdd8273d8a928030d95465cb4c699d92958761a7a1_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-node-problem-detector-rhel8@sha256:5244cc96a46219c5ba7c1c52fd52c5c8a70d6534567caa47f01ed7fbc9a8e4e8_s390x as a component of Red Hat OpenShift Container Platform 4.8",
"product_id": "8Base-RHOSE-4.8:openshift4/ose-node-problem-detector-rhel8@sha256:5244cc96a46219c5ba7c1c52fd52c5c8a70d6534567caa47f01ed7fbc9a8e4e8_s390x"
},
"product_reference": "openshift4/ose-node-problem-detector-rhel8@sha256:5244cc96a46219c5ba7c1c52fd52c5c8a70d6534567caa47f01ed7fbc9a8e4e8_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-operator-sdk-rhel8@sha256:16080cfd97370db5530d0e58f87bfc2c9c784c2536ce3adc6a159f7ab9575ac9_ppc64le as a component of Red Hat OpenShift Container Platform 4.8",
"product_id": "8Base-RHOSE-4.8:openshift4/ose-operator-sdk-rhel8@sha256:16080cfd97370db5530d0e58f87bfc2c9c784c2536ce3adc6a159f7ab9575ac9_ppc64le"
},
"product_reference": "openshift4/ose-operator-sdk-rhel8@sha256:16080cfd97370db5530d0e58f87bfc2c9c784c2536ce3adc6a159f7ab9575ac9_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-operator-sdk-rhel8@sha256:7cb3e37cdab015a525dd1e7e9830c50d290ab64d939755aa733182fde5822282_s390x as a component of Red Hat OpenShift Container Platform 4.8",
"product_id": "8Base-RHOSE-4.8:openshift4/ose-operator-sdk-rhel8@sha256:7cb3e37cdab015a525dd1e7e9830c50d290ab64d939755aa733182fde5822282_s390x"
},
"product_reference": "openshift4/ose-operator-sdk-rhel8@sha256:7cb3e37cdab015a525dd1e7e9830c50d290ab64d939755aa733182fde5822282_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-operator-sdk-rhel8@sha256:7f191475c9dd43d6b40efd4b565bf677af22b1b654e0f5d8829b4831abc715d5_amd64 as a component of Red Hat OpenShift Container Platform 4.8",
"product_id": "8Base-RHOSE-4.8:openshift4/ose-operator-sdk-rhel8@sha256:7f191475c9dd43d6b40efd4b565bf677af22b1b654e0f5d8829b4831abc715d5_amd64"
},
"product_reference": "openshift4/ose-operator-sdk-rhel8@sha256:7f191475c9dd43d6b40efd4b565bf677af22b1b654e0f5d8829b4831abc715d5_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-ptp-operator@sha256:4217ce881595e87ceab2fa0cf973b0fc991e0ebf73f6d5b267aaaecc3a03ad88_ppc64le as a component of Red Hat OpenShift Container Platform 4.8",
"product_id": "8Base-RHOSE-4.8:openshift4/ose-ptp-operator@sha256:4217ce881595e87ceab2fa0cf973b0fc991e0ebf73f6d5b267aaaecc3a03ad88_ppc64le"
},
"product_reference": "openshift4/ose-ptp-operator@sha256:4217ce881595e87ceab2fa0cf973b0fc991e0ebf73f6d5b267aaaecc3a03ad88_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-ptp-operator@sha256:bb73adc511485987f4b20db03ef164ea82c28bf1fb3cf5c50ecaa3b8bd5e268f_amd64 as a component of Red Hat OpenShift Container Platform 4.8",
"product_id": "8Base-RHOSE-4.8:openshift4/ose-ptp-operator@sha256:bb73adc511485987f4b20db03ef164ea82c28bf1fb3cf5c50ecaa3b8bd5e268f_amd64"
},
"product_reference": "openshift4/ose-ptp-operator@sha256:bb73adc511485987f4b20db03ef164ea82c28bf1fb3cf5c50ecaa3b8bd5e268f_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-ptp-operator@sha256:d2e84963c0a4b8c4837c600dcd45a4ec85582dcb277cc5a342772cfaf37a02d6_s390x as a component of Red Hat OpenShift Container Platform 4.8",
"product_id": "8Base-RHOSE-4.8:openshift4/ose-ptp-operator@sha256:d2e84963c0a4b8c4837c600dcd45a4ec85582dcb277cc5a342772cfaf37a02d6_s390x"
},
"product_reference": "openshift4/ose-ptp-operator@sha256:d2e84963c0a4b8c4837c600dcd45a4ec85582dcb277cc5a342772cfaf37a02d6_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-ptp@sha256:3265800679156b9f4efebfe7f3d887ff804fa5eff6a33fcf4fdec96510a7d0a4_amd64 as a component of Red Hat OpenShift Container Platform 4.8",
"product_id": "8Base-RHOSE-4.8:openshift4/ose-ptp@sha256:3265800679156b9f4efebfe7f3d887ff804fa5eff6a33fcf4fdec96510a7d0a4_amd64"
},
"product_reference": "openshift4/ose-ptp@sha256:3265800679156b9f4efebfe7f3d887ff804fa5eff6a33fcf4fdec96510a7d0a4_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-ptp@sha256:50f1a02f7ddd5e78a607a2d87e1a1d87e6d40dbab914c81a4b7c926446ae7c3f_s390x as a component of Red Hat OpenShift Container Platform 4.8",
"product_id": "8Base-RHOSE-4.8:openshift4/ose-ptp@sha256:50f1a02f7ddd5e78a607a2d87e1a1d87e6d40dbab914c81a4b7c926446ae7c3f_s390x"
},
"product_reference": "openshift4/ose-ptp@sha256:50f1a02f7ddd5e78a607a2d87e1a1d87e6d40dbab914c81a4b7c926446ae7c3f_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-ptp@sha256:b72f280d30c133785e64681fbc8c9464c1d495815d066947a8904b6a1eac7554_ppc64le as a component of Red Hat OpenShift Container Platform 4.8",
"product_id": "8Base-RHOSE-4.8:openshift4/ose-ptp@sha256:b72f280d30c133785e64681fbc8c9464c1d495815d066947a8904b6a1eac7554_ppc64le"
},
"product_reference": "openshift4/ose-ptp@sha256:b72f280d30c133785e64681fbc8c9464c1d495815d066947a8904b6a1eac7554_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-service-idler-rhel8@sha256:748ff477aab34a52314b3a25c8bc7af0b79938e33c5b0b03d63c2be288884556_ppc64le as a component of Red Hat OpenShift Container Platform 4.8",
"product_id": "8Base-RHOSE-4.8:openshift4/ose-service-idler-rhel8@sha256:748ff477aab34a52314b3a25c8bc7af0b79938e33c5b0b03d63c2be288884556_ppc64le"
},
"product_reference": "openshift4/ose-service-idler-rhel8@sha256:748ff477aab34a52314b3a25c8bc7af0b79938e33c5b0b03d63c2be288884556_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-service-idler-rhel8@sha256:7655843623686ef2110b391115053ec888b3bfba3e93f7fa015a4ddf59a2c6e1_s390x as a component of Red Hat OpenShift Container Platform 4.8",
"product_id": "8Base-RHOSE-4.8:openshift4/ose-service-idler-rhel8@sha256:7655843623686ef2110b391115053ec888b3bfba3e93f7fa015a4ddf59a2c6e1_s390x"
},
"product_reference": "openshift4/ose-service-idler-rhel8@sha256:7655843623686ef2110b391115053ec888b3bfba3e93f7fa015a4ddf59a2c6e1_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-service-idler-rhel8@sha256:dbc79719030b91a0879a1646a677fe7858f8e6552c496cfd5025430e6672d3c3_amd64 as a component of Red Hat OpenShift Container Platform 4.8",
"product_id": "8Base-RHOSE-4.8:openshift4/ose-service-idler-rhel8@sha256:dbc79719030b91a0879a1646a677fe7858f8e6552c496cfd5025430e6672d3c3_amd64"
},
"product_reference": "openshift4/ose-service-idler-rhel8@sha256:dbc79719030b91a0879a1646a677fe7858f8e6552c496cfd5025430e6672d3c3_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-sriov-cni@sha256:128e08b126309830bece2d61b1095318a44fdb6437a1264a98922b92a9b56339_amd64 as a component of Red Hat OpenShift Container Platform 4.8",
"product_id": "8Base-RHOSE-4.8:openshift4/ose-sriov-cni@sha256:128e08b126309830bece2d61b1095318a44fdb6437a1264a98922b92a9b56339_amd64"
},
"product_reference": "openshift4/ose-sriov-cni@sha256:128e08b126309830bece2d61b1095318a44fdb6437a1264a98922b92a9b56339_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-sriov-cni@sha256:4ead46ef89a7fc3c96a27426f1594f9403abe2d149f1a06f4e8c23a1435793a0_ppc64le as a component of Red Hat OpenShift Container Platform 4.8",
"product_id": "8Base-RHOSE-4.8:openshift4/ose-sriov-cni@sha256:4ead46ef89a7fc3c96a27426f1594f9403abe2d149f1a06f4e8c23a1435793a0_ppc64le"
},
"product_reference": "openshift4/ose-sriov-cni@sha256:4ead46ef89a7fc3c96a27426f1594f9403abe2d149f1a06f4e8c23a1435793a0_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-sriov-cni@sha256:de25d1ab45eec3791e0429c14cd159c2cf0e06f60538eea58a3884ba8ec0c437_s390x as a component of Red Hat OpenShift Container Platform 4.8",
"product_id": "8Base-RHOSE-4.8:openshift4/ose-sriov-cni@sha256:de25d1ab45eec3791e0429c14cd159c2cf0e06f60538eea58a3884ba8ec0c437_s390x"
},
"product_reference": "openshift4/ose-sriov-cni@sha256:de25d1ab45eec3791e0429c14cd159c2cf0e06f60538eea58a3884ba8ec0c437_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-sriov-dp-admission-controller@sha256:035ee520fd3303409a8a622fbfdc092495705533e687afd5a507269ff2888672_s390x as a component of Red Hat OpenShift Container Platform 4.8",
"product_id": "8Base-RHOSE-4.8:openshift4/ose-sriov-dp-admission-controller@sha256:035ee520fd3303409a8a622fbfdc092495705533e687afd5a507269ff2888672_s390x"
},
"product_reference": "openshift4/ose-sriov-dp-admission-controller@sha256:035ee520fd3303409a8a622fbfdc092495705533e687afd5a507269ff2888672_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-sriov-dp-admission-controller@sha256:3740692124ba1131c412665eb689db7d1fc90bc96df32905efa4c81295834a1d_amd64 as a component of Red Hat OpenShift Container Platform 4.8",
"product_id": "8Base-RHOSE-4.8:openshift4/ose-sriov-dp-admission-controller@sha256:3740692124ba1131c412665eb689db7d1fc90bc96df32905efa4c81295834a1d_amd64"
},
"product_reference": "openshift4/ose-sriov-dp-admission-controller@sha256:3740692124ba1131c412665eb689db7d1fc90bc96df32905efa4c81295834a1d_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-sriov-dp-admission-controller@sha256:92fdeb3673145a77ff34decadc8a406cd05ce83afbbc848821717d2bc127f4db_ppc64le as a component of Red Hat OpenShift Container Platform 4.8",
"product_id": "8Base-RHOSE-4.8:openshift4/ose-sriov-dp-admission-controller@sha256:92fdeb3673145a77ff34decadc8a406cd05ce83afbbc848821717d2bc127f4db_ppc64le"
},
"product_reference": "openshift4/ose-sriov-dp-admission-controller@sha256:92fdeb3673145a77ff34decadc8a406cd05ce83afbbc848821717d2bc127f4db_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-sriov-infiniband-cni@sha256:4419994e773ba864245ad4763cecd5383e1782cf81f53977580ed5c70581a2a1_s390x as a component of Red Hat OpenShift Container Platform 4.8",
"product_id": "8Base-RHOSE-4.8:openshift4/ose-sriov-infiniband-cni@sha256:4419994e773ba864245ad4763cecd5383e1782cf81f53977580ed5c70581a2a1_s390x"
},
"product_reference": "openshift4/ose-sriov-infiniband-cni@sha256:4419994e773ba864245ad4763cecd5383e1782cf81f53977580ed5c70581a2a1_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-sriov-infiniband-cni@sha256:d3a01146298d996f4d5cc8114cb31c38fc332bbaa6056dbbc0c06580033df02f_ppc64le as a component of Red Hat OpenShift Container Platform 4.8",
"product_id": "8Base-RHOSE-4.8:openshift4/ose-sriov-infiniband-cni@sha256:d3a01146298d996f4d5cc8114cb31c38fc332bbaa6056dbbc0c06580033df02f_ppc64le"
},
"product_reference": "openshift4/ose-sriov-infiniband-cni@sha256:d3a01146298d996f4d5cc8114cb31c38fc332bbaa6056dbbc0c06580033df02f_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-sriov-infiniband-cni@sha256:e316ddfe57eb0f75f1d05f6b449f7f2746b345155729e037012d9081bcdfe11a_amd64 as a component of Red Hat OpenShift Container Platform 4.8",
"product_id": "8Base-RHOSE-4.8:openshift4/ose-sriov-infiniband-cni@sha256:e316ddfe57eb0f75f1d05f6b449f7f2746b345155729e037012d9081bcdfe11a_amd64"
},
"product_reference": "openshift4/ose-sriov-infiniband-cni@sha256:e316ddfe57eb0f75f1d05f6b449f7f2746b345155729e037012d9081bcdfe11a_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-sriov-network-config-daemon@sha256:5d684abc03e26dd161328261d5c4c05f18afb91b92bb2e9e3934f371f7ae5e9c_ppc64le as a component of Red Hat OpenShift Container Platform 4.8",
"product_id": "8Base-RHOSE-4.8:openshift4/ose-sriov-network-config-daemon@sha256:5d684abc03e26dd161328261d5c4c05f18afb91b92bb2e9e3934f371f7ae5e9c_ppc64le"
},
"product_reference": "openshift4/ose-sriov-network-config-daemon@sha256:5d684abc03e26dd161328261d5c4c05f18afb91b92bb2e9e3934f371f7ae5e9c_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-sriov-network-config-daemon@sha256:e2210baeb0be9422275445e978f4f2ca2813476f0fdc39b239b9edb4add588a0_amd64 as a component of Red Hat OpenShift Container Platform 4.8",
"product_id": "8Base-RHOSE-4.8:openshift4/ose-sriov-network-config-daemon@sha256:e2210baeb0be9422275445e978f4f2ca2813476f0fdc39b239b9edb4add588a0_amd64"
},
"product_reference": "openshift4/ose-sriov-network-config-daemon@sha256:e2210baeb0be9422275445e978f4f2ca2813476f0fdc39b239b9edb4add588a0_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-sriov-network-config-daemon@sha256:edee9914747f7b1a871dfbf8e0ada436fd853f9cb8b4f25bd6a3ae8f2d8b0851_s390x as a component of Red Hat OpenShift Container Platform 4.8",
"product_id": "8Base-RHOSE-4.8:openshift4/ose-sriov-network-config-daemon@sha256:edee9914747f7b1a871dfbf8e0ada436fd853f9cb8b4f25bd6a3ae8f2d8b0851_s390x"
},
"product_reference": "openshift4/ose-sriov-network-config-daemon@sha256:edee9914747f7b1a871dfbf8e0ada436fd853f9cb8b4f25bd6a3ae8f2d8b0851_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-sriov-network-device-plugin@sha256:7165575c0b49cf25bdafbb7390199d2a957322147fadfdce1401afc10dfcb37d_amd64 as a component of Red Hat OpenShift Container Platform 4.8",
"product_id": "8Base-RHOSE-4.8:openshift4/ose-sriov-network-device-plugin@sha256:7165575c0b49cf25bdafbb7390199d2a957322147fadfdce1401afc10dfcb37d_amd64"
},
"product_reference": "openshift4/ose-sriov-network-device-plugin@sha256:7165575c0b49cf25bdafbb7390199d2a957322147fadfdce1401afc10dfcb37d_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-sriov-network-device-plugin@sha256:d5567efab982e51026761e1cb5a120f2eed54033550cbac5c4b78620b5a775ce_s390x as a component of Red Hat OpenShift Container Platform 4.8",
"product_id": "8Base-RHOSE-4.8:openshift4/ose-sriov-network-device-plugin@sha256:d5567efab982e51026761e1cb5a120f2eed54033550cbac5c4b78620b5a775ce_s390x"
},
"product_reference": "openshift4/ose-sriov-network-device-plugin@sha256:d5567efab982e51026761e1cb5a120f2eed54033550cbac5c4b78620b5a775ce_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-sriov-network-device-plugin@sha256:f54ddc9b51cc0878cb4771c8b55bee97ed02b003395f19ef9500c91cceccf134_ppc64le as a component of Red Hat OpenShift Container Platform 4.8",
"product_id": "8Base-RHOSE-4.8:openshift4/ose-sriov-network-device-plugin@sha256:f54ddc9b51cc0878cb4771c8b55bee97ed02b003395f19ef9500c91cceccf134_ppc64le"
},
"product_reference": "openshift4/ose-sriov-network-device-plugin@sha256:f54ddc9b51cc0878cb4771c8b55bee97ed02b003395f19ef9500c91cceccf134_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-sriov-network-operator@sha256:34af2eab98fe5ead527de11fd495642f49e955e17064cc8cf1674b13b362efac_s390x as a component of Red Hat OpenShift Container Platform 4.8",
"product_id": "8Base-RHOSE-4.8:openshift4/ose-sriov-network-operator@sha256:34af2eab98fe5ead527de11fd495642f49e955e17064cc8cf1674b13b362efac_s390x"
},
"product_reference": "openshift4/ose-sriov-network-operator@sha256:34af2eab98fe5ead527de11fd495642f49e955e17064cc8cf1674b13b362efac_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-sriov-network-operator@sha256:53bd17fd25accba8ed846c3906bfc140851c43cab9e599103a6df559d89b8323_amd64 as a component of Red Hat OpenShift Container Platform 4.8",
"product_id": "8Base-RHOSE-4.8:openshift4/ose-sriov-network-operator@sha256:53bd17fd25accba8ed846c3906bfc140851c43cab9e599103a6df559d89b8323_amd64"
},
"product_reference": "openshift4/ose-sriov-network-operator@sha256:53bd17fd25accba8ed846c3906bfc140851c43cab9e599103a6df559d89b8323_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-sriov-network-operator@sha256:66ad156d2d59b0d47cedc94b9118e6e1107325ab5ba44375613f892d64d09956_ppc64le as a component of Red Hat OpenShift Container Platform 4.8",
"product_id": "8Base-RHOSE-4.8:openshift4/ose-sriov-network-operator@sha256:66ad156d2d59b0d47cedc94b9118e6e1107325ab5ba44375613f892d64d09956_ppc64le"
},
"product_reference": "openshift4/ose-sriov-network-operator@sha256:66ad156d2d59b0d47cedc94b9118e6e1107325ab5ba44375613f892d64d09956_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-sriov-network-webhook@sha256:3e648c0a96ae8024e5443782eb2afe8e3a2c716ee9dd20263fe3cad2d4c293dd_ppc64le as a component of Red Hat OpenShift Container Platform 4.8",
"product_id": "8Base-RHOSE-4.8:openshift4/ose-sriov-network-webhook@sha256:3e648c0a96ae8024e5443782eb2afe8e3a2c716ee9dd20263fe3cad2d4c293dd_ppc64le"
},
"product_reference": "openshift4/ose-sriov-network-webhook@sha256:3e648c0a96ae8024e5443782eb2afe8e3a2c716ee9dd20263fe3cad2d4c293dd_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-sriov-network-webhook@sha256:59dead9be2c8e873496653be6570c8aeffb1a9b420ba00200aae3506f1a1798e_s390x as a component of Red Hat OpenShift Container Platform 4.8",
"product_id": "8Base-RHOSE-4.8:openshift4/ose-sriov-network-webhook@sha256:59dead9be2c8e873496653be6570c8aeffb1a9b420ba00200aae3506f1a1798e_s390x"
},
"product_reference": "openshift4/ose-sriov-network-webhook@sha256:59dead9be2c8e873496653be6570c8aeffb1a9b420ba00200aae3506f1a1798e_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-sriov-network-webhook@sha256:e86bcdbfd6ac7e6cfb846d5a639a32f87f5500230044a8c299c28cfce1850f54_amd64 as a component of Red Hat OpenShift Container Platform 4.8",
"product_id": "8Base-RHOSE-4.8:openshift4/ose-sriov-network-webhook@sha256:e86bcdbfd6ac7e6cfb846d5a639a32f87f5500230044a8c299c28cfce1850f54_amd64"
},
"product_reference": "openshift4/ose-sriov-network-webhook@sha256:e86bcdbfd6ac7e6cfb846d5a639a32f87f5500230044a8c299c28cfce1850f54_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-sriov-operator-must-gather@sha256:92b3d9d0f17b66c8856e795745282d0cc856cd2c8bf66dfa3beb9b0675fa5e1d_ppc64le as a component of Red Hat OpenShift Container Platform 4.8",
"product_id": "8Base-RHOSE-4.8:openshift4/ose-sriov-operator-must-gather@sha256:92b3d9d0f17b66c8856e795745282d0cc856cd2c8bf66dfa3beb9b0675fa5e1d_ppc64le"
},
"product_reference": "openshift4/ose-sriov-operator-must-gather@sha256:92b3d9d0f17b66c8856e795745282d0cc856cd2c8bf66dfa3beb9b0675fa5e1d_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-sriov-operator-must-gather@sha256:baa3b6da137bc048f57d656f938c71d26e8240f4a5a7d99dab584a1662d19188_s390x as a component of Red Hat OpenShift Container Platform 4.8",
"product_id": "8Base-RHOSE-4.8:openshift4/ose-sriov-operator-must-gather@sha256:baa3b6da137bc048f57d656f938c71d26e8240f4a5a7d99dab584a1662d19188_s390x"
},
"product_reference": "openshift4/ose-sriov-operator-must-gather@sha256:baa3b6da137bc048f57d656f938c71d26e8240f4a5a7d99dab584a1662d19188_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-sriov-operator-must-gather@sha256:e8dc9605891487bf743f20225f2bff4add607946d9b97da24f06bc0a3a5c4b6d_amd64 as a component of Red Hat OpenShift Container Platform 4.8",
"product_id": "8Base-RHOSE-4.8:openshift4/ose-sriov-operator-must-gather@sha256:e8dc9605891487bf743f20225f2bff4add607946d9b97da24f06bc0a3a5c4b6d_amd64"
},
"product_reference": "openshift4/ose-sriov-operator-must-gather@sha256:e8dc9605891487bf743f20225f2bff4add607946d9b97da24f06bc0a3a5c4b6d_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:8894179aee32aea7d875499179bfc1783a1d81e052ee47499cb3b34ae7d4d18b_amd64 as a component of Red Hat OpenShift Container Platform 4.8",
"product_id": "8Base-RHOSE-4.8:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:8894179aee32aea7d875499179bfc1783a1d81e052ee47499cb3b34ae7d4d18b_amd64"
},
"product_reference": "openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:8894179aee32aea7d875499179bfc1783a1d81e052ee47499cb3b34ae7d4d18b_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:9e1d1bf31fa04b05b46e04cb564361ae8387fa06da5ec019a475a11ef7ff9358_ppc64le as a component of Red Hat OpenShift Container Platform 4.8",
"product_id": "8Base-RHOSE-4.8:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:9e1d1bf31fa04b05b46e04cb564361ae8387fa06da5ec019a475a11ef7ff9358_ppc64le"
},
"product_reference": "openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:9e1d1bf31fa04b05b46e04cb564361ae8387fa06da5ec019a475a11ef7ff9358_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:c1b1addb2f2a7c84de8e0c50e6015921bc5f8f19c6c3defe090fc643e2a59fc4_s390x as a component of Red Hat OpenShift Container Platform 4.8",
"product_id": "8Base-RHOSE-4.8:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:c1b1addb2f2a7c84de8e0c50e6015921bc5f8f19c6c3defe090fc643e2a59fc4_s390x"
},
"product_reference": "openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:c1b1addb2f2a7c84de8e0c50e6015921bc5f8f19c6c3defe090fc643e2a59fc4_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:5ff00e93833c3d916988979303e7bc0fe21b1da50ecbfbbf4d0545ef45b535ab_amd64 as a component of Red Hat OpenShift Container Platform 4.8",
"product_id": "8Base-RHOSE-4.8:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:5ff00e93833c3d916988979303e7bc0fe21b1da50ecbfbbf4d0545ef45b535ab_amd64"
},
"product_reference": "openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:5ff00e93833c3d916988979303e7bc0fe21b1da50ecbfbbf4d0545ef45b535ab_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:818f036319edf0d327b3d7b8c474e62181b645091bd78039f8af6bc9d06ec3c2_s390x as a component of Red Hat OpenShift Container Platform 4.8",
"product_id": "8Base-RHOSE-4.8:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:818f036319edf0d327b3d7b8c474e62181b645091bd78039f8af6bc9d06ec3c2_s390x"
},
"product_reference": "openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:818f036319edf0d327b3d7b8c474e62181b645091bd78039f8af6bc9d06ec3c2_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:a2ec2c2c86e2dbc1471758f25942d74489bf011bcc905d4e27edb38f57835ac3_ppc64le as a component of Red Hat OpenShift Container Platform 4.8",
"product_id": "8Base-RHOSE-4.8:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:a2ec2c2c86e2dbc1471758f25942d74489bf011bcc905d4e27edb38f57835ac3_ppc64le"
},
"product_reference": "openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:a2ec2c2c86e2dbc1471758f25942d74489bf011bcc905d4e27edb38f57835ac3_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ptp-must-gather-rhel8@sha256:16135e26bab08312237920621dfdda19de439cafa3496336a5bb036ba6aab810_s390x as a component of Red Hat OpenShift Container Platform 4.8",
"product_id": "8Base-RHOSE-4.8:openshift4/ptp-must-gather-rhel8@sha256:16135e26bab08312237920621dfdda19de439cafa3496336a5bb036ba6aab810_s390x"
},
"product_reference": "openshift4/ptp-must-gather-rhel8@sha256:16135e26bab08312237920621dfdda19de439cafa3496336a5bb036ba6aab810_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ptp-must-gather-rhel8@sha256:7e7c5e847bec122955563c7c2ed9de3d798155ea77ad13c528fdc173b817e811_amd64 as a component of Red Hat OpenShift Container Platform 4.8",
"product_id": "8Base-RHOSE-4.8:openshift4/ptp-must-gather-rhel8@sha256:7e7c5e847bec122955563c7c2ed9de3d798155ea77ad13c528fdc173b817e811_amd64"
},
"product_reference": "openshift4/ptp-must-gather-rhel8@sha256:7e7c5e847bec122955563c7c2ed9de3d798155ea77ad13c528fdc173b817e811_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ptp-must-gather-rhel8@sha256:94572c353a049edb1ebc935a73a15e78ef399b9f15f3bb9b8bf376f1b37dff87_ppc64le as a component of Red Hat OpenShift Container Platform 4.8",
"product_id": "8Base-RHOSE-4.8:openshift4/ptp-must-gather-rhel8@sha256:94572c353a049edb1ebc935a73a15e78ef399b9f15f3bb9b8bf376f1b37dff87_ppc64le"
},
"product_reference": "openshift4/ptp-must-gather-rhel8@sha256:94572c353a049edb1ebc935a73a15e78ef399b9f15f3bb9b8bf376f1b37dff87_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.8"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-44832",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2021-12-28T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHOSE-4.8:openshift4/kubernetes-nmstate-rhel8-operator@sha256:04af6b907f56fe1255345a4d5dd23908e6fe51b63da2d86812f0301f97b8abe8_ppc64le",
"8Base-RHOSE-4.8:openshift4/kubernetes-nmstate-rhel8-operator@sha256:401efb6b2a736bc00475df75c05178f2b5a01a917e416b166ba77b084984bbb0_s390x",
"8Base-RHOSE-4.8:openshift4/kubernetes-nmstate-rhel8-operator@sha256:bf92e1a223de2fe51d8e702f7bcd924e83378b99a249e76f1f8db7167a34e155_amd64",
"8Base-RHOSE-4.8:openshift4/ose-ansible-operator@sha256:16268bec56efd542c49bdd5ce8934d7edfe81ee2e11f716bfba09afda1096ccd_ppc64le",
"8Base-RHOSE-4.8:openshift4/ose-ansible-operator@sha256:317b636846f5a4da94b8a44eb87b9d34721da8b819debdcfecb726b8d74537c4_amd64",
"8Base-RHOSE-4.8:openshift4/ose-ansible-operator@sha256:678e89a0851566628a99981a5e395fc2a88936e5f1552a7f205e0c4dc4f34e58_s390x",
"8Base-RHOSE-4.8:openshift4/ose-cluster-capacity@sha256:29eb94fd8e5cf6bd471ed30b0cd1d7f647588c14c93a148f8f332cd21ee94542_ppc64le",
"8Base-RHOSE-4.8:openshift4/ose-cluster-capacity@sha256:91d7fad60dbc99ea4b1393d9f47de64d145dd3302b199edb7922efbc3a223c40_s390x",
"8Base-RHOSE-4.8:openshift4/ose-cluster-capacity@sha256:a8b224b9187b51c7b6251488f84bc86ec5e54bad0515c1516d6f535a2ad5a6d7_amd64",
"8Base-RHOSE-4.8:openshift4/ose-cluster-kube-descheduler-operator@sha256:24380dc5d13f84e5b3d35bcf6e183ab697a8b9f997c4808027dbe396a075e389_amd64",
"8Base-RHOSE-4.8:openshift4/ose-cluster-kube-descheduler-operator@sha256:4210a5b83b7a6dce2e8b5e9c74b2c2858b4441c7e7046dc1bc47d13bade5b344_s390x",
"8Base-RHOSE-4.8:openshift4/ose-cluster-kube-descheduler-operator@sha256:7de02a3794875b503787352cc1ba1774ca2bc48e717668323b135f2b4d03bab2_ppc64le",
"8Base-RHOSE-4.8:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:24380dc5d13f84e5b3d35bcf6e183ab697a8b9f997c4808027dbe396a075e389_amd64",
"8Base-RHOSE-4.8:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:4210a5b83b7a6dce2e8b5e9c74b2c2858b4441c7e7046dc1bc47d13bade5b344_s390x",
"8Base-RHOSE-4.8:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:7de02a3794875b503787352cc1ba1774ca2bc48e717668323b135f2b4d03bab2_ppc64le",
"8Base-RHOSE-4.8:openshift4/ose-cluster-nfd-operator@sha256:050f5694076ad7712ea486db9c3a6da60f14a6bcdefb93f09ae5a5d0d2350216_s390x",
"8Base-RHOSE-4.8:openshift4/ose-cluster-nfd-operator@sha256:3e804e2a87f3d4466ec45163ec1b8a7f5f8621a8dafba7359639319def652df7_amd64",
"8Base-RHOSE-4.8:openshift4/ose-cluster-nfd-operator@sha256:69325720dac7c66e759da3a932d6d11694b446809a2acd705bcd010662f119ac_ppc64le",
"8Base-RHOSE-4.8:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:a2b533899da262cc3dcdec64b353b4373c692c65795d092735110ffe14b1f405_s390x",
"8Base-RHOSE-4.8:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:e78a6496a8fe3bf67a1575cab28d8f9829ff2c9506cec53dc28cd08f1382641a_ppc64le",
"8Base-RHOSE-4.8:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:f426e6f2bbd416978f1bc731e061eb908cd34736180e92a6d76cbcc00d494ea0_amd64",
"8Base-RHOSE-4.8:openshift4/ose-clusterresourceoverride-rhel8@sha256:4361d04e51268ebc0048167a60b69b789b9e4158e819979a2996fc2a79a0183e_ppc64le",
"8Base-RHOSE-4.8:openshift4/ose-clusterresourceoverride-rhel8@sha256:7f80896dc1acc9d9af477d753e7fafe3d828e5b35fb123fda05c272c93efaae4_amd64",
"8Base-RHOSE-4.8:openshift4/ose-clusterresourceoverride-rhel8@sha256:862a2025b5f3a3e7569fe6fcdb08d008318daf7b7818dbff9bc571d053360ab1_s390x",
"8Base-RHOSE-4.8:openshift4/ose-descheduler@sha256:4f9de0b544a418c728d7921b031268687b315273256b1b964de87602b552f559_s390x",
"8Base-RHOSE-4.8:openshift4/ose-descheduler@sha256:b5ad38974bb046acc284d81615f89be45cc88ee94dd202715a84048ff666de39_ppc64le",
"8Base-RHOSE-4.8:openshift4/ose-descheduler@sha256:c646e3a5e81cff6f9e5fd0d590acff2a8ae1c0a36cb7bc5210f6285d8dc06817_amd64",
"8Base-RHOSE-4.8:openshift4/ose-egress-dns-proxy@sha256:45e93e144f0401c1b18a98864544e8e57439a5aae0937796a52cfbb5b5657620_ppc64le",
"8Base-RHOSE-4.8:openshift4/ose-egress-dns-proxy@sha256:7e578789946a853c299254cc9092f815c59333551fc7bcdf0cec4ee8bd0975f7_amd64",
"8Base-RHOSE-4.8:openshift4/ose-egress-dns-proxy@sha256:fa2b319dade615c79b26363fa35ff7519b890ceca1a316ba7b4a13ac2dfe3392_s390x",
"8Base-RHOSE-4.8:openshift4/ose-egress-http-proxy@sha256:26f61e722fc9110448b6c851d8c9e0e49c8d31ee6bbc678ea27767fe8351ad5b_amd64",
"8Base-RHOSE-4.8:openshift4/ose-egress-http-proxy@sha256:39a831a45748dfd91a1d20f68481fbc82bd3fefa4cb5ff87aab478770582de2f_s390x",
"8Base-RHOSE-4.8:openshift4/ose-egress-http-proxy@sha256:cef6c19c4b400e88a5231b626970ca205af002ae004f0e40c2bb5b3281abb44b_ppc64le",
"8Base-RHOSE-4.8:openshift4/ose-egress-router@sha256:4b3083b15eb27c5f3359498c3d76eab277f55264b1d1f50a560176e2cf471bde_ppc64le",
"8Base-RHOSE-4.8:openshift4/ose-egress-router@sha256:9c5ea6554b499063a4056685d22bc4b8e553bacbacd8f5b6c6c70029b7c691c2_amd64",
"8Base-RHOSE-4.8:openshift4/ose-egress-router@sha256:c8948bfb7437e445a58323c456979829d738f69d192b308af112793a44ece6be_s390x",
"8Base-RHOSE-4.8:openshift4/ose-ghostunnel@sha256:d24324d2a5f5db35706160389fd0504529847b610b67c946426dd2d5c580333c_amd64",
"8Base-RHOSE-4.8:openshift4/ose-helm-operator@sha256:2da0cd361bc6553072e88c8360dcf6d892ca6c3d34c98bdfa611105559373e98_ppc64le",
"8Base-RHOSE-4.8:openshift4/ose-helm-operator@sha256:aded3473d75a263d10d7f4f3db50366a00b1c592608c187f35e43dcf33d4cc92_s390x",
"8Base-RHOSE-4.8:openshift4/ose-helm-operator@sha256:df4243dbedfc6b134f48d8e839c859a55070dd816fcebf64da40f1ff86d1a6e8_amd64",
"8Base-RHOSE-4.8:openshift4/ose-kubernetes-nmstate-handler-rhel8@sha256:13d228ad69d3d76bd7af3eab87c2122016c29aca7930d83b7b084726ea62b3b6_amd64",
"8Base-RHOSE-4.8:openshift4/ose-kubernetes-nmstate-handler-rhel8@sha256:3a1ede2d5f064cdc9c3dcae93122e30fe6acb8962905ea739484840c028767eb_s390x",
"8Base-RHOSE-4.8:openshift4/ose-kubernetes-nmstate-handler-rhel8@sha256:6df1c3e3f99b59c1dcc1ba4bc50aef9638ec28eeb4a358316b6b5c5eb9ce1c1a_ppc64le",
"8Base-RHOSE-4.8:openshift4/ose-local-storage-diskmaker@sha256:4fb057e9824cccd554b9295e8c1b4cfc16ffb3eecc2211fa1e1a312f7a79c949_s390x",
"8Base-RHOSE-4.8:openshift4/ose-local-storage-diskmaker@sha256:5e7b1da76d30b757db38feef9ac254d1e36b04fe8d6ffab13ba147d0cff88974_ppc64le",
"8Base-RHOSE-4.8:openshift4/ose-local-storage-diskmaker@sha256:75bc3a0ac9201a825d2aaa1a8af28db620c40e95e25b5e1b6b3e00e507bccdcc_amd64",
"8Base-RHOSE-4.8:openshift4/ose-local-storage-mustgather-rhel8@sha256:06a330662e9a8f5aeae9ae9f85db9f25d8b96821f86437a9198ef626979b9b23_amd64",
"8Base-RHOSE-4.8:openshift4/ose-local-storage-mustgather-rhel8@sha256:7aa0f9ceaa8663081cf19d8a2c689d6356d467ce5ccfb1a6140101f5a47973b6_s390x",
"8Base-RHOSE-4.8:openshift4/ose-local-storage-mustgather-rhel8@sha256:b83bc8b9652ca1d2ff55733ba68f8eaca1542e5318b6860935d12244b240a3f2_ppc64le",
"8Base-RHOSE-4.8:openshift4/ose-local-storage-operator@sha256:1867e7f843577448af26b84cdfb7489b295c5db3eb0faa1eac334b491bf96848_ppc64le",
"8Base-RHOSE-4.8:openshift4/ose-local-storage-operator@sha256:8bf7c9546ffbab5678776abe5a25460f3ffdc166ffbfb65f4a674bac26e0dfae_amd64",
"8Base-RHOSE-4.8:openshift4/ose-local-storage-operator@sha256:b0ca8c3ea4511b5255ef9638f01fefaa6f2e93400a0409360c81d26e8ef8f493_s390x",
"8Base-RHOSE-4.8:openshift4/ose-local-storage-static-provisioner@sha256:030c266a9d55bd63d837fae36a1550a2607e684e8ccfd78fb229b2a028d8897f_ppc64le",
"8Base-RHOSE-4.8:openshift4/ose-local-storage-static-provisioner@sha256:2365ccb37a8f91f4ce8c0681e304f98f9468ccd3e7e9cb6bfe7e7179cdad9998_s390x",
"8Base-RHOSE-4.8:openshift4/ose-local-storage-static-provisioner@sha256:bcff1893ff84874958f43dd84a22f56f7648dfda34236f4ad87e2a964cf33cd9_amd64",
"8Base-RHOSE-4.8:openshift4/ose-metering-ansible-operator@sha256:7576005fb1ee5c89807a5c74c17a6beebdde06f39950d421354c8827e38dad37_amd64",
"8Base-RHOSE-4.8:openshift4/ose-metering-hadoop@sha256:3a6ae11db1f9f60674295b5b9feebbc19e1c8318390a00dd1314f56adace118c_amd64",
"8Base-RHOSE-4.8:openshift4/ose-metering-helm-container-rhel8@sha256:604d7a9033dd87cb30f0e9b35275432e0a6c7637e3cdf54c4710759e4f40ed18_s390x",
"8Base-RHOSE-4.8:openshift4/ose-metering-helm-container-rhel8@sha256:687162ae42b470a8fcfa409380f335265fe608bac5d3bc9511046cf4640f5017_ppc64le",
"8Base-RHOSE-4.8:openshift4/ose-metering-helm-container-rhel8@sha256:982bc5a04515bf30e88eff06b742ee4b0720d26b2039aef229e89ea52bc4322a_amd64",
"8Base-RHOSE-4.8:openshift4/ose-metering-reporting-operator@sha256:5bcd150f1b2752413a16deb287e08250e357ce220216df626ad5a9086c16ce6e_amd64",
"8Base-RHOSE-4.8:openshift4/ose-node-feature-discovery@sha256:6db511807c1e544de32eb9baba909766c53eac4a721852420c6aabc8de4b8684_ppc64le",
"8Base-RHOSE-4.8:openshift4/ose-node-feature-discovery@sha256:a2c9410fb28d810e26166c6d07af2885e4ac88ec73d95bf152da6e26e00f8086_s390x",
"8Base-RHOSE-4.8:openshift4/ose-node-feature-discovery@sha256:d66763784469579e744a627d49d9e125f0d6c69ac3542336fd28c73180af98bb_amd64",
"8Base-RHOSE-4.8:openshift4/ose-node-problem-detector-rhel8@sha256:05c5fff8726da0dbd9270314bf227eda559969e5abcbabd25078fa7e4f1e99eb_ppc64le",
"8Base-RHOSE-4.8:openshift4/ose-node-problem-detector-rhel8@sha256:3fddde918aae7343b55fb4bdd8273d8a928030d95465cb4c699d92958761a7a1_amd64",
"8Base-RHOSE-4.8:openshift4/ose-node-problem-detector-rhel8@sha256:5244cc96a46219c5ba7c1c52fd52c5c8a70d6534567caa47f01ed7fbc9a8e4e8_s390x",
"8Base-RHOSE-4.8:openshift4/ose-operator-sdk-rhel8@sha256:16080cfd97370db5530d0e58f87bfc2c9c784c2536ce3adc6a159f7ab9575ac9_ppc64le",
"8Base-RHOSE-4.8:openshift4/ose-operator-sdk-rhel8@sha256:7cb3e37cdab015a525dd1e7e9830c50d290ab64d939755aa733182fde5822282_s390x",
"8Base-RHOSE-4.8:openshift4/ose-operator-sdk-rhel8@sha256:7f191475c9dd43d6b40efd4b565bf677af22b1b654e0f5d8829b4831abc715d5_amd64",
"8Base-RHOSE-4.8:openshift4/ose-ptp-operator@sha256:4217ce881595e87ceab2fa0cf973b0fc991e0ebf73f6d5b267aaaecc3a03ad88_ppc64le",
"8Base-RHOSE-4.8:openshift4/ose-ptp-operator@sha256:bb73adc511485987f4b20db03ef164ea82c28bf1fb3cf5c50ecaa3b8bd5e268f_amd64",
"8Base-RHOSE-4.8:openshift4/ose-ptp-operator@sha256:d2e84963c0a4b8c4837c600dcd45a4ec85582dcb277cc5a342772cfaf37a02d6_s390x",
"8Base-RHOSE-4.8:openshift4/ose-ptp@sha256:3265800679156b9f4efebfe7f3d887ff804fa5eff6a33fcf4fdec96510a7d0a4_amd64",
"8Base-RHOSE-4.8:openshift4/ose-ptp@sha256:50f1a02f7ddd5e78a607a2d87e1a1d87e6d40dbab914c81a4b7c926446ae7c3f_s390x",
"8Base-RHOSE-4.8:openshift4/ose-ptp@sha256:b72f280d30c133785e64681fbc8c9464c1d495815d066947a8904b6a1eac7554_ppc64le",
"8Base-RHOSE-4.8:openshift4/ose-service-idler-rhel8@sha256:748ff477aab34a52314b3a25c8bc7af0b79938e33c5b0b03d63c2be288884556_ppc64le",
"8Base-RHOSE-4.8:openshift4/ose-service-idler-rhel8@sha256:7655843623686ef2110b391115053ec888b3bfba3e93f7fa015a4ddf59a2c6e1_s390x",
"8Base-RHOSE-4.8:openshift4/ose-service-idler-rhel8@sha256:dbc79719030b91a0879a1646a677fe7858f8e6552c496cfd5025430e6672d3c3_amd64",
"8Base-RHOSE-4.8:openshift4/ose-sriov-cni@sha256:128e08b126309830bece2d61b1095318a44fdb6437a1264a98922b92a9b56339_amd64",
"8Base-RHOSE-4.8:openshift4/ose-sriov-cni@sha256:4ead46ef89a7fc3c96a27426f1594f9403abe2d149f1a06f4e8c23a1435793a0_ppc64le",
"8Base-RHOSE-4.8:openshift4/ose-sriov-cni@sha256:de25d1ab45eec3791e0429c14cd159c2cf0e06f60538eea58a3884ba8ec0c437_s390x",
"8Base-RHOSE-4.8:openshift4/ose-sriov-dp-admission-controller@sha256:035ee520fd3303409a8a622fbfdc092495705533e687afd5a507269ff2888672_s390x",
"8Base-RHOSE-4.8:openshift4/ose-sriov-dp-admission-controller@sha256:3740692124ba1131c412665eb689db7d1fc90bc96df32905efa4c81295834a1d_amd64",
"8Base-RHOSE-4.8:openshift4/ose-sriov-dp-admission-controller@sha256:92fdeb3673145a77ff34decadc8a406cd05ce83afbbc848821717d2bc127f4db_ppc64le",
"8Base-RHOSE-4.8:openshift4/ose-sriov-infiniband-cni@sha256:4419994e773ba864245ad4763cecd5383e1782cf81f53977580ed5c70581a2a1_s390x",
"8Base-RHOSE-4.8:openshift4/ose-sriov-infiniband-cni@sha256:d3a01146298d996f4d5cc8114cb31c38fc332bbaa6056dbbc0c06580033df02f_ppc64le",
"8Base-RHOSE-4.8:openshift4/ose-sriov-infiniband-cni@sha256:e316ddfe57eb0f75f1d05f6b449f7f2746b345155729e037012d9081bcdfe11a_amd64",
"8Base-RHOSE-4.8:openshift4/ose-sriov-network-config-daemon@sha256:5d684abc03e26dd161328261d5c4c05f18afb91b92bb2e9e3934f371f7ae5e9c_ppc64le",
"8Base-RHOSE-4.8:openshift4/ose-sriov-network-config-daemon@sha256:e2210baeb0be9422275445e978f4f2ca2813476f0fdc39b239b9edb4add588a0_amd64",
"8Base-RHOSE-4.8:openshift4/ose-sriov-network-config-daemon@sha256:edee9914747f7b1a871dfbf8e0ada436fd853f9cb8b4f25bd6a3ae8f2d8b0851_s390x",
"8Base-RHOSE-4.8:openshift4/ose-sriov-network-device-plugin@sha256:7165575c0b49cf25bdafbb7390199d2a957322147fadfdce1401afc10dfcb37d_amd64",
"8Base-RHOSE-4.8:openshift4/ose-sriov-network-device-plugin@sha256:d5567efab982e51026761e1cb5a120f2eed54033550cbac5c4b78620b5a775ce_s390x",
"8Base-RHOSE-4.8:openshift4/ose-sriov-network-device-plugin@sha256:f54ddc9b51cc0878cb4771c8b55bee97ed02b003395f19ef9500c91cceccf134_ppc64le",
"8Base-RHOSE-4.8:openshift4/ose-sriov-network-operator@sha256:34af2eab98fe5ead527de11fd495642f49e955e17064cc8cf1674b13b362efac_s390x",
"8Base-RHOSE-4.8:openshift4/ose-sriov-network-operator@sha256:53bd17fd25accba8ed846c3906bfc140851c43cab9e599103a6df559d89b8323_amd64",
"8Base-RHOSE-4.8:openshift4/ose-sriov-network-operator@sha256:66ad156d2d59b0d47cedc94b9118e6e1107325ab5ba44375613f892d64d09956_ppc64le",
"8Base-RHOSE-4.8:openshift4/ose-sriov-network-webhook@sha256:3e648c0a96ae8024e5443782eb2afe8e3a2c716ee9dd20263fe3cad2d4c293dd_ppc64le",
"8Base-RHOSE-4.8:openshift4/ose-sriov-network-webhook@sha256:59dead9be2c8e873496653be6570c8aeffb1a9b420ba00200aae3506f1a1798e_s390x",
"8Base-RHOSE-4.8:openshift4/ose-sriov-network-webhook@sha256:e86bcdbfd6ac7e6cfb846d5a639a32f87f5500230044a8c299c28cfce1850f54_amd64",
"8Base-RHOSE-4.8:openshift4/ose-sriov-operator-must-gather@sha256:92b3d9d0f17b66c8856e795745282d0cc856cd2c8bf66dfa3beb9b0675fa5e1d_ppc64le",
"8Base-RHOSE-4.8:openshift4/ose-sriov-operator-must-gather@sha256:baa3b6da137bc048f57d656f938c71d26e8240f4a5a7d99dab584a1662d19188_s390x",
"8Base-RHOSE-4.8:openshift4/ose-sriov-operator-must-gather@sha256:e8dc9605891487bf743f20225f2bff4add607946d9b97da24f06bc0a3a5c4b6d_amd64",
"8Base-RHOSE-4.8:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:8894179aee32aea7d875499179bfc1783a1d81e052ee47499cb3b34ae7d4d18b_amd64",
"8Base-RHOSE-4.8:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:9e1d1bf31fa04b05b46e04cb564361ae8387fa06da5ec019a475a11ef7ff9358_ppc64le",
"8Base-RHOSE-4.8:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:c1b1addb2f2a7c84de8e0c50e6015921bc5f8f19c6c3defe090fc643e2a59fc4_s390x",
"8Base-RHOSE-4.8:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:5ff00e93833c3d916988979303e7bc0fe21b1da50ecbfbbf4d0545ef45b535ab_amd64",
"8Base-RHOSE-4.8:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:818f036319edf0d327b3d7b8c474e62181b645091bd78039f8af6bc9d06ec3c2_s390x",
"8Base-RHOSE-4.8:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:a2ec2c2c86e2dbc1471758f25942d74489bf011bcc905d4e27edb38f57835ac3_ppc64le",
"8Base-RHOSE-4.8:openshift4/ptp-must-gather-rhel8@sha256:16135e26bab08312237920621dfdda19de439cafa3496336a5bb036ba6aab810_s390x",
"8Base-RHOSE-4.8:openshift4/ptp-must-gather-rhel8@sha256:7e7c5e847bec122955563c7c2ed9de3d798155ea77ad13c528fdc173b817e811_amd64",
"8Base-RHOSE-4.8:openshift4/ptp-must-gather-rhel8@sha256:94572c353a049edb1ebc935a73a15e78ef399b9f15f3bb9b8bf376f1b37dff87_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2035951"
}
],
"notes": [
{
"category": "description",
"text": "Apache Log4j2 versions 2.0-beta7 through 2.17.0 (excluding security fix releases 2.3.2 and 2.12.4) are vulnerable to a remote code execution (RCE) attack where an attacker with permission to modify the logging configuration file can construct a malicious configuration using a JDBC Appender with a data source referencing a JNDI URI which can execute remote code. This issue is fixed by limiting JNDI data source names to the java protocol in Log4j2 versions 2.17.1, 2.12.4, and 2.3.2.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "log4j-core: remote code execution via JDBC Appender",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Log4j 1.x is not impacted by this vulnerability. Therefore versions of log4j shipped with Red Hat Enterprise Linux are NOT affected by this flaw.\n\nFor Elasticsearch, as shipped in OpenShift Container Platform and OpenShift Logging, access to the log4j2.properties configuration is limited only to the cluster administrators and exploitation requires cluster logging changes, what reduced the impact of this vulnerability significantly [0].\n\n[0] https://discuss.elastic.co/t/apache-log4j2-remote-code-execution-rce-vulnerability-cve-2021-44228-esa-2021-31/291476#update-jan-6-5",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-4.8:openshift4/ose-metering-hive@sha256:5431d1a3f9f479600db352feee682ce8e31d9b1d62f7c06e7fe0138a1aca7044_amd64",
"8Base-RHOSE-4.8:openshift4/ose-metering-presto@sha256:cd1d23fd5dff2a78fba377fbb3b1c63d922877af09f17e1c1f898eeaa4891c03_amd64"
],
"known_not_affected": [
"8Base-RHOSE-4.8:openshift4/kubernetes-nmstate-rhel8-operator@sha256:04af6b907f56fe1255345a4d5dd23908e6fe51b63da2d86812f0301f97b8abe8_ppc64le",
"8Base-RHOSE-4.8:openshift4/kubernetes-nmstate-rhel8-operator@sha256:401efb6b2a736bc00475df75c05178f2b5a01a917e416b166ba77b084984bbb0_s390x",
"8Base-RHOSE-4.8:openshift4/kubernetes-nmstate-rhel8-operator@sha256:bf92e1a223de2fe51d8e702f7bcd924e83378b99a249e76f1f8db7167a34e155_amd64",
"8Base-RHOSE-4.8:openshift4/ose-ansible-operator@sha256:16268bec56efd542c49bdd5ce8934d7edfe81ee2e11f716bfba09afda1096ccd_ppc64le",
"8Base-RHOSE-4.8:openshift4/ose-ansible-operator@sha256:317b636846f5a4da94b8a44eb87b9d34721da8b819debdcfecb726b8d74537c4_amd64",
"8Base-RHOSE-4.8:openshift4/ose-ansible-operator@sha256:678e89a0851566628a99981a5e395fc2a88936e5f1552a7f205e0c4dc4f34e58_s390x",
"8Base-RHOSE-4.8:openshift4/ose-cluster-capacity@sha256:29eb94fd8e5cf6bd471ed30b0cd1d7f647588c14c93a148f8f332cd21ee94542_ppc64le",
"8Base-RHOSE-4.8:openshift4/ose-cluster-capacity@sha256:91d7fad60dbc99ea4b1393d9f47de64d145dd3302b199edb7922efbc3a223c40_s390x",
"8Base-RHOSE-4.8:openshift4/ose-cluster-capacity@sha256:a8b224b9187b51c7b6251488f84bc86ec5e54bad0515c1516d6f535a2ad5a6d7_amd64",
"8Base-RHOSE-4.8:openshift4/ose-cluster-kube-descheduler-operator@sha256:24380dc5d13f84e5b3d35bcf6e183ab697a8b9f997c4808027dbe396a075e389_amd64",
"8Base-RHOSE-4.8:openshift4/ose-cluster-kube-descheduler-operator@sha256:4210a5b83b7a6dce2e8b5e9c74b2c2858b4441c7e7046dc1bc47d13bade5b344_s390x",
"8Base-RHOSE-4.8:openshift4/ose-cluster-kube-descheduler-operator@sha256:7de02a3794875b503787352cc1ba1774ca2bc48e717668323b135f2b4d03bab2_ppc64le",
"8Base-RHOSE-4.8:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:24380dc5d13f84e5b3d35bcf6e183ab697a8b9f997c4808027dbe396a075e389_amd64",
"8Base-RHOSE-4.8:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:4210a5b83b7a6dce2e8b5e9c74b2c2858b4441c7e7046dc1bc47d13bade5b344_s390x",
"8Base-RHOSE-4.8:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:7de02a3794875b503787352cc1ba1774ca2bc48e717668323b135f2b4d03bab2_ppc64le",
"8Base-RHOSE-4.8:openshift4/ose-cluster-nfd-operator@sha256:050f5694076ad7712ea486db9c3a6da60f14a6bcdefb93f09ae5a5d0d2350216_s390x",
"8Base-RHOSE-4.8:openshift4/ose-cluster-nfd-operator@sha256:3e804e2a87f3d4466ec45163ec1b8a7f5f8621a8dafba7359639319def652df7_amd64",
"8Base-RHOSE-4.8:openshift4/ose-cluster-nfd-operator@sha256:69325720dac7c66e759da3a932d6d11694b446809a2acd705bcd010662f119ac_ppc64le",
"8Base-RHOSE-4.8:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:a2b533899da262cc3dcdec64b353b4373c692c65795d092735110ffe14b1f405_s390x",
"8Base-RHOSE-4.8:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:e78a6496a8fe3bf67a1575cab28d8f9829ff2c9506cec53dc28cd08f1382641a_ppc64le",
"8Base-RHOSE-4.8:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:f426e6f2bbd416978f1bc731e061eb908cd34736180e92a6d76cbcc00d494ea0_amd64",
"8Base-RHOSE-4.8:openshift4/ose-clusterresourceoverride-rhel8@sha256:4361d04e51268ebc0048167a60b69b789b9e4158e819979a2996fc2a79a0183e_ppc64le",
"8Base-RHOSE-4.8:openshift4/ose-clusterresourceoverride-rhel8@sha256:7f80896dc1acc9d9af477d753e7fafe3d828e5b35fb123fda05c272c93efaae4_amd64",
"8Base-RHOSE-4.8:openshift4/ose-clusterresourceoverride-rhel8@sha256:862a2025b5f3a3e7569fe6fcdb08d008318daf7b7818dbff9bc571d053360ab1_s390x",
"8Base-RHOSE-4.8:openshift4/ose-descheduler@sha256:4f9de0b544a418c728d7921b031268687b315273256b1b964de87602b552f559_s390x",
"8Base-RHOSE-4.8:openshift4/ose-descheduler@sha256:b5ad38974bb046acc284d81615f89be45cc88ee94dd202715a84048ff666de39_ppc64le",
"8Base-RHOSE-4.8:openshift4/ose-descheduler@sha256:c646e3a5e81cff6f9e5fd0d590acff2a8ae1c0a36cb7bc5210f6285d8dc06817_amd64",
"8Base-RHOSE-4.8:openshift4/ose-egress-dns-proxy@sha256:45e93e144f0401c1b18a98864544e8e57439a5aae0937796a52cfbb5b5657620_ppc64le",
"8Base-RHOSE-4.8:openshift4/ose-egress-dns-proxy@sha256:7e578789946a853c299254cc9092f815c59333551fc7bcdf0cec4ee8bd0975f7_amd64",
"8Base-RHOSE-4.8:openshift4/ose-egress-dns-proxy@sha256:fa2b319dade615c79b26363fa35ff7519b890ceca1a316ba7b4a13ac2dfe3392_s390x",
"8Base-RHOSE-4.8:openshift4/ose-egress-http-proxy@sha256:26f61e722fc9110448b6c851d8c9e0e49c8d31ee6bbc678ea27767fe8351ad5b_amd64",
"8Base-RHOSE-4.8:openshift4/ose-egress-http-proxy@sha256:39a831a45748dfd91a1d20f68481fbc82bd3fefa4cb5ff87aab478770582de2f_s390x",
"8Base-RHOSE-4.8:openshift4/ose-egress-http-proxy@sha256:cef6c19c4b400e88a5231b626970ca205af002ae004f0e40c2bb5b3281abb44b_ppc64le",
"8Base-RHOSE-4.8:openshift4/ose-egress-router@sha256:4b3083b15eb27c5f3359498c3d76eab277f55264b1d1f50a560176e2cf471bde_ppc64le",
"8Base-RHOSE-4.8:openshift4/ose-egress-router@sha256:9c5ea6554b499063a4056685d22bc4b8e553bacbacd8f5b6c6c70029b7c691c2_amd64",
"8Base-RHOSE-4.8:openshift4/ose-egress-router@sha256:c8948bfb7437e445a58323c456979829d738f69d192b308af112793a44ece6be_s390x",
"8Base-RHOSE-4.8:openshift4/ose-ghostunnel@sha256:d24324d2a5f5db35706160389fd0504529847b610b67c946426dd2d5c580333c_amd64",
"8Base-RHOSE-4.8:openshift4/ose-helm-operator@sha256:2da0cd361bc6553072e88c8360dcf6d892ca6c3d34c98bdfa611105559373e98_ppc64le",
"8Base-RHOSE-4.8:openshift4/ose-helm-operator@sha256:aded3473d75a263d10d7f4f3db50366a00b1c592608c187f35e43dcf33d4cc92_s390x",
"8Base-RHOSE-4.8:openshift4/ose-helm-operator@sha256:df4243dbedfc6b134f48d8e839c859a55070dd816fcebf64da40f1ff86d1a6e8_amd64",
"8Base-RHOSE-4.8:openshift4/ose-kubernetes-nmstate-handler-rhel8@sha256:13d228ad69d3d76bd7af3eab87c2122016c29aca7930d83b7b084726ea62b3b6_amd64",
"8Base-RHOSE-4.8:openshift4/ose-kubernetes-nmstate-handler-rhel8@sha256:3a1ede2d5f064cdc9c3dcae93122e30fe6acb8962905ea739484840c028767eb_s390x",
"8Base-RHOSE-4.8:openshift4/ose-kubernetes-nmstate-handler-rhel8@sha256:6df1c3e3f99b59c1dcc1ba4bc50aef9638ec28eeb4a358316b6b5c5eb9ce1c1a_ppc64le",
"8Base-RHOSE-4.8:openshift4/ose-local-storage-diskmaker@sha256:4fb057e9824cccd554b9295e8c1b4cfc16ffb3eecc2211fa1e1a312f7a79c949_s390x",
"8Base-RHOSE-4.8:openshift4/ose-local-storage-diskmaker@sha256:5e7b1da76d30b757db38feef9ac254d1e36b04fe8d6ffab13ba147d0cff88974_ppc64le",
"8Base-RHOSE-4.8:openshift4/ose-local-storage-diskmaker@sha256:75bc3a0ac9201a825d2aaa1a8af28db620c40e95e25b5e1b6b3e00e507bccdcc_amd64",
"8Base-RHOSE-4.8:openshift4/ose-local-storage-mustgather-rhel8@sha256:06a330662e9a8f5aeae9ae9f85db9f25d8b96821f86437a9198ef626979b9b23_amd64",
"8Base-RHOSE-4.8:openshift4/ose-local-storage-mustgather-rhel8@sha256:7aa0f9ceaa8663081cf19d8a2c689d6356d467ce5ccfb1a6140101f5a47973b6_s390x",
"8Base-RHOSE-4.8:openshift4/ose-local-storage-mustgather-rhel8@sha256:b83bc8b9652ca1d2ff55733ba68f8eaca1542e5318b6860935d12244b240a3f2_ppc64le",
"8Base-RHOSE-4.8:openshift4/ose-local-storage-operator@sha256:1867e7f843577448af26b84cdfb7489b295c5db3eb0faa1eac334b491bf96848_ppc64le",
"8Base-RHOSE-4.8:openshift4/ose-local-storage-operator@sha256:8bf7c9546ffbab5678776abe5a25460f3ffdc166ffbfb65f4a674bac26e0dfae_amd64",
"8Base-RHOSE-4.8:openshift4/ose-local-storage-operator@sha256:b0ca8c3ea4511b5255ef9638f01fefaa6f2e93400a0409360c81d26e8ef8f493_s390x",
"8Base-RHOSE-4.8:openshift4/ose-local-storage-static-provisioner@sha256:030c266a9d55bd63d837fae36a1550a2607e684e8ccfd78fb229b2a028d8897f_ppc64le",
"8Base-RHOSE-4.8:openshift4/ose-local-storage-static-provisioner@sha256:2365ccb37a8f91f4ce8c0681e304f98f9468ccd3e7e9cb6bfe7e7179cdad9998_s390x",
"8Base-RHOSE-4.8:openshift4/ose-local-storage-static-provisioner@sha256:bcff1893ff84874958f43dd84a22f56f7648dfda34236f4ad87e2a964cf33cd9_amd64",
"8Base-RHOSE-4.8:openshift4/ose-metering-ansible-operator@sha256:7576005fb1ee5c89807a5c74c17a6beebdde06f39950d421354c8827e38dad37_amd64",
"8Base-RHOSE-4.8:openshift4/ose-metering-hadoop@sha256:3a6ae11db1f9f60674295b5b9feebbc19e1c8318390a00dd1314f56adace118c_amd64",
"8Base-RHOSE-4.8:openshift4/ose-metering-helm-container-rhel8@sha256:604d7a9033dd87cb30f0e9b35275432e0a6c7637e3cdf54c4710759e4f40ed18_s390x",
"8Base-RHOSE-4.8:openshift4/ose-metering-helm-container-rhel8@sha256:687162ae42b470a8fcfa409380f335265fe608bac5d3bc9511046cf4640f5017_ppc64le",
"8Base-RHOSE-4.8:openshift4/ose-metering-helm-container-rhel8@sha256:982bc5a04515bf30e88eff06b742ee4b0720d26b2039aef229e89ea52bc4322a_amd64",
"8Base-RHOSE-4.8:openshift4/ose-metering-reporting-operator@sha256:5bcd150f1b2752413a16deb287e08250e357ce220216df626ad5a9086c16ce6e_amd64",
"8Base-RHOSE-4.8:openshift4/ose-node-feature-discovery@sha256:6db511807c1e544de32eb9baba909766c53eac4a721852420c6aabc8de4b8684_ppc64le",
"8Base-RHOSE-4.8:openshift4/ose-node-feature-discovery@sha256:a2c9410fb28d810e26166c6d07af2885e4ac88ec73d95bf152da6e26e00f8086_s390x",
"8Base-RHOSE-4.8:openshift4/ose-node-feature-discovery@sha256:d66763784469579e744a627d49d9e125f0d6c69ac3542336fd28c73180af98bb_amd64",
"8Base-RHOSE-4.8:openshift4/ose-node-problem-detector-rhel8@sha256:05c5fff8726da0dbd9270314bf227eda559969e5abcbabd25078fa7e4f1e99eb_ppc64le",
"8Base-RHOSE-4.8:openshift4/ose-node-problem-detector-rhel8@sha256:3fddde918aae7343b55fb4bdd8273d8a928030d95465cb4c699d92958761a7a1_amd64",
"8Base-RHOSE-4.8:openshift4/ose-node-problem-detector-rhel8@sha256:5244cc96a46219c5ba7c1c52fd52c5c8a70d6534567caa47f01ed7fbc9a8e4e8_s390x",
"8Base-RHOSE-4.8:openshift4/ose-operator-sdk-rhel8@sha256:16080cfd97370db5530d0e58f87bfc2c9c784c2536ce3adc6a159f7ab9575ac9_ppc64le",
"8Base-RHOSE-4.8:openshift4/ose-operator-sdk-rhel8@sha256:7cb3e37cdab015a525dd1e7e9830c50d290ab64d939755aa733182fde5822282_s390x",
"8Base-RHOSE-4.8:openshift4/ose-operator-sdk-rhel8@sha256:7f191475c9dd43d6b40efd4b565bf677af22b1b654e0f5d8829b4831abc715d5_amd64",
"8Base-RHOSE-4.8:openshift4/ose-ptp-operator@sha256:4217ce881595e87ceab2fa0cf973b0fc991e0ebf73f6d5b267aaaecc3a03ad88_ppc64le",
"8Base-RHOSE-4.8:openshift4/ose-ptp-operator@sha256:bb73adc511485987f4b20db03ef164ea82c28bf1fb3cf5c50ecaa3b8bd5e268f_amd64",
"8Base-RHOSE-4.8:openshift4/ose-ptp-operator@sha256:d2e84963c0a4b8c4837c600dcd45a4ec85582dcb277cc5a342772cfaf37a02d6_s390x",
"8Base-RHOSE-4.8:openshift4/ose-ptp@sha256:3265800679156b9f4efebfe7f3d887ff804fa5eff6a33fcf4fdec96510a7d0a4_amd64",
"8Base-RHOSE-4.8:openshift4/ose-ptp@sha256:50f1a02f7ddd5e78a607a2d87e1a1d87e6d40dbab914c81a4b7c926446ae7c3f_s390x",
"8Base-RHOSE-4.8:openshift4/ose-ptp@sha256:b72f280d30c133785e64681fbc8c9464c1d495815d066947a8904b6a1eac7554_ppc64le",
"8Base-RHOSE-4.8:openshift4/ose-service-idler-rhel8@sha256:748ff477aab34a52314b3a25c8bc7af0b79938e33c5b0b03d63c2be288884556_ppc64le",
"8Base-RHOSE-4.8:openshift4/ose-service-idler-rhel8@sha256:7655843623686ef2110b391115053ec888b3bfba3e93f7fa015a4ddf59a2c6e1_s390x",
"8Base-RHOSE-4.8:openshift4/ose-service-idler-rhel8@sha256:dbc79719030b91a0879a1646a677fe7858f8e6552c496cfd5025430e6672d3c3_amd64",
"8Base-RHOSE-4.8:openshift4/ose-sriov-cni@sha256:128e08b126309830bece2d61b1095318a44fdb6437a1264a98922b92a9b56339_amd64",
"8Base-RHOSE-4.8:openshift4/ose-sriov-cni@sha256:4ead46ef89a7fc3c96a27426f1594f9403abe2d149f1a06f4e8c23a1435793a0_ppc64le",
"8Base-RHOSE-4.8:openshift4/ose-sriov-cni@sha256:de25d1ab45eec3791e0429c14cd159c2cf0e06f60538eea58a3884ba8ec0c437_s390x",
"8Base-RHOSE-4.8:openshift4/ose-sriov-dp-admission-controller@sha256:035ee520fd3303409a8a622fbfdc092495705533e687afd5a507269ff2888672_s390x",
"8Base-RHOSE-4.8:openshift4/ose-sriov-dp-admission-controller@sha256:3740692124ba1131c412665eb689db7d1fc90bc96df32905efa4c81295834a1d_amd64",
"8Base-RHOSE-4.8:openshift4/ose-sriov-dp-admission-controller@sha256:92fdeb3673145a77ff34decadc8a406cd05ce83afbbc848821717d2bc127f4db_ppc64le",
"8Base-RHOSE-4.8:openshift4/ose-sriov-infiniband-cni@sha256:4419994e773ba864245ad4763cecd5383e1782cf81f53977580ed5c70581a2a1_s390x",
"8Base-RHOSE-4.8:openshift4/ose-sriov-infiniband-cni@sha256:d3a01146298d996f4d5cc8114cb31c38fc332bbaa6056dbbc0c06580033df02f_ppc64le",
"8Base-RHOSE-4.8:openshift4/ose-sriov-infiniband-cni@sha256:e316ddfe57eb0f75f1d05f6b449f7f2746b345155729e037012d9081bcdfe11a_amd64",
"8Base-RHOSE-4.8:openshift4/ose-sriov-network-config-daemon@sha256:5d684abc03e26dd161328261d5c4c05f18afb91b92bb2e9e3934f371f7ae5e9c_ppc64le",
"8Base-RHOSE-4.8:openshift4/ose-sriov-network-config-daemon@sha256:e2210baeb0be9422275445e978f4f2ca2813476f0fdc39b239b9edb4add588a0_amd64",
"8Base-RHOSE-4.8:openshift4/ose-sriov-network-config-daemon@sha256:edee9914747f7b1a871dfbf8e0ada436fd853f9cb8b4f25bd6a3ae8f2d8b0851_s390x",
"8Base-RHOSE-4.8:openshift4/ose-sriov-network-device-plugin@sha256:7165575c0b49cf25bdafbb7390199d2a957322147fadfdce1401afc10dfcb37d_amd64",
"8Base-RHOSE-4.8:openshift4/ose-sriov-network-device-plugin@sha256:d5567efab982e51026761e1cb5a120f2eed54033550cbac5c4b78620b5a775ce_s390x",
"8Base-RHOSE-4.8:openshift4/ose-sriov-network-device-plugin@sha256:f54ddc9b51cc0878cb4771c8b55bee97ed02b003395f19ef9500c91cceccf134_ppc64le",
"8Base-RHOSE-4.8:openshift4/ose-sriov-network-operator@sha256:34af2eab98fe5ead527de11fd495642f49e955e17064cc8cf1674b13b362efac_s390x",
"8Base-RHOSE-4.8:openshift4/ose-sriov-network-operator@sha256:53bd17fd25accba8ed846c3906bfc140851c43cab9e599103a6df559d89b8323_amd64",
"8Base-RHOSE-4.8:openshift4/ose-sriov-network-operator@sha256:66ad156d2d59b0d47cedc94b9118e6e1107325ab5ba44375613f892d64d09956_ppc64le",
"8Base-RHOSE-4.8:openshift4/ose-sriov-network-webhook@sha256:3e648c0a96ae8024e5443782eb2afe8e3a2c716ee9dd20263fe3cad2d4c293dd_ppc64le",
"8Base-RHOSE-4.8:openshift4/ose-sriov-network-webhook@sha256:59dead9be2c8e873496653be6570c8aeffb1a9b420ba00200aae3506f1a1798e_s390x",
"8Base-RHOSE-4.8:openshift4/ose-sriov-network-webhook@sha256:e86bcdbfd6ac7e6cfb846d5a639a32f87f5500230044a8c299c28cfce1850f54_amd64",
"8Base-RHOSE-4.8:openshift4/ose-sriov-operator-must-gather@sha256:92b3d9d0f17b66c8856e795745282d0cc856cd2c8bf66dfa3beb9b0675fa5e1d_ppc64le",
"8Base-RHOSE-4.8:openshift4/ose-sriov-operator-must-gather@sha256:baa3b6da137bc048f57d656f938c71d26e8240f4a5a7d99dab584a1662d19188_s390x",
"8Base-RHOSE-4.8:openshift4/ose-sriov-operator-must-gather@sha256:e8dc9605891487bf743f20225f2bff4add607946d9b97da24f06bc0a3a5c4b6d_amd64",
"8Base-RHOSE-4.8:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:8894179aee32aea7d875499179bfc1783a1d81e052ee47499cb3b34ae7d4d18b_amd64",
"8Base-RHOSE-4.8:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:9e1d1bf31fa04b05b46e04cb564361ae8387fa06da5ec019a475a11ef7ff9358_ppc64le",
"8Base-RHOSE-4.8:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:c1b1addb2f2a7c84de8e0c50e6015921bc5f8f19c6c3defe090fc643e2a59fc4_s390x",
"8Base-RHOSE-4.8:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:5ff00e93833c3d916988979303e7bc0fe21b1da50ecbfbbf4d0545ef45b535ab_amd64",
"8Base-RHOSE-4.8:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:818f036319edf0d327b3d7b8c474e62181b645091bd78039f8af6bc9d06ec3c2_s390x",
"8Base-RHOSE-4.8:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:a2ec2c2c86e2dbc1471758f25942d74489bf011bcc905d4e27edb38f57835ac3_ppc64le",
"8Base-RHOSE-4.8:openshift4/ptp-must-gather-rhel8@sha256:16135e26bab08312237920621dfdda19de439cafa3496336a5bb036ba6aab810_s390x",
"8Base-RHOSE-4.8:openshift4/ptp-must-gather-rhel8@sha256:7e7c5e847bec122955563c7c2ed9de3d798155ea77ad13c528fdc173b817e811_amd64",
"8Base-RHOSE-4.8:openshift4/ptp-must-gather-rhel8@sha256:94572c353a049edb1ebc935a73a15e78ef399b9f15f3bb9b8bf376f1b37dff87_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-44832"
},
{
"category": "external",
"summary": "RHBZ#2035951",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2035951"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-44832",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44832"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-44832",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-44832"
},
{
"category": "external",
"summary": "https://issues.apache.org/jira/browse/LOG4J2-3293",
"url": "https://issues.apache.org/jira/browse/LOG4J2-3293"
}
],
"release_date": "2021-12-28T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-02-16T15:04:02+00:00",
"details": "For OpenShift Container Platform 4.8 see the following documentation, which\nwill be updated shortly for this release, for important instructions on how\nto upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.8/release_notes/ocp-4-8-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.8/updating/updating-cluster-cli.html",
"product_ids": [
"8Base-RHOSE-4.8:openshift4/ose-metering-hive@sha256:5431d1a3f9f479600db352feee682ce8e31d9b1d62f7c06e7fe0138a1aca7044_amd64",
"8Base-RHOSE-4.8:openshift4/ose-metering-presto@sha256:cd1d23fd5dff2a78fba377fbb3b1c63d922877af09f17e1c1f898eeaa4891c03_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:0485"
},
{
"category": "workaround",
"details": "As per upstream:\n- In prior releases confirm that if the JDBC Appender is being used it is not configured to use any protocol other than Java.\n- Note that only the log4j-core JAR file is impacted by this vulnerability. Applications using only the log4j-api JAR file without the log4j-core JAR file are not impacted by this vulnerability.",
"product_ids": [
"8Base-RHOSE-4.8:openshift4/kubernetes-nmstate-rhel8-operator@sha256:04af6b907f56fe1255345a4d5dd23908e6fe51b63da2d86812f0301f97b8abe8_ppc64le",
"8Base-RHOSE-4.8:openshift4/kubernetes-nmstate-rhel8-operator@sha256:401efb6b2a736bc00475df75c05178f2b5a01a917e416b166ba77b084984bbb0_s390x",
"8Base-RHOSE-4.8:openshift4/kubernetes-nmstate-rhel8-operator@sha256:bf92e1a223de2fe51d8e702f7bcd924e83378b99a249e76f1f8db7167a34e155_amd64",
"8Base-RHOSE-4.8:openshift4/ose-ansible-operator@sha256:16268bec56efd542c49bdd5ce8934d7edfe81ee2e11f716bfba09afda1096ccd_ppc64le",
"8Base-RHOSE-4.8:openshift4/ose-ansible-operator@sha256:317b636846f5a4da94b8a44eb87b9d34721da8b819debdcfecb726b8d74537c4_amd64",
"8Base-RHOSE-4.8:openshift4/ose-ansible-operator@sha256:678e89a0851566628a99981a5e395fc2a88936e5f1552a7f205e0c4dc4f34e58_s390x",
"8Base-RHOSE-4.8:openshift4/ose-cluster-capacity@sha256:29eb94fd8e5cf6bd471ed30b0cd1d7f647588c14c93a148f8f332cd21ee94542_ppc64le",
"8Base-RHOSE-4.8:openshift4/ose-cluster-capacity@sha256:91d7fad60dbc99ea4b1393d9f47de64d145dd3302b199edb7922efbc3a223c40_s390x",
"8Base-RHOSE-4.8:openshift4/ose-cluster-capacity@sha256:a8b224b9187b51c7b6251488f84bc86ec5e54bad0515c1516d6f535a2ad5a6d7_amd64",
"8Base-RHOSE-4.8:openshift4/ose-cluster-kube-descheduler-operator@sha256:24380dc5d13f84e5b3d35bcf6e183ab697a8b9f997c4808027dbe396a075e389_amd64",
"8Base-RHOSE-4.8:openshift4/ose-cluster-kube-descheduler-operator@sha256:4210a5b83b7a6dce2e8b5e9c74b2c2858b4441c7e7046dc1bc47d13bade5b344_s390x",
"8Base-RHOSE-4.8:openshift4/ose-cluster-kube-descheduler-operator@sha256:7de02a3794875b503787352cc1ba1774ca2bc48e717668323b135f2b4d03bab2_ppc64le",
"8Base-RHOSE-4.8:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:24380dc5d13f84e5b3d35bcf6e183ab697a8b9f997c4808027dbe396a075e389_amd64",
"8Base-RHOSE-4.8:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:4210a5b83b7a6dce2e8b5e9c74b2c2858b4441c7e7046dc1bc47d13bade5b344_s390x",
"8Base-RHOSE-4.8:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:7de02a3794875b503787352cc1ba1774ca2bc48e717668323b135f2b4d03bab2_ppc64le",
"8Base-RHOSE-4.8:openshift4/ose-cluster-nfd-operator@sha256:050f5694076ad7712ea486db9c3a6da60f14a6bcdefb93f09ae5a5d0d2350216_s390x",
"8Base-RHOSE-4.8:openshift4/ose-cluster-nfd-operator@sha256:3e804e2a87f3d4466ec45163ec1b8a7f5f8621a8dafba7359639319def652df7_amd64",
"8Base-RHOSE-4.8:openshift4/ose-cluster-nfd-operator@sha256:69325720dac7c66e759da3a932d6d11694b446809a2acd705bcd010662f119ac_ppc64le",
"8Base-RHOSE-4.8:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:a2b533899da262cc3dcdec64b353b4373c692c65795d092735110ffe14b1f405_s390x",
"8Base-RHOSE-4.8:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:e78a6496a8fe3bf67a1575cab28d8f9829ff2c9506cec53dc28cd08f1382641a_ppc64le",
"8Base-RHOSE-4.8:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:f426e6f2bbd416978f1bc731e061eb908cd34736180e92a6d76cbcc00d494ea0_amd64",
"8Base-RHOSE-4.8:openshift4/ose-clusterresourceoverride-rhel8@sha256:4361d04e51268ebc0048167a60b69b789b9e4158e819979a2996fc2a79a0183e_ppc64le",
"8Base-RHOSE-4.8:openshift4/ose-clusterresourceoverride-rhel8@sha256:7f80896dc1acc9d9af477d753e7fafe3d828e5b35fb123fda05c272c93efaae4_amd64",
"8Base-RHOSE-4.8:openshift4/ose-clusterresourceoverride-rhel8@sha256:862a2025b5f3a3e7569fe6fcdb08d008318daf7b7818dbff9bc571d053360ab1_s390x",
"8Base-RHOSE-4.8:openshift4/ose-descheduler@sha256:4f9de0b544a418c728d7921b031268687b315273256b1b964de87602b552f559_s390x",
"8Base-RHOSE-4.8:openshift4/ose-descheduler@sha256:b5ad38974bb046acc284d81615f89be45cc88ee94dd202715a84048ff666de39_ppc64le",
"8Base-RHOSE-4.8:openshift4/ose-descheduler@sha256:c646e3a5e81cff6f9e5fd0d590acff2a8ae1c0a36cb7bc5210f6285d8dc06817_amd64",
"8Base-RHOSE-4.8:openshift4/ose-egress-dns-proxy@sha256:45e93e144f0401c1b18a98864544e8e57439a5aae0937796a52cfbb5b5657620_ppc64le",
"8Base-RHOSE-4.8:openshift4/ose-egress-dns-proxy@sha256:7e578789946a853c299254cc9092f815c59333551fc7bcdf0cec4ee8bd0975f7_amd64",
"8Base-RHOSE-4.8:openshift4/ose-egress-dns-proxy@sha256:fa2b319dade615c79b26363fa35ff7519b890ceca1a316ba7b4a13ac2dfe3392_s390x",
"8Base-RHOSE-4.8:openshift4/ose-egress-http-proxy@sha256:26f61e722fc9110448b6c851d8c9e0e49c8d31ee6bbc678ea27767fe8351ad5b_amd64",
"8Base-RHOSE-4.8:openshift4/ose-egress-http-proxy@sha256:39a831a45748dfd91a1d20f68481fbc82bd3fefa4cb5ff87aab478770582de2f_s390x",
"8Base-RHOSE-4.8:openshift4/ose-egress-http-proxy@sha256:cef6c19c4b400e88a5231b626970ca205af002ae004f0e40c2bb5b3281abb44b_ppc64le",
"8Base-RHOSE-4.8:openshift4/ose-egress-router@sha256:4b3083b15eb27c5f3359498c3d76eab277f55264b1d1f50a560176e2cf471bde_ppc64le",
"8Base-RHOSE-4.8:openshift4/ose-egress-router@sha256:9c5ea6554b499063a4056685d22bc4b8e553bacbacd8f5b6c6c70029b7c691c2_amd64",
"8Base-RHOSE-4.8:openshift4/ose-egress-router@sha256:c8948bfb7437e445a58323c456979829d738f69d192b308af112793a44ece6be_s390x",
"8Base-RHOSE-4.8:openshift4/ose-ghostunnel@sha256:d24324d2a5f5db35706160389fd0504529847b610b67c946426dd2d5c580333c_amd64",
"8Base-RHOSE-4.8:openshift4/ose-helm-operator@sha256:2da0cd361bc6553072e88c8360dcf6d892ca6c3d34c98bdfa611105559373e98_ppc64le",
"8Base-RHOSE-4.8:openshift4/ose-helm-operator@sha256:aded3473d75a263d10d7f4f3db50366a00b1c592608c187f35e43dcf33d4cc92_s390x",
"8Base-RHOSE-4.8:openshift4/ose-helm-operator@sha256:df4243dbedfc6b134f48d8e839c859a55070dd816fcebf64da40f1ff86d1a6e8_amd64",
"8Base-RHOSE-4.8:openshift4/ose-kubernetes-nmstate-handler-rhel8@sha256:13d228ad69d3d76bd7af3eab87c2122016c29aca7930d83b7b084726ea62b3b6_amd64",
"8Base-RHOSE-4.8:openshift4/ose-kubernetes-nmstate-handler-rhel8@sha256:3a1ede2d5f064cdc9c3dcae93122e30fe6acb8962905ea739484840c028767eb_s390x",
"8Base-RHOSE-4.8:openshift4/ose-kubernetes-nmstate-handler-rhel8@sha256:6df1c3e3f99b59c1dcc1ba4bc50aef9638ec28eeb4a358316b6b5c5eb9ce1c1a_ppc64le",
"8Base-RHOSE-4.8:openshift4/ose-local-storage-diskmaker@sha256:4fb057e9824cccd554b9295e8c1b4cfc16ffb3eecc2211fa1e1a312f7a79c949_s390x",
"8Base-RHOSE-4.8:openshift4/ose-local-storage-diskmaker@sha256:5e7b1da76d30b757db38feef9ac254d1e36b04fe8d6ffab13ba147d0cff88974_ppc64le",
"8Base-RHOSE-4.8:openshift4/ose-local-storage-diskmaker@sha256:75bc3a0ac9201a825d2aaa1a8af28db620c40e95e25b5e1b6b3e00e507bccdcc_amd64",
"8Base-RHOSE-4.8:openshift4/ose-local-storage-mustgather-rhel8@sha256:06a330662e9a8f5aeae9ae9f85db9f25d8b96821f86437a9198ef626979b9b23_amd64",
"8Base-RHOSE-4.8:openshift4/ose-local-storage-mustgather-rhel8@sha256:7aa0f9ceaa8663081cf19d8a2c689d6356d467ce5ccfb1a6140101f5a47973b6_s390x",
"8Base-RHOSE-4.8:openshift4/ose-local-storage-mustgather-rhel8@sha256:b83bc8b9652ca1d2ff55733ba68f8eaca1542e5318b6860935d12244b240a3f2_ppc64le",
"8Base-RHOSE-4.8:openshift4/ose-local-storage-operator@sha256:1867e7f843577448af26b84cdfb7489b295c5db3eb0faa1eac334b491bf96848_ppc64le",
"8Base-RHOSE-4.8:openshift4/ose-local-storage-operator@sha256:8bf7c9546ffbab5678776abe5a25460f3ffdc166ffbfb65f4a674bac26e0dfae_amd64",
"8Base-RHOSE-4.8:openshift4/ose-local-storage-operator@sha256:b0ca8c3ea4511b5255ef9638f01fefaa6f2e93400a0409360c81d26e8ef8f493_s390x",
"8Base-RHOSE-4.8:openshift4/ose-local-storage-static-provisioner@sha256:030c266a9d55bd63d837fae36a1550a2607e684e8ccfd78fb229b2a028d8897f_ppc64le",
"8Base-RHOSE-4.8:openshift4/ose-local-storage-static-provisioner@sha256:2365ccb37a8f91f4ce8c0681e304f98f9468ccd3e7e9cb6bfe7e7179cdad9998_s390x",
"8Base-RHOSE-4.8:openshift4/ose-local-storage-static-provisioner@sha256:bcff1893ff84874958f43dd84a22f56f7648dfda34236f4ad87e2a964cf33cd9_amd64",
"8Base-RHOSE-4.8:openshift4/ose-metering-ansible-operator@sha256:7576005fb1ee5c89807a5c74c17a6beebdde06f39950d421354c8827e38dad37_amd64",
"8Base-RHOSE-4.8:openshift4/ose-metering-hadoop@sha256:3a6ae11db1f9f60674295b5b9feebbc19e1c8318390a00dd1314f56adace118c_amd64",
"8Base-RHOSE-4.8:openshift4/ose-metering-helm-container-rhel8@sha256:604d7a9033dd87cb30f0e9b35275432e0a6c7637e3cdf54c4710759e4f40ed18_s390x",
"8Base-RHOSE-4.8:openshift4/ose-metering-helm-container-rhel8@sha256:687162ae42b470a8fcfa409380f335265fe608bac5d3bc9511046cf4640f5017_ppc64le",
"8Base-RHOSE-4.8:openshift4/ose-metering-helm-container-rhel8@sha256:982bc5a04515bf30e88eff06b742ee4b0720d26b2039aef229e89ea52bc4322a_amd64",
"8Base-RHOSE-4.8:openshift4/ose-metering-hive@sha256:5431d1a3f9f479600db352feee682ce8e31d9b1d62f7c06e7fe0138a1aca7044_amd64",
"8Base-RHOSE-4.8:openshift4/ose-metering-presto@sha256:cd1d23fd5dff2a78fba377fbb3b1c63d922877af09f17e1c1f898eeaa4891c03_amd64",
"8Base-RHOSE-4.8:openshift4/ose-metering-reporting-operator@sha256:5bcd150f1b2752413a16deb287e08250e357ce220216df626ad5a9086c16ce6e_amd64",
"8Base-RHOSE-4.8:openshift4/ose-node-feature-discovery@sha256:6db511807c1e544de32eb9baba909766c53eac4a721852420c6aabc8de4b8684_ppc64le",
"8Base-RHOSE-4.8:openshift4/ose-node-feature-discovery@sha256:a2c9410fb28d810e26166c6d07af2885e4ac88ec73d95bf152da6e26e00f8086_s390x",
"8Base-RHOSE-4.8:openshift4/ose-node-feature-discovery@sha256:d66763784469579e744a627d49d9e125f0d6c69ac3542336fd28c73180af98bb_amd64",
"8Base-RHOSE-4.8:openshift4/ose-node-problem-detector-rhel8@sha256:05c5fff8726da0dbd9270314bf227eda559969e5abcbabd25078fa7e4f1e99eb_ppc64le",
"8Base-RHOSE-4.8:openshift4/ose-node-problem-detector-rhel8@sha256:3fddde918aae7343b55fb4bdd8273d8a928030d95465cb4c699d92958761a7a1_amd64",
"8Base-RHOSE-4.8:openshift4/ose-node-problem-detector-rhel8@sha256:5244cc96a46219c5ba7c1c52fd52c5c8a70d6534567caa47f01ed7fbc9a8e4e8_s390x",
"8Base-RHOSE-4.8:openshift4/ose-operator-sdk-rhel8@sha256:16080cfd97370db5530d0e58f87bfc2c9c784c2536ce3adc6a159f7ab9575ac9_ppc64le",
"8Base-RHOSE-4.8:openshift4/ose-operator-sdk-rhel8@sha256:7cb3e37cdab015a525dd1e7e9830c50d290ab64d939755aa733182fde5822282_s390x",
"8Base-RHOSE-4.8:openshift4/ose-operator-sdk-rhel8@sha256:7f191475c9dd43d6b40efd4b565bf677af22b1b654e0f5d8829b4831abc715d5_amd64",
"8Base-RHOSE-4.8:openshift4/ose-ptp-operator@sha256:4217ce881595e87ceab2fa0cf973b0fc991e0ebf73f6d5b267aaaecc3a03ad88_ppc64le",
"8Base-RHOSE-4.8:openshift4/ose-ptp-operator@sha256:bb73adc511485987f4b20db03ef164ea82c28bf1fb3cf5c50ecaa3b8bd5e268f_amd64",
"8Base-RHOSE-4.8:openshift4/ose-ptp-operator@sha256:d2e84963c0a4b8c4837c600dcd45a4ec85582dcb277cc5a342772cfaf37a02d6_s390x",
"8Base-RHOSE-4.8:openshift4/ose-ptp@sha256:3265800679156b9f4efebfe7f3d887ff804fa5eff6a33fcf4fdec96510a7d0a4_amd64",
"8Base-RHOSE-4.8:openshift4/ose-ptp@sha256:50f1a02f7ddd5e78a607a2d87e1a1d87e6d40dbab914c81a4b7c926446ae7c3f_s390x",
"8Base-RHOSE-4.8:openshift4/ose-ptp@sha256:b72f280d30c133785e64681fbc8c9464c1d495815d066947a8904b6a1eac7554_ppc64le",
"8Base-RHOSE-4.8:openshift4/ose-service-idler-rhel8@sha256:748ff477aab34a52314b3a25c8bc7af0b79938e33c5b0b03d63c2be288884556_ppc64le",
"8Base-RHOSE-4.8:openshift4/ose-service-idler-rhel8@sha256:7655843623686ef2110b391115053ec888b3bfba3e93f7fa015a4ddf59a2c6e1_s390x",
"8Base-RHOSE-4.8:openshift4/ose-service-idler-rhel8@sha256:dbc79719030b91a0879a1646a677fe7858f8e6552c496cfd5025430e6672d3c3_amd64",
"8Base-RHOSE-4.8:openshift4/ose-sriov-cni@sha256:128e08b126309830bece2d61b1095318a44fdb6437a1264a98922b92a9b56339_amd64",
"8Base-RHOSE-4.8:openshift4/ose-sriov-cni@sha256:4ead46ef89a7fc3c96a27426f1594f9403abe2d149f1a06f4e8c23a1435793a0_ppc64le",
"8Base-RHOSE-4.8:openshift4/ose-sriov-cni@sha256:de25d1ab45eec3791e0429c14cd159c2cf0e06f60538eea58a3884ba8ec0c437_s390x",
"8Base-RHOSE-4.8:openshift4/ose-sriov-dp-admission-controller@sha256:035ee520fd3303409a8a622fbfdc092495705533e687afd5a507269ff2888672_s390x",
"8Base-RHOSE-4.8:openshift4/ose-sriov-dp-admission-controller@sha256:3740692124ba1131c412665eb689db7d1fc90bc96df32905efa4c81295834a1d_amd64",
"8Base-RHOSE-4.8:openshift4/ose-sriov-dp-admission-controller@sha256:92fdeb3673145a77ff34decadc8a406cd05ce83afbbc848821717d2bc127f4db_ppc64le",
"8Base-RHOSE-4.8:openshift4/ose-sriov-infiniband-cni@sha256:4419994e773ba864245ad4763cecd5383e1782cf81f53977580ed5c70581a2a1_s390x",
"8Base-RHOSE-4.8:openshift4/ose-sriov-infiniband-cni@sha256:d3a01146298d996f4d5cc8114cb31c38fc332bbaa6056dbbc0c06580033df02f_ppc64le",
"8Base-RHOSE-4.8:openshift4/ose-sriov-infiniband-cni@sha256:e316ddfe57eb0f75f1d05f6b449f7f2746b345155729e037012d9081bcdfe11a_amd64",
"8Base-RHOSE-4.8:openshift4/ose-sriov-network-config-daemon@sha256:5d684abc03e26dd161328261d5c4c05f18afb91b92bb2e9e3934f371f7ae5e9c_ppc64le",
"8Base-RHOSE-4.8:openshift4/ose-sriov-network-config-daemon@sha256:e2210baeb0be9422275445e978f4f2ca2813476f0fdc39b239b9edb4add588a0_amd64",
"8Base-RHOSE-4.8:openshift4/ose-sriov-network-config-daemon@sha256:edee9914747f7b1a871dfbf8e0ada436fd853f9cb8b4f25bd6a3ae8f2d8b0851_s390x",
"8Base-RHOSE-4.8:openshift4/ose-sriov-network-device-plugin@sha256:7165575c0b49cf25bdafbb7390199d2a957322147fadfdce1401afc10dfcb37d_amd64",
"8Base-RHOSE-4.8:openshift4/ose-sriov-network-device-plugin@sha256:d5567efab982e51026761e1cb5a120f2eed54033550cbac5c4b78620b5a775ce_s390x",
"8Base-RHOSE-4.8:openshift4/ose-sriov-network-device-plugin@sha256:f54ddc9b51cc0878cb4771c8b55bee97ed02b003395f19ef9500c91cceccf134_ppc64le",
"8Base-RHOSE-4.8:openshift4/ose-sriov-network-operator@sha256:34af2eab98fe5ead527de11fd495642f49e955e17064cc8cf1674b13b362efac_s390x",
"8Base-RHOSE-4.8:openshift4/ose-sriov-network-operator@sha256:53bd17fd25accba8ed846c3906bfc140851c43cab9e599103a6df559d89b8323_amd64",
"8Base-RHOSE-4.8:openshift4/ose-sriov-network-operator@sha256:66ad156d2d59b0d47cedc94b9118e6e1107325ab5ba44375613f892d64d09956_ppc64le",
"8Base-RHOSE-4.8:openshift4/ose-sriov-network-webhook@sha256:3e648c0a96ae8024e5443782eb2afe8e3a2c716ee9dd20263fe3cad2d4c293dd_ppc64le",
"8Base-RHOSE-4.8:openshift4/ose-sriov-network-webhook@sha256:59dead9be2c8e873496653be6570c8aeffb1a9b420ba00200aae3506f1a1798e_s390x",
"8Base-RHOSE-4.8:openshift4/ose-sriov-network-webhook@sha256:e86bcdbfd6ac7e6cfb846d5a639a32f87f5500230044a8c299c28cfce1850f54_amd64",
"8Base-RHOSE-4.8:openshift4/ose-sriov-operator-must-gather@sha256:92b3d9d0f17b66c8856e795745282d0cc856cd2c8bf66dfa3beb9b0675fa5e1d_ppc64le",
"8Base-RHOSE-4.8:openshift4/ose-sriov-operator-must-gather@sha256:baa3b6da137bc048f57d656f938c71d26e8240f4a5a7d99dab584a1662d19188_s390x",
"8Base-RHOSE-4.8:openshift4/ose-sriov-operator-must-gather@sha256:e8dc9605891487bf743f20225f2bff4add607946d9b97da24f06bc0a3a5c4b6d_amd64",
"8Base-RHOSE-4.8:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:8894179aee32aea7d875499179bfc1783a1d81e052ee47499cb3b34ae7d4d18b_amd64",
"8Base-RHOSE-4.8:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:9e1d1bf31fa04b05b46e04cb564361ae8387fa06da5ec019a475a11ef7ff9358_ppc64le",
"8Base-RHOSE-4.8:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:c1b1addb2f2a7c84de8e0c50e6015921bc5f8f19c6c3defe090fc643e2a59fc4_s390x",
"8Base-RHOSE-4.8:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:5ff00e93833c3d916988979303e7bc0fe21b1da50ecbfbbf4d0545ef45b535ab_amd64",
"8Base-RHOSE-4.8:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:818f036319edf0d327b3d7b8c474e62181b645091bd78039f8af6bc9d06ec3c2_s390x",
"8Base-RHOSE-4.8:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:a2ec2c2c86e2dbc1471758f25942d74489bf011bcc905d4e27edb38f57835ac3_ppc64le",
"8Base-RHOSE-4.8:openshift4/ptp-must-gather-rhel8@sha256:16135e26bab08312237920621dfdda19de439cafa3496336a5bb036ba6aab810_s390x",
"8Base-RHOSE-4.8:openshift4/ptp-must-gather-rhel8@sha256:7e7c5e847bec122955563c7c2ed9de3d798155ea77ad13c528fdc173b817e811_amd64",
"8Base-RHOSE-4.8:openshift4/ptp-must-gather-rhel8@sha256:94572c353a049edb1ebc935a73a15e78ef399b9f15f3bb9b8bf376f1b37dff87_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-RHOSE-4.8:openshift4/kubernetes-nmstate-rhel8-operator@sha256:04af6b907f56fe1255345a4d5dd23908e6fe51b63da2d86812f0301f97b8abe8_ppc64le",
"8Base-RHOSE-4.8:openshift4/kubernetes-nmstate-rhel8-operator@sha256:401efb6b2a736bc00475df75c05178f2b5a01a917e416b166ba77b084984bbb0_s390x",
"8Base-RHOSE-4.8:openshift4/kubernetes-nmstate-rhel8-operator@sha256:bf92e1a223de2fe51d8e702f7bcd924e83378b99a249e76f1f8db7167a34e155_amd64",
"8Base-RHOSE-4.8:openshift4/ose-ansible-operator@sha256:16268bec56efd542c49bdd5ce8934d7edfe81ee2e11f716bfba09afda1096ccd_ppc64le",
"8Base-RHOSE-4.8:openshift4/ose-ansible-operator@sha256:317b636846f5a4da94b8a44eb87b9d34721da8b819debdcfecb726b8d74537c4_amd64",
"8Base-RHOSE-4.8:openshift4/ose-ansible-operator@sha256:678e89a0851566628a99981a5e395fc2a88936e5f1552a7f205e0c4dc4f34e58_s390x",
"8Base-RHOSE-4.8:openshift4/ose-cluster-capacity@sha256:29eb94fd8e5cf6bd471ed30b0cd1d7f647588c14c93a148f8f332cd21ee94542_ppc64le",
"8Base-RHOSE-4.8:openshift4/ose-cluster-capacity@sha256:91d7fad60dbc99ea4b1393d9f47de64d145dd3302b199edb7922efbc3a223c40_s390x",
"8Base-RHOSE-4.8:openshift4/ose-cluster-capacity@sha256:a8b224b9187b51c7b6251488f84bc86ec5e54bad0515c1516d6f535a2ad5a6d7_amd64",
"8Base-RHOSE-4.8:openshift4/ose-cluster-kube-descheduler-operator@sha256:24380dc5d13f84e5b3d35bcf6e183ab697a8b9f997c4808027dbe396a075e389_amd64",
"8Base-RHOSE-4.8:openshift4/ose-cluster-kube-descheduler-operator@sha256:4210a5b83b7a6dce2e8b5e9c74b2c2858b4441c7e7046dc1bc47d13bade5b344_s390x",
"8Base-RHOSE-4.8:openshift4/ose-cluster-kube-descheduler-operator@sha256:7de02a3794875b503787352cc1ba1774ca2bc48e717668323b135f2b4d03bab2_ppc64le",
"8Base-RHOSE-4.8:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:24380dc5d13f84e5b3d35bcf6e183ab697a8b9f997c4808027dbe396a075e389_amd64",
"8Base-RHOSE-4.8:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:4210a5b83b7a6dce2e8b5e9c74b2c2858b4441c7e7046dc1bc47d13bade5b344_s390x",
"8Base-RHOSE-4.8:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:7de02a3794875b503787352cc1ba1774ca2bc48e717668323b135f2b4d03bab2_ppc64le",
"8Base-RHOSE-4.8:openshift4/ose-cluster-nfd-operator@sha256:050f5694076ad7712ea486db9c3a6da60f14a6bcdefb93f09ae5a5d0d2350216_s390x",
"8Base-RHOSE-4.8:openshift4/ose-cluster-nfd-operator@sha256:3e804e2a87f3d4466ec45163ec1b8a7f5f8621a8dafba7359639319def652df7_amd64",
"8Base-RHOSE-4.8:openshift4/ose-cluster-nfd-operator@sha256:69325720dac7c66e759da3a932d6d11694b446809a2acd705bcd010662f119ac_ppc64le",
"8Base-RHOSE-4.8:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:a2b533899da262cc3dcdec64b353b4373c692c65795d092735110ffe14b1f405_s390x",
"8Base-RHOSE-4.8:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:e78a6496a8fe3bf67a1575cab28d8f9829ff2c9506cec53dc28cd08f1382641a_ppc64le",
"8Base-RHOSE-4.8:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:f426e6f2bbd416978f1bc731e061eb908cd34736180e92a6d76cbcc00d494ea0_amd64",
"8Base-RHOSE-4.8:openshift4/ose-clusterresourceoverride-rhel8@sha256:4361d04e51268ebc0048167a60b69b789b9e4158e819979a2996fc2a79a0183e_ppc64le",
"8Base-RHOSE-4.8:openshift4/ose-clusterresourceoverride-rhel8@sha256:7f80896dc1acc9d9af477d753e7fafe3d828e5b35fb123fda05c272c93efaae4_amd64",
"8Base-RHOSE-4.8:openshift4/ose-clusterresourceoverride-rhel8@sha256:862a2025b5f3a3e7569fe6fcdb08d008318daf7b7818dbff9bc571d053360ab1_s390x",
"8Base-RHOSE-4.8:openshift4/ose-descheduler@sha256:4f9de0b544a418c728d7921b031268687b315273256b1b964de87602b552f559_s390x",
"8Base-RHOSE-4.8:openshift4/ose-descheduler@sha256:b5ad38974bb046acc284d81615f89be45cc88ee94dd202715a84048ff666de39_ppc64le",
"8Base-RHOSE-4.8:openshift4/ose-descheduler@sha256:c646e3a5e81cff6f9e5fd0d590acff2a8ae1c0a36cb7bc5210f6285d8dc06817_amd64",
"8Base-RHOSE-4.8:openshift4/ose-egress-dns-proxy@sha256:45e93e144f0401c1b18a98864544e8e57439a5aae0937796a52cfbb5b5657620_ppc64le",
"8Base-RHOSE-4.8:openshift4/ose-egress-dns-proxy@sha256:7e578789946a853c299254cc9092f815c59333551fc7bcdf0cec4ee8bd0975f7_amd64",
"8Base-RHOSE-4.8:openshift4/ose-egress-dns-proxy@sha256:fa2b319dade615c79b26363fa35ff7519b890ceca1a316ba7b4a13ac2dfe3392_s390x",
"8Base-RHOSE-4.8:openshift4/ose-egress-http-proxy@sha256:26f61e722fc9110448b6c851d8c9e0e49c8d31ee6bbc678ea27767fe8351ad5b_amd64",
"8Base-RHOSE-4.8:openshift4/ose-egress-http-proxy@sha256:39a831a45748dfd91a1d20f68481fbc82bd3fefa4cb5ff87aab478770582de2f_s390x",
"8Base-RHOSE-4.8:openshift4/ose-egress-http-proxy@sha256:cef6c19c4b400e88a5231b626970ca205af002ae004f0e40c2bb5b3281abb44b_ppc64le",
"8Base-RHOSE-4.8:openshift4/ose-egress-router@sha256:4b3083b15eb27c5f3359498c3d76eab277f55264b1d1f50a560176e2cf471bde_ppc64le",
"8Base-RHOSE-4.8:openshift4/ose-egress-router@sha256:9c5ea6554b499063a4056685d22bc4b8e553bacbacd8f5b6c6c70029b7c691c2_amd64",
"8Base-RHOSE-4.8:openshift4/ose-egress-router@sha256:c8948bfb7437e445a58323c456979829d738f69d192b308af112793a44ece6be_s390x",
"8Base-RHOSE-4.8:openshift4/ose-ghostunnel@sha256:d24324d2a5f5db35706160389fd0504529847b610b67c946426dd2d5c580333c_amd64",
"8Base-RHOSE-4.8:openshift4/ose-helm-operator@sha256:2da0cd361bc6553072e88c8360dcf6d892ca6c3d34c98bdfa611105559373e98_ppc64le",
"8Base-RHOSE-4.8:openshift4/ose-helm-operator@sha256:aded3473d75a263d10d7f4f3db50366a00b1c592608c187f35e43dcf33d4cc92_s390x",
"8Base-RHOSE-4.8:openshift4/ose-helm-operator@sha256:df4243dbedfc6b134f48d8e839c859a55070dd816fcebf64da40f1ff86d1a6e8_amd64",
"8Base-RHOSE-4.8:openshift4/ose-kubernetes-nmstate-handler-rhel8@sha256:13d228ad69d3d76bd7af3eab87c2122016c29aca7930d83b7b084726ea62b3b6_amd64",
"8Base-RHOSE-4.8:openshift4/ose-kubernetes-nmstate-handler-rhel8@sha256:3a1ede2d5f064cdc9c3dcae93122e30fe6acb8962905ea739484840c028767eb_s390x",
"8Base-RHOSE-4.8:openshift4/ose-kubernetes-nmstate-handler-rhel8@sha256:6df1c3e3f99b59c1dcc1ba4bc50aef9638ec28eeb4a358316b6b5c5eb9ce1c1a_ppc64le",
"8Base-RHOSE-4.8:openshift4/ose-local-storage-diskmaker@sha256:4fb057e9824cccd554b9295e8c1b4cfc16ffb3eecc2211fa1e1a312f7a79c949_s390x",
"8Base-RHOSE-4.8:openshift4/ose-local-storage-diskmaker@sha256:5e7b1da76d30b757db38feef9ac254d1e36b04fe8d6ffab13ba147d0cff88974_ppc64le",
"8Base-RHOSE-4.8:openshift4/ose-local-storage-diskmaker@sha256:75bc3a0ac9201a825d2aaa1a8af28db620c40e95e25b5e1b6b3e00e507bccdcc_amd64",
"8Base-RHOSE-4.8:openshift4/ose-local-storage-mustgather-rhel8@sha256:06a330662e9a8f5aeae9ae9f85db9f25d8b96821f86437a9198ef626979b9b23_amd64",
"8Base-RHOSE-4.8:openshift4/ose-local-storage-mustgather-rhel8@sha256:7aa0f9ceaa8663081cf19d8a2c689d6356d467ce5ccfb1a6140101f5a47973b6_s390x",
"8Base-RHOSE-4.8:openshift4/ose-local-storage-mustgather-rhel8@sha256:b83bc8b9652ca1d2ff55733ba68f8eaca1542e5318b6860935d12244b240a3f2_ppc64le",
"8Base-RHOSE-4.8:openshift4/ose-local-storage-operator@sha256:1867e7f843577448af26b84cdfb7489b295c5db3eb0faa1eac334b491bf96848_ppc64le",
"8Base-RHOSE-4.8:openshift4/ose-local-storage-operator@sha256:8bf7c9546ffbab5678776abe5a25460f3ffdc166ffbfb65f4a674bac26e0dfae_amd64",
"8Base-RHOSE-4.8:openshift4/ose-local-storage-operator@sha256:b0ca8c3ea4511b5255ef9638f01fefaa6f2e93400a0409360c81d26e8ef8f493_s390x",
"8Base-RHOSE-4.8:openshift4/ose-local-storage-static-provisioner@sha256:030c266a9d55bd63d837fae36a1550a2607e684e8ccfd78fb229b2a028d8897f_ppc64le",
"8Base-RHOSE-4.8:openshift4/ose-local-storage-static-provisioner@sha256:2365ccb37a8f91f4ce8c0681e304f98f9468ccd3e7e9cb6bfe7e7179cdad9998_s390x",
"8Base-RHOSE-4.8:openshift4/ose-local-storage-static-provisioner@sha256:bcff1893ff84874958f43dd84a22f56f7648dfda34236f4ad87e2a964cf33cd9_amd64",
"8Base-RHOSE-4.8:openshift4/ose-metering-ansible-operator@sha256:7576005fb1ee5c89807a5c74c17a6beebdde06f39950d421354c8827e38dad37_amd64",
"8Base-RHOSE-4.8:openshift4/ose-metering-hadoop@sha256:3a6ae11db1f9f60674295b5b9feebbc19e1c8318390a00dd1314f56adace118c_amd64",
"8Base-RHOSE-4.8:openshift4/ose-metering-helm-container-rhel8@sha256:604d7a9033dd87cb30f0e9b35275432e0a6c7637e3cdf54c4710759e4f40ed18_s390x",
"8Base-RHOSE-4.8:openshift4/ose-metering-helm-container-rhel8@sha256:687162ae42b470a8fcfa409380f335265fe608bac5d3bc9511046cf4640f5017_ppc64le",
"8Base-RHOSE-4.8:openshift4/ose-metering-helm-container-rhel8@sha256:982bc5a04515bf30e88eff06b742ee4b0720d26b2039aef229e89ea52bc4322a_amd64",
"8Base-RHOSE-4.8:openshift4/ose-metering-hive@sha256:5431d1a3f9f479600db352feee682ce8e31d9b1d62f7c06e7fe0138a1aca7044_amd64",
"8Base-RHOSE-4.8:openshift4/ose-metering-presto@sha256:cd1d23fd5dff2a78fba377fbb3b1c63d922877af09f17e1c1f898eeaa4891c03_amd64",
"8Base-RHOSE-4.8:openshift4/ose-metering-reporting-operator@sha256:5bcd150f1b2752413a16deb287e08250e357ce220216df626ad5a9086c16ce6e_amd64",
"8Base-RHOSE-4.8:openshift4/ose-node-feature-discovery@sha256:6db511807c1e544de32eb9baba909766c53eac4a721852420c6aabc8de4b8684_ppc64le",
"8Base-RHOSE-4.8:openshift4/ose-node-feature-discovery@sha256:a2c9410fb28d810e26166c6d07af2885e4ac88ec73d95bf152da6e26e00f8086_s390x",
"8Base-RHOSE-4.8:openshift4/ose-node-feature-discovery@sha256:d66763784469579e744a627d49d9e125f0d6c69ac3542336fd28c73180af98bb_amd64",
"8Base-RHOSE-4.8:openshift4/ose-node-problem-detector-rhel8@sha256:05c5fff8726da0dbd9270314bf227eda559969e5abcbabd25078fa7e4f1e99eb_ppc64le",
"8Base-RHOSE-4.8:openshift4/ose-node-problem-detector-rhel8@sha256:3fddde918aae7343b55fb4bdd8273d8a928030d95465cb4c699d92958761a7a1_amd64",
"8Base-RHOSE-4.8:openshift4/ose-node-problem-detector-rhel8@sha256:5244cc96a46219c5ba7c1c52fd52c5c8a70d6534567caa47f01ed7fbc9a8e4e8_s390x",
"8Base-RHOSE-4.8:openshift4/ose-operator-sdk-rhel8@sha256:16080cfd97370db5530d0e58f87bfc2c9c784c2536ce3adc6a159f7ab9575ac9_ppc64le",
"8Base-RHOSE-4.8:openshift4/ose-operator-sdk-rhel8@sha256:7cb3e37cdab015a525dd1e7e9830c50d290ab64d939755aa733182fde5822282_s390x",
"8Base-RHOSE-4.8:openshift4/ose-operator-sdk-rhel8@sha256:7f191475c9dd43d6b40efd4b565bf677af22b1b654e0f5d8829b4831abc715d5_amd64",
"8Base-RHOSE-4.8:openshift4/ose-ptp-operator@sha256:4217ce881595e87ceab2fa0cf973b0fc991e0ebf73f6d5b267aaaecc3a03ad88_ppc64le",
"8Base-RHOSE-4.8:openshift4/ose-ptp-operator@sha256:bb73adc511485987f4b20db03ef164ea82c28bf1fb3cf5c50ecaa3b8bd5e268f_amd64",
"8Base-RHOSE-4.8:openshift4/ose-ptp-operator@sha256:d2e84963c0a4b8c4837c600dcd45a4ec85582dcb277cc5a342772cfaf37a02d6_s390x",
"8Base-RHOSE-4.8:openshift4/ose-ptp@sha256:3265800679156b9f4efebfe7f3d887ff804fa5eff6a33fcf4fdec96510a7d0a4_amd64",
"8Base-RHOSE-4.8:openshift4/ose-ptp@sha256:50f1a02f7ddd5e78a607a2d87e1a1d87e6d40dbab914c81a4b7c926446ae7c3f_s390x",
"8Base-RHOSE-4.8:openshift4/ose-ptp@sha256:b72f280d30c133785e64681fbc8c9464c1d495815d066947a8904b6a1eac7554_ppc64le",
"8Base-RHOSE-4.8:openshift4/ose-service-idler-rhel8@sha256:748ff477aab34a52314b3a25c8bc7af0b79938e33c5b0b03d63c2be288884556_ppc64le",
"8Base-RHOSE-4.8:openshift4/ose-service-idler-rhel8@sha256:7655843623686ef2110b391115053ec888b3bfba3e93f7fa015a4ddf59a2c6e1_s390x",
"8Base-RHOSE-4.8:openshift4/ose-service-idler-rhel8@sha256:dbc79719030b91a0879a1646a677fe7858f8e6552c496cfd5025430e6672d3c3_amd64",
"8Base-RHOSE-4.8:openshift4/ose-sriov-cni@sha256:128e08b126309830bece2d61b1095318a44fdb6437a1264a98922b92a9b56339_amd64",
"8Base-RHOSE-4.8:openshift4/ose-sriov-cni@sha256:4ead46ef89a7fc3c96a27426f1594f9403abe2d149f1a06f4e8c23a1435793a0_ppc64le",
"8Base-RHOSE-4.8:openshift4/ose-sriov-cni@sha256:de25d1ab45eec3791e0429c14cd159c2cf0e06f60538eea58a3884ba8ec0c437_s390x",
"8Base-RHOSE-4.8:openshift4/ose-sriov-dp-admission-controller@sha256:035ee520fd3303409a8a622fbfdc092495705533e687afd5a507269ff2888672_s390x",
"8Base-RHOSE-4.8:openshift4/ose-sriov-dp-admission-controller@sha256:3740692124ba1131c412665eb689db7d1fc90bc96df32905efa4c81295834a1d_amd64",
"8Base-RHOSE-4.8:openshift4/ose-sriov-dp-admission-controller@sha256:92fdeb3673145a77ff34decadc8a406cd05ce83afbbc848821717d2bc127f4db_ppc64le",
"8Base-RHOSE-4.8:openshift4/ose-sriov-infiniband-cni@sha256:4419994e773ba864245ad4763cecd5383e1782cf81f53977580ed5c70581a2a1_s390x",
"8Base-RHOSE-4.8:openshift4/ose-sriov-infiniband-cni@sha256:d3a01146298d996f4d5cc8114cb31c38fc332bbaa6056dbbc0c06580033df02f_ppc64le",
"8Base-RHOSE-4.8:openshift4/ose-sriov-infiniband-cni@sha256:e316ddfe57eb0f75f1d05f6b449f7f2746b345155729e037012d9081bcdfe11a_amd64",
"8Base-RHOSE-4.8:openshift4/ose-sriov-network-config-daemon@sha256:5d684abc03e26dd161328261d5c4c05f18afb91b92bb2e9e3934f371f7ae5e9c_ppc64le",
"8Base-RHOSE-4.8:openshift4/ose-sriov-network-config-daemon@sha256:e2210baeb0be9422275445e978f4f2ca2813476f0fdc39b239b9edb4add588a0_amd64",
"8Base-RHOSE-4.8:openshift4/ose-sriov-network-config-daemon@sha256:edee9914747f7b1a871dfbf8e0ada436fd853f9cb8b4f25bd6a3ae8f2d8b0851_s390x",
"8Base-RHOSE-4.8:openshift4/ose-sriov-network-device-plugin@sha256:7165575c0b49cf25bdafbb7390199d2a957322147fadfdce1401afc10dfcb37d_amd64",
"8Base-RHOSE-4.8:openshift4/ose-sriov-network-device-plugin@sha256:d5567efab982e51026761e1cb5a120f2eed54033550cbac5c4b78620b5a775ce_s390x",
"8Base-RHOSE-4.8:openshift4/ose-sriov-network-device-plugin@sha256:f54ddc9b51cc0878cb4771c8b55bee97ed02b003395f19ef9500c91cceccf134_ppc64le",
"8Base-RHOSE-4.8:openshift4/ose-sriov-network-operator@sha256:34af2eab98fe5ead527de11fd495642f49e955e17064cc8cf1674b13b362efac_s390x",
"8Base-RHOSE-4.8:openshift4/ose-sriov-network-operator@sha256:53bd17fd25accba8ed846c3906bfc140851c43cab9e599103a6df559d89b8323_amd64",
"8Base-RHOSE-4.8:openshift4/ose-sriov-network-operator@sha256:66ad156d2d59b0d47cedc94b9118e6e1107325ab5ba44375613f892d64d09956_ppc64le",
"8Base-RHOSE-4.8:openshift4/ose-sriov-network-webhook@sha256:3e648c0a96ae8024e5443782eb2afe8e3a2c716ee9dd20263fe3cad2d4c293dd_ppc64le",
"8Base-RHOSE-4.8:openshift4/ose-sriov-network-webhook@sha256:59dead9be2c8e873496653be6570c8aeffb1a9b420ba00200aae3506f1a1798e_s390x",
"8Base-RHOSE-4.8:openshift4/ose-sriov-network-webhook@sha256:e86bcdbfd6ac7e6cfb846d5a639a32f87f5500230044a8c299c28cfce1850f54_amd64",
"8Base-RHOSE-4.8:openshift4/ose-sriov-operator-must-gather@sha256:92b3d9d0f17b66c8856e795745282d0cc856cd2c8bf66dfa3beb9b0675fa5e1d_ppc64le",
"8Base-RHOSE-4.8:openshift4/ose-sriov-operator-must-gather@sha256:baa3b6da137bc048f57d656f938c71d26e8240f4a5a7d99dab584a1662d19188_s390x",
"8Base-RHOSE-4.8:openshift4/ose-sriov-operator-must-gather@sha256:e8dc9605891487bf743f20225f2bff4add607946d9b97da24f06bc0a3a5c4b6d_amd64",
"8Base-RHOSE-4.8:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:8894179aee32aea7d875499179bfc1783a1d81e052ee47499cb3b34ae7d4d18b_amd64",
"8Base-RHOSE-4.8:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:9e1d1bf31fa04b05b46e04cb564361ae8387fa06da5ec019a475a11ef7ff9358_ppc64le",
"8Base-RHOSE-4.8:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:c1b1addb2f2a7c84de8e0c50e6015921bc5f8f19c6c3defe090fc643e2a59fc4_s390x",
"8Base-RHOSE-4.8:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:5ff00e93833c3d916988979303e7bc0fe21b1da50ecbfbbf4d0545ef45b535ab_amd64",
"8Base-RHOSE-4.8:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:818f036319edf0d327b3d7b8c474e62181b645091bd78039f8af6bc9d06ec3c2_s390x",
"8Base-RHOSE-4.8:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:a2ec2c2c86e2dbc1471758f25942d74489bf011bcc905d4e27edb38f57835ac3_ppc64le",
"8Base-RHOSE-4.8:openshift4/ptp-must-gather-rhel8@sha256:16135e26bab08312237920621dfdda19de439cafa3496336a5bb036ba6aab810_s390x",
"8Base-RHOSE-4.8:openshift4/ptp-must-gather-rhel8@sha256:7e7c5e847bec122955563c7c2ed9de3d798155ea77ad13c528fdc173b817e811_amd64",
"8Base-RHOSE-4.8:openshift4/ptp-must-gather-rhel8@sha256:94572c353a049edb1ebc935a73a15e78ef399b9f15f3bb9b8bf376f1b37dff87_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "log4j-core: remote code execution via JDBC Appender"
}
]
}
RHSA-2022_0230
Vulnerability from csaf_redhat - Published: 2022-01-21 19:04 - Updated: 2024-11-24 21:30Summary
Red Hat Security Advisory: Red Hat OpenShift Enterprise Logging bug fix and security update (5.2.6)
Notes
Topic
An update is now available for OpenShift Logging (5.2.6)
Red Hat Product Security has rated this update as having a security impact of
Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives
a detailed severity rating, is available for each vulnerability from the CVE
link(s) in the References section.
Details
OpenShift Logging Bug Fix Release (5.2.6)
Security Fix(es):
* nodejs-ua-parser-js: ReDoS via malicious User-Agent header (CVE-2021-27292)
* log4j-core: remote code execution via JDBC Appender (CVE-2021-44832)
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update is now available for OpenShift Logging (5.2.6)\n\nRed Hat Product Security has rated this update as having a security impact of\nModerate. A Common Vulnerability Scoring System (CVSS) base score, which gives\na detailed severity rating, is available for each vulnerability from the CVE\nlink(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "OpenShift Logging Bug Fix Release (5.2.6)\n\nSecurity Fix(es):\n\n* nodejs-ua-parser-js: ReDoS via malicious User-Agent header (CVE-2021-27292)\n\n* log4j-core: remote code execution via JDBC Appender (CVE-2021-44832)",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2022:0230",
"url": "https://access.redhat.com/errata/RHSA-2022:0230"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "1940613",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1940613"
},
{
"category": "external",
"summary": "2035951",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2035951"
},
{
"category": "external",
"summary": "LOG-2104",
"url": "https://issues.redhat.com/browse/LOG-2104"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2022/rhsa-2022_0230.json"
}
],
"title": "Red Hat Security Advisory: Red Hat OpenShift Enterprise Logging bug fix and security update (5.2.6)",
"tracking": {
"current_release_date": "2024-11-24T21:30:26+00:00",
"generator": {
"date": "2024-11-24T21:30:26+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.1"
}
},
"id": "RHSA-2022:0230",
"initial_release_date": "2022-01-21T19:04:46+00:00",
"revision_history": [
{
"date": "2022-01-21T19:04:46+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2022-01-21T19:04:46+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-24T21:30:26+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "OpenShift Logging 5.2",
"product": {
"name": "OpenShift Logging 5.2",
"product_id": "8Base-OSE-LOGGING-5.2",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:logging:5.2::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenShift Enterprise"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-logging/cluster-logging-rhel8-operator@sha256:3fa8f9590e009139c5d3c7f104d3bfee279e6a4a648b9f76defad60fa0a32954_s390x",
"product": {
"name": "openshift-logging/cluster-logging-rhel8-operator@sha256:3fa8f9590e009139c5d3c7f104d3bfee279e6a4a648b9f76defad60fa0a32954_s390x",
"product_id": "openshift-logging/cluster-logging-rhel8-operator@sha256:3fa8f9590e009139c5d3c7f104d3bfee279e6a4a648b9f76defad60fa0a32954_s390x",
"product_identification_helper": {
"purl": "pkg:oci/cluster-logging-rhel8-operator@sha256:3fa8f9590e009139c5d3c7f104d3bfee279e6a4a648b9f76defad60fa0a32954?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/cluster-logging-rhel8-operator\u0026tag=v5.2.6-2"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch-rhel8-operator@sha256:c4029eab5cf3ef8e00f774a04b786003e31073c85a585f50689009110d2a5f76_s390x",
"product": {
"name": "openshift-logging/elasticsearch-rhel8-operator@sha256:c4029eab5cf3ef8e00f774a04b786003e31073c85a585f50689009110d2a5f76_s390x",
"product_id": "openshift-logging/elasticsearch-rhel8-operator@sha256:c4029eab5cf3ef8e00f774a04b786003e31073c85a585f50689009110d2a5f76_s390x",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch-rhel8-operator@sha256:c4029eab5cf3ef8e00f774a04b786003e31073c85a585f50689009110d2a5f76?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch-rhel8-operator\u0026tag=v5.2.6-2"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:1738c1f613bc80f825795bba194000dd354e15aa05e881ef103e63ce4c905ac8_s390x",
"product": {
"name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:1738c1f613bc80f825795bba194000dd354e15aa05e881ef103e63ce4c905ac8_s390x",
"product_id": "openshift-logging/elasticsearch-proxy-rhel8@sha256:1738c1f613bc80f825795bba194000dd354e15aa05e881ef103e63ce4c905ac8_s390x",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch-proxy-rhel8@sha256:1738c1f613bc80f825795bba194000dd354e15aa05e881ef103e63ce4c905ac8?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch-proxy-rhel8\u0026tag=v1.0.0-104"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/log-file-metric-exporter-rhel8@sha256:c442371d189720167dd3de9deaab587dad8ab810977040da26f3457cfd6eb10e_s390x",
"product": {
"name": "openshift-logging/log-file-metric-exporter-rhel8@sha256:c442371d189720167dd3de9deaab587dad8ab810977040da26f3457cfd6eb10e_s390x",
"product_id": "openshift-logging/log-file-metric-exporter-rhel8@sha256:c442371d189720167dd3de9deaab587dad8ab810977040da26f3457cfd6eb10e_s390x",
"product_identification_helper": {
"purl": "pkg:oci/log-file-metric-exporter-rhel8@sha256:c442371d189720167dd3de9deaab587dad8ab810977040da26f3457cfd6eb10e?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel8\u0026tag=v1.0.0-71"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/logging-curator5-rhel8@sha256:640ff6c8d8c3c16ba43f87f4d323e93d7d8cdae1df44d7220c79083e8284ebd6_s390x",
"product": {
"name": "openshift-logging/logging-curator5-rhel8@sha256:640ff6c8d8c3c16ba43f87f4d323e93d7d8cdae1df44d7220c79083e8284ebd6_s390x",
"product_id": "openshift-logging/logging-curator5-rhel8@sha256:640ff6c8d8c3c16ba43f87f4d323e93d7d8cdae1df44d7220c79083e8284ebd6_s390x",
"product_identification_helper": {
"purl": "pkg:oci/logging-curator5-rhel8@sha256:640ff6c8d8c3c16ba43f87f4d323e93d7d8cdae1df44d7220c79083e8284ebd6?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/logging-curator5-rhel8\u0026tag=v5.8.1-73"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch6-rhel8@sha256:be1dd8dfaf204fa739a202ac7ddfcf3ed4441c97d05fa914cbbff34d5467bd76_s390x",
"product": {
"name": "openshift-logging/elasticsearch6-rhel8@sha256:be1dd8dfaf204fa739a202ac7ddfcf3ed4441c97d05fa914cbbff34d5467bd76_s390x",
"product_id": "openshift-logging/elasticsearch6-rhel8@sha256:be1dd8dfaf204fa739a202ac7ddfcf3ed4441c97d05fa914cbbff34d5467bd76_s390x",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch6-rhel8@sha256:be1dd8dfaf204fa739a202ac7ddfcf3ed4441c97d05fa914cbbff34d5467bd76?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch6-rhel8\u0026tag=v6.8.1-100"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/eventrouter-rhel8@sha256:d5ae1f16eec322d9c9fb5604641cb038a831a0c7de331feb2999775e7958ed55_s390x",
"product": {
"name": "openshift-logging/eventrouter-rhel8@sha256:d5ae1f16eec322d9c9fb5604641cb038a831a0c7de331feb2999775e7958ed55_s390x",
"product_id": "openshift-logging/eventrouter-rhel8@sha256:d5ae1f16eec322d9c9fb5604641cb038a831a0c7de331feb2999775e7958ed55_s390x",
"product_identification_helper": {
"purl": "pkg:oci/eventrouter-rhel8@sha256:d5ae1f16eec322d9c9fb5604641cb038a831a0c7de331feb2999775e7958ed55?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/eventrouter-rhel8\u0026tag=v0.3.0-99"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/fluentd-rhel8@sha256:a1f3ef5cafecc311f1c206ea40fda0f53badc8a520d30ad4461a25a2177cc393_s390x",
"product": {
"name": "openshift-logging/fluentd-rhel8@sha256:a1f3ef5cafecc311f1c206ea40fda0f53badc8a520d30ad4461a25a2177cc393_s390x",
"product_id": "openshift-logging/fluentd-rhel8@sha256:a1f3ef5cafecc311f1c206ea40fda0f53badc8a520d30ad4461a25a2177cc393_s390x",
"product_identification_helper": {
"purl": "pkg:oci/fluentd-rhel8@sha256:a1f3ef5cafecc311f1c206ea40fda0f53badc8a520d30ad4461a25a2177cc393?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/fluentd-rhel8\u0026tag=v1.7.4-104"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/kibana6-rhel8@sha256:5ec68bc1aa764552cb1471a1844708747fced656c031b8c8428deecd3137eb3a_s390x",
"product": {
"name": "openshift-logging/kibana6-rhel8@sha256:5ec68bc1aa764552cb1471a1844708747fced656c031b8c8428deecd3137eb3a_s390x",
"product_id": "openshift-logging/kibana6-rhel8@sha256:5ec68bc1aa764552cb1471a1844708747fced656c031b8c8428deecd3137eb3a_s390x",
"product_identification_helper": {
"purl": "pkg:oci/kibana6-rhel8@sha256:5ec68bc1aa764552cb1471a1844708747fced656c031b8c8428deecd3137eb3a?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/kibana6-rhel8\u0026tag=v6.8.1-110"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-logging/cluster-logging-rhel8-operator@sha256:ec5a23b5aabdf0103bfe6a19abbf5ff8911b8d0b48b72167517506b53cd32e71_amd64",
"product": {
"name": "openshift-logging/cluster-logging-rhel8-operator@sha256:ec5a23b5aabdf0103bfe6a19abbf5ff8911b8d0b48b72167517506b53cd32e71_amd64",
"product_id": "openshift-logging/cluster-logging-rhel8-operator@sha256:ec5a23b5aabdf0103bfe6a19abbf5ff8911b8d0b48b72167517506b53cd32e71_amd64",
"product_identification_helper": {
"purl": "pkg:oci/cluster-logging-rhel8-operator@sha256:ec5a23b5aabdf0103bfe6a19abbf5ff8911b8d0b48b72167517506b53cd32e71?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/cluster-logging-rhel8-operator\u0026tag=v5.2.6-2"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/cluster-logging-operator-bundle@sha256:f4834508c179ac8ec28747587ea9a5c581e66b8a43dbc484e0b471ec44c5e7a8_amd64",
"product": {
"name": "openshift-logging/cluster-logging-operator-bundle@sha256:f4834508c179ac8ec28747587ea9a5c581e66b8a43dbc484e0b471ec44c5e7a8_amd64",
"product_id": "openshift-logging/cluster-logging-operator-bundle@sha256:f4834508c179ac8ec28747587ea9a5c581e66b8a43dbc484e0b471ec44c5e7a8_amd64",
"product_identification_helper": {
"purl": "pkg:oci/cluster-logging-operator-bundle@sha256:f4834508c179ac8ec28747587ea9a5c581e66b8a43dbc484e0b471ec44c5e7a8?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/cluster-logging-operator-bundle\u0026tag=v5.2.6-6"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch-rhel8-operator@sha256:2f7f3178fff00f6096e340392dfe2e005f7fa6553eae194cb765dd026432d010_amd64",
"product": {
"name": "openshift-logging/elasticsearch-rhel8-operator@sha256:2f7f3178fff00f6096e340392dfe2e005f7fa6553eae194cb765dd026432d010_amd64",
"product_id": "openshift-logging/elasticsearch-rhel8-operator@sha256:2f7f3178fff00f6096e340392dfe2e005f7fa6553eae194cb765dd026432d010_amd64",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch-rhel8-operator@sha256:2f7f3178fff00f6096e340392dfe2e005f7fa6553eae194cb765dd026432d010?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch-rhel8-operator\u0026tag=v5.2.6-2"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch-operator-bundle@sha256:e33d3f89fa14cef83be2bf1d15cf5bb1df57ffd9258902613a2a1309cbc11981_amd64",
"product": {
"name": "openshift-logging/elasticsearch-operator-bundle@sha256:e33d3f89fa14cef83be2bf1d15cf5bb1df57ffd9258902613a2a1309cbc11981_amd64",
"product_id": "openshift-logging/elasticsearch-operator-bundle@sha256:e33d3f89fa14cef83be2bf1d15cf5bb1df57ffd9258902613a2a1309cbc11981_amd64",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch-operator-bundle@sha256:e33d3f89fa14cef83be2bf1d15cf5bb1df57ffd9258902613a2a1309cbc11981?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch-operator-bundle\u0026tag=v5.2.6-6"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:bda4a51803d41c805074962d4207f0c56a4248d50d09bcd01017d55ea974166f_amd64",
"product": {
"name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:bda4a51803d41c805074962d4207f0c56a4248d50d09bcd01017d55ea974166f_amd64",
"product_id": "openshift-logging/elasticsearch-proxy-rhel8@sha256:bda4a51803d41c805074962d4207f0c56a4248d50d09bcd01017d55ea974166f_amd64",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch-proxy-rhel8@sha256:bda4a51803d41c805074962d4207f0c56a4248d50d09bcd01017d55ea974166f?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch-proxy-rhel8\u0026tag=v1.0.0-104"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/log-file-metric-exporter-rhel8@sha256:59abfdea0e2fbafa7355967f3dc43700b82907aeaea520a10a87d4a77adc5963_amd64",
"product": {
"name": "openshift-logging/log-file-metric-exporter-rhel8@sha256:59abfdea0e2fbafa7355967f3dc43700b82907aeaea520a10a87d4a77adc5963_amd64",
"product_id": "openshift-logging/log-file-metric-exporter-rhel8@sha256:59abfdea0e2fbafa7355967f3dc43700b82907aeaea520a10a87d4a77adc5963_amd64",
"product_identification_helper": {
"purl": "pkg:oci/log-file-metric-exporter-rhel8@sha256:59abfdea0e2fbafa7355967f3dc43700b82907aeaea520a10a87d4a77adc5963?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel8\u0026tag=v1.0.0-71"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/logging-curator5-rhel8@sha256:3dbc18048c93b6281f14b3472ed538a20b12b7e6c0524d61afda291b5bf11541_amd64",
"product": {
"name": "openshift-logging/logging-curator5-rhel8@sha256:3dbc18048c93b6281f14b3472ed538a20b12b7e6c0524d61afda291b5bf11541_amd64",
"product_id": "openshift-logging/logging-curator5-rhel8@sha256:3dbc18048c93b6281f14b3472ed538a20b12b7e6c0524d61afda291b5bf11541_amd64",
"product_identification_helper": {
"purl": "pkg:oci/logging-curator5-rhel8@sha256:3dbc18048c93b6281f14b3472ed538a20b12b7e6c0524d61afda291b5bf11541?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/logging-curator5-rhel8\u0026tag=v5.8.1-73"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch6-rhel8@sha256:d78003468c5d530a8dddd9841ecd23921b6987187ef09a0b97eeda0e7e914c94_amd64",
"product": {
"name": "openshift-logging/elasticsearch6-rhel8@sha256:d78003468c5d530a8dddd9841ecd23921b6987187ef09a0b97eeda0e7e914c94_amd64",
"product_id": "openshift-logging/elasticsearch6-rhel8@sha256:d78003468c5d530a8dddd9841ecd23921b6987187ef09a0b97eeda0e7e914c94_amd64",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch6-rhel8@sha256:d78003468c5d530a8dddd9841ecd23921b6987187ef09a0b97eeda0e7e914c94?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch6-rhel8\u0026tag=v6.8.1-100"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/eventrouter-rhel8@sha256:a0a4983317c397185b3c3dfda4f3399cad0b53daebe68a553991558fed8657cd_amd64",
"product": {
"name": "openshift-logging/eventrouter-rhel8@sha256:a0a4983317c397185b3c3dfda4f3399cad0b53daebe68a553991558fed8657cd_amd64",
"product_id": "openshift-logging/eventrouter-rhel8@sha256:a0a4983317c397185b3c3dfda4f3399cad0b53daebe68a553991558fed8657cd_amd64",
"product_identification_helper": {
"purl": "pkg:oci/eventrouter-rhel8@sha256:a0a4983317c397185b3c3dfda4f3399cad0b53daebe68a553991558fed8657cd?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/eventrouter-rhel8\u0026tag=v0.3.0-99"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/fluentd-rhel8@sha256:2ce16348308819fb21fa98c69ca56eb70b62cf36fb1c233d1928764b393dd3f0_amd64",
"product": {
"name": "openshift-logging/fluentd-rhel8@sha256:2ce16348308819fb21fa98c69ca56eb70b62cf36fb1c233d1928764b393dd3f0_amd64",
"product_id": "openshift-logging/fluentd-rhel8@sha256:2ce16348308819fb21fa98c69ca56eb70b62cf36fb1c233d1928764b393dd3f0_amd64",
"product_identification_helper": {
"purl": "pkg:oci/fluentd-rhel8@sha256:2ce16348308819fb21fa98c69ca56eb70b62cf36fb1c233d1928764b393dd3f0?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/fluentd-rhel8\u0026tag=v1.7.4-104"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/kibana6-rhel8@sha256:8da444779bc4d8fefb85fe2a373d4f4280db9c41198e321e74b6cab05aed6922_amd64",
"product": {
"name": "openshift-logging/kibana6-rhel8@sha256:8da444779bc4d8fefb85fe2a373d4f4280db9c41198e321e74b6cab05aed6922_amd64",
"product_id": "openshift-logging/kibana6-rhel8@sha256:8da444779bc4d8fefb85fe2a373d4f4280db9c41198e321e74b6cab05aed6922_amd64",
"product_identification_helper": {
"purl": "pkg:oci/kibana6-rhel8@sha256:8da444779bc4d8fefb85fe2a373d4f4280db9c41198e321e74b6cab05aed6922?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/kibana6-rhel8\u0026tag=v6.8.1-110"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-logging/cluster-logging-rhel8-operator@sha256:34c1103c3d1fa2f4edc3629c5708ec29828627101eb57dd7256a91d247f30fde_ppc64le",
"product": {
"name": "openshift-logging/cluster-logging-rhel8-operator@sha256:34c1103c3d1fa2f4edc3629c5708ec29828627101eb57dd7256a91d247f30fde_ppc64le",
"product_id": "openshift-logging/cluster-logging-rhel8-operator@sha256:34c1103c3d1fa2f4edc3629c5708ec29828627101eb57dd7256a91d247f30fde_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/cluster-logging-rhel8-operator@sha256:34c1103c3d1fa2f4edc3629c5708ec29828627101eb57dd7256a91d247f30fde?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/cluster-logging-rhel8-operator\u0026tag=v5.2.6-2"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch-rhel8-operator@sha256:48b2b1685ae38774ec04f860f11a246838f8925be0b5adc0ec60bbde57419fb1_ppc64le",
"product": {
"name": "openshift-logging/elasticsearch-rhel8-operator@sha256:48b2b1685ae38774ec04f860f11a246838f8925be0b5adc0ec60bbde57419fb1_ppc64le",
"product_id": "openshift-logging/elasticsearch-rhel8-operator@sha256:48b2b1685ae38774ec04f860f11a246838f8925be0b5adc0ec60bbde57419fb1_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch-rhel8-operator@sha256:48b2b1685ae38774ec04f860f11a246838f8925be0b5adc0ec60bbde57419fb1?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch-rhel8-operator\u0026tag=v5.2.6-2"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:26e82e33639172e754d954c2de492f7ec0bff4760c7284fe85231d74e83da3cc_ppc64le",
"product": {
"name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:26e82e33639172e754d954c2de492f7ec0bff4760c7284fe85231d74e83da3cc_ppc64le",
"product_id": "openshift-logging/elasticsearch-proxy-rhel8@sha256:26e82e33639172e754d954c2de492f7ec0bff4760c7284fe85231d74e83da3cc_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch-proxy-rhel8@sha256:26e82e33639172e754d954c2de492f7ec0bff4760c7284fe85231d74e83da3cc?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch-proxy-rhel8\u0026tag=v1.0.0-104"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/log-file-metric-exporter-rhel8@sha256:c347e82a481d60f52e5fc9cfd0634dd69e82db309de5e1eedf12832461f2e399_ppc64le",
"product": {
"name": "openshift-logging/log-file-metric-exporter-rhel8@sha256:c347e82a481d60f52e5fc9cfd0634dd69e82db309de5e1eedf12832461f2e399_ppc64le",
"product_id": "openshift-logging/log-file-metric-exporter-rhel8@sha256:c347e82a481d60f52e5fc9cfd0634dd69e82db309de5e1eedf12832461f2e399_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/log-file-metric-exporter-rhel8@sha256:c347e82a481d60f52e5fc9cfd0634dd69e82db309de5e1eedf12832461f2e399?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel8\u0026tag=v1.0.0-71"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/logging-curator5-rhel8@sha256:c93eef1216995a01b8a76d547798b4a327d8fd2be746c40cf4e3b6cc84cea56c_ppc64le",
"product": {
"name": "openshift-logging/logging-curator5-rhel8@sha256:c93eef1216995a01b8a76d547798b4a327d8fd2be746c40cf4e3b6cc84cea56c_ppc64le",
"product_id": "openshift-logging/logging-curator5-rhel8@sha256:c93eef1216995a01b8a76d547798b4a327d8fd2be746c40cf4e3b6cc84cea56c_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/logging-curator5-rhel8@sha256:c93eef1216995a01b8a76d547798b4a327d8fd2be746c40cf4e3b6cc84cea56c?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/logging-curator5-rhel8\u0026tag=v5.8.1-73"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch6-rhel8@sha256:42925c7c419dd52bf611e6860b3c989ba396f9e5f1d9a459f5db6b958f932552_ppc64le",
"product": {
"name": "openshift-logging/elasticsearch6-rhel8@sha256:42925c7c419dd52bf611e6860b3c989ba396f9e5f1d9a459f5db6b958f932552_ppc64le",
"product_id": "openshift-logging/elasticsearch6-rhel8@sha256:42925c7c419dd52bf611e6860b3c989ba396f9e5f1d9a459f5db6b958f932552_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch6-rhel8@sha256:42925c7c419dd52bf611e6860b3c989ba396f9e5f1d9a459f5db6b958f932552?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch6-rhel8\u0026tag=v6.8.1-100"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/eventrouter-rhel8@sha256:5bfaebca00db5b6ae5acb4a929be36f40704ac5a64806a13561c05b2409ed264_ppc64le",
"product": {
"name": "openshift-logging/eventrouter-rhel8@sha256:5bfaebca00db5b6ae5acb4a929be36f40704ac5a64806a13561c05b2409ed264_ppc64le",
"product_id": "openshift-logging/eventrouter-rhel8@sha256:5bfaebca00db5b6ae5acb4a929be36f40704ac5a64806a13561c05b2409ed264_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/eventrouter-rhel8@sha256:5bfaebca00db5b6ae5acb4a929be36f40704ac5a64806a13561c05b2409ed264?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/eventrouter-rhel8\u0026tag=v0.3.0-99"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/fluentd-rhel8@sha256:ac04d56e69fa742413b95177b2298502b8f9108be6bceb96b8ea4f9afbed5f74_ppc64le",
"product": {
"name": "openshift-logging/fluentd-rhel8@sha256:ac04d56e69fa742413b95177b2298502b8f9108be6bceb96b8ea4f9afbed5f74_ppc64le",
"product_id": "openshift-logging/fluentd-rhel8@sha256:ac04d56e69fa742413b95177b2298502b8f9108be6bceb96b8ea4f9afbed5f74_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/fluentd-rhel8@sha256:ac04d56e69fa742413b95177b2298502b8f9108be6bceb96b8ea4f9afbed5f74?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/fluentd-rhel8\u0026tag=v1.7.4-104"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/kibana6-rhel8@sha256:e29a5cc022aa302459cff0ba435c24164ea5578d4f1468ab6bdfea0011220406_ppc64le",
"product": {
"name": "openshift-logging/kibana6-rhel8@sha256:e29a5cc022aa302459cff0ba435c24164ea5578d4f1468ab6bdfea0011220406_ppc64le",
"product_id": "openshift-logging/kibana6-rhel8@sha256:e29a5cc022aa302459cff0ba435c24164ea5578d4f1468ab6bdfea0011220406_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/kibana6-rhel8@sha256:e29a5cc022aa302459cff0ba435c24164ea5578d4f1468ab6bdfea0011220406?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/kibana6-rhel8\u0026tag=v6.8.1-110"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/cluster-logging-operator-bundle@sha256:f4834508c179ac8ec28747587ea9a5c581e66b8a43dbc484e0b471ec44c5e7a8_amd64 as a component of OpenShift Logging 5.2",
"product_id": "8Base-OSE-LOGGING-5.2:openshift-logging/cluster-logging-operator-bundle@sha256:f4834508c179ac8ec28747587ea9a5c581e66b8a43dbc484e0b471ec44c5e7a8_amd64"
},
"product_reference": "openshift-logging/cluster-logging-operator-bundle@sha256:f4834508c179ac8ec28747587ea9a5c581e66b8a43dbc484e0b471ec44c5e7a8_amd64",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/cluster-logging-rhel8-operator@sha256:34c1103c3d1fa2f4edc3629c5708ec29828627101eb57dd7256a91d247f30fde_ppc64le as a component of OpenShift Logging 5.2",
"product_id": "8Base-OSE-LOGGING-5.2:openshift-logging/cluster-logging-rhel8-operator@sha256:34c1103c3d1fa2f4edc3629c5708ec29828627101eb57dd7256a91d247f30fde_ppc64le"
},
"product_reference": "openshift-logging/cluster-logging-rhel8-operator@sha256:34c1103c3d1fa2f4edc3629c5708ec29828627101eb57dd7256a91d247f30fde_ppc64le",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/cluster-logging-rhel8-operator@sha256:3fa8f9590e009139c5d3c7f104d3bfee279e6a4a648b9f76defad60fa0a32954_s390x as a component of OpenShift Logging 5.2",
"product_id": "8Base-OSE-LOGGING-5.2:openshift-logging/cluster-logging-rhel8-operator@sha256:3fa8f9590e009139c5d3c7f104d3bfee279e6a4a648b9f76defad60fa0a32954_s390x"
},
"product_reference": "openshift-logging/cluster-logging-rhel8-operator@sha256:3fa8f9590e009139c5d3c7f104d3bfee279e6a4a648b9f76defad60fa0a32954_s390x",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/cluster-logging-rhel8-operator@sha256:ec5a23b5aabdf0103bfe6a19abbf5ff8911b8d0b48b72167517506b53cd32e71_amd64 as a component of OpenShift Logging 5.2",
"product_id": "8Base-OSE-LOGGING-5.2:openshift-logging/cluster-logging-rhel8-operator@sha256:ec5a23b5aabdf0103bfe6a19abbf5ff8911b8d0b48b72167517506b53cd32e71_amd64"
},
"product_reference": "openshift-logging/cluster-logging-rhel8-operator@sha256:ec5a23b5aabdf0103bfe6a19abbf5ff8911b8d0b48b72167517506b53cd32e71_amd64",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch-operator-bundle@sha256:e33d3f89fa14cef83be2bf1d15cf5bb1df57ffd9258902613a2a1309cbc11981_amd64 as a component of OpenShift Logging 5.2",
"product_id": "8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch-operator-bundle@sha256:e33d3f89fa14cef83be2bf1d15cf5bb1df57ffd9258902613a2a1309cbc11981_amd64"
},
"product_reference": "openshift-logging/elasticsearch-operator-bundle@sha256:e33d3f89fa14cef83be2bf1d15cf5bb1df57ffd9258902613a2a1309cbc11981_amd64",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:1738c1f613bc80f825795bba194000dd354e15aa05e881ef103e63ce4c905ac8_s390x as a component of OpenShift Logging 5.2",
"product_id": "8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch-proxy-rhel8@sha256:1738c1f613bc80f825795bba194000dd354e15aa05e881ef103e63ce4c905ac8_s390x"
},
"product_reference": "openshift-logging/elasticsearch-proxy-rhel8@sha256:1738c1f613bc80f825795bba194000dd354e15aa05e881ef103e63ce4c905ac8_s390x",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:26e82e33639172e754d954c2de492f7ec0bff4760c7284fe85231d74e83da3cc_ppc64le as a component of OpenShift Logging 5.2",
"product_id": "8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch-proxy-rhel8@sha256:26e82e33639172e754d954c2de492f7ec0bff4760c7284fe85231d74e83da3cc_ppc64le"
},
"product_reference": "openshift-logging/elasticsearch-proxy-rhel8@sha256:26e82e33639172e754d954c2de492f7ec0bff4760c7284fe85231d74e83da3cc_ppc64le",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:bda4a51803d41c805074962d4207f0c56a4248d50d09bcd01017d55ea974166f_amd64 as a component of OpenShift Logging 5.2",
"product_id": "8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch-proxy-rhel8@sha256:bda4a51803d41c805074962d4207f0c56a4248d50d09bcd01017d55ea974166f_amd64"
},
"product_reference": "openshift-logging/elasticsearch-proxy-rhel8@sha256:bda4a51803d41c805074962d4207f0c56a4248d50d09bcd01017d55ea974166f_amd64",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch-rhel8-operator@sha256:2f7f3178fff00f6096e340392dfe2e005f7fa6553eae194cb765dd026432d010_amd64 as a component of OpenShift Logging 5.2",
"product_id": "8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch-rhel8-operator@sha256:2f7f3178fff00f6096e340392dfe2e005f7fa6553eae194cb765dd026432d010_amd64"
},
"product_reference": "openshift-logging/elasticsearch-rhel8-operator@sha256:2f7f3178fff00f6096e340392dfe2e005f7fa6553eae194cb765dd026432d010_amd64",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch-rhel8-operator@sha256:48b2b1685ae38774ec04f860f11a246838f8925be0b5adc0ec60bbde57419fb1_ppc64le as a component of OpenShift Logging 5.2",
"product_id": "8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch-rhel8-operator@sha256:48b2b1685ae38774ec04f860f11a246838f8925be0b5adc0ec60bbde57419fb1_ppc64le"
},
"product_reference": "openshift-logging/elasticsearch-rhel8-operator@sha256:48b2b1685ae38774ec04f860f11a246838f8925be0b5adc0ec60bbde57419fb1_ppc64le",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch-rhel8-operator@sha256:c4029eab5cf3ef8e00f774a04b786003e31073c85a585f50689009110d2a5f76_s390x as a component of OpenShift Logging 5.2",
"product_id": "8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch-rhel8-operator@sha256:c4029eab5cf3ef8e00f774a04b786003e31073c85a585f50689009110d2a5f76_s390x"
},
"product_reference": "openshift-logging/elasticsearch-rhel8-operator@sha256:c4029eab5cf3ef8e00f774a04b786003e31073c85a585f50689009110d2a5f76_s390x",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch6-rhel8@sha256:42925c7c419dd52bf611e6860b3c989ba396f9e5f1d9a459f5db6b958f932552_ppc64le as a component of OpenShift Logging 5.2",
"product_id": "8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch6-rhel8@sha256:42925c7c419dd52bf611e6860b3c989ba396f9e5f1d9a459f5db6b958f932552_ppc64le"
},
"product_reference": "openshift-logging/elasticsearch6-rhel8@sha256:42925c7c419dd52bf611e6860b3c989ba396f9e5f1d9a459f5db6b958f932552_ppc64le",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch6-rhel8@sha256:be1dd8dfaf204fa739a202ac7ddfcf3ed4441c97d05fa914cbbff34d5467bd76_s390x as a component of OpenShift Logging 5.2",
"product_id": "8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch6-rhel8@sha256:be1dd8dfaf204fa739a202ac7ddfcf3ed4441c97d05fa914cbbff34d5467bd76_s390x"
},
"product_reference": "openshift-logging/elasticsearch6-rhel8@sha256:be1dd8dfaf204fa739a202ac7ddfcf3ed4441c97d05fa914cbbff34d5467bd76_s390x",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch6-rhel8@sha256:d78003468c5d530a8dddd9841ecd23921b6987187ef09a0b97eeda0e7e914c94_amd64 as a component of OpenShift Logging 5.2",
"product_id": "8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch6-rhel8@sha256:d78003468c5d530a8dddd9841ecd23921b6987187ef09a0b97eeda0e7e914c94_amd64"
},
"product_reference": "openshift-logging/elasticsearch6-rhel8@sha256:d78003468c5d530a8dddd9841ecd23921b6987187ef09a0b97eeda0e7e914c94_amd64",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/eventrouter-rhel8@sha256:5bfaebca00db5b6ae5acb4a929be36f40704ac5a64806a13561c05b2409ed264_ppc64le as a component of OpenShift Logging 5.2",
"product_id": "8Base-OSE-LOGGING-5.2:openshift-logging/eventrouter-rhel8@sha256:5bfaebca00db5b6ae5acb4a929be36f40704ac5a64806a13561c05b2409ed264_ppc64le"
},
"product_reference": "openshift-logging/eventrouter-rhel8@sha256:5bfaebca00db5b6ae5acb4a929be36f40704ac5a64806a13561c05b2409ed264_ppc64le",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/eventrouter-rhel8@sha256:a0a4983317c397185b3c3dfda4f3399cad0b53daebe68a553991558fed8657cd_amd64 as a component of OpenShift Logging 5.2",
"product_id": "8Base-OSE-LOGGING-5.2:openshift-logging/eventrouter-rhel8@sha256:a0a4983317c397185b3c3dfda4f3399cad0b53daebe68a553991558fed8657cd_amd64"
},
"product_reference": "openshift-logging/eventrouter-rhel8@sha256:a0a4983317c397185b3c3dfda4f3399cad0b53daebe68a553991558fed8657cd_amd64",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/eventrouter-rhel8@sha256:d5ae1f16eec322d9c9fb5604641cb038a831a0c7de331feb2999775e7958ed55_s390x as a component of OpenShift Logging 5.2",
"product_id": "8Base-OSE-LOGGING-5.2:openshift-logging/eventrouter-rhel8@sha256:d5ae1f16eec322d9c9fb5604641cb038a831a0c7de331feb2999775e7958ed55_s390x"
},
"product_reference": "openshift-logging/eventrouter-rhel8@sha256:d5ae1f16eec322d9c9fb5604641cb038a831a0c7de331feb2999775e7958ed55_s390x",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/fluentd-rhel8@sha256:2ce16348308819fb21fa98c69ca56eb70b62cf36fb1c233d1928764b393dd3f0_amd64 as a component of OpenShift Logging 5.2",
"product_id": "8Base-OSE-LOGGING-5.2:openshift-logging/fluentd-rhel8@sha256:2ce16348308819fb21fa98c69ca56eb70b62cf36fb1c233d1928764b393dd3f0_amd64"
},
"product_reference": "openshift-logging/fluentd-rhel8@sha256:2ce16348308819fb21fa98c69ca56eb70b62cf36fb1c233d1928764b393dd3f0_amd64",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/fluentd-rhel8@sha256:a1f3ef5cafecc311f1c206ea40fda0f53badc8a520d30ad4461a25a2177cc393_s390x as a component of OpenShift Logging 5.2",
"product_id": "8Base-OSE-LOGGING-5.2:openshift-logging/fluentd-rhel8@sha256:a1f3ef5cafecc311f1c206ea40fda0f53badc8a520d30ad4461a25a2177cc393_s390x"
},
"product_reference": "openshift-logging/fluentd-rhel8@sha256:a1f3ef5cafecc311f1c206ea40fda0f53badc8a520d30ad4461a25a2177cc393_s390x",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/fluentd-rhel8@sha256:ac04d56e69fa742413b95177b2298502b8f9108be6bceb96b8ea4f9afbed5f74_ppc64le as a component of OpenShift Logging 5.2",
"product_id": "8Base-OSE-LOGGING-5.2:openshift-logging/fluentd-rhel8@sha256:ac04d56e69fa742413b95177b2298502b8f9108be6bceb96b8ea4f9afbed5f74_ppc64le"
},
"product_reference": "openshift-logging/fluentd-rhel8@sha256:ac04d56e69fa742413b95177b2298502b8f9108be6bceb96b8ea4f9afbed5f74_ppc64le",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/kibana6-rhel8@sha256:5ec68bc1aa764552cb1471a1844708747fced656c031b8c8428deecd3137eb3a_s390x as a component of OpenShift Logging 5.2",
"product_id": "8Base-OSE-LOGGING-5.2:openshift-logging/kibana6-rhel8@sha256:5ec68bc1aa764552cb1471a1844708747fced656c031b8c8428deecd3137eb3a_s390x"
},
"product_reference": "openshift-logging/kibana6-rhel8@sha256:5ec68bc1aa764552cb1471a1844708747fced656c031b8c8428deecd3137eb3a_s390x",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/kibana6-rhel8@sha256:8da444779bc4d8fefb85fe2a373d4f4280db9c41198e321e74b6cab05aed6922_amd64 as a component of OpenShift Logging 5.2",
"product_id": "8Base-OSE-LOGGING-5.2:openshift-logging/kibana6-rhel8@sha256:8da444779bc4d8fefb85fe2a373d4f4280db9c41198e321e74b6cab05aed6922_amd64"
},
"product_reference": "openshift-logging/kibana6-rhel8@sha256:8da444779bc4d8fefb85fe2a373d4f4280db9c41198e321e74b6cab05aed6922_amd64",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/kibana6-rhel8@sha256:e29a5cc022aa302459cff0ba435c24164ea5578d4f1468ab6bdfea0011220406_ppc64le as a component of OpenShift Logging 5.2",
"product_id": "8Base-OSE-LOGGING-5.2:openshift-logging/kibana6-rhel8@sha256:e29a5cc022aa302459cff0ba435c24164ea5578d4f1468ab6bdfea0011220406_ppc64le"
},
"product_reference": "openshift-logging/kibana6-rhel8@sha256:e29a5cc022aa302459cff0ba435c24164ea5578d4f1468ab6bdfea0011220406_ppc64le",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/log-file-metric-exporter-rhel8@sha256:59abfdea0e2fbafa7355967f3dc43700b82907aeaea520a10a87d4a77adc5963_amd64 as a component of OpenShift Logging 5.2",
"product_id": "8Base-OSE-LOGGING-5.2:openshift-logging/log-file-metric-exporter-rhel8@sha256:59abfdea0e2fbafa7355967f3dc43700b82907aeaea520a10a87d4a77adc5963_amd64"
},
"product_reference": "openshift-logging/log-file-metric-exporter-rhel8@sha256:59abfdea0e2fbafa7355967f3dc43700b82907aeaea520a10a87d4a77adc5963_amd64",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/log-file-metric-exporter-rhel8@sha256:c347e82a481d60f52e5fc9cfd0634dd69e82db309de5e1eedf12832461f2e399_ppc64le as a component of OpenShift Logging 5.2",
"product_id": "8Base-OSE-LOGGING-5.2:openshift-logging/log-file-metric-exporter-rhel8@sha256:c347e82a481d60f52e5fc9cfd0634dd69e82db309de5e1eedf12832461f2e399_ppc64le"
},
"product_reference": "openshift-logging/log-file-metric-exporter-rhel8@sha256:c347e82a481d60f52e5fc9cfd0634dd69e82db309de5e1eedf12832461f2e399_ppc64le",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/log-file-metric-exporter-rhel8@sha256:c442371d189720167dd3de9deaab587dad8ab810977040da26f3457cfd6eb10e_s390x as a component of OpenShift Logging 5.2",
"product_id": "8Base-OSE-LOGGING-5.2:openshift-logging/log-file-metric-exporter-rhel8@sha256:c442371d189720167dd3de9deaab587dad8ab810977040da26f3457cfd6eb10e_s390x"
},
"product_reference": "openshift-logging/log-file-metric-exporter-rhel8@sha256:c442371d189720167dd3de9deaab587dad8ab810977040da26f3457cfd6eb10e_s390x",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/logging-curator5-rhel8@sha256:3dbc18048c93b6281f14b3472ed538a20b12b7e6c0524d61afda291b5bf11541_amd64 as a component of OpenShift Logging 5.2",
"product_id": "8Base-OSE-LOGGING-5.2:openshift-logging/logging-curator5-rhel8@sha256:3dbc18048c93b6281f14b3472ed538a20b12b7e6c0524d61afda291b5bf11541_amd64"
},
"product_reference": "openshift-logging/logging-curator5-rhel8@sha256:3dbc18048c93b6281f14b3472ed538a20b12b7e6c0524d61afda291b5bf11541_amd64",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/logging-curator5-rhel8@sha256:640ff6c8d8c3c16ba43f87f4d323e93d7d8cdae1df44d7220c79083e8284ebd6_s390x as a component of OpenShift Logging 5.2",
"product_id": "8Base-OSE-LOGGING-5.2:openshift-logging/logging-curator5-rhel8@sha256:640ff6c8d8c3c16ba43f87f4d323e93d7d8cdae1df44d7220c79083e8284ebd6_s390x"
},
"product_reference": "openshift-logging/logging-curator5-rhel8@sha256:640ff6c8d8c3c16ba43f87f4d323e93d7d8cdae1df44d7220c79083e8284ebd6_s390x",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/logging-curator5-rhel8@sha256:c93eef1216995a01b8a76d547798b4a327d8fd2be746c40cf4e3b6cc84cea56c_ppc64le as a component of OpenShift Logging 5.2",
"product_id": "8Base-OSE-LOGGING-5.2:openshift-logging/logging-curator5-rhel8@sha256:c93eef1216995a01b8a76d547798b4a327d8fd2be746c40cf4e3b6cc84cea56c_ppc64le"
},
"product_reference": "openshift-logging/logging-curator5-rhel8@sha256:c93eef1216995a01b8a76d547798b4a327d8fd2be746c40cf4e3b6cc84cea56c_ppc64le",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.2"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-27292",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2021-03-17T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OSE-LOGGING-5.2:openshift-logging/cluster-logging-operator-bundle@sha256:f4834508c179ac8ec28747587ea9a5c581e66b8a43dbc484e0b471ec44c5e7a8_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/cluster-logging-rhel8-operator@sha256:34c1103c3d1fa2f4edc3629c5708ec29828627101eb57dd7256a91d247f30fde_ppc64le",
"8Base-OSE-LOGGING-5.2:openshift-logging/cluster-logging-rhel8-operator@sha256:3fa8f9590e009139c5d3c7f104d3bfee279e6a4a648b9f76defad60fa0a32954_s390x",
"8Base-OSE-LOGGING-5.2:openshift-logging/cluster-logging-rhel8-operator@sha256:ec5a23b5aabdf0103bfe6a19abbf5ff8911b8d0b48b72167517506b53cd32e71_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch-operator-bundle@sha256:e33d3f89fa14cef83be2bf1d15cf5bb1df57ffd9258902613a2a1309cbc11981_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch-proxy-rhel8@sha256:1738c1f613bc80f825795bba194000dd354e15aa05e881ef103e63ce4c905ac8_s390x",
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch-proxy-rhel8@sha256:26e82e33639172e754d954c2de492f7ec0bff4760c7284fe85231d74e83da3cc_ppc64le",
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch-proxy-rhel8@sha256:bda4a51803d41c805074962d4207f0c56a4248d50d09bcd01017d55ea974166f_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch-rhel8-operator@sha256:2f7f3178fff00f6096e340392dfe2e005f7fa6553eae194cb765dd026432d010_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch-rhel8-operator@sha256:48b2b1685ae38774ec04f860f11a246838f8925be0b5adc0ec60bbde57419fb1_ppc64le",
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch-rhel8-operator@sha256:c4029eab5cf3ef8e00f774a04b786003e31073c85a585f50689009110d2a5f76_s390x",
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch6-rhel8@sha256:42925c7c419dd52bf611e6860b3c989ba396f9e5f1d9a459f5db6b958f932552_ppc64le",
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch6-rhel8@sha256:be1dd8dfaf204fa739a202ac7ddfcf3ed4441c97d05fa914cbbff34d5467bd76_s390x",
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch6-rhel8@sha256:d78003468c5d530a8dddd9841ecd23921b6987187ef09a0b97eeda0e7e914c94_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/eventrouter-rhel8@sha256:5bfaebca00db5b6ae5acb4a929be36f40704ac5a64806a13561c05b2409ed264_ppc64le",
"8Base-OSE-LOGGING-5.2:openshift-logging/eventrouter-rhel8@sha256:a0a4983317c397185b3c3dfda4f3399cad0b53daebe68a553991558fed8657cd_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/eventrouter-rhel8@sha256:d5ae1f16eec322d9c9fb5604641cb038a831a0c7de331feb2999775e7958ed55_s390x",
"8Base-OSE-LOGGING-5.2:openshift-logging/fluentd-rhel8@sha256:2ce16348308819fb21fa98c69ca56eb70b62cf36fb1c233d1928764b393dd3f0_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/fluentd-rhel8@sha256:a1f3ef5cafecc311f1c206ea40fda0f53badc8a520d30ad4461a25a2177cc393_s390x",
"8Base-OSE-LOGGING-5.2:openshift-logging/fluentd-rhel8@sha256:ac04d56e69fa742413b95177b2298502b8f9108be6bceb96b8ea4f9afbed5f74_ppc64le",
"8Base-OSE-LOGGING-5.2:openshift-logging/log-file-metric-exporter-rhel8@sha256:59abfdea0e2fbafa7355967f3dc43700b82907aeaea520a10a87d4a77adc5963_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/log-file-metric-exporter-rhel8@sha256:c347e82a481d60f52e5fc9cfd0634dd69e82db309de5e1eedf12832461f2e399_ppc64le",
"8Base-OSE-LOGGING-5.2:openshift-logging/log-file-metric-exporter-rhel8@sha256:c442371d189720167dd3de9deaab587dad8ab810977040da26f3457cfd6eb10e_s390x",
"8Base-OSE-LOGGING-5.2:openshift-logging/logging-curator5-rhel8@sha256:3dbc18048c93b6281f14b3472ed538a20b12b7e6c0524d61afda291b5bf11541_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/logging-curator5-rhel8@sha256:640ff6c8d8c3c16ba43f87f4d323e93d7d8cdae1df44d7220c79083e8284ebd6_s390x",
"8Base-OSE-LOGGING-5.2:openshift-logging/logging-curator5-rhel8@sha256:c93eef1216995a01b8a76d547798b4a327d8fd2be746c40cf4e3b6cc84cea56c_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1940613"
}
],
"notes": [
{
"category": "description",
"text": "A regular expression denial of service (ReDoS) vulnerability was found in the npm library `ua-parser-js`. If a supplied user agent matches the `Noble` string and contains many spaces then the regex will conduct backtracking, taking an ever increasing amount of time depending on the number of spaces supplied. An attacker can use this vulnerability to potentially craft a malicious user agent resulting in a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "nodejs-ua-parser-js: ReDoS via malicious User-Agent header",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "While some components do package a vulnerable version of ua-parser-js, access to them requires OpenShift OAuth credentials and hence have been marked with a Low impact. This applies to the following products:\n - OpenShift Container Platform (OCP)\n - OpenShift ServiceMesh (OSSM) \n - Red Hat OpenShift Jaeger (RHOSJ)\n - Red Hat OpenShift Logging\n\nThe OCP presto-container does ship the vulnerable component, however since OCP 4.6 the Metering product has been deprecated [1], set as wont-fix and may be fixed in a future release.\n\nRed Hat Advanced Cluster Management for Kubernetes (RHACM) ships graphql-tools that pulls 0.7.23 version of ua-parser-js that uses the affected code.\n\n[1] - https://access.redhat.com/solutions/5707561",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OSE-LOGGING-5.2:openshift-logging/kibana6-rhel8@sha256:5ec68bc1aa764552cb1471a1844708747fced656c031b8c8428deecd3137eb3a_s390x",
"8Base-OSE-LOGGING-5.2:openshift-logging/kibana6-rhel8@sha256:8da444779bc4d8fefb85fe2a373d4f4280db9c41198e321e74b6cab05aed6922_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/kibana6-rhel8@sha256:e29a5cc022aa302459cff0ba435c24164ea5578d4f1468ab6bdfea0011220406_ppc64le"
],
"known_not_affected": [
"8Base-OSE-LOGGING-5.2:openshift-logging/cluster-logging-operator-bundle@sha256:f4834508c179ac8ec28747587ea9a5c581e66b8a43dbc484e0b471ec44c5e7a8_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/cluster-logging-rhel8-operator@sha256:34c1103c3d1fa2f4edc3629c5708ec29828627101eb57dd7256a91d247f30fde_ppc64le",
"8Base-OSE-LOGGING-5.2:openshift-logging/cluster-logging-rhel8-operator@sha256:3fa8f9590e009139c5d3c7f104d3bfee279e6a4a648b9f76defad60fa0a32954_s390x",
"8Base-OSE-LOGGING-5.2:openshift-logging/cluster-logging-rhel8-operator@sha256:ec5a23b5aabdf0103bfe6a19abbf5ff8911b8d0b48b72167517506b53cd32e71_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch-operator-bundle@sha256:e33d3f89fa14cef83be2bf1d15cf5bb1df57ffd9258902613a2a1309cbc11981_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch-proxy-rhel8@sha256:1738c1f613bc80f825795bba194000dd354e15aa05e881ef103e63ce4c905ac8_s390x",
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch-proxy-rhel8@sha256:26e82e33639172e754d954c2de492f7ec0bff4760c7284fe85231d74e83da3cc_ppc64le",
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch-proxy-rhel8@sha256:bda4a51803d41c805074962d4207f0c56a4248d50d09bcd01017d55ea974166f_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch-rhel8-operator@sha256:2f7f3178fff00f6096e340392dfe2e005f7fa6553eae194cb765dd026432d010_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch-rhel8-operator@sha256:48b2b1685ae38774ec04f860f11a246838f8925be0b5adc0ec60bbde57419fb1_ppc64le",
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch-rhel8-operator@sha256:c4029eab5cf3ef8e00f774a04b786003e31073c85a585f50689009110d2a5f76_s390x",
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch6-rhel8@sha256:42925c7c419dd52bf611e6860b3c989ba396f9e5f1d9a459f5db6b958f932552_ppc64le",
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch6-rhel8@sha256:be1dd8dfaf204fa739a202ac7ddfcf3ed4441c97d05fa914cbbff34d5467bd76_s390x",
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch6-rhel8@sha256:d78003468c5d530a8dddd9841ecd23921b6987187ef09a0b97eeda0e7e914c94_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/eventrouter-rhel8@sha256:5bfaebca00db5b6ae5acb4a929be36f40704ac5a64806a13561c05b2409ed264_ppc64le",
"8Base-OSE-LOGGING-5.2:openshift-logging/eventrouter-rhel8@sha256:a0a4983317c397185b3c3dfda4f3399cad0b53daebe68a553991558fed8657cd_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/eventrouter-rhel8@sha256:d5ae1f16eec322d9c9fb5604641cb038a831a0c7de331feb2999775e7958ed55_s390x",
"8Base-OSE-LOGGING-5.2:openshift-logging/fluentd-rhel8@sha256:2ce16348308819fb21fa98c69ca56eb70b62cf36fb1c233d1928764b393dd3f0_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/fluentd-rhel8@sha256:a1f3ef5cafecc311f1c206ea40fda0f53badc8a520d30ad4461a25a2177cc393_s390x",
"8Base-OSE-LOGGING-5.2:openshift-logging/fluentd-rhel8@sha256:ac04d56e69fa742413b95177b2298502b8f9108be6bceb96b8ea4f9afbed5f74_ppc64le",
"8Base-OSE-LOGGING-5.2:openshift-logging/log-file-metric-exporter-rhel8@sha256:59abfdea0e2fbafa7355967f3dc43700b82907aeaea520a10a87d4a77adc5963_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/log-file-metric-exporter-rhel8@sha256:c347e82a481d60f52e5fc9cfd0634dd69e82db309de5e1eedf12832461f2e399_ppc64le",
"8Base-OSE-LOGGING-5.2:openshift-logging/log-file-metric-exporter-rhel8@sha256:c442371d189720167dd3de9deaab587dad8ab810977040da26f3457cfd6eb10e_s390x",
"8Base-OSE-LOGGING-5.2:openshift-logging/logging-curator5-rhel8@sha256:3dbc18048c93b6281f14b3472ed538a20b12b7e6c0524d61afda291b5bf11541_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/logging-curator5-rhel8@sha256:640ff6c8d8c3c16ba43f87f4d323e93d7d8cdae1df44d7220c79083e8284ebd6_s390x",
"8Base-OSE-LOGGING-5.2:openshift-logging/logging-curator5-rhel8@sha256:c93eef1216995a01b8a76d547798b4a327d8fd2be746c40cf4e3b6cc84cea56c_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-27292"
},
{
"category": "external",
"summary": "RHBZ#1940613",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1940613"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-27292",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-27292"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-27292",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-27292"
},
{
"category": "external",
"summary": "https://gist.github.com/b-c-ds/6941d80d6b4e694df4bc269493b7be76",
"url": "https://gist.github.com/b-c-ds/6941d80d6b4e694df4bc269493b7be76"
}
],
"release_date": "2021-02-11T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-01-21T19:04:46+00:00",
"details": "For OpenShift Container Platform 4.8 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:\n\nhttps://docs.openshift.com/container-platform/4.8/release_notes/ocp-4-8-release-notes.html\n\nFor Red Hat OpenShift Logging 5.2, see the following instructions to apply this update:\n\nhttps://docs.openshift.com/container-platform/4.7/logging/cluster-logging-upgrading.html",
"product_ids": [
"8Base-OSE-LOGGING-5.2:openshift-logging/kibana6-rhel8@sha256:5ec68bc1aa764552cb1471a1844708747fced656c031b8c8428deecd3137eb3a_s390x",
"8Base-OSE-LOGGING-5.2:openshift-logging/kibana6-rhel8@sha256:8da444779bc4d8fefb85fe2a373d4f4280db9c41198e321e74b6cab05aed6922_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/kibana6-rhel8@sha256:e29a5cc022aa302459cff0ba435c24164ea5578d4f1468ab6bdfea0011220406_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:0230"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-OSE-LOGGING-5.2:openshift-logging/kibana6-rhel8@sha256:5ec68bc1aa764552cb1471a1844708747fced656c031b8c8428deecd3137eb3a_s390x",
"8Base-OSE-LOGGING-5.2:openshift-logging/kibana6-rhel8@sha256:8da444779bc4d8fefb85fe2a373d4f4280db9c41198e321e74b6cab05aed6922_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/kibana6-rhel8@sha256:e29a5cc022aa302459cff0ba435c24164ea5578d4f1468ab6bdfea0011220406_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "nodejs-ua-parser-js: ReDoS via malicious User-Agent header"
},
{
"cve": "CVE-2021-44832",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2021-12-28T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OSE-LOGGING-5.2:openshift-logging/cluster-logging-operator-bundle@sha256:f4834508c179ac8ec28747587ea9a5c581e66b8a43dbc484e0b471ec44c5e7a8_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/cluster-logging-rhel8-operator@sha256:34c1103c3d1fa2f4edc3629c5708ec29828627101eb57dd7256a91d247f30fde_ppc64le",
"8Base-OSE-LOGGING-5.2:openshift-logging/cluster-logging-rhel8-operator@sha256:3fa8f9590e009139c5d3c7f104d3bfee279e6a4a648b9f76defad60fa0a32954_s390x",
"8Base-OSE-LOGGING-5.2:openshift-logging/cluster-logging-rhel8-operator@sha256:ec5a23b5aabdf0103bfe6a19abbf5ff8911b8d0b48b72167517506b53cd32e71_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch-operator-bundle@sha256:e33d3f89fa14cef83be2bf1d15cf5bb1df57ffd9258902613a2a1309cbc11981_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch-proxy-rhel8@sha256:1738c1f613bc80f825795bba194000dd354e15aa05e881ef103e63ce4c905ac8_s390x",
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch-proxy-rhel8@sha256:26e82e33639172e754d954c2de492f7ec0bff4760c7284fe85231d74e83da3cc_ppc64le",
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch-proxy-rhel8@sha256:bda4a51803d41c805074962d4207f0c56a4248d50d09bcd01017d55ea974166f_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch-rhel8-operator@sha256:2f7f3178fff00f6096e340392dfe2e005f7fa6553eae194cb765dd026432d010_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch-rhel8-operator@sha256:48b2b1685ae38774ec04f860f11a246838f8925be0b5adc0ec60bbde57419fb1_ppc64le",
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch-rhel8-operator@sha256:c4029eab5cf3ef8e00f774a04b786003e31073c85a585f50689009110d2a5f76_s390x",
"8Base-OSE-LOGGING-5.2:openshift-logging/eventrouter-rhel8@sha256:5bfaebca00db5b6ae5acb4a929be36f40704ac5a64806a13561c05b2409ed264_ppc64le",
"8Base-OSE-LOGGING-5.2:openshift-logging/eventrouter-rhel8@sha256:a0a4983317c397185b3c3dfda4f3399cad0b53daebe68a553991558fed8657cd_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/eventrouter-rhel8@sha256:d5ae1f16eec322d9c9fb5604641cb038a831a0c7de331feb2999775e7958ed55_s390x",
"8Base-OSE-LOGGING-5.2:openshift-logging/fluentd-rhel8@sha256:2ce16348308819fb21fa98c69ca56eb70b62cf36fb1c233d1928764b393dd3f0_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/fluentd-rhel8@sha256:a1f3ef5cafecc311f1c206ea40fda0f53badc8a520d30ad4461a25a2177cc393_s390x",
"8Base-OSE-LOGGING-5.2:openshift-logging/fluentd-rhel8@sha256:ac04d56e69fa742413b95177b2298502b8f9108be6bceb96b8ea4f9afbed5f74_ppc64le",
"8Base-OSE-LOGGING-5.2:openshift-logging/kibana6-rhel8@sha256:5ec68bc1aa764552cb1471a1844708747fced656c031b8c8428deecd3137eb3a_s390x",
"8Base-OSE-LOGGING-5.2:openshift-logging/kibana6-rhel8@sha256:8da444779bc4d8fefb85fe2a373d4f4280db9c41198e321e74b6cab05aed6922_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/kibana6-rhel8@sha256:e29a5cc022aa302459cff0ba435c24164ea5578d4f1468ab6bdfea0011220406_ppc64le",
"8Base-OSE-LOGGING-5.2:openshift-logging/log-file-metric-exporter-rhel8@sha256:59abfdea0e2fbafa7355967f3dc43700b82907aeaea520a10a87d4a77adc5963_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/log-file-metric-exporter-rhel8@sha256:c347e82a481d60f52e5fc9cfd0634dd69e82db309de5e1eedf12832461f2e399_ppc64le",
"8Base-OSE-LOGGING-5.2:openshift-logging/log-file-metric-exporter-rhel8@sha256:c442371d189720167dd3de9deaab587dad8ab810977040da26f3457cfd6eb10e_s390x",
"8Base-OSE-LOGGING-5.2:openshift-logging/logging-curator5-rhel8@sha256:3dbc18048c93b6281f14b3472ed538a20b12b7e6c0524d61afda291b5bf11541_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/logging-curator5-rhel8@sha256:640ff6c8d8c3c16ba43f87f4d323e93d7d8cdae1df44d7220c79083e8284ebd6_s390x",
"8Base-OSE-LOGGING-5.2:openshift-logging/logging-curator5-rhel8@sha256:c93eef1216995a01b8a76d547798b4a327d8fd2be746c40cf4e3b6cc84cea56c_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2035951"
}
],
"notes": [
{
"category": "description",
"text": "Apache Log4j2 versions 2.0-beta7 through 2.17.0 (excluding security fix releases 2.3.2 and 2.12.4) are vulnerable to a remote code execution (RCE) attack where an attacker with permission to modify the logging configuration file can construct a malicious configuration using a JDBC Appender with a data source referencing a JNDI URI which can execute remote code. This issue is fixed by limiting JNDI data source names to the java protocol in Log4j2 versions 2.17.1, 2.12.4, and 2.3.2.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "log4j-core: remote code execution via JDBC Appender",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Log4j 1.x is not impacted by this vulnerability. Therefore versions of log4j shipped with Red Hat Enterprise Linux are NOT affected by this flaw.\n\nFor Elasticsearch, as shipped in OpenShift Container Platform and OpenShift Logging, access to the log4j2.properties configuration is limited only to the cluster administrators and exploitation requires cluster logging changes, what reduced the impact of this vulnerability significantly [0].\n\n[0] https://discuss.elastic.co/t/apache-log4j2-remote-code-execution-rce-vulnerability-cve-2021-44228-esa-2021-31/291476#update-jan-6-5",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch6-rhel8@sha256:42925c7c419dd52bf611e6860b3c989ba396f9e5f1d9a459f5db6b958f932552_ppc64le",
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch6-rhel8@sha256:be1dd8dfaf204fa739a202ac7ddfcf3ed4441c97d05fa914cbbff34d5467bd76_s390x",
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch6-rhel8@sha256:d78003468c5d530a8dddd9841ecd23921b6987187ef09a0b97eeda0e7e914c94_amd64"
],
"known_not_affected": [
"8Base-OSE-LOGGING-5.2:openshift-logging/cluster-logging-operator-bundle@sha256:f4834508c179ac8ec28747587ea9a5c581e66b8a43dbc484e0b471ec44c5e7a8_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/cluster-logging-rhel8-operator@sha256:34c1103c3d1fa2f4edc3629c5708ec29828627101eb57dd7256a91d247f30fde_ppc64le",
"8Base-OSE-LOGGING-5.2:openshift-logging/cluster-logging-rhel8-operator@sha256:3fa8f9590e009139c5d3c7f104d3bfee279e6a4a648b9f76defad60fa0a32954_s390x",
"8Base-OSE-LOGGING-5.2:openshift-logging/cluster-logging-rhel8-operator@sha256:ec5a23b5aabdf0103bfe6a19abbf5ff8911b8d0b48b72167517506b53cd32e71_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch-operator-bundle@sha256:e33d3f89fa14cef83be2bf1d15cf5bb1df57ffd9258902613a2a1309cbc11981_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch-proxy-rhel8@sha256:1738c1f613bc80f825795bba194000dd354e15aa05e881ef103e63ce4c905ac8_s390x",
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch-proxy-rhel8@sha256:26e82e33639172e754d954c2de492f7ec0bff4760c7284fe85231d74e83da3cc_ppc64le",
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch-proxy-rhel8@sha256:bda4a51803d41c805074962d4207f0c56a4248d50d09bcd01017d55ea974166f_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch-rhel8-operator@sha256:2f7f3178fff00f6096e340392dfe2e005f7fa6553eae194cb765dd026432d010_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch-rhel8-operator@sha256:48b2b1685ae38774ec04f860f11a246838f8925be0b5adc0ec60bbde57419fb1_ppc64le",
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch-rhel8-operator@sha256:c4029eab5cf3ef8e00f774a04b786003e31073c85a585f50689009110d2a5f76_s390x",
"8Base-OSE-LOGGING-5.2:openshift-logging/eventrouter-rhel8@sha256:5bfaebca00db5b6ae5acb4a929be36f40704ac5a64806a13561c05b2409ed264_ppc64le",
"8Base-OSE-LOGGING-5.2:openshift-logging/eventrouter-rhel8@sha256:a0a4983317c397185b3c3dfda4f3399cad0b53daebe68a553991558fed8657cd_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/eventrouter-rhel8@sha256:d5ae1f16eec322d9c9fb5604641cb038a831a0c7de331feb2999775e7958ed55_s390x",
"8Base-OSE-LOGGING-5.2:openshift-logging/fluentd-rhel8@sha256:2ce16348308819fb21fa98c69ca56eb70b62cf36fb1c233d1928764b393dd3f0_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/fluentd-rhel8@sha256:a1f3ef5cafecc311f1c206ea40fda0f53badc8a520d30ad4461a25a2177cc393_s390x",
"8Base-OSE-LOGGING-5.2:openshift-logging/fluentd-rhel8@sha256:ac04d56e69fa742413b95177b2298502b8f9108be6bceb96b8ea4f9afbed5f74_ppc64le",
"8Base-OSE-LOGGING-5.2:openshift-logging/kibana6-rhel8@sha256:5ec68bc1aa764552cb1471a1844708747fced656c031b8c8428deecd3137eb3a_s390x",
"8Base-OSE-LOGGING-5.2:openshift-logging/kibana6-rhel8@sha256:8da444779bc4d8fefb85fe2a373d4f4280db9c41198e321e74b6cab05aed6922_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/kibana6-rhel8@sha256:e29a5cc022aa302459cff0ba435c24164ea5578d4f1468ab6bdfea0011220406_ppc64le",
"8Base-OSE-LOGGING-5.2:openshift-logging/log-file-metric-exporter-rhel8@sha256:59abfdea0e2fbafa7355967f3dc43700b82907aeaea520a10a87d4a77adc5963_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/log-file-metric-exporter-rhel8@sha256:c347e82a481d60f52e5fc9cfd0634dd69e82db309de5e1eedf12832461f2e399_ppc64le",
"8Base-OSE-LOGGING-5.2:openshift-logging/log-file-metric-exporter-rhel8@sha256:c442371d189720167dd3de9deaab587dad8ab810977040da26f3457cfd6eb10e_s390x",
"8Base-OSE-LOGGING-5.2:openshift-logging/logging-curator5-rhel8@sha256:3dbc18048c93b6281f14b3472ed538a20b12b7e6c0524d61afda291b5bf11541_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/logging-curator5-rhel8@sha256:640ff6c8d8c3c16ba43f87f4d323e93d7d8cdae1df44d7220c79083e8284ebd6_s390x",
"8Base-OSE-LOGGING-5.2:openshift-logging/logging-curator5-rhel8@sha256:c93eef1216995a01b8a76d547798b4a327d8fd2be746c40cf4e3b6cc84cea56c_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-44832"
},
{
"category": "external",
"summary": "RHBZ#2035951",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2035951"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-44832",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44832"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-44832",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-44832"
},
{
"category": "external",
"summary": "https://issues.apache.org/jira/browse/LOG4J2-3293",
"url": "https://issues.apache.org/jira/browse/LOG4J2-3293"
}
],
"release_date": "2021-12-28T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-01-21T19:04:46+00:00",
"details": "For OpenShift Container Platform 4.8 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:\n\nhttps://docs.openshift.com/container-platform/4.8/release_notes/ocp-4-8-release-notes.html\n\nFor Red Hat OpenShift Logging 5.2, see the following instructions to apply this update:\n\nhttps://docs.openshift.com/container-platform/4.7/logging/cluster-logging-upgrading.html",
"product_ids": [
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch6-rhel8@sha256:42925c7c419dd52bf611e6860b3c989ba396f9e5f1d9a459f5db6b958f932552_ppc64le",
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch6-rhel8@sha256:be1dd8dfaf204fa739a202ac7ddfcf3ed4441c97d05fa914cbbff34d5467bd76_s390x",
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch6-rhel8@sha256:d78003468c5d530a8dddd9841ecd23921b6987187ef09a0b97eeda0e7e914c94_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:0230"
},
{
"category": "workaround",
"details": "As per upstream:\n- In prior releases confirm that if the JDBC Appender is being used it is not configured to use any protocol other than Java.\n- Note that only the log4j-core JAR file is impacted by this vulnerability. Applications using only the log4j-api JAR file without the log4j-core JAR file are not impacted by this vulnerability.",
"product_ids": [
"8Base-OSE-LOGGING-5.2:openshift-logging/cluster-logging-operator-bundle@sha256:f4834508c179ac8ec28747587ea9a5c581e66b8a43dbc484e0b471ec44c5e7a8_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/cluster-logging-rhel8-operator@sha256:34c1103c3d1fa2f4edc3629c5708ec29828627101eb57dd7256a91d247f30fde_ppc64le",
"8Base-OSE-LOGGING-5.2:openshift-logging/cluster-logging-rhel8-operator@sha256:3fa8f9590e009139c5d3c7f104d3bfee279e6a4a648b9f76defad60fa0a32954_s390x",
"8Base-OSE-LOGGING-5.2:openshift-logging/cluster-logging-rhel8-operator@sha256:ec5a23b5aabdf0103bfe6a19abbf5ff8911b8d0b48b72167517506b53cd32e71_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch-operator-bundle@sha256:e33d3f89fa14cef83be2bf1d15cf5bb1df57ffd9258902613a2a1309cbc11981_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch-proxy-rhel8@sha256:1738c1f613bc80f825795bba194000dd354e15aa05e881ef103e63ce4c905ac8_s390x",
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch-proxy-rhel8@sha256:26e82e33639172e754d954c2de492f7ec0bff4760c7284fe85231d74e83da3cc_ppc64le",
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch-proxy-rhel8@sha256:bda4a51803d41c805074962d4207f0c56a4248d50d09bcd01017d55ea974166f_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch-rhel8-operator@sha256:2f7f3178fff00f6096e340392dfe2e005f7fa6553eae194cb765dd026432d010_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch-rhel8-operator@sha256:48b2b1685ae38774ec04f860f11a246838f8925be0b5adc0ec60bbde57419fb1_ppc64le",
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch-rhel8-operator@sha256:c4029eab5cf3ef8e00f774a04b786003e31073c85a585f50689009110d2a5f76_s390x",
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch6-rhel8@sha256:42925c7c419dd52bf611e6860b3c989ba396f9e5f1d9a459f5db6b958f932552_ppc64le",
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch6-rhel8@sha256:be1dd8dfaf204fa739a202ac7ddfcf3ed4441c97d05fa914cbbff34d5467bd76_s390x",
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch6-rhel8@sha256:d78003468c5d530a8dddd9841ecd23921b6987187ef09a0b97eeda0e7e914c94_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/eventrouter-rhel8@sha256:5bfaebca00db5b6ae5acb4a929be36f40704ac5a64806a13561c05b2409ed264_ppc64le",
"8Base-OSE-LOGGING-5.2:openshift-logging/eventrouter-rhel8@sha256:a0a4983317c397185b3c3dfda4f3399cad0b53daebe68a553991558fed8657cd_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/eventrouter-rhel8@sha256:d5ae1f16eec322d9c9fb5604641cb038a831a0c7de331feb2999775e7958ed55_s390x",
"8Base-OSE-LOGGING-5.2:openshift-logging/fluentd-rhel8@sha256:2ce16348308819fb21fa98c69ca56eb70b62cf36fb1c233d1928764b393dd3f0_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/fluentd-rhel8@sha256:a1f3ef5cafecc311f1c206ea40fda0f53badc8a520d30ad4461a25a2177cc393_s390x",
"8Base-OSE-LOGGING-5.2:openshift-logging/fluentd-rhel8@sha256:ac04d56e69fa742413b95177b2298502b8f9108be6bceb96b8ea4f9afbed5f74_ppc64le",
"8Base-OSE-LOGGING-5.2:openshift-logging/kibana6-rhel8@sha256:5ec68bc1aa764552cb1471a1844708747fced656c031b8c8428deecd3137eb3a_s390x",
"8Base-OSE-LOGGING-5.2:openshift-logging/kibana6-rhel8@sha256:8da444779bc4d8fefb85fe2a373d4f4280db9c41198e321e74b6cab05aed6922_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/kibana6-rhel8@sha256:e29a5cc022aa302459cff0ba435c24164ea5578d4f1468ab6bdfea0011220406_ppc64le",
"8Base-OSE-LOGGING-5.2:openshift-logging/log-file-metric-exporter-rhel8@sha256:59abfdea0e2fbafa7355967f3dc43700b82907aeaea520a10a87d4a77adc5963_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/log-file-metric-exporter-rhel8@sha256:c347e82a481d60f52e5fc9cfd0634dd69e82db309de5e1eedf12832461f2e399_ppc64le",
"8Base-OSE-LOGGING-5.2:openshift-logging/log-file-metric-exporter-rhel8@sha256:c442371d189720167dd3de9deaab587dad8ab810977040da26f3457cfd6eb10e_s390x",
"8Base-OSE-LOGGING-5.2:openshift-logging/logging-curator5-rhel8@sha256:3dbc18048c93b6281f14b3472ed538a20b12b7e6c0524d61afda291b5bf11541_amd64",
"8Base-OSE-LOGGING-5.2:openshift-logging/logging-curator5-rhel8@sha256:640ff6c8d8c3c16ba43f87f4d323e93d7d8cdae1df44d7220c79083e8284ebd6_s390x",
"8Base-OSE-LOGGING-5.2:openshift-logging/logging-curator5-rhel8@sha256:c93eef1216995a01b8a76d547798b4a327d8fd2be746c40cf4e3b6cc84cea56c_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch6-rhel8@sha256:42925c7c419dd52bf611e6860b3c989ba396f9e5f1d9a459f5db6b958f932552_ppc64le",
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch6-rhel8@sha256:be1dd8dfaf204fa739a202ac7ddfcf3ed4441c97d05fa914cbbff34d5467bd76_s390x",
"8Base-OSE-LOGGING-5.2:openshift-logging/elasticsearch6-rhel8@sha256:d78003468c5d530a8dddd9841ecd23921b6987187ef09a0b97eeda0e7e914c94_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "log4j-core: remote code execution via JDBC Appender"
}
]
}
RHSA-2022:0227
Vulnerability from csaf_redhat - Published: 2022-01-20 21:40 - Updated: 2025-11-21 18:28Summary
Red Hat Security Advisory: Red Hat OpenShift Enterprise Logging bug fix and security update (5.3.3)
Notes
Topic
An update is now available for OpenShift Logging (5.3.3)
Red Hat Product Security has rated this update as having a security impact of
Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives
a detailed severity rating, is available for each vulnerability from the CVE
link(s) in the References section.
Details
Openshift Logging Bug Fix Release (5.3.3)
Security Fix(es):
* log4j-core: remote code execution via JDBC Appender (CVE-2021-44832)
* nodejs-ua-parser-js: ReDoS via malicious User-Agent header (CVE-2021-27292)
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update is now available for OpenShift Logging (5.3.3)\n\nRed Hat Product Security has rated this update as having a security impact of\nModerate. A Common Vulnerability Scoring System (CVSS) base score, which gives\na detailed severity rating, is available for each vulnerability from the CVE\nlink(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Openshift Logging Bug Fix Release (5.3.3)\n\nSecurity Fix(es):\n\n* log4j-core: remote code execution via JDBC Appender (CVE-2021-44832)\n\n* nodejs-ua-parser-js: ReDoS via malicious User-Agent header (CVE-2021-27292)",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2022:0227",
"url": "https://access.redhat.com/errata/RHSA-2022:0227"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "1940613",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1940613"
},
{
"category": "external",
"summary": "2035951",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2035951"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2022/rhsa-2022_0227.json"
}
],
"title": "Red Hat Security Advisory: Red Hat OpenShift Enterprise Logging bug fix and security update (5.3.3)",
"tracking": {
"current_release_date": "2025-11-21T18:28:03+00:00",
"generator": {
"date": "2025-11-21T18:28:03+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.12"
}
},
"id": "RHSA-2022:0227",
"initial_release_date": "2022-01-20T21:40:25+00:00",
"revision_history": [
{
"date": "2022-01-20T21:40:25+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2022-01-20T21:40:25+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-11-21T18:28:03+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "OpenShift Logging 5.3",
"product": {
"name": "OpenShift Logging 5.3",
"product_id": "8Base-OSE-LOGGING-5.3",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:logging:5.3::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenShift Enterprise"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-logging/cluster-logging-rhel8-operator@sha256:74e4ae6c04abc489b90cab07c40f24f68ab7f92e366d3661ba3130ca6fa205c9_amd64",
"product": {
"name": "openshift-logging/cluster-logging-rhel8-operator@sha256:74e4ae6c04abc489b90cab07c40f24f68ab7f92e366d3661ba3130ca6fa205c9_amd64",
"product_id": "openshift-logging/cluster-logging-rhel8-operator@sha256:74e4ae6c04abc489b90cab07c40f24f68ab7f92e366d3661ba3130ca6fa205c9_amd64",
"product_identification_helper": {
"purl": "pkg:oci/cluster-logging-rhel8-operator@sha256:74e4ae6c04abc489b90cab07c40f24f68ab7f92e366d3661ba3130ca6fa205c9?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/cluster-logging-rhel8-operator\u0026tag=v5.3.3-3"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/cluster-logging-operator-bundle@sha256:1eab02e25f64839b15747d2bb8e0e6f8c3f632e9372a5ee926cde2c1e5cbc998_amd64",
"product": {
"name": "openshift-logging/cluster-logging-operator-bundle@sha256:1eab02e25f64839b15747d2bb8e0e6f8c3f632e9372a5ee926cde2c1e5cbc998_amd64",
"product_id": "openshift-logging/cluster-logging-operator-bundle@sha256:1eab02e25f64839b15747d2bb8e0e6f8c3f632e9372a5ee926cde2c1e5cbc998_amd64",
"product_identification_helper": {
"purl": "pkg:oci/cluster-logging-operator-bundle@sha256:1eab02e25f64839b15747d2bb8e0e6f8c3f632e9372a5ee926cde2c1e5cbc998?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/cluster-logging-operator-bundle\u0026tag=v5.3.3-4"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch-rhel8-operator@sha256:1e342d10db70e1b160f906c65e6caa25aa64c519dd7ae7e8233fe2fe65121207_amd64",
"product": {
"name": "openshift-logging/elasticsearch-rhel8-operator@sha256:1e342d10db70e1b160f906c65e6caa25aa64c519dd7ae7e8233fe2fe65121207_amd64",
"product_id": "openshift-logging/elasticsearch-rhel8-operator@sha256:1e342d10db70e1b160f906c65e6caa25aa64c519dd7ae7e8233fe2fe65121207_amd64",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch-rhel8-operator@sha256:1e342d10db70e1b160f906c65e6caa25aa64c519dd7ae7e8233fe2fe65121207?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch-rhel8-operator\u0026tag=v5.3.3-3"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch-operator-bundle@sha256:eec91dbe056a85b3a8b61c5ce4d9383e182440f5ea496fac64a22cd7920daf5f_amd64",
"product": {
"name": "openshift-logging/elasticsearch-operator-bundle@sha256:eec91dbe056a85b3a8b61c5ce4d9383e182440f5ea496fac64a22cd7920daf5f_amd64",
"product_id": "openshift-logging/elasticsearch-operator-bundle@sha256:eec91dbe056a85b3a8b61c5ce4d9383e182440f5ea496fac64a22cd7920daf5f_amd64",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch-operator-bundle@sha256:eec91dbe056a85b3a8b61c5ce4d9383e182440f5ea496fac64a22cd7920daf5f?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch-operator-bundle\u0026tag=v5.3.3-4"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:37eda3069f8fb47a90b0adef38e93df074dbe57821e3c306da03e2c1e267e9ed_amd64",
"product": {
"name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:37eda3069f8fb47a90b0adef38e93df074dbe57821e3c306da03e2c1e267e9ed_amd64",
"product_id": "openshift-logging/elasticsearch-proxy-rhel8@sha256:37eda3069f8fb47a90b0adef38e93df074dbe57821e3c306da03e2c1e267e9ed_amd64",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch-proxy-rhel8@sha256:37eda3069f8fb47a90b0adef38e93df074dbe57821e3c306da03e2c1e267e9ed?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch-proxy-rhel8\u0026tag=v1.0.0-103"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/log-file-metric-exporter-rhel8@sha256:25f94f0e27668fe254b7ff74731d39b7ed9f6c278c52dcf759893d9a1abe4895_amd64",
"product": {
"name": "openshift-logging/log-file-metric-exporter-rhel8@sha256:25f94f0e27668fe254b7ff74731d39b7ed9f6c278c52dcf759893d9a1abe4895_amd64",
"product_id": "openshift-logging/log-file-metric-exporter-rhel8@sha256:25f94f0e27668fe254b7ff74731d39b7ed9f6c278c52dcf759893d9a1abe4895_amd64",
"product_identification_helper": {
"purl": "pkg:oci/log-file-metric-exporter-rhel8@sha256:25f94f0e27668fe254b7ff74731d39b7ed9f6c278c52dcf759893d9a1abe4895?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel8\u0026tag=v1.0.0-70"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/logging-curator5-rhel8@sha256:b722f8982018f215a0a1566a561d742f1f7d99a2b507b8a7e874f6db1a6fef08_amd64",
"product": {
"name": "openshift-logging/logging-curator5-rhel8@sha256:b722f8982018f215a0a1566a561d742f1f7d99a2b507b8a7e874f6db1a6fef08_amd64",
"product_id": "openshift-logging/logging-curator5-rhel8@sha256:b722f8982018f215a0a1566a561d742f1f7d99a2b507b8a7e874f6db1a6fef08_amd64",
"product_identification_helper": {
"purl": "pkg:oci/logging-curator5-rhel8@sha256:b722f8982018f215a0a1566a561d742f1f7d99a2b507b8a7e874f6db1a6fef08?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/logging-curator5-rhel8\u0026tag=v5.8.1-72"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch6-rhel8@sha256:5e2d853cc71ec673ce0f6bcc14628c2fd650a9153b8d7e5f8cd1a1b2ef36093e_amd64",
"product": {
"name": "openshift-logging/elasticsearch6-rhel8@sha256:5e2d853cc71ec673ce0f6bcc14628c2fd650a9153b8d7e5f8cd1a1b2ef36093e_amd64",
"product_id": "openshift-logging/elasticsearch6-rhel8@sha256:5e2d853cc71ec673ce0f6bcc14628c2fd650a9153b8d7e5f8cd1a1b2ef36093e_amd64",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch6-rhel8@sha256:5e2d853cc71ec673ce0f6bcc14628c2fd650a9153b8d7e5f8cd1a1b2ef36093e?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch6-rhel8\u0026tag=v6.8.1-99"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/eventrouter-rhel8@sha256:956fb983f6ca0991c2d2a03f7054bd2c9881c03883e44d7b695dba475df62a29_amd64",
"product": {
"name": "openshift-logging/eventrouter-rhel8@sha256:956fb983f6ca0991c2d2a03f7054bd2c9881c03883e44d7b695dba475df62a29_amd64",
"product_id": "openshift-logging/eventrouter-rhel8@sha256:956fb983f6ca0991c2d2a03f7054bd2c9881c03883e44d7b695dba475df62a29_amd64",
"product_identification_helper": {
"purl": "pkg:oci/eventrouter-rhel8@sha256:956fb983f6ca0991c2d2a03f7054bd2c9881c03883e44d7b695dba475df62a29?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/eventrouter-rhel8\u0026tag=v0.3.0-98"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/fluentd-rhel8@sha256:ae0cf89749b44739b6f2560c3f6527cee2606b67388a7d965dd76644a25420f5_amd64",
"product": {
"name": "openshift-logging/fluentd-rhel8@sha256:ae0cf89749b44739b6f2560c3f6527cee2606b67388a7d965dd76644a25420f5_amd64",
"product_id": "openshift-logging/fluentd-rhel8@sha256:ae0cf89749b44739b6f2560c3f6527cee2606b67388a7d965dd76644a25420f5_amd64",
"product_identification_helper": {
"purl": "pkg:oci/fluentd-rhel8@sha256:ae0cf89749b44739b6f2560c3f6527cee2606b67388a7d965dd76644a25420f5?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/fluentd-rhel8\u0026tag=v1.7.4-103"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/kibana6-rhel8@sha256:680c44946a899270de101bca06b22ed5b4eba0b85c1e01e21e30fc6a2740ab2d_amd64",
"product": {
"name": "openshift-logging/kibana6-rhel8@sha256:680c44946a899270de101bca06b22ed5b4eba0b85c1e01e21e30fc6a2740ab2d_amd64",
"product_id": "openshift-logging/kibana6-rhel8@sha256:680c44946a899270de101bca06b22ed5b4eba0b85c1e01e21e30fc6a2740ab2d_amd64",
"product_identification_helper": {
"purl": "pkg:oci/kibana6-rhel8@sha256:680c44946a899270de101bca06b22ed5b4eba0b85c1e01e21e30fc6a2740ab2d?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/kibana6-rhel8\u0026tag=v6.8.1-109"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-logging/cluster-logging-rhel8-operator@sha256:6c544de84925d0e3883a5d091c17a33362a0138271bbbda6663eb1407f98e0c5_s390x",
"product": {
"name": "openshift-logging/cluster-logging-rhel8-operator@sha256:6c544de84925d0e3883a5d091c17a33362a0138271bbbda6663eb1407f98e0c5_s390x",
"product_id": "openshift-logging/cluster-logging-rhel8-operator@sha256:6c544de84925d0e3883a5d091c17a33362a0138271bbbda6663eb1407f98e0c5_s390x",
"product_identification_helper": {
"purl": "pkg:oci/cluster-logging-rhel8-operator@sha256:6c544de84925d0e3883a5d091c17a33362a0138271bbbda6663eb1407f98e0c5?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/cluster-logging-rhel8-operator\u0026tag=v5.3.3-3"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch-rhel8-operator@sha256:f7e2c329f04793173ae4412aa096cf86ce7225c94b059c56d8c9e7dbe71b9a19_s390x",
"product": {
"name": "openshift-logging/elasticsearch-rhel8-operator@sha256:f7e2c329f04793173ae4412aa096cf86ce7225c94b059c56d8c9e7dbe71b9a19_s390x",
"product_id": "openshift-logging/elasticsearch-rhel8-operator@sha256:f7e2c329f04793173ae4412aa096cf86ce7225c94b059c56d8c9e7dbe71b9a19_s390x",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch-rhel8-operator@sha256:f7e2c329f04793173ae4412aa096cf86ce7225c94b059c56d8c9e7dbe71b9a19?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch-rhel8-operator\u0026tag=v5.3.3-3"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:1d7fe3558d416cf1ce9cd59e68f71ac3123b1cb8a3435001d2fa356198ea821c_s390x",
"product": {
"name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:1d7fe3558d416cf1ce9cd59e68f71ac3123b1cb8a3435001d2fa356198ea821c_s390x",
"product_id": "openshift-logging/elasticsearch-proxy-rhel8@sha256:1d7fe3558d416cf1ce9cd59e68f71ac3123b1cb8a3435001d2fa356198ea821c_s390x",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch-proxy-rhel8@sha256:1d7fe3558d416cf1ce9cd59e68f71ac3123b1cb8a3435001d2fa356198ea821c?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch-proxy-rhel8\u0026tag=v1.0.0-103"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/log-file-metric-exporter-rhel8@sha256:fd70baba0ba7a59a994ca33527ecb2575ab199daeb4ecd34581cccf0db246c59_s390x",
"product": {
"name": "openshift-logging/log-file-metric-exporter-rhel8@sha256:fd70baba0ba7a59a994ca33527ecb2575ab199daeb4ecd34581cccf0db246c59_s390x",
"product_id": "openshift-logging/log-file-metric-exporter-rhel8@sha256:fd70baba0ba7a59a994ca33527ecb2575ab199daeb4ecd34581cccf0db246c59_s390x",
"product_identification_helper": {
"purl": "pkg:oci/log-file-metric-exporter-rhel8@sha256:fd70baba0ba7a59a994ca33527ecb2575ab199daeb4ecd34581cccf0db246c59?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel8\u0026tag=v1.0.0-70"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/logging-curator5-rhel8@sha256:1d900ee34e14094e24b855acfbeec3f2f3c82f3fcc07d3b4cebe5e92ea1a8fde_s390x",
"product": {
"name": "openshift-logging/logging-curator5-rhel8@sha256:1d900ee34e14094e24b855acfbeec3f2f3c82f3fcc07d3b4cebe5e92ea1a8fde_s390x",
"product_id": "openshift-logging/logging-curator5-rhel8@sha256:1d900ee34e14094e24b855acfbeec3f2f3c82f3fcc07d3b4cebe5e92ea1a8fde_s390x",
"product_identification_helper": {
"purl": "pkg:oci/logging-curator5-rhel8@sha256:1d900ee34e14094e24b855acfbeec3f2f3c82f3fcc07d3b4cebe5e92ea1a8fde?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/logging-curator5-rhel8\u0026tag=v5.8.1-72"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch6-rhel8@sha256:ac206b3da24eb8df95e2e3b0bec234e84b8e5ef7000234f069855b73de77d846_s390x",
"product": {
"name": "openshift-logging/elasticsearch6-rhel8@sha256:ac206b3da24eb8df95e2e3b0bec234e84b8e5ef7000234f069855b73de77d846_s390x",
"product_id": "openshift-logging/elasticsearch6-rhel8@sha256:ac206b3da24eb8df95e2e3b0bec234e84b8e5ef7000234f069855b73de77d846_s390x",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch6-rhel8@sha256:ac206b3da24eb8df95e2e3b0bec234e84b8e5ef7000234f069855b73de77d846?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch6-rhel8\u0026tag=v6.8.1-99"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/eventrouter-rhel8@sha256:440473f04ef4cfd1d016063daabf011eb2ba6b9acea96312a72f215277333e53_s390x",
"product": {
"name": "openshift-logging/eventrouter-rhel8@sha256:440473f04ef4cfd1d016063daabf011eb2ba6b9acea96312a72f215277333e53_s390x",
"product_id": "openshift-logging/eventrouter-rhel8@sha256:440473f04ef4cfd1d016063daabf011eb2ba6b9acea96312a72f215277333e53_s390x",
"product_identification_helper": {
"purl": "pkg:oci/eventrouter-rhel8@sha256:440473f04ef4cfd1d016063daabf011eb2ba6b9acea96312a72f215277333e53?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/eventrouter-rhel8\u0026tag=v0.3.0-98"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/fluentd-rhel8@sha256:4b114196ac78f93575475437a794c881fe79126f3e73fed1fe5ea9f89fcdb6c1_s390x",
"product": {
"name": "openshift-logging/fluentd-rhel8@sha256:4b114196ac78f93575475437a794c881fe79126f3e73fed1fe5ea9f89fcdb6c1_s390x",
"product_id": "openshift-logging/fluentd-rhel8@sha256:4b114196ac78f93575475437a794c881fe79126f3e73fed1fe5ea9f89fcdb6c1_s390x",
"product_identification_helper": {
"purl": "pkg:oci/fluentd-rhel8@sha256:4b114196ac78f93575475437a794c881fe79126f3e73fed1fe5ea9f89fcdb6c1?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/fluentd-rhel8\u0026tag=v1.7.4-103"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/kibana6-rhel8@sha256:61a6311f2ca53f6e600007bd9ffc90c7183f81db8fee8d839991565d82be5f2e_s390x",
"product": {
"name": "openshift-logging/kibana6-rhel8@sha256:61a6311f2ca53f6e600007bd9ffc90c7183f81db8fee8d839991565d82be5f2e_s390x",
"product_id": "openshift-logging/kibana6-rhel8@sha256:61a6311f2ca53f6e600007bd9ffc90c7183f81db8fee8d839991565d82be5f2e_s390x",
"product_identification_helper": {
"purl": "pkg:oci/kibana6-rhel8@sha256:61a6311f2ca53f6e600007bd9ffc90c7183f81db8fee8d839991565d82be5f2e?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/kibana6-rhel8\u0026tag=v6.8.1-109"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-logging/cluster-logging-rhel8-operator@sha256:9f622b5daa152e2b8d94fa12defc3c08d93fddb34b1b4edbf841da5f00d7918d_ppc64le",
"product": {
"name": "openshift-logging/cluster-logging-rhel8-operator@sha256:9f622b5daa152e2b8d94fa12defc3c08d93fddb34b1b4edbf841da5f00d7918d_ppc64le",
"product_id": "openshift-logging/cluster-logging-rhel8-operator@sha256:9f622b5daa152e2b8d94fa12defc3c08d93fddb34b1b4edbf841da5f00d7918d_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/cluster-logging-rhel8-operator@sha256:9f622b5daa152e2b8d94fa12defc3c08d93fddb34b1b4edbf841da5f00d7918d?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/cluster-logging-rhel8-operator\u0026tag=v5.3.3-3"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch-rhel8-operator@sha256:1209bca75d71152af832b0e11dfee461f4c6fdbeda6b91743e637ce453702f3c_ppc64le",
"product": {
"name": "openshift-logging/elasticsearch-rhel8-operator@sha256:1209bca75d71152af832b0e11dfee461f4c6fdbeda6b91743e637ce453702f3c_ppc64le",
"product_id": "openshift-logging/elasticsearch-rhel8-operator@sha256:1209bca75d71152af832b0e11dfee461f4c6fdbeda6b91743e637ce453702f3c_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch-rhel8-operator@sha256:1209bca75d71152af832b0e11dfee461f4c6fdbeda6b91743e637ce453702f3c?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch-rhel8-operator\u0026tag=v5.3.3-3"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:183da02fcaa5915a0552e5c4c4716b521cb5a698590fc1f58e0cede837f52b49_ppc64le",
"product": {
"name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:183da02fcaa5915a0552e5c4c4716b521cb5a698590fc1f58e0cede837f52b49_ppc64le",
"product_id": "openshift-logging/elasticsearch-proxy-rhel8@sha256:183da02fcaa5915a0552e5c4c4716b521cb5a698590fc1f58e0cede837f52b49_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch-proxy-rhel8@sha256:183da02fcaa5915a0552e5c4c4716b521cb5a698590fc1f58e0cede837f52b49?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch-proxy-rhel8\u0026tag=v1.0.0-103"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/log-file-metric-exporter-rhel8@sha256:ce82cceec1ccb2e951cc54fbc6bd1109a616034f9462b19f13dffa35902e0cef_ppc64le",
"product": {
"name": "openshift-logging/log-file-metric-exporter-rhel8@sha256:ce82cceec1ccb2e951cc54fbc6bd1109a616034f9462b19f13dffa35902e0cef_ppc64le",
"product_id": "openshift-logging/log-file-metric-exporter-rhel8@sha256:ce82cceec1ccb2e951cc54fbc6bd1109a616034f9462b19f13dffa35902e0cef_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/log-file-metric-exporter-rhel8@sha256:ce82cceec1ccb2e951cc54fbc6bd1109a616034f9462b19f13dffa35902e0cef?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel8\u0026tag=v1.0.0-70"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/logging-curator5-rhel8@sha256:04cb0712418289fc446752a0c274d1036886312b7a63b54ebbeeab1421c10924_ppc64le",
"product": {
"name": "openshift-logging/logging-curator5-rhel8@sha256:04cb0712418289fc446752a0c274d1036886312b7a63b54ebbeeab1421c10924_ppc64le",
"product_id": "openshift-logging/logging-curator5-rhel8@sha256:04cb0712418289fc446752a0c274d1036886312b7a63b54ebbeeab1421c10924_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/logging-curator5-rhel8@sha256:04cb0712418289fc446752a0c274d1036886312b7a63b54ebbeeab1421c10924?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/logging-curator5-rhel8\u0026tag=v5.8.1-72"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch6-rhel8@sha256:a8942268c538c264d5a7950f91106c44b1a431262a7af31ed02bed79f1c22d93_ppc64le",
"product": {
"name": "openshift-logging/elasticsearch6-rhel8@sha256:a8942268c538c264d5a7950f91106c44b1a431262a7af31ed02bed79f1c22d93_ppc64le",
"product_id": "openshift-logging/elasticsearch6-rhel8@sha256:a8942268c538c264d5a7950f91106c44b1a431262a7af31ed02bed79f1c22d93_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch6-rhel8@sha256:a8942268c538c264d5a7950f91106c44b1a431262a7af31ed02bed79f1c22d93?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch6-rhel8\u0026tag=v6.8.1-99"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/eventrouter-rhel8@sha256:b1b03c78595d10ae30b5a35983784eaea11f1f9763944b2f9938117149bdd511_ppc64le",
"product": {
"name": "openshift-logging/eventrouter-rhel8@sha256:b1b03c78595d10ae30b5a35983784eaea11f1f9763944b2f9938117149bdd511_ppc64le",
"product_id": "openshift-logging/eventrouter-rhel8@sha256:b1b03c78595d10ae30b5a35983784eaea11f1f9763944b2f9938117149bdd511_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/eventrouter-rhel8@sha256:b1b03c78595d10ae30b5a35983784eaea11f1f9763944b2f9938117149bdd511?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/eventrouter-rhel8\u0026tag=v0.3.0-98"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/fluentd-rhel8@sha256:4cf7cc86ccb8059ee5083d6e68a413e1db804ff45e126a9f87b1d52e8dd82855_ppc64le",
"product": {
"name": "openshift-logging/fluentd-rhel8@sha256:4cf7cc86ccb8059ee5083d6e68a413e1db804ff45e126a9f87b1d52e8dd82855_ppc64le",
"product_id": "openshift-logging/fluentd-rhel8@sha256:4cf7cc86ccb8059ee5083d6e68a413e1db804ff45e126a9f87b1d52e8dd82855_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/fluentd-rhel8@sha256:4cf7cc86ccb8059ee5083d6e68a413e1db804ff45e126a9f87b1d52e8dd82855?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/fluentd-rhel8\u0026tag=v1.7.4-103"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/kibana6-rhel8@sha256:278eb4ecec21f235a26693b3f6c1b0cdfab5635f5a5ac51dd0540c6ab69c1316_ppc64le",
"product": {
"name": "openshift-logging/kibana6-rhel8@sha256:278eb4ecec21f235a26693b3f6c1b0cdfab5635f5a5ac51dd0540c6ab69c1316_ppc64le",
"product_id": "openshift-logging/kibana6-rhel8@sha256:278eb4ecec21f235a26693b3f6c1b0cdfab5635f5a5ac51dd0540c6ab69c1316_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/kibana6-rhel8@sha256:278eb4ecec21f235a26693b3f6c1b0cdfab5635f5a5ac51dd0540c6ab69c1316?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/kibana6-rhel8\u0026tag=v6.8.1-109"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/cluster-logging-operator-bundle@sha256:1eab02e25f64839b15747d2bb8e0e6f8c3f632e9372a5ee926cde2c1e5cbc998_amd64 as a component of OpenShift Logging 5.3",
"product_id": "8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-operator-bundle@sha256:1eab02e25f64839b15747d2bb8e0e6f8c3f632e9372a5ee926cde2c1e5cbc998_amd64"
},
"product_reference": "openshift-logging/cluster-logging-operator-bundle@sha256:1eab02e25f64839b15747d2bb8e0e6f8c3f632e9372a5ee926cde2c1e5cbc998_amd64",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/cluster-logging-rhel8-operator@sha256:6c544de84925d0e3883a5d091c17a33362a0138271bbbda6663eb1407f98e0c5_s390x as a component of OpenShift Logging 5.3",
"product_id": "8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-rhel8-operator@sha256:6c544de84925d0e3883a5d091c17a33362a0138271bbbda6663eb1407f98e0c5_s390x"
},
"product_reference": "openshift-logging/cluster-logging-rhel8-operator@sha256:6c544de84925d0e3883a5d091c17a33362a0138271bbbda6663eb1407f98e0c5_s390x",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/cluster-logging-rhel8-operator@sha256:74e4ae6c04abc489b90cab07c40f24f68ab7f92e366d3661ba3130ca6fa205c9_amd64 as a component of OpenShift Logging 5.3",
"product_id": "8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-rhel8-operator@sha256:74e4ae6c04abc489b90cab07c40f24f68ab7f92e366d3661ba3130ca6fa205c9_amd64"
},
"product_reference": "openshift-logging/cluster-logging-rhel8-operator@sha256:74e4ae6c04abc489b90cab07c40f24f68ab7f92e366d3661ba3130ca6fa205c9_amd64",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/cluster-logging-rhel8-operator@sha256:9f622b5daa152e2b8d94fa12defc3c08d93fddb34b1b4edbf841da5f00d7918d_ppc64le as a component of OpenShift Logging 5.3",
"product_id": "8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-rhel8-operator@sha256:9f622b5daa152e2b8d94fa12defc3c08d93fddb34b1b4edbf841da5f00d7918d_ppc64le"
},
"product_reference": "openshift-logging/cluster-logging-rhel8-operator@sha256:9f622b5daa152e2b8d94fa12defc3c08d93fddb34b1b4edbf841da5f00d7918d_ppc64le",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch-operator-bundle@sha256:eec91dbe056a85b3a8b61c5ce4d9383e182440f5ea496fac64a22cd7920daf5f_amd64 as a component of OpenShift Logging 5.3",
"product_id": "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-operator-bundle@sha256:eec91dbe056a85b3a8b61c5ce4d9383e182440f5ea496fac64a22cd7920daf5f_amd64"
},
"product_reference": "openshift-logging/elasticsearch-operator-bundle@sha256:eec91dbe056a85b3a8b61c5ce4d9383e182440f5ea496fac64a22cd7920daf5f_amd64",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:183da02fcaa5915a0552e5c4c4716b521cb5a698590fc1f58e0cede837f52b49_ppc64le as a component of OpenShift Logging 5.3",
"product_id": "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-proxy-rhel8@sha256:183da02fcaa5915a0552e5c4c4716b521cb5a698590fc1f58e0cede837f52b49_ppc64le"
},
"product_reference": "openshift-logging/elasticsearch-proxy-rhel8@sha256:183da02fcaa5915a0552e5c4c4716b521cb5a698590fc1f58e0cede837f52b49_ppc64le",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:1d7fe3558d416cf1ce9cd59e68f71ac3123b1cb8a3435001d2fa356198ea821c_s390x as a component of OpenShift Logging 5.3",
"product_id": "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-proxy-rhel8@sha256:1d7fe3558d416cf1ce9cd59e68f71ac3123b1cb8a3435001d2fa356198ea821c_s390x"
},
"product_reference": "openshift-logging/elasticsearch-proxy-rhel8@sha256:1d7fe3558d416cf1ce9cd59e68f71ac3123b1cb8a3435001d2fa356198ea821c_s390x",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:37eda3069f8fb47a90b0adef38e93df074dbe57821e3c306da03e2c1e267e9ed_amd64 as a component of OpenShift Logging 5.3",
"product_id": "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-proxy-rhel8@sha256:37eda3069f8fb47a90b0adef38e93df074dbe57821e3c306da03e2c1e267e9ed_amd64"
},
"product_reference": "openshift-logging/elasticsearch-proxy-rhel8@sha256:37eda3069f8fb47a90b0adef38e93df074dbe57821e3c306da03e2c1e267e9ed_amd64",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch-rhel8-operator@sha256:1209bca75d71152af832b0e11dfee461f4c6fdbeda6b91743e637ce453702f3c_ppc64le as a component of OpenShift Logging 5.3",
"product_id": "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-rhel8-operator@sha256:1209bca75d71152af832b0e11dfee461f4c6fdbeda6b91743e637ce453702f3c_ppc64le"
},
"product_reference": "openshift-logging/elasticsearch-rhel8-operator@sha256:1209bca75d71152af832b0e11dfee461f4c6fdbeda6b91743e637ce453702f3c_ppc64le",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch-rhel8-operator@sha256:1e342d10db70e1b160f906c65e6caa25aa64c519dd7ae7e8233fe2fe65121207_amd64 as a component of OpenShift Logging 5.3",
"product_id": "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-rhel8-operator@sha256:1e342d10db70e1b160f906c65e6caa25aa64c519dd7ae7e8233fe2fe65121207_amd64"
},
"product_reference": "openshift-logging/elasticsearch-rhel8-operator@sha256:1e342d10db70e1b160f906c65e6caa25aa64c519dd7ae7e8233fe2fe65121207_amd64",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch-rhel8-operator@sha256:f7e2c329f04793173ae4412aa096cf86ce7225c94b059c56d8c9e7dbe71b9a19_s390x as a component of OpenShift Logging 5.3",
"product_id": "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-rhel8-operator@sha256:f7e2c329f04793173ae4412aa096cf86ce7225c94b059c56d8c9e7dbe71b9a19_s390x"
},
"product_reference": "openshift-logging/elasticsearch-rhel8-operator@sha256:f7e2c329f04793173ae4412aa096cf86ce7225c94b059c56d8c9e7dbe71b9a19_s390x",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch6-rhel8@sha256:5e2d853cc71ec673ce0f6bcc14628c2fd650a9153b8d7e5f8cd1a1b2ef36093e_amd64 as a component of OpenShift Logging 5.3",
"product_id": "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch6-rhel8@sha256:5e2d853cc71ec673ce0f6bcc14628c2fd650a9153b8d7e5f8cd1a1b2ef36093e_amd64"
},
"product_reference": "openshift-logging/elasticsearch6-rhel8@sha256:5e2d853cc71ec673ce0f6bcc14628c2fd650a9153b8d7e5f8cd1a1b2ef36093e_amd64",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch6-rhel8@sha256:a8942268c538c264d5a7950f91106c44b1a431262a7af31ed02bed79f1c22d93_ppc64le as a component of OpenShift Logging 5.3",
"product_id": "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch6-rhel8@sha256:a8942268c538c264d5a7950f91106c44b1a431262a7af31ed02bed79f1c22d93_ppc64le"
},
"product_reference": "openshift-logging/elasticsearch6-rhel8@sha256:a8942268c538c264d5a7950f91106c44b1a431262a7af31ed02bed79f1c22d93_ppc64le",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch6-rhel8@sha256:ac206b3da24eb8df95e2e3b0bec234e84b8e5ef7000234f069855b73de77d846_s390x as a component of OpenShift Logging 5.3",
"product_id": "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch6-rhel8@sha256:ac206b3da24eb8df95e2e3b0bec234e84b8e5ef7000234f069855b73de77d846_s390x"
},
"product_reference": "openshift-logging/elasticsearch6-rhel8@sha256:ac206b3da24eb8df95e2e3b0bec234e84b8e5ef7000234f069855b73de77d846_s390x",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/eventrouter-rhel8@sha256:440473f04ef4cfd1d016063daabf011eb2ba6b9acea96312a72f215277333e53_s390x as a component of OpenShift Logging 5.3",
"product_id": "8Base-OSE-LOGGING-5.3:openshift-logging/eventrouter-rhel8@sha256:440473f04ef4cfd1d016063daabf011eb2ba6b9acea96312a72f215277333e53_s390x"
},
"product_reference": "openshift-logging/eventrouter-rhel8@sha256:440473f04ef4cfd1d016063daabf011eb2ba6b9acea96312a72f215277333e53_s390x",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/eventrouter-rhel8@sha256:956fb983f6ca0991c2d2a03f7054bd2c9881c03883e44d7b695dba475df62a29_amd64 as a component of OpenShift Logging 5.3",
"product_id": "8Base-OSE-LOGGING-5.3:openshift-logging/eventrouter-rhel8@sha256:956fb983f6ca0991c2d2a03f7054bd2c9881c03883e44d7b695dba475df62a29_amd64"
},
"product_reference": "openshift-logging/eventrouter-rhel8@sha256:956fb983f6ca0991c2d2a03f7054bd2c9881c03883e44d7b695dba475df62a29_amd64",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/eventrouter-rhel8@sha256:b1b03c78595d10ae30b5a35983784eaea11f1f9763944b2f9938117149bdd511_ppc64le as a component of OpenShift Logging 5.3",
"product_id": "8Base-OSE-LOGGING-5.3:openshift-logging/eventrouter-rhel8@sha256:b1b03c78595d10ae30b5a35983784eaea11f1f9763944b2f9938117149bdd511_ppc64le"
},
"product_reference": "openshift-logging/eventrouter-rhel8@sha256:b1b03c78595d10ae30b5a35983784eaea11f1f9763944b2f9938117149bdd511_ppc64le",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/fluentd-rhel8@sha256:4b114196ac78f93575475437a794c881fe79126f3e73fed1fe5ea9f89fcdb6c1_s390x as a component of OpenShift Logging 5.3",
"product_id": "8Base-OSE-LOGGING-5.3:openshift-logging/fluentd-rhel8@sha256:4b114196ac78f93575475437a794c881fe79126f3e73fed1fe5ea9f89fcdb6c1_s390x"
},
"product_reference": "openshift-logging/fluentd-rhel8@sha256:4b114196ac78f93575475437a794c881fe79126f3e73fed1fe5ea9f89fcdb6c1_s390x",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/fluentd-rhel8@sha256:4cf7cc86ccb8059ee5083d6e68a413e1db804ff45e126a9f87b1d52e8dd82855_ppc64le as a component of OpenShift Logging 5.3",
"product_id": "8Base-OSE-LOGGING-5.3:openshift-logging/fluentd-rhel8@sha256:4cf7cc86ccb8059ee5083d6e68a413e1db804ff45e126a9f87b1d52e8dd82855_ppc64le"
},
"product_reference": "openshift-logging/fluentd-rhel8@sha256:4cf7cc86ccb8059ee5083d6e68a413e1db804ff45e126a9f87b1d52e8dd82855_ppc64le",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/fluentd-rhel8@sha256:ae0cf89749b44739b6f2560c3f6527cee2606b67388a7d965dd76644a25420f5_amd64 as a component of OpenShift Logging 5.3",
"product_id": "8Base-OSE-LOGGING-5.3:openshift-logging/fluentd-rhel8@sha256:ae0cf89749b44739b6f2560c3f6527cee2606b67388a7d965dd76644a25420f5_amd64"
},
"product_reference": "openshift-logging/fluentd-rhel8@sha256:ae0cf89749b44739b6f2560c3f6527cee2606b67388a7d965dd76644a25420f5_amd64",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/kibana6-rhel8@sha256:278eb4ecec21f235a26693b3f6c1b0cdfab5635f5a5ac51dd0540c6ab69c1316_ppc64le as a component of OpenShift Logging 5.3",
"product_id": "8Base-OSE-LOGGING-5.3:openshift-logging/kibana6-rhel8@sha256:278eb4ecec21f235a26693b3f6c1b0cdfab5635f5a5ac51dd0540c6ab69c1316_ppc64le"
},
"product_reference": "openshift-logging/kibana6-rhel8@sha256:278eb4ecec21f235a26693b3f6c1b0cdfab5635f5a5ac51dd0540c6ab69c1316_ppc64le",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/kibana6-rhel8@sha256:61a6311f2ca53f6e600007bd9ffc90c7183f81db8fee8d839991565d82be5f2e_s390x as a component of OpenShift Logging 5.3",
"product_id": "8Base-OSE-LOGGING-5.3:openshift-logging/kibana6-rhel8@sha256:61a6311f2ca53f6e600007bd9ffc90c7183f81db8fee8d839991565d82be5f2e_s390x"
},
"product_reference": "openshift-logging/kibana6-rhel8@sha256:61a6311f2ca53f6e600007bd9ffc90c7183f81db8fee8d839991565d82be5f2e_s390x",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/kibana6-rhel8@sha256:680c44946a899270de101bca06b22ed5b4eba0b85c1e01e21e30fc6a2740ab2d_amd64 as a component of OpenShift Logging 5.3",
"product_id": "8Base-OSE-LOGGING-5.3:openshift-logging/kibana6-rhel8@sha256:680c44946a899270de101bca06b22ed5b4eba0b85c1e01e21e30fc6a2740ab2d_amd64"
},
"product_reference": "openshift-logging/kibana6-rhel8@sha256:680c44946a899270de101bca06b22ed5b4eba0b85c1e01e21e30fc6a2740ab2d_amd64",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/log-file-metric-exporter-rhel8@sha256:25f94f0e27668fe254b7ff74731d39b7ed9f6c278c52dcf759893d9a1abe4895_amd64 as a component of OpenShift Logging 5.3",
"product_id": "8Base-OSE-LOGGING-5.3:openshift-logging/log-file-metric-exporter-rhel8@sha256:25f94f0e27668fe254b7ff74731d39b7ed9f6c278c52dcf759893d9a1abe4895_amd64"
},
"product_reference": "openshift-logging/log-file-metric-exporter-rhel8@sha256:25f94f0e27668fe254b7ff74731d39b7ed9f6c278c52dcf759893d9a1abe4895_amd64",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/log-file-metric-exporter-rhel8@sha256:ce82cceec1ccb2e951cc54fbc6bd1109a616034f9462b19f13dffa35902e0cef_ppc64le as a component of OpenShift Logging 5.3",
"product_id": "8Base-OSE-LOGGING-5.3:openshift-logging/log-file-metric-exporter-rhel8@sha256:ce82cceec1ccb2e951cc54fbc6bd1109a616034f9462b19f13dffa35902e0cef_ppc64le"
},
"product_reference": "openshift-logging/log-file-metric-exporter-rhel8@sha256:ce82cceec1ccb2e951cc54fbc6bd1109a616034f9462b19f13dffa35902e0cef_ppc64le",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/log-file-metric-exporter-rhel8@sha256:fd70baba0ba7a59a994ca33527ecb2575ab199daeb4ecd34581cccf0db246c59_s390x as a component of OpenShift Logging 5.3",
"product_id": "8Base-OSE-LOGGING-5.3:openshift-logging/log-file-metric-exporter-rhel8@sha256:fd70baba0ba7a59a994ca33527ecb2575ab199daeb4ecd34581cccf0db246c59_s390x"
},
"product_reference": "openshift-logging/log-file-metric-exporter-rhel8@sha256:fd70baba0ba7a59a994ca33527ecb2575ab199daeb4ecd34581cccf0db246c59_s390x",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/logging-curator5-rhel8@sha256:04cb0712418289fc446752a0c274d1036886312b7a63b54ebbeeab1421c10924_ppc64le as a component of OpenShift Logging 5.3",
"product_id": "8Base-OSE-LOGGING-5.3:openshift-logging/logging-curator5-rhel8@sha256:04cb0712418289fc446752a0c274d1036886312b7a63b54ebbeeab1421c10924_ppc64le"
},
"product_reference": "openshift-logging/logging-curator5-rhel8@sha256:04cb0712418289fc446752a0c274d1036886312b7a63b54ebbeeab1421c10924_ppc64le",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/logging-curator5-rhel8@sha256:1d900ee34e14094e24b855acfbeec3f2f3c82f3fcc07d3b4cebe5e92ea1a8fde_s390x as a component of OpenShift Logging 5.3",
"product_id": "8Base-OSE-LOGGING-5.3:openshift-logging/logging-curator5-rhel8@sha256:1d900ee34e14094e24b855acfbeec3f2f3c82f3fcc07d3b4cebe5e92ea1a8fde_s390x"
},
"product_reference": "openshift-logging/logging-curator5-rhel8@sha256:1d900ee34e14094e24b855acfbeec3f2f3c82f3fcc07d3b4cebe5e92ea1a8fde_s390x",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/logging-curator5-rhel8@sha256:b722f8982018f215a0a1566a561d742f1f7d99a2b507b8a7e874f6db1a6fef08_amd64 as a component of OpenShift Logging 5.3",
"product_id": "8Base-OSE-LOGGING-5.3:openshift-logging/logging-curator5-rhel8@sha256:b722f8982018f215a0a1566a561d742f1f7d99a2b507b8a7e874f6db1a6fef08_amd64"
},
"product_reference": "openshift-logging/logging-curator5-rhel8@sha256:b722f8982018f215a0a1566a561d742f1f7d99a2b507b8a7e874f6db1a6fef08_amd64",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.3"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-27292",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2021-03-17T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-operator-bundle@sha256:1eab02e25f64839b15747d2bb8e0e6f8c3f632e9372a5ee926cde2c1e5cbc998_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-rhel8-operator@sha256:6c544de84925d0e3883a5d091c17a33362a0138271bbbda6663eb1407f98e0c5_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-rhel8-operator@sha256:74e4ae6c04abc489b90cab07c40f24f68ab7f92e366d3661ba3130ca6fa205c9_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-rhel8-operator@sha256:9f622b5daa152e2b8d94fa12defc3c08d93fddb34b1b4edbf841da5f00d7918d_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-operator-bundle@sha256:eec91dbe056a85b3a8b61c5ce4d9383e182440f5ea496fac64a22cd7920daf5f_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-proxy-rhel8@sha256:183da02fcaa5915a0552e5c4c4716b521cb5a698590fc1f58e0cede837f52b49_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-proxy-rhel8@sha256:1d7fe3558d416cf1ce9cd59e68f71ac3123b1cb8a3435001d2fa356198ea821c_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-proxy-rhel8@sha256:37eda3069f8fb47a90b0adef38e93df074dbe57821e3c306da03e2c1e267e9ed_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-rhel8-operator@sha256:1209bca75d71152af832b0e11dfee461f4c6fdbeda6b91743e637ce453702f3c_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-rhel8-operator@sha256:1e342d10db70e1b160f906c65e6caa25aa64c519dd7ae7e8233fe2fe65121207_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-rhel8-operator@sha256:f7e2c329f04793173ae4412aa096cf86ce7225c94b059c56d8c9e7dbe71b9a19_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch6-rhel8@sha256:5e2d853cc71ec673ce0f6bcc14628c2fd650a9153b8d7e5f8cd1a1b2ef36093e_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch6-rhel8@sha256:a8942268c538c264d5a7950f91106c44b1a431262a7af31ed02bed79f1c22d93_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch6-rhel8@sha256:ac206b3da24eb8df95e2e3b0bec234e84b8e5ef7000234f069855b73de77d846_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/eventrouter-rhel8@sha256:440473f04ef4cfd1d016063daabf011eb2ba6b9acea96312a72f215277333e53_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/eventrouter-rhel8@sha256:956fb983f6ca0991c2d2a03f7054bd2c9881c03883e44d7b695dba475df62a29_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/eventrouter-rhel8@sha256:b1b03c78595d10ae30b5a35983784eaea11f1f9763944b2f9938117149bdd511_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/fluentd-rhel8@sha256:4b114196ac78f93575475437a794c881fe79126f3e73fed1fe5ea9f89fcdb6c1_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/fluentd-rhel8@sha256:4cf7cc86ccb8059ee5083d6e68a413e1db804ff45e126a9f87b1d52e8dd82855_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/fluentd-rhel8@sha256:ae0cf89749b44739b6f2560c3f6527cee2606b67388a7d965dd76644a25420f5_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/log-file-metric-exporter-rhel8@sha256:25f94f0e27668fe254b7ff74731d39b7ed9f6c278c52dcf759893d9a1abe4895_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/log-file-metric-exporter-rhel8@sha256:ce82cceec1ccb2e951cc54fbc6bd1109a616034f9462b19f13dffa35902e0cef_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/log-file-metric-exporter-rhel8@sha256:fd70baba0ba7a59a994ca33527ecb2575ab199daeb4ecd34581cccf0db246c59_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/logging-curator5-rhel8@sha256:04cb0712418289fc446752a0c274d1036886312b7a63b54ebbeeab1421c10924_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/logging-curator5-rhel8@sha256:1d900ee34e14094e24b855acfbeec3f2f3c82f3fcc07d3b4cebe5e92ea1a8fde_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/logging-curator5-rhel8@sha256:b722f8982018f215a0a1566a561d742f1f7d99a2b507b8a7e874f6db1a6fef08_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1940613"
}
],
"notes": [
{
"category": "description",
"text": "A regular expression denial of service (ReDoS) vulnerability was found in the npm library `ua-parser-js`. If a supplied user agent matches the `Noble` string and contains many spaces then the regex will conduct backtracking, taking an ever increasing amount of time depending on the number of spaces supplied. An attacker can use this vulnerability to potentially craft a malicious user agent resulting in a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "nodejs-ua-parser-js: ReDoS via malicious User-Agent header",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "While some components do package a vulnerable version of ua-parser-js, access to them requires OpenShift OAuth credentials and hence have been marked with a Low impact. This applies to the following products:\n - OpenShift Container Platform (OCP)\n - OpenShift ServiceMesh (OSSM) \n - Red Hat OpenShift Jaeger (RHOSJ)\n - Red Hat OpenShift Logging\n\nThe OCP presto-container does ship the vulnerable component, however since OCP 4.6 the Metering product has been deprecated [1], set as wont-fix and may be fixed in a future release.\n\nRed Hat Advanced Cluster Management for Kubernetes (RHACM) ships graphql-tools that pulls 0.7.23 version of ua-parser-js that uses the affected code.\n\n[1] - https://access.redhat.com/solutions/5707561",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OSE-LOGGING-5.3:openshift-logging/kibana6-rhel8@sha256:278eb4ecec21f235a26693b3f6c1b0cdfab5635f5a5ac51dd0540c6ab69c1316_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/kibana6-rhel8@sha256:61a6311f2ca53f6e600007bd9ffc90c7183f81db8fee8d839991565d82be5f2e_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/kibana6-rhel8@sha256:680c44946a899270de101bca06b22ed5b4eba0b85c1e01e21e30fc6a2740ab2d_amd64"
],
"known_not_affected": [
"8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-operator-bundle@sha256:1eab02e25f64839b15747d2bb8e0e6f8c3f632e9372a5ee926cde2c1e5cbc998_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-rhel8-operator@sha256:6c544de84925d0e3883a5d091c17a33362a0138271bbbda6663eb1407f98e0c5_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-rhel8-operator@sha256:74e4ae6c04abc489b90cab07c40f24f68ab7f92e366d3661ba3130ca6fa205c9_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-rhel8-operator@sha256:9f622b5daa152e2b8d94fa12defc3c08d93fddb34b1b4edbf841da5f00d7918d_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-operator-bundle@sha256:eec91dbe056a85b3a8b61c5ce4d9383e182440f5ea496fac64a22cd7920daf5f_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-proxy-rhel8@sha256:183da02fcaa5915a0552e5c4c4716b521cb5a698590fc1f58e0cede837f52b49_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-proxy-rhel8@sha256:1d7fe3558d416cf1ce9cd59e68f71ac3123b1cb8a3435001d2fa356198ea821c_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-proxy-rhel8@sha256:37eda3069f8fb47a90b0adef38e93df074dbe57821e3c306da03e2c1e267e9ed_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-rhel8-operator@sha256:1209bca75d71152af832b0e11dfee461f4c6fdbeda6b91743e637ce453702f3c_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-rhel8-operator@sha256:1e342d10db70e1b160f906c65e6caa25aa64c519dd7ae7e8233fe2fe65121207_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-rhel8-operator@sha256:f7e2c329f04793173ae4412aa096cf86ce7225c94b059c56d8c9e7dbe71b9a19_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch6-rhel8@sha256:5e2d853cc71ec673ce0f6bcc14628c2fd650a9153b8d7e5f8cd1a1b2ef36093e_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch6-rhel8@sha256:a8942268c538c264d5a7950f91106c44b1a431262a7af31ed02bed79f1c22d93_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch6-rhel8@sha256:ac206b3da24eb8df95e2e3b0bec234e84b8e5ef7000234f069855b73de77d846_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/eventrouter-rhel8@sha256:440473f04ef4cfd1d016063daabf011eb2ba6b9acea96312a72f215277333e53_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/eventrouter-rhel8@sha256:956fb983f6ca0991c2d2a03f7054bd2c9881c03883e44d7b695dba475df62a29_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/eventrouter-rhel8@sha256:b1b03c78595d10ae30b5a35983784eaea11f1f9763944b2f9938117149bdd511_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/fluentd-rhel8@sha256:4b114196ac78f93575475437a794c881fe79126f3e73fed1fe5ea9f89fcdb6c1_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/fluentd-rhel8@sha256:4cf7cc86ccb8059ee5083d6e68a413e1db804ff45e126a9f87b1d52e8dd82855_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/fluentd-rhel8@sha256:ae0cf89749b44739b6f2560c3f6527cee2606b67388a7d965dd76644a25420f5_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/log-file-metric-exporter-rhel8@sha256:25f94f0e27668fe254b7ff74731d39b7ed9f6c278c52dcf759893d9a1abe4895_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/log-file-metric-exporter-rhel8@sha256:ce82cceec1ccb2e951cc54fbc6bd1109a616034f9462b19f13dffa35902e0cef_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/log-file-metric-exporter-rhel8@sha256:fd70baba0ba7a59a994ca33527ecb2575ab199daeb4ecd34581cccf0db246c59_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/logging-curator5-rhel8@sha256:04cb0712418289fc446752a0c274d1036886312b7a63b54ebbeeab1421c10924_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/logging-curator5-rhel8@sha256:1d900ee34e14094e24b855acfbeec3f2f3c82f3fcc07d3b4cebe5e92ea1a8fde_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/logging-curator5-rhel8@sha256:b722f8982018f215a0a1566a561d742f1f7d99a2b507b8a7e874f6db1a6fef08_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-27292"
},
{
"category": "external",
"summary": "RHBZ#1940613",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1940613"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-27292",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-27292"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-27292",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-27292"
},
{
"category": "external",
"summary": "https://gist.github.com/b-c-ds/6941d80d6b4e694df4bc269493b7be76",
"url": "https://gist.github.com/b-c-ds/6941d80d6b4e694df4bc269493b7be76"
}
],
"release_date": "2021-02-11T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-01-20T21:40:25+00:00",
"details": "For OpenShift Container Platform 4.9 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:\n\nhttps://docs.openshift.com/container-platform/4.9/release_notes/ocp-4-9-release-notes.html\n\nFor Red Hat OpenShift Logging 5.3, see the following instructions to apply this update:\n\nhttps://docs.openshift.com/container-platform/4.7/logging/cluster-logging-upgrading.html",
"product_ids": [
"8Base-OSE-LOGGING-5.3:openshift-logging/kibana6-rhel8@sha256:278eb4ecec21f235a26693b3f6c1b0cdfab5635f5a5ac51dd0540c6ab69c1316_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/kibana6-rhel8@sha256:61a6311f2ca53f6e600007bd9ffc90c7183f81db8fee8d839991565d82be5f2e_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/kibana6-rhel8@sha256:680c44946a899270de101bca06b22ed5b4eba0b85c1e01e21e30fc6a2740ab2d_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:0227"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-operator-bundle@sha256:1eab02e25f64839b15747d2bb8e0e6f8c3f632e9372a5ee926cde2c1e5cbc998_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-rhel8-operator@sha256:6c544de84925d0e3883a5d091c17a33362a0138271bbbda6663eb1407f98e0c5_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-rhel8-operator@sha256:74e4ae6c04abc489b90cab07c40f24f68ab7f92e366d3661ba3130ca6fa205c9_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-rhel8-operator@sha256:9f622b5daa152e2b8d94fa12defc3c08d93fddb34b1b4edbf841da5f00d7918d_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-operator-bundle@sha256:eec91dbe056a85b3a8b61c5ce4d9383e182440f5ea496fac64a22cd7920daf5f_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-proxy-rhel8@sha256:183da02fcaa5915a0552e5c4c4716b521cb5a698590fc1f58e0cede837f52b49_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-proxy-rhel8@sha256:1d7fe3558d416cf1ce9cd59e68f71ac3123b1cb8a3435001d2fa356198ea821c_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-proxy-rhel8@sha256:37eda3069f8fb47a90b0adef38e93df074dbe57821e3c306da03e2c1e267e9ed_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-rhel8-operator@sha256:1209bca75d71152af832b0e11dfee461f4c6fdbeda6b91743e637ce453702f3c_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-rhel8-operator@sha256:1e342d10db70e1b160f906c65e6caa25aa64c519dd7ae7e8233fe2fe65121207_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-rhel8-operator@sha256:f7e2c329f04793173ae4412aa096cf86ce7225c94b059c56d8c9e7dbe71b9a19_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch6-rhel8@sha256:5e2d853cc71ec673ce0f6bcc14628c2fd650a9153b8d7e5f8cd1a1b2ef36093e_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch6-rhel8@sha256:a8942268c538c264d5a7950f91106c44b1a431262a7af31ed02bed79f1c22d93_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch6-rhel8@sha256:ac206b3da24eb8df95e2e3b0bec234e84b8e5ef7000234f069855b73de77d846_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/eventrouter-rhel8@sha256:440473f04ef4cfd1d016063daabf011eb2ba6b9acea96312a72f215277333e53_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/eventrouter-rhel8@sha256:956fb983f6ca0991c2d2a03f7054bd2c9881c03883e44d7b695dba475df62a29_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/eventrouter-rhel8@sha256:b1b03c78595d10ae30b5a35983784eaea11f1f9763944b2f9938117149bdd511_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/fluentd-rhel8@sha256:4b114196ac78f93575475437a794c881fe79126f3e73fed1fe5ea9f89fcdb6c1_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/fluentd-rhel8@sha256:4cf7cc86ccb8059ee5083d6e68a413e1db804ff45e126a9f87b1d52e8dd82855_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/fluentd-rhel8@sha256:ae0cf89749b44739b6f2560c3f6527cee2606b67388a7d965dd76644a25420f5_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/kibana6-rhel8@sha256:278eb4ecec21f235a26693b3f6c1b0cdfab5635f5a5ac51dd0540c6ab69c1316_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/kibana6-rhel8@sha256:61a6311f2ca53f6e600007bd9ffc90c7183f81db8fee8d839991565d82be5f2e_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/kibana6-rhel8@sha256:680c44946a899270de101bca06b22ed5b4eba0b85c1e01e21e30fc6a2740ab2d_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/log-file-metric-exporter-rhel8@sha256:25f94f0e27668fe254b7ff74731d39b7ed9f6c278c52dcf759893d9a1abe4895_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/log-file-metric-exporter-rhel8@sha256:ce82cceec1ccb2e951cc54fbc6bd1109a616034f9462b19f13dffa35902e0cef_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/log-file-metric-exporter-rhel8@sha256:fd70baba0ba7a59a994ca33527ecb2575ab199daeb4ecd34581cccf0db246c59_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/logging-curator5-rhel8@sha256:04cb0712418289fc446752a0c274d1036886312b7a63b54ebbeeab1421c10924_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/logging-curator5-rhel8@sha256:1d900ee34e14094e24b855acfbeec3f2f3c82f3fcc07d3b4cebe5e92ea1a8fde_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/logging-curator5-rhel8@sha256:b722f8982018f215a0a1566a561d742f1f7d99a2b507b8a7e874f6db1a6fef08_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "nodejs-ua-parser-js: ReDoS via malicious User-Agent header"
},
{
"cve": "CVE-2021-44832",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2021-12-28T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-operator-bundle@sha256:1eab02e25f64839b15747d2bb8e0e6f8c3f632e9372a5ee926cde2c1e5cbc998_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-rhel8-operator@sha256:6c544de84925d0e3883a5d091c17a33362a0138271bbbda6663eb1407f98e0c5_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-rhel8-operator@sha256:74e4ae6c04abc489b90cab07c40f24f68ab7f92e366d3661ba3130ca6fa205c9_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-rhel8-operator@sha256:9f622b5daa152e2b8d94fa12defc3c08d93fddb34b1b4edbf841da5f00d7918d_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-operator-bundle@sha256:eec91dbe056a85b3a8b61c5ce4d9383e182440f5ea496fac64a22cd7920daf5f_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-proxy-rhel8@sha256:183da02fcaa5915a0552e5c4c4716b521cb5a698590fc1f58e0cede837f52b49_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-proxy-rhel8@sha256:1d7fe3558d416cf1ce9cd59e68f71ac3123b1cb8a3435001d2fa356198ea821c_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-proxy-rhel8@sha256:37eda3069f8fb47a90b0adef38e93df074dbe57821e3c306da03e2c1e267e9ed_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-rhel8-operator@sha256:1209bca75d71152af832b0e11dfee461f4c6fdbeda6b91743e637ce453702f3c_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-rhel8-operator@sha256:1e342d10db70e1b160f906c65e6caa25aa64c519dd7ae7e8233fe2fe65121207_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-rhel8-operator@sha256:f7e2c329f04793173ae4412aa096cf86ce7225c94b059c56d8c9e7dbe71b9a19_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/eventrouter-rhel8@sha256:440473f04ef4cfd1d016063daabf011eb2ba6b9acea96312a72f215277333e53_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/eventrouter-rhel8@sha256:956fb983f6ca0991c2d2a03f7054bd2c9881c03883e44d7b695dba475df62a29_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/eventrouter-rhel8@sha256:b1b03c78595d10ae30b5a35983784eaea11f1f9763944b2f9938117149bdd511_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/fluentd-rhel8@sha256:4b114196ac78f93575475437a794c881fe79126f3e73fed1fe5ea9f89fcdb6c1_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/fluentd-rhel8@sha256:4cf7cc86ccb8059ee5083d6e68a413e1db804ff45e126a9f87b1d52e8dd82855_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/fluentd-rhel8@sha256:ae0cf89749b44739b6f2560c3f6527cee2606b67388a7d965dd76644a25420f5_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/kibana6-rhel8@sha256:278eb4ecec21f235a26693b3f6c1b0cdfab5635f5a5ac51dd0540c6ab69c1316_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/kibana6-rhel8@sha256:61a6311f2ca53f6e600007bd9ffc90c7183f81db8fee8d839991565d82be5f2e_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/kibana6-rhel8@sha256:680c44946a899270de101bca06b22ed5b4eba0b85c1e01e21e30fc6a2740ab2d_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/log-file-metric-exporter-rhel8@sha256:25f94f0e27668fe254b7ff74731d39b7ed9f6c278c52dcf759893d9a1abe4895_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/log-file-metric-exporter-rhel8@sha256:ce82cceec1ccb2e951cc54fbc6bd1109a616034f9462b19f13dffa35902e0cef_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/log-file-metric-exporter-rhel8@sha256:fd70baba0ba7a59a994ca33527ecb2575ab199daeb4ecd34581cccf0db246c59_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/logging-curator5-rhel8@sha256:04cb0712418289fc446752a0c274d1036886312b7a63b54ebbeeab1421c10924_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/logging-curator5-rhel8@sha256:1d900ee34e14094e24b855acfbeec3f2f3c82f3fcc07d3b4cebe5e92ea1a8fde_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/logging-curator5-rhel8@sha256:b722f8982018f215a0a1566a561d742f1f7d99a2b507b8a7e874f6db1a6fef08_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2035951"
}
],
"notes": [
{
"category": "description",
"text": "Apache Log4j2 versions 2.0-beta7 through 2.17.0 (excluding security fix releases 2.3.2 and 2.12.4) are vulnerable to a remote code execution (RCE) attack where an attacker with permission to modify the logging configuration file can construct a malicious configuration using a JDBC Appender with a data source referencing a JNDI URI which can execute remote code. This issue is fixed by limiting JNDI data source names to the java protocol in Log4j2 versions 2.17.1, 2.12.4, and 2.3.2.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "log4j-core: remote code execution via JDBC Appender",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Log4j 1.x is not impacted by this vulnerability. Therefore versions of log4j shipped with Red Hat Enterprise Linux are NOT affected by this flaw.\n\nFor Elasticsearch, as shipped in OpenShift Container Platform and OpenShift Logging, access to the log4j2.properties configuration is limited only to the cluster administrators and exploitation requires cluster logging changes, what reduced the impact of this vulnerability significantly [0].\n\n[0] https://discuss.elastic.co/t/apache-log4j2-remote-code-execution-rce-vulnerability-cve-2021-44228-esa-2021-31/291476#update-jan-6-5",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch6-rhel8@sha256:5e2d853cc71ec673ce0f6bcc14628c2fd650a9153b8d7e5f8cd1a1b2ef36093e_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch6-rhel8@sha256:a8942268c538c264d5a7950f91106c44b1a431262a7af31ed02bed79f1c22d93_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch6-rhel8@sha256:ac206b3da24eb8df95e2e3b0bec234e84b8e5ef7000234f069855b73de77d846_s390x"
],
"known_not_affected": [
"8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-operator-bundle@sha256:1eab02e25f64839b15747d2bb8e0e6f8c3f632e9372a5ee926cde2c1e5cbc998_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-rhel8-operator@sha256:6c544de84925d0e3883a5d091c17a33362a0138271bbbda6663eb1407f98e0c5_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-rhel8-operator@sha256:74e4ae6c04abc489b90cab07c40f24f68ab7f92e366d3661ba3130ca6fa205c9_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-rhel8-operator@sha256:9f622b5daa152e2b8d94fa12defc3c08d93fddb34b1b4edbf841da5f00d7918d_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-operator-bundle@sha256:eec91dbe056a85b3a8b61c5ce4d9383e182440f5ea496fac64a22cd7920daf5f_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-proxy-rhel8@sha256:183da02fcaa5915a0552e5c4c4716b521cb5a698590fc1f58e0cede837f52b49_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-proxy-rhel8@sha256:1d7fe3558d416cf1ce9cd59e68f71ac3123b1cb8a3435001d2fa356198ea821c_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-proxy-rhel8@sha256:37eda3069f8fb47a90b0adef38e93df074dbe57821e3c306da03e2c1e267e9ed_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-rhel8-operator@sha256:1209bca75d71152af832b0e11dfee461f4c6fdbeda6b91743e637ce453702f3c_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-rhel8-operator@sha256:1e342d10db70e1b160f906c65e6caa25aa64c519dd7ae7e8233fe2fe65121207_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-rhel8-operator@sha256:f7e2c329f04793173ae4412aa096cf86ce7225c94b059c56d8c9e7dbe71b9a19_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/eventrouter-rhel8@sha256:440473f04ef4cfd1d016063daabf011eb2ba6b9acea96312a72f215277333e53_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/eventrouter-rhel8@sha256:956fb983f6ca0991c2d2a03f7054bd2c9881c03883e44d7b695dba475df62a29_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/eventrouter-rhel8@sha256:b1b03c78595d10ae30b5a35983784eaea11f1f9763944b2f9938117149bdd511_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/fluentd-rhel8@sha256:4b114196ac78f93575475437a794c881fe79126f3e73fed1fe5ea9f89fcdb6c1_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/fluentd-rhel8@sha256:4cf7cc86ccb8059ee5083d6e68a413e1db804ff45e126a9f87b1d52e8dd82855_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/fluentd-rhel8@sha256:ae0cf89749b44739b6f2560c3f6527cee2606b67388a7d965dd76644a25420f5_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/kibana6-rhel8@sha256:278eb4ecec21f235a26693b3f6c1b0cdfab5635f5a5ac51dd0540c6ab69c1316_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/kibana6-rhel8@sha256:61a6311f2ca53f6e600007bd9ffc90c7183f81db8fee8d839991565d82be5f2e_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/kibana6-rhel8@sha256:680c44946a899270de101bca06b22ed5b4eba0b85c1e01e21e30fc6a2740ab2d_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/log-file-metric-exporter-rhel8@sha256:25f94f0e27668fe254b7ff74731d39b7ed9f6c278c52dcf759893d9a1abe4895_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/log-file-metric-exporter-rhel8@sha256:ce82cceec1ccb2e951cc54fbc6bd1109a616034f9462b19f13dffa35902e0cef_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/log-file-metric-exporter-rhel8@sha256:fd70baba0ba7a59a994ca33527ecb2575ab199daeb4ecd34581cccf0db246c59_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/logging-curator5-rhel8@sha256:04cb0712418289fc446752a0c274d1036886312b7a63b54ebbeeab1421c10924_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/logging-curator5-rhel8@sha256:1d900ee34e14094e24b855acfbeec3f2f3c82f3fcc07d3b4cebe5e92ea1a8fde_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/logging-curator5-rhel8@sha256:b722f8982018f215a0a1566a561d742f1f7d99a2b507b8a7e874f6db1a6fef08_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-44832"
},
{
"category": "external",
"summary": "RHBZ#2035951",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2035951"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-44832",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44832"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-44832",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-44832"
},
{
"category": "external",
"summary": "https://issues.apache.org/jira/browse/LOG4J2-3293",
"url": "https://issues.apache.org/jira/browse/LOG4J2-3293"
}
],
"release_date": "2021-12-28T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-01-20T21:40:25+00:00",
"details": "For OpenShift Container Platform 4.9 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:\n\nhttps://docs.openshift.com/container-platform/4.9/release_notes/ocp-4-9-release-notes.html\n\nFor Red Hat OpenShift Logging 5.3, see the following instructions to apply this update:\n\nhttps://docs.openshift.com/container-platform/4.7/logging/cluster-logging-upgrading.html",
"product_ids": [
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch6-rhel8@sha256:5e2d853cc71ec673ce0f6bcc14628c2fd650a9153b8d7e5f8cd1a1b2ef36093e_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch6-rhel8@sha256:a8942268c538c264d5a7950f91106c44b1a431262a7af31ed02bed79f1c22d93_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch6-rhel8@sha256:ac206b3da24eb8df95e2e3b0bec234e84b8e5ef7000234f069855b73de77d846_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:0227"
},
{
"category": "workaround",
"details": "As per upstream:\n- In prior releases confirm that if the JDBC Appender is being used it is not configured to use any protocol other than Java.\n- Note that only the log4j-core JAR file is impacted by this vulnerability. Applications using only the log4j-api JAR file without the log4j-core JAR file are not impacted by this vulnerability.",
"product_ids": [
"8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-operator-bundle@sha256:1eab02e25f64839b15747d2bb8e0e6f8c3f632e9372a5ee926cde2c1e5cbc998_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-rhel8-operator@sha256:6c544de84925d0e3883a5d091c17a33362a0138271bbbda6663eb1407f98e0c5_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-rhel8-operator@sha256:74e4ae6c04abc489b90cab07c40f24f68ab7f92e366d3661ba3130ca6fa205c9_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-rhel8-operator@sha256:9f622b5daa152e2b8d94fa12defc3c08d93fddb34b1b4edbf841da5f00d7918d_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-operator-bundle@sha256:eec91dbe056a85b3a8b61c5ce4d9383e182440f5ea496fac64a22cd7920daf5f_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-proxy-rhel8@sha256:183da02fcaa5915a0552e5c4c4716b521cb5a698590fc1f58e0cede837f52b49_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-proxy-rhel8@sha256:1d7fe3558d416cf1ce9cd59e68f71ac3123b1cb8a3435001d2fa356198ea821c_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-proxy-rhel8@sha256:37eda3069f8fb47a90b0adef38e93df074dbe57821e3c306da03e2c1e267e9ed_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-rhel8-operator@sha256:1209bca75d71152af832b0e11dfee461f4c6fdbeda6b91743e637ce453702f3c_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-rhel8-operator@sha256:1e342d10db70e1b160f906c65e6caa25aa64c519dd7ae7e8233fe2fe65121207_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-rhel8-operator@sha256:f7e2c329f04793173ae4412aa096cf86ce7225c94b059c56d8c9e7dbe71b9a19_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch6-rhel8@sha256:5e2d853cc71ec673ce0f6bcc14628c2fd650a9153b8d7e5f8cd1a1b2ef36093e_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch6-rhel8@sha256:a8942268c538c264d5a7950f91106c44b1a431262a7af31ed02bed79f1c22d93_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch6-rhel8@sha256:ac206b3da24eb8df95e2e3b0bec234e84b8e5ef7000234f069855b73de77d846_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/eventrouter-rhel8@sha256:440473f04ef4cfd1d016063daabf011eb2ba6b9acea96312a72f215277333e53_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/eventrouter-rhel8@sha256:956fb983f6ca0991c2d2a03f7054bd2c9881c03883e44d7b695dba475df62a29_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/eventrouter-rhel8@sha256:b1b03c78595d10ae30b5a35983784eaea11f1f9763944b2f9938117149bdd511_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/fluentd-rhel8@sha256:4b114196ac78f93575475437a794c881fe79126f3e73fed1fe5ea9f89fcdb6c1_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/fluentd-rhel8@sha256:4cf7cc86ccb8059ee5083d6e68a413e1db804ff45e126a9f87b1d52e8dd82855_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/fluentd-rhel8@sha256:ae0cf89749b44739b6f2560c3f6527cee2606b67388a7d965dd76644a25420f5_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/kibana6-rhel8@sha256:278eb4ecec21f235a26693b3f6c1b0cdfab5635f5a5ac51dd0540c6ab69c1316_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/kibana6-rhel8@sha256:61a6311f2ca53f6e600007bd9ffc90c7183f81db8fee8d839991565d82be5f2e_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/kibana6-rhel8@sha256:680c44946a899270de101bca06b22ed5b4eba0b85c1e01e21e30fc6a2740ab2d_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/log-file-metric-exporter-rhel8@sha256:25f94f0e27668fe254b7ff74731d39b7ed9f6c278c52dcf759893d9a1abe4895_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/log-file-metric-exporter-rhel8@sha256:ce82cceec1ccb2e951cc54fbc6bd1109a616034f9462b19f13dffa35902e0cef_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/log-file-metric-exporter-rhel8@sha256:fd70baba0ba7a59a994ca33527ecb2575ab199daeb4ecd34581cccf0db246c59_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/logging-curator5-rhel8@sha256:04cb0712418289fc446752a0c274d1036886312b7a63b54ebbeeab1421c10924_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/logging-curator5-rhel8@sha256:1d900ee34e14094e24b855acfbeec3f2f3c82f3fcc07d3b4cebe5e92ea1a8fde_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/logging-curator5-rhel8@sha256:b722f8982018f215a0a1566a561d742f1f7d99a2b507b8a7e874f6db1a6fef08_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-operator-bundle@sha256:1eab02e25f64839b15747d2bb8e0e6f8c3f632e9372a5ee926cde2c1e5cbc998_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-rhel8-operator@sha256:6c544de84925d0e3883a5d091c17a33362a0138271bbbda6663eb1407f98e0c5_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-rhel8-operator@sha256:74e4ae6c04abc489b90cab07c40f24f68ab7f92e366d3661ba3130ca6fa205c9_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-rhel8-operator@sha256:9f622b5daa152e2b8d94fa12defc3c08d93fddb34b1b4edbf841da5f00d7918d_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-operator-bundle@sha256:eec91dbe056a85b3a8b61c5ce4d9383e182440f5ea496fac64a22cd7920daf5f_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-proxy-rhel8@sha256:183da02fcaa5915a0552e5c4c4716b521cb5a698590fc1f58e0cede837f52b49_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-proxy-rhel8@sha256:1d7fe3558d416cf1ce9cd59e68f71ac3123b1cb8a3435001d2fa356198ea821c_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-proxy-rhel8@sha256:37eda3069f8fb47a90b0adef38e93df074dbe57821e3c306da03e2c1e267e9ed_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-rhel8-operator@sha256:1209bca75d71152af832b0e11dfee461f4c6fdbeda6b91743e637ce453702f3c_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-rhel8-operator@sha256:1e342d10db70e1b160f906c65e6caa25aa64c519dd7ae7e8233fe2fe65121207_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-rhel8-operator@sha256:f7e2c329f04793173ae4412aa096cf86ce7225c94b059c56d8c9e7dbe71b9a19_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch6-rhel8@sha256:5e2d853cc71ec673ce0f6bcc14628c2fd650a9153b8d7e5f8cd1a1b2ef36093e_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch6-rhel8@sha256:a8942268c538c264d5a7950f91106c44b1a431262a7af31ed02bed79f1c22d93_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch6-rhel8@sha256:ac206b3da24eb8df95e2e3b0bec234e84b8e5ef7000234f069855b73de77d846_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/eventrouter-rhel8@sha256:440473f04ef4cfd1d016063daabf011eb2ba6b9acea96312a72f215277333e53_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/eventrouter-rhel8@sha256:956fb983f6ca0991c2d2a03f7054bd2c9881c03883e44d7b695dba475df62a29_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/eventrouter-rhel8@sha256:b1b03c78595d10ae30b5a35983784eaea11f1f9763944b2f9938117149bdd511_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/fluentd-rhel8@sha256:4b114196ac78f93575475437a794c881fe79126f3e73fed1fe5ea9f89fcdb6c1_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/fluentd-rhel8@sha256:4cf7cc86ccb8059ee5083d6e68a413e1db804ff45e126a9f87b1d52e8dd82855_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/fluentd-rhel8@sha256:ae0cf89749b44739b6f2560c3f6527cee2606b67388a7d965dd76644a25420f5_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/kibana6-rhel8@sha256:278eb4ecec21f235a26693b3f6c1b0cdfab5635f5a5ac51dd0540c6ab69c1316_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/kibana6-rhel8@sha256:61a6311f2ca53f6e600007bd9ffc90c7183f81db8fee8d839991565d82be5f2e_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/kibana6-rhel8@sha256:680c44946a899270de101bca06b22ed5b4eba0b85c1e01e21e30fc6a2740ab2d_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/log-file-metric-exporter-rhel8@sha256:25f94f0e27668fe254b7ff74731d39b7ed9f6c278c52dcf759893d9a1abe4895_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/log-file-metric-exporter-rhel8@sha256:ce82cceec1ccb2e951cc54fbc6bd1109a616034f9462b19f13dffa35902e0cef_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/log-file-metric-exporter-rhel8@sha256:fd70baba0ba7a59a994ca33527ecb2575ab199daeb4ecd34581cccf0db246c59_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/logging-curator5-rhel8@sha256:04cb0712418289fc446752a0c274d1036886312b7a63b54ebbeeab1421c10924_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/logging-curator5-rhel8@sha256:1d900ee34e14094e24b855acfbeec3f2f3c82f3fcc07d3b4cebe5e92ea1a8fde_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/logging-curator5-rhel8@sha256:b722f8982018f215a0a1566a561d742f1f7d99a2b507b8a7e874f6db1a6fef08_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "log4j-core: remote code execution via JDBC Appender"
}
]
}
RHSA-2022_0226
Vulnerability from csaf_redhat - Published: 2022-01-20 21:39 - Updated: 2024-11-24 21:29Summary
Red Hat Security Advisory: Red Hat OpenShift Enterprise Logging bug fix and security update (5.1.7)
Notes
Topic
An update is now available for OpenShift Logging (5.1.7)
Red Hat Product Security has rated this update as having a security impact of
Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives
a detailed severity rating, is available for each vulnerability from the CVE
link(s) in the References section.
Details
OpenShift Logging Bug Fix Release (5.1.7)
Security Fix(es):
* nodejs-ua-parser-js: ReDoS via malicious User-Agent header (CVE-2021-27292)
* log4j-core: remote code execution via JDBC Appender (CVE-2021-44832)
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update is now available for OpenShift Logging (5.1.7)\n\nRed Hat Product Security has rated this update as having a security impact of\nModerate. A Common Vulnerability Scoring System (CVSS) base score, which gives\na detailed severity rating, is available for each vulnerability from the CVE\nlink(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "OpenShift Logging Bug Fix Release (5.1.7)\n\nSecurity Fix(es):\n\n* nodejs-ua-parser-js: ReDoS via malicious User-Agent header (CVE-2021-27292)\n\n* log4j-core: remote code execution via JDBC Appender (CVE-2021-44832)",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2022:0226",
"url": "https://access.redhat.com/errata/RHSA-2022:0226"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "1940613",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1940613"
},
{
"category": "external",
"summary": "2035951",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2035951"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2022/rhsa-2022_0226.json"
}
],
"title": "Red Hat Security Advisory: Red Hat OpenShift Enterprise Logging bug fix and security update (5.1.7)",
"tracking": {
"current_release_date": "2024-11-24T21:29:57+00:00",
"generator": {
"date": "2024-11-24T21:29:57+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.1"
}
},
"id": "RHSA-2022:0226",
"initial_release_date": "2022-01-20T21:39:00+00:00",
"revision_history": [
{
"date": "2022-01-20T21:39:00+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2022-01-20T21:39:00+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-24T21:29:57+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "OpenShift Logging 5.1",
"product": {
"name": "OpenShift Logging 5.1",
"product_id": "8Base-OSE-LOGGING-5.1",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:logging:5.1::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenShift Enterprise"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-logging/cluster-logging-rhel8-operator@sha256:5f1436f57bc60663619d099cc54eac735a4ea885eb224a659b0aad66f14dcc36_s390x",
"product": {
"name": "openshift-logging/cluster-logging-rhel8-operator@sha256:5f1436f57bc60663619d099cc54eac735a4ea885eb224a659b0aad66f14dcc36_s390x",
"product_id": "openshift-logging/cluster-logging-rhel8-operator@sha256:5f1436f57bc60663619d099cc54eac735a4ea885eb224a659b0aad66f14dcc36_s390x",
"product_identification_helper": {
"purl": "pkg:oci/cluster-logging-rhel8-operator@sha256:5f1436f57bc60663619d099cc54eac735a4ea885eb224a659b0aad66f14dcc36?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/cluster-logging-rhel8-operator\u0026tag=v5.1.7-2"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch-rhel8-operator@sha256:747bf587b1cb27d3fc872f40938a8f3ded033c97eab756712ca2a427fbeee4f0_s390x",
"product": {
"name": "openshift-logging/elasticsearch-rhel8-operator@sha256:747bf587b1cb27d3fc872f40938a8f3ded033c97eab756712ca2a427fbeee4f0_s390x",
"product_id": "openshift-logging/elasticsearch-rhel8-operator@sha256:747bf587b1cb27d3fc872f40938a8f3ded033c97eab756712ca2a427fbeee4f0_s390x",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch-rhel8-operator@sha256:747bf587b1cb27d3fc872f40938a8f3ded033c97eab756712ca2a427fbeee4f0?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch-rhel8-operator\u0026tag=v5.1.7-2"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:7eca37c2de3ab91f5561bc30d6057dcc7e32dd3e41af9c78739b2c840d26f3d4_s390x",
"product": {
"name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:7eca37c2de3ab91f5561bc30d6057dcc7e32dd3e41af9c78739b2c840d26f3d4_s390x",
"product_id": "openshift-logging/elasticsearch-proxy-rhel8@sha256:7eca37c2de3ab91f5561bc30d6057dcc7e32dd3e41af9c78739b2c840d26f3d4_s390x",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch-proxy-rhel8@sha256:7eca37c2de3ab91f5561bc30d6057dcc7e32dd3e41af9c78739b2c840d26f3d4?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch-proxy-rhel8\u0026tag=v1.0.0-102"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch6-rhel8@sha256:3e971f5c333ced1166981d713355fd55f984108cd50bf458b9ea29eb637df9ce_s390x",
"product": {
"name": "openshift-logging/elasticsearch6-rhel8@sha256:3e971f5c333ced1166981d713355fd55f984108cd50bf458b9ea29eb637df9ce_s390x",
"product_id": "openshift-logging/elasticsearch6-rhel8@sha256:3e971f5c333ced1166981d713355fd55f984108cd50bf458b9ea29eb637df9ce_s390x",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch6-rhel8@sha256:3e971f5c333ced1166981d713355fd55f984108cd50bf458b9ea29eb637df9ce?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch6-rhel8\u0026tag=v6.8.1-98"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/eventrouter-rhel8@sha256:499aa444f1c77cc0e238577b35ce707a6233b7c10695aa058f036694cc65f62d_s390x",
"product": {
"name": "openshift-logging/eventrouter-rhel8@sha256:499aa444f1c77cc0e238577b35ce707a6233b7c10695aa058f036694cc65f62d_s390x",
"product_id": "openshift-logging/eventrouter-rhel8@sha256:499aa444f1c77cc0e238577b35ce707a6233b7c10695aa058f036694cc65f62d_s390x",
"product_identification_helper": {
"purl": "pkg:oci/eventrouter-rhel8@sha256:499aa444f1c77cc0e238577b35ce707a6233b7c10695aa058f036694cc65f62d?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/eventrouter-rhel8\u0026tag=v0.3.0-97"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/fluentd-rhel8@sha256:dd94d77116595d5aede41e3fdd38681767a0ac294b743b9d608268fef97720d1_s390x",
"product": {
"name": "openshift-logging/fluentd-rhel8@sha256:dd94d77116595d5aede41e3fdd38681767a0ac294b743b9d608268fef97720d1_s390x",
"product_id": "openshift-logging/fluentd-rhel8@sha256:dd94d77116595d5aede41e3fdd38681767a0ac294b743b9d608268fef97720d1_s390x",
"product_identification_helper": {
"purl": "pkg:oci/fluentd-rhel8@sha256:dd94d77116595d5aede41e3fdd38681767a0ac294b743b9d608268fef97720d1?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/fluentd-rhel8\u0026tag=v1.7.4-102"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/kibana6-rhel8@sha256:318f21b10f1b22d14a0bf0d895c597e29f498442bc90fb5c26886e696fbe68a5_s390x",
"product": {
"name": "openshift-logging/kibana6-rhel8@sha256:318f21b10f1b22d14a0bf0d895c597e29f498442bc90fb5c26886e696fbe68a5_s390x",
"product_id": "openshift-logging/kibana6-rhel8@sha256:318f21b10f1b22d14a0bf0d895c597e29f498442bc90fb5c26886e696fbe68a5_s390x",
"product_identification_helper": {
"purl": "pkg:oci/kibana6-rhel8@sha256:318f21b10f1b22d14a0bf0d895c597e29f498442bc90fb5c26886e696fbe68a5?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/kibana6-rhel8\u0026tag=v6.8.1-108"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-logging/cluster-logging-rhel8-operator@sha256:f96340f2ae0699d07b36e2e0e47bdda190635c276eb9122513f57b2f0ffd25f7_ppc64le",
"product": {
"name": "openshift-logging/cluster-logging-rhel8-operator@sha256:f96340f2ae0699d07b36e2e0e47bdda190635c276eb9122513f57b2f0ffd25f7_ppc64le",
"product_id": "openshift-logging/cluster-logging-rhel8-operator@sha256:f96340f2ae0699d07b36e2e0e47bdda190635c276eb9122513f57b2f0ffd25f7_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/cluster-logging-rhel8-operator@sha256:f96340f2ae0699d07b36e2e0e47bdda190635c276eb9122513f57b2f0ffd25f7?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/cluster-logging-rhel8-operator\u0026tag=v5.1.7-2"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch-rhel8-operator@sha256:0d759e02a84eaf59cffc0143b51fd922363f0488a537562731e5c71bbd555a92_ppc64le",
"product": {
"name": "openshift-logging/elasticsearch-rhel8-operator@sha256:0d759e02a84eaf59cffc0143b51fd922363f0488a537562731e5c71bbd555a92_ppc64le",
"product_id": "openshift-logging/elasticsearch-rhel8-operator@sha256:0d759e02a84eaf59cffc0143b51fd922363f0488a537562731e5c71bbd555a92_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch-rhel8-operator@sha256:0d759e02a84eaf59cffc0143b51fd922363f0488a537562731e5c71bbd555a92?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch-rhel8-operator\u0026tag=v5.1.7-2"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:b9025248fa3fe48e38e12409b77b93782a2c2977fd48cf43de74bfbf8ed4a016_ppc64le",
"product": {
"name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:b9025248fa3fe48e38e12409b77b93782a2c2977fd48cf43de74bfbf8ed4a016_ppc64le",
"product_id": "openshift-logging/elasticsearch-proxy-rhel8@sha256:b9025248fa3fe48e38e12409b77b93782a2c2977fd48cf43de74bfbf8ed4a016_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch-proxy-rhel8@sha256:b9025248fa3fe48e38e12409b77b93782a2c2977fd48cf43de74bfbf8ed4a016?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch-proxy-rhel8\u0026tag=v1.0.0-102"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch6-rhel8@sha256:9b1a4b2ca3c32aa6a8a5bbcb28af0e6bbd0ea5368ab317e8a0dc7ba5f9b0ddc4_ppc64le",
"product": {
"name": "openshift-logging/elasticsearch6-rhel8@sha256:9b1a4b2ca3c32aa6a8a5bbcb28af0e6bbd0ea5368ab317e8a0dc7ba5f9b0ddc4_ppc64le",
"product_id": "openshift-logging/elasticsearch6-rhel8@sha256:9b1a4b2ca3c32aa6a8a5bbcb28af0e6bbd0ea5368ab317e8a0dc7ba5f9b0ddc4_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch6-rhel8@sha256:9b1a4b2ca3c32aa6a8a5bbcb28af0e6bbd0ea5368ab317e8a0dc7ba5f9b0ddc4?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch6-rhel8\u0026tag=v6.8.1-98"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/eventrouter-rhel8@sha256:b7706ebba12fba423afe2b333677aa4fa16ecd72cfcd2c5b076dfb34d5d400e6_ppc64le",
"product": {
"name": "openshift-logging/eventrouter-rhel8@sha256:b7706ebba12fba423afe2b333677aa4fa16ecd72cfcd2c5b076dfb34d5d400e6_ppc64le",
"product_id": "openshift-logging/eventrouter-rhel8@sha256:b7706ebba12fba423afe2b333677aa4fa16ecd72cfcd2c5b076dfb34d5d400e6_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/eventrouter-rhel8@sha256:b7706ebba12fba423afe2b333677aa4fa16ecd72cfcd2c5b076dfb34d5d400e6?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/eventrouter-rhel8\u0026tag=v0.3.0-97"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/fluentd-rhel8@sha256:63a5e130e712bf0292167f0aa8c3018b77bdb73042160fd14057d4678ff613ff_ppc64le",
"product": {
"name": "openshift-logging/fluentd-rhel8@sha256:63a5e130e712bf0292167f0aa8c3018b77bdb73042160fd14057d4678ff613ff_ppc64le",
"product_id": "openshift-logging/fluentd-rhel8@sha256:63a5e130e712bf0292167f0aa8c3018b77bdb73042160fd14057d4678ff613ff_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/fluentd-rhel8@sha256:63a5e130e712bf0292167f0aa8c3018b77bdb73042160fd14057d4678ff613ff?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/fluentd-rhel8\u0026tag=v1.7.4-102"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/kibana6-rhel8@sha256:b43d04bc71797caab0d1b6bb5f14d18a04b09fee5272e9e03d50056dbb2116fc_ppc64le",
"product": {
"name": "openshift-logging/kibana6-rhel8@sha256:b43d04bc71797caab0d1b6bb5f14d18a04b09fee5272e9e03d50056dbb2116fc_ppc64le",
"product_id": "openshift-logging/kibana6-rhel8@sha256:b43d04bc71797caab0d1b6bb5f14d18a04b09fee5272e9e03d50056dbb2116fc_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/kibana6-rhel8@sha256:b43d04bc71797caab0d1b6bb5f14d18a04b09fee5272e9e03d50056dbb2116fc?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/kibana6-rhel8\u0026tag=v6.8.1-108"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-logging/cluster-logging-rhel8-operator@sha256:8715b4821f39144aeb5d015e0621c859b45d3175c0f8415bd1542f7f7f063dec_amd64",
"product": {
"name": "openshift-logging/cluster-logging-rhel8-operator@sha256:8715b4821f39144aeb5d015e0621c859b45d3175c0f8415bd1542f7f7f063dec_amd64",
"product_id": "openshift-logging/cluster-logging-rhel8-operator@sha256:8715b4821f39144aeb5d015e0621c859b45d3175c0f8415bd1542f7f7f063dec_amd64",
"product_identification_helper": {
"purl": "pkg:oci/cluster-logging-rhel8-operator@sha256:8715b4821f39144aeb5d015e0621c859b45d3175c0f8415bd1542f7f7f063dec?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/cluster-logging-rhel8-operator\u0026tag=v5.1.7-2"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/cluster-logging-operator-bundle@sha256:cd21e02ce7d7900dd20083b561b98161199561726c310c1ff3f619b700a660d9_amd64",
"product": {
"name": "openshift-logging/cluster-logging-operator-bundle@sha256:cd21e02ce7d7900dd20083b561b98161199561726c310c1ff3f619b700a660d9_amd64",
"product_id": "openshift-logging/cluster-logging-operator-bundle@sha256:cd21e02ce7d7900dd20083b561b98161199561726c310c1ff3f619b700a660d9_amd64",
"product_identification_helper": {
"purl": "pkg:oci/cluster-logging-operator-bundle@sha256:cd21e02ce7d7900dd20083b561b98161199561726c310c1ff3f619b700a660d9?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/cluster-logging-operator-bundle\u0026tag=v5.1.7-3"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch-rhel8-operator@sha256:df696bb6cc563e646f51ccd409c961cfb06b39f361857392ec80f30add0927ab_amd64",
"product": {
"name": "openshift-logging/elasticsearch-rhel8-operator@sha256:df696bb6cc563e646f51ccd409c961cfb06b39f361857392ec80f30add0927ab_amd64",
"product_id": "openshift-logging/elasticsearch-rhel8-operator@sha256:df696bb6cc563e646f51ccd409c961cfb06b39f361857392ec80f30add0927ab_amd64",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch-rhel8-operator@sha256:df696bb6cc563e646f51ccd409c961cfb06b39f361857392ec80f30add0927ab?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch-rhel8-operator\u0026tag=v5.1.7-2"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch-operator-bundle@sha256:8c60be512aa5cbec4247f2bcbcb0d829edc2f4b2c28ebd78673be8c15b4c4d99_amd64",
"product": {
"name": "openshift-logging/elasticsearch-operator-bundle@sha256:8c60be512aa5cbec4247f2bcbcb0d829edc2f4b2c28ebd78673be8c15b4c4d99_amd64",
"product_id": "openshift-logging/elasticsearch-operator-bundle@sha256:8c60be512aa5cbec4247f2bcbcb0d829edc2f4b2c28ebd78673be8c15b4c4d99_amd64",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch-operator-bundle@sha256:8c60be512aa5cbec4247f2bcbcb0d829edc2f4b2c28ebd78673be8c15b4c4d99?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch-operator-bundle\u0026tag=v5.1.7-3"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:75ad4b059c54e8c089de590a7dd0425a07049fb4721e83e894bf72dba2580fe7_amd64",
"product": {
"name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:75ad4b059c54e8c089de590a7dd0425a07049fb4721e83e894bf72dba2580fe7_amd64",
"product_id": "openshift-logging/elasticsearch-proxy-rhel8@sha256:75ad4b059c54e8c089de590a7dd0425a07049fb4721e83e894bf72dba2580fe7_amd64",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch-proxy-rhel8@sha256:75ad4b059c54e8c089de590a7dd0425a07049fb4721e83e894bf72dba2580fe7?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch-proxy-rhel8\u0026tag=v1.0.0-102"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch6-rhel8@sha256:007deae6e82e1d870385f2c9ed90c1783f9fdb3aca0b97349a66a97e4380b9b4_amd64",
"product": {
"name": "openshift-logging/elasticsearch6-rhel8@sha256:007deae6e82e1d870385f2c9ed90c1783f9fdb3aca0b97349a66a97e4380b9b4_amd64",
"product_id": "openshift-logging/elasticsearch6-rhel8@sha256:007deae6e82e1d870385f2c9ed90c1783f9fdb3aca0b97349a66a97e4380b9b4_amd64",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch6-rhel8@sha256:007deae6e82e1d870385f2c9ed90c1783f9fdb3aca0b97349a66a97e4380b9b4?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch6-rhel8\u0026tag=v6.8.1-98"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/eventrouter-rhel8@sha256:b21561dc5237b5c9bc65ffdfa8e62d364a02631e0e06307883463357229ff06f_amd64",
"product": {
"name": "openshift-logging/eventrouter-rhel8@sha256:b21561dc5237b5c9bc65ffdfa8e62d364a02631e0e06307883463357229ff06f_amd64",
"product_id": "openshift-logging/eventrouter-rhel8@sha256:b21561dc5237b5c9bc65ffdfa8e62d364a02631e0e06307883463357229ff06f_amd64",
"product_identification_helper": {
"purl": "pkg:oci/eventrouter-rhel8@sha256:b21561dc5237b5c9bc65ffdfa8e62d364a02631e0e06307883463357229ff06f?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/eventrouter-rhel8\u0026tag=v0.3.0-97"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/fluentd-rhel8@sha256:2eb43cd05fa769240e683de25d8913ea1379c0f69d656dec66efd7d4f5e70217_amd64",
"product": {
"name": "openshift-logging/fluentd-rhel8@sha256:2eb43cd05fa769240e683de25d8913ea1379c0f69d656dec66efd7d4f5e70217_amd64",
"product_id": "openshift-logging/fluentd-rhel8@sha256:2eb43cd05fa769240e683de25d8913ea1379c0f69d656dec66efd7d4f5e70217_amd64",
"product_identification_helper": {
"purl": "pkg:oci/fluentd-rhel8@sha256:2eb43cd05fa769240e683de25d8913ea1379c0f69d656dec66efd7d4f5e70217?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/fluentd-rhel8\u0026tag=v1.7.4-102"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/kibana6-rhel8@sha256:86302d1e4e1729fd7364b4db5061b4762c683f9d27ed09a7e1489406ac783d21_amd64",
"product": {
"name": "openshift-logging/kibana6-rhel8@sha256:86302d1e4e1729fd7364b4db5061b4762c683f9d27ed09a7e1489406ac783d21_amd64",
"product_id": "openshift-logging/kibana6-rhel8@sha256:86302d1e4e1729fd7364b4db5061b4762c683f9d27ed09a7e1489406ac783d21_amd64",
"product_identification_helper": {
"purl": "pkg:oci/kibana6-rhel8@sha256:86302d1e4e1729fd7364b4db5061b4762c683f9d27ed09a7e1489406ac783d21?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/kibana6-rhel8\u0026tag=v6.8.1-108"
}
}
}
],
"category": "architecture",
"name": "amd64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/cluster-logging-operator-bundle@sha256:cd21e02ce7d7900dd20083b561b98161199561726c310c1ff3f619b700a660d9_amd64 as a component of OpenShift Logging 5.1",
"product_id": "8Base-OSE-LOGGING-5.1:openshift-logging/cluster-logging-operator-bundle@sha256:cd21e02ce7d7900dd20083b561b98161199561726c310c1ff3f619b700a660d9_amd64"
},
"product_reference": "openshift-logging/cluster-logging-operator-bundle@sha256:cd21e02ce7d7900dd20083b561b98161199561726c310c1ff3f619b700a660d9_amd64",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/cluster-logging-rhel8-operator@sha256:5f1436f57bc60663619d099cc54eac735a4ea885eb224a659b0aad66f14dcc36_s390x as a component of OpenShift Logging 5.1",
"product_id": "8Base-OSE-LOGGING-5.1:openshift-logging/cluster-logging-rhel8-operator@sha256:5f1436f57bc60663619d099cc54eac735a4ea885eb224a659b0aad66f14dcc36_s390x"
},
"product_reference": "openshift-logging/cluster-logging-rhel8-operator@sha256:5f1436f57bc60663619d099cc54eac735a4ea885eb224a659b0aad66f14dcc36_s390x",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/cluster-logging-rhel8-operator@sha256:8715b4821f39144aeb5d015e0621c859b45d3175c0f8415bd1542f7f7f063dec_amd64 as a component of OpenShift Logging 5.1",
"product_id": "8Base-OSE-LOGGING-5.1:openshift-logging/cluster-logging-rhel8-operator@sha256:8715b4821f39144aeb5d015e0621c859b45d3175c0f8415bd1542f7f7f063dec_amd64"
},
"product_reference": "openshift-logging/cluster-logging-rhel8-operator@sha256:8715b4821f39144aeb5d015e0621c859b45d3175c0f8415bd1542f7f7f063dec_amd64",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/cluster-logging-rhel8-operator@sha256:f96340f2ae0699d07b36e2e0e47bdda190635c276eb9122513f57b2f0ffd25f7_ppc64le as a component of OpenShift Logging 5.1",
"product_id": "8Base-OSE-LOGGING-5.1:openshift-logging/cluster-logging-rhel8-operator@sha256:f96340f2ae0699d07b36e2e0e47bdda190635c276eb9122513f57b2f0ffd25f7_ppc64le"
},
"product_reference": "openshift-logging/cluster-logging-rhel8-operator@sha256:f96340f2ae0699d07b36e2e0e47bdda190635c276eb9122513f57b2f0ffd25f7_ppc64le",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch-operator-bundle@sha256:8c60be512aa5cbec4247f2bcbcb0d829edc2f4b2c28ebd78673be8c15b4c4d99_amd64 as a component of OpenShift Logging 5.1",
"product_id": "8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch-operator-bundle@sha256:8c60be512aa5cbec4247f2bcbcb0d829edc2f4b2c28ebd78673be8c15b4c4d99_amd64"
},
"product_reference": "openshift-logging/elasticsearch-operator-bundle@sha256:8c60be512aa5cbec4247f2bcbcb0d829edc2f4b2c28ebd78673be8c15b4c4d99_amd64",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:75ad4b059c54e8c089de590a7dd0425a07049fb4721e83e894bf72dba2580fe7_amd64 as a component of OpenShift Logging 5.1",
"product_id": "8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch-proxy-rhel8@sha256:75ad4b059c54e8c089de590a7dd0425a07049fb4721e83e894bf72dba2580fe7_amd64"
},
"product_reference": "openshift-logging/elasticsearch-proxy-rhel8@sha256:75ad4b059c54e8c089de590a7dd0425a07049fb4721e83e894bf72dba2580fe7_amd64",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:7eca37c2de3ab91f5561bc30d6057dcc7e32dd3e41af9c78739b2c840d26f3d4_s390x as a component of OpenShift Logging 5.1",
"product_id": "8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch-proxy-rhel8@sha256:7eca37c2de3ab91f5561bc30d6057dcc7e32dd3e41af9c78739b2c840d26f3d4_s390x"
},
"product_reference": "openshift-logging/elasticsearch-proxy-rhel8@sha256:7eca37c2de3ab91f5561bc30d6057dcc7e32dd3e41af9c78739b2c840d26f3d4_s390x",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:b9025248fa3fe48e38e12409b77b93782a2c2977fd48cf43de74bfbf8ed4a016_ppc64le as a component of OpenShift Logging 5.1",
"product_id": "8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch-proxy-rhel8@sha256:b9025248fa3fe48e38e12409b77b93782a2c2977fd48cf43de74bfbf8ed4a016_ppc64le"
},
"product_reference": "openshift-logging/elasticsearch-proxy-rhel8@sha256:b9025248fa3fe48e38e12409b77b93782a2c2977fd48cf43de74bfbf8ed4a016_ppc64le",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch-rhel8-operator@sha256:0d759e02a84eaf59cffc0143b51fd922363f0488a537562731e5c71bbd555a92_ppc64le as a component of OpenShift Logging 5.1",
"product_id": "8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch-rhel8-operator@sha256:0d759e02a84eaf59cffc0143b51fd922363f0488a537562731e5c71bbd555a92_ppc64le"
},
"product_reference": "openshift-logging/elasticsearch-rhel8-operator@sha256:0d759e02a84eaf59cffc0143b51fd922363f0488a537562731e5c71bbd555a92_ppc64le",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch-rhel8-operator@sha256:747bf587b1cb27d3fc872f40938a8f3ded033c97eab756712ca2a427fbeee4f0_s390x as a component of OpenShift Logging 5.1",
"product_id": "8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch-rhel8-operator@sha256:747bf587b1cb27d3fc872f40938a8f3ded033c97eab756712ca2a427fbeee4f0_s390x"
},
"product_reference": "openshift-logging/elasticsearch-rhel8-operator@sha256:747bf587b1cb27d3fc872f40938a8f3ded033c97eab756712ca2a427fbeee4f0_s390x",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch-rhel8-operator@sha256:df696bb6cc563e646f51ccd409c961cfb06b39f361857392ec80f30add0927ab_amd64 as a component of OpenShift Logging 5.1",
"product_id": "8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch-rhel8-operator@sha256:df696bb6cc563e646f51ccd409c961cfb06b39f361857392ec80f30add0927ab_amd64"
},
"product_reference": "openshift-logging/elasticsearch-rhel8-operator@sha256:df696bb6cc563e646f51ccd409c961cfb06b39f361857392ec80f30add0927ab_amd64",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch6-rhel8@sha256:007deae6e82e1d870385f2c9ed90c1783f9fdb3aca0b97349a66a97e4380b9b4_amd64 as a component of OpenShift Logging 5.1",
"product_id": "8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch6-rhel8@sha256:007deae6e82e1d870385f2c9ed90c1783f9fdb3aca0b97349a66a97e4380b9b4_amd64"
},
"product_reference": "openshift-logging/elasticsearch6-rhel8@sha256:007deae6e82e1d870385f2c9ed90c1783f9fdb3aca0b97349a66a97e4380b9b4_amd64",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch6-rhel8@sha256:3e971f5c333ced1166981d713355fd55f984108cd50bf458b9ea29eb637df9ce_s390x as a component of OpenShift Logging 5.1",
"product_id": "8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch6-rhel8@sha256:3e971f5c333ced1166981d713355fd55f984108cd50bf458b9ea29eb637df9ce_s390x"
},
"product_reference": "openshift-logging/elasticsearch6-rhel8@sha256:3e971f5c333ced1166981d713355fd55f984108cd50bf458b9ea29eb637df9ce_s390x",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch6-rhel8@sha256:9b1a4b2ca3c32aa6a8a5bbcb28af0e6bbd0ea5368ab317e8a0dc7ba5f9b0ddc4_ppc64le as a component of OpenShift Logging 5.1",
"product_id": "8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch6-rhel8@sha256:9b1a4b2ca3c32aa6a8a5bbcb28af0e6bbd0ea5368ab317e8a0dc7ba5f9b0ddc4_ppc64le"
},
"product_reference": "openshift-logging/elasticsearch6-rhel8@sha256:9b1a4b2ca3c32aa6a8a5bbcb28af0e6bbd0ea5368ab317e8a0dc7ba5f9b0ddc4_ppc64le",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/eventrouter-rhel8@sha256:499aa444f1c77cc0e238577b35ce707a6233b7c10695aa058f036694cc65f62d_s390x as a component of OpenShift Logging 5.1",
"product_id": "8Base-OSE-LOGGING-5.1:openshift-logging/eventrouter-rhel8@sha256:499aa444f1c77cc0e238577b35ce707a6233b7c10695aa058f036694cc65f62d_s390x"
},
"product_reference": "openshift-logging/eventrouter-rhel8@sha256:499aa444f1c77cc0e238577b35ce707a6233b7c10695aa058f036694cc65f62d_s390x",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/eventrouter-rhel8@sha256:b21561dc5237b5c9bc65ffdfa8e62d364a02631e0e06307883463357229ff06f_amd64 as a component of OpenShift Logging 5.1",
"product_id": "8Base-OSE-LOGGING-5.1:openshift-logging/eventrouter-rhel8@sha256:b21561dc5237b5c9bc65ffdfa8e62d364a02631e0e06307883463357229ff06f_amd64"
},
"product_reference": "openshift-logging/eventrouter-rhel8@sha256:b21561dc5237b5c9bc65ffdfa8e62d364a02631e0e06307883463357229ff06f_amd64",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/eventrouter-rhel8@sha256:b7706ebba12fba423afe2b333677aa4fa16ecd72cfcd2c5b076dfb34d5d400e6_ppc64le as a component of OpenShift Logging 5.1",
"product_id": "8Base-OSE-LOGGING-5.1:openshift-logging/eventrouter-rhel8@sha256:b7706ebba12fba423afe2b333677aa4fa16ecd72cfcd2c5b076dfb34d5d400e6_ppc64le"
},
"product_reference": "openshift-logging/eventrouter-rhel8@sha256:b7706ebba12fba423afe2b333677aa4fa16ecd72cfcd2c5b076dfb34d5d400e6_ppc64le",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/fluentd-rhel8@sha256:2eb43cd05fa769240e683de25d8913ea1379c0f69d656dec66efd7d4f5e70217_amd64 as a component of OpenShift Logging 5.1",
"product_id": "8Base-OSE-LOGGING-5.1:openshift-logging/fluentd-rhel8@sha256:2eb43cd05fa769240e683de25d8913ea1379c0f69d656dec66efd7d4f5e70217_amd64"
},
"product_reference": "openshift-logging/fluentd-rhel8@sha256:2eb43cd05fa769240e683de25d8913ea1379c0f69d656dec66efd7d4f5e70217_amd64",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/fluentd-rhel8@sha256:63a5e130e712bf0292167f0aa8c3018b77bdb73042160fd14057d4678ff613ff_ppc64le as a component of OpenShift Logging 5.1",
"product_id": "8Base-OSE-LOGGING-5.1:openshift-logging/fluentd-rhel8@sha256:63a5e130e712bf0292167f0aa8c3018b77bdb73042160fd14057d4678ff613ff_ppc64le"
},
"product_reference": "openshift-logging/fluentd-rhel8@sha256:63a5e130e712bf0292167f0aa8c3018b77bdb73042160fd14057d4678ff613ff_ppc64le",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/fluentd-rhel8@sha256:dd94d77116595d5aede41e3fdd38681767a0ac294b743b9d608268fef97720d1_s390x as a component of OpenShift Logging 5.1",
"product_id": "8Base-OSE-LOGGING-5.1:openshift-logging/fluentd-rhel8@sha256:dd94d77116595d5aede41e3fdd38681767a0ac294b743b9d608268fef97720d1_s390x"
},
"product_reference": "openshift-logging/fluentd-rhel8@sha256:dd94d77116595d5aede41e3fdd38681767a0ac294b743b9d608268fef97720d1_s390x",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/kibana6-rhel8@sha256:318f21b10f1b22d14a0bf0d895c597e29f498442bc90fb5c26886e696fbe68a5_s390x as a component of OpenShift Logging 5.1",
"product_id": "8Base-OSE-LOGGING-5.1:openshift-logging/kibana6-rhel8@sha256:318f21b10f1b22d14a0bf0d895c597e29f498442bc90fb5c26886e696fbe68a5_s390x"
},
"product_reference": "openshift-logging/kibana6-rhel8@sha256:318f21b10f1b22d14a0bf0d895c597e29f498442bc90fb5c26886e696fbe68a5_s390x",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/kibana6-rhel8@sha256:86302d1e4e1729fd7364b4db5061b4762c683f9d27ed09a7e1489406ac783d21_amd64 as a component of OpenShift Logging 5.1",
"product_id": "8Base-OSE-LOGGING-5.1:openshift-logging/kibana6-rhel8@sha256:86302d1e4e1729fd7364b4db5061b4762c683f9d27ed09a7e1489406ac783d21_amd64"
},
"product_reference": "openshift-logging/kibana6-rhel8@sha256:86302d1e4e1729fd7364b4db5061b4762c683f9d27ed09a7e1489406ac783d21_amd64",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/kibana6-rhel8@sha256:b43d04bc71797caab0d1b6bb5f14d18a04b09fee5272e9e03d50056dbb2116fc_ppc64le as a component of OpenShift Logging 5.1",
"product_id": "8Base-OSE-LOGGING-5.1:openshift-logging/kibana6-rhel8@sha256:b43d04bc71797caab0d1b6bb5f14d18a04b09fee5272e9e03d50056dbb2116fc_ppc64le"
},
"product_reference": "openshift-logging/kibana6-rhel8@sha256:b43d04bc71797caab0d1b6bb5f14d18a04b09fee5272e9e03d50056dbb2116fc_ppc64le",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.1"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-27292",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2021-03-17T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OSE-LOGGING-5.1:openshift-logging/cluster-logging-operator-bundle@sha256:cd21e02ce7d7900dd20083b561b98161199561726c310c1ff3f619b700a660d9_amd64",
"8Base-OSE-LOGGING-5.1:openshift-logging/cluster-logging-rhel8-operator@sha256:5f1436f57bc60663619d099cc54eac735a4ea885eb224a659b0aad66f14dcc36_s390x",
"8Base-OSE-LOGGING-5.1:openshift-logging/cluster-logging-rhel8-operator@sha256:8715b4821f39144aeb5d015e0621c859b45d3175c0f8415bd1542f7f7f063dec_amd64",
"8Base-OSE-LOGGING-5.1:openshift-logging/cluster-logging-rhel8-operator@sha256:f96340f2ae0699d07b36e2e0e47bdda190635c276eb9122513f57b2f0ffd25f7_ppc64le",
"8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch-operator-bundle@sha256:8c60be512aa5cbec4247f2bcbcb0d829edc2f4b2c28ebd78673be8c15b4c4d99_amd64",
"8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch-proxy-rhel8@sha256:75ad4b059c54e8c089de590a7dd0425a07049fb4721e83e894bf72dba2580fe7_amd64",
"8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch-proxy-rhel8@sha256:7eca37c2de3ab91f5561bc30d6057dcc7e32dd3e41af9c78739b2c840d26f3d4_s390x",
"8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch-proxy-rhel8@sha256:b9025248fa3fe48e38e12409b77b93782a2c2977fd48cf43de74bfbf8ed4a016_ppc64le",
"8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch-rhel8-operator@sha256:0d759e02a84eaf59cffc0143b51fd922363f0488a537562731e5c71bbd555a92_ppc64le",
"8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch-rhel8-operator@sha256:747bf587b1cb27d3fc872f40938a8f3ded033c97eab756712ca2a427fbeee4f0_s390x",
"8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch-rhel8-operator@sha256:df696bb6cc563e646f51ccd409c961cfb06b39f361857392ec80f30add0927ab_amd64",
"8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch6-rhel8@sha256:007deae6e82e1d870385f2c9ed90c1783f9fdb3aca0b97349a66a97e4380b9b4_amd64",
"8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch6-rhel8@sha256:3e971f5c333ced1166981d713355fd55f984108cd50bf458b9ea29eb637df9ce_s390x",
"8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch6-rhel8@sha256:9b1a4b2ca3c32aa6a8a5bbcb28af0e6bbd0ea5368ab317e8a0dc7ba5f9b0ddc4_ppc64le",
"8Base-OSE-LOGGING-5.1:openshift-logging/eventrouter-rhel8@sha256:499aa444f1c77cc0e238577b35ce707a6233b7c10695aa058f036694cc65f62d_s390x",
"8Base-OSE-LOGGING-5.1:openshift-logging/eventrouter-rhel8@sha256:b21561dc5237b5c9bc65ffdfa8e62d364a02631e0e06307883463357229ff06f_amd64",
"8Base-OSE-LOGGING-5.1:openshift-logging/eventrouter-rhel8@sha256:b7706ebba12fba423afe2b333677aa4fa16ecd72cfcd2c5b076dfb34d5d400e6_ppc64le",
"8Base-OSE-LOGGING-5.1:openshift-logging/fluentd-rhel8@sha256:2eb43cd05fa769240e683de25d8913ea1379c0f69d656dec66efd7d4f5e70217_amd64",
"8Base-OSE-LOGGING-5.1:openshift-logging/fluentd-rhel8@sha256:63a5e130e712bf0292167f0aa8c3018b77bdb73042160fd14057d4678ff613ff_ppc64le",
"8Base-OSE-LOGGING-5.1:openshift-logging/fluentd-rhel8@sha256:dd94d77116595d5aede41e3fdd38681767a0ac294b743b9d608268fef97720d1_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1940613"
}
],
"notes": [
{
"category": "description",
"text": "A regular expression denial of service (ReDoS) vulnerability was found in the npm library `ua-parser-js`. If a supplied user agent matches the `Noble` string and contains many spaces then the regex will conduct backtracking, taking an ever increasing amount of time depending on the number of spaces supplied. An attacker can use this vulnerability to potentially craft a malicious user agent resulting in a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "nodejs-ua-parser-js: ReDoS via malicious User-Agent header",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "While some components do package a vulnerable version of ua-parser-js, access to them requires OpenShift OAuth credentials and hence have been marked with a Low impact. This applies to the following products:\n - OpenShift Container Platform (OCP)\n - OpenShift ServiceMesh (OSSM) \n - Red Hat OpenShift Jaeger (RHOSJ)\n - Red Hat OpenShift Logging\n\nThe OCP presto-container does ship the vulnerable component, however since OCP 4.6 the Metering product has been deprecated [1], set as wont-fix and may be fixed in a future release.\n\nRed Hat Advanced Cluster Management for Kubernetes (RHACM) ships graphql-tools that pulls 0.7.23 version of ua-parser-js that uses the affected code.\n\n[1] - https://access.redhat.com/solutions/5707561",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OSE-LOGGING-5.1:openshift-logging/kibana6-rhel8@sha256:318f21b10f1b22d14a0bf0d895c597e29f498442bc90fb5c26886e696fbe68a5_s390x",
"8Base-OSE-LOGGING-5.1:openshift-logging/kibana6-rhel8@sha256:86302d1e4e1729fd7364b4db5061b4762c683f9d27ed09a7e1489406ac783d21_amd64",
"8Base-OSE-LOGGING-5.1:openshift-logging/kibana6-rhel8@sha256:b43d04bc71797caab0d1b6bb5f14d18a04b09fee5272e9e03d50056dbb2116fc_ppc64le"
],
"known_not_affected": [
"8Base-OSE-LOGGING-5.1:openshift-logging/cluster-logging-operator-bundle@sha256:cd21e02ce7d7900dd20083b561b98161199561726c310c1ff3f619b700a660d9_amd64",
"8Base-OSE-LOGGING-5.1:openshift-logging/cluster-logging-rhel8-operator@sha256:5f1436f57bc60663619d099cc54eac735a4ea885eb224a659b0aad66f14dcc36_s390x",
"8Base-OSE-LOGGING-5.1:openshift-logging/cluster-logging-rhel8-operator@sha256:8715b4821f39144aeb5d015e0621c859b45d3175c0f8415bd1542f7f7f063dec_amd64",
"8Base-OSE-LOGGING-5.1:openshift-logging/cluster-logging-rhel8-operator@sha256:f96340f2ae0699d07b36e2e0e47bdda190635c276eb9122513f57b2f0ffd25f7_ppc64le",
"8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch-operator-bundle@sha256:8c60be512aa5cbec4247f2bcbcb0d829edc2f4b2c28ebd78673be8c15b4c4d99_amd64",
"8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch-proxy-rhel8@sha256:75ad4b059c54e8c089de590a7dd0425a07049fb4721e83e894bf72dba2580fe7_amd64",
"8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch-proxy-rhel8@sha256:7eca37c2de3ab91f5561bc30d6057dcc7e32dd3e41af9c78739b2c840d26f3d4_s390x",
"8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch-proxy-rhel8@sha256:b9025248fa3fe48e38e12409b77b93782a2c2977fd48cf43de74bfbf8ed4a016_ppc64le",
"8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch-rhel8-operator@sha256:0d759e02a84eaf59cffc0143b51fd922363f0488a537562731e5c71bbd555a92_ppc64le",
"8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch-rhel8-operator@sha256:747bf587b1cb27d3fc872f40938a8f3ded033c97eab756712ca2a427fbeee4f0_s390x",
"8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch-rhel8-operator@sha256:df696bb6cc563e646f51ccd409c961cfb06b39f361857392ec80f30add0927ab_amd64",
"8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch6-rhel8@sha256:007deae6e82e1d870385f2c9ed90c1783f9fdb3aca0b97349a66a97e4380b9b4_amd64",
"8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch6-rhel8@sha256:3e971f5c333ced1166981d713355fd55f984108cd50bf458b9ea29eb637df9ce_s390x",
"8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch6-rhel8@sha256:9b1a4b2ca3c32aa6a8a5bbcb28af0e6bbd0ea5368ab317e8a0dc7ba5f9b0ddc4_ppc64le",
"8Base-OSE-LOGGING-5.1:openshift-logging/eventrouter-rhel8@sha256:499aa444f1c77cc0e238577b35ce707a6233b7c10695aa058f036694cc65f62d_s390x",
"8Base-OSE-LOGGING-5.1:openshift-logging/eventrouter-rhel8@sha256:b21561dc5237b5c9bc65ffdfa8e62d364a02631e0e06307883463357229ff06f_amd64",
"8Base-OSE-LOGGING-5.1:openshift-logging/eventrouter-rhel8@sha256:b7706ebba12fba423afe2b333677aa4fa16ecd72cfcd2c5b076dfb34d5d400e6_ppc64le",
"8Base-OSE-LOGGING-5.1:openshift-logging/fluentd-rhel8@sha256:2eb43cd05fa769240e683de25d8913ea1379c0f69d656dec66efd7d4f5e70217_amd64",
"8Base-OSE-LOGGING-5.1:openshift-logging/fluentd-rhel8@sha256:63a5e130e712bf0292167f0aa8c3018b77bdb73042160fd14057d4678ff613ff_ppc64le",
"8Base-OSE-LOGGING-5.1:openshift-logging/fluentd-rhel8@sha256:dd94d77116595d5aede41e3fdd38681767a0ac294b743b9d608268fef97720d1_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-27292"
},
{
"category": "external",
"summary": "RHBZ#1940613",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1940613"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-27292",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-27292"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-27292",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-27292"
},
{
"category": "external",
"summary": "https://gist.github.com/b-c-ds/6941d80d6b4e694df4bc269493b7be76",
"url": "https://gist.github.com/b-c-ds/6941d80d6b4e694df4bc269493b7be76"
}
],
"release_date": "2021-02-11T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-01-20T21:39:00+00:00",
"details": "For OpenShift Container Platform 4.8 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:\n\nhttps://docs.openshift.com/container-platform/4.8/release_notes/ocp-4-8-release-notes.html\n\nFor Red Hat OpenShift Logging 5.1, see the following instructions to apply this update:\n\nhttps://docs.openshift.com/container-platform/4.8/logging/cluster-logging-upgrading.html",
"product_ids": [
"8Base-OSE-LOGGING-5.1:openshift-logging/kibana6-rhel8@sha256:318f21b10f1b22d14a0bf0d895c597e29f498442bc90fb5c26886e696fbe68a5_s390x",
"8Base-OSE-LOGGING-5.1:openshift-logging/kibana6-rhel8@sha256:86302d1e4e1729fd7364b4db5061b4762c683f9d27ed09a7e1489406ac783d21_amd64",
"8Base-OSE-LOGGING-5.1:openshift-logging/kibana6-rhel8@sha256:b43d04bc71797caab0d1b6bb5f14d18a04b09fee5272e9e03d50056dbb2116fc_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:0226"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-OSE-LOGGING-5.1:openshift-logging/kibana6-rhel8@sha256:318f21b10f1b22d14a0bf0d895c597e29f498442bc90fb5c26886e696fbe68a5_s390x",
"8Base-OSE-LOGGING-5.1:openshift-logging/kibana6-rhel8@sha256:86302d1e4e1729fd7364b4db5061b4762c683f9d27ed09a7e1489406ac783d21_amd64",
"8Base-OSE-LOGGING-5.1:openshift-logging/kibana6-rhel8@sha256:b43d04bc71797caab0d1b6bb5f14d18a04b09fee5272e9e03d50056dbb2116fc_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "nodejs-ua-parser-js: ReDoS via malicious User-Agent header"
},
{
"cve": "CVE-2021-44832",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2021-12-28T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OSE-LOGGING-5.1:openshift-logging/cluster-logging-operator-bundle@sha256:cd21e02ce7d7900dd20083b561b98161199561726c310c1ff3f619b700a660d9_amd64",
"8Base-OSE-LOGGING-5.1:openshift-logging/cluster-logging-rhel8-operator@sha256:5f1436f57bc60663619d099cc54eac735a4ea885eb224a659b0aad66f14dcc36_s390x",
"8Base-OSE-LOGGING-5.1:openshift-logging/cluster-logging-rhel8-operator@sha256:8715b4821f39144aeb5d015e0621c859b45d3175c0f8415bd1542f7f7f063dec_amd64",
"8Base-OSE-LOGGING-5.1:openshift-logging/cluster-logging-rhel8-operator@sha256:f96340f2ae0699d07b36e2e0e47bdda190635c276eb9122513f57b2f0ffd25f7_ppc64le",
"8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch-operator-bundle@sha256:8c60be512aa5cbec4247f2bcbcb0d829edc2f4b2c28ebd78673be8c15b4c4d99_amd64",
"8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch-proxy-rhel8@sha256:75ad4b059c54e8c089de590a7dd0425a07049fb4721e83e894bf72dba2580fe7_amd64",
"8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch-proxy-rhel8@sha256:7eca37c2de3ab91f5561bc30d6057dcc7e32dd3e41af9c78739b2c840d26f3d4_s390x",
"8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch-proxy-rhel8@sha256:b9025248fa3fe48e38e12409b77b93782a2c2977fd48cf43de74bfbf8ed4a016_ppc64le",
"8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch-rhel8-operator@sha256:0d759e02a84eaf59cffc0143b51fd922363f0488a537562731e5c71bbd555a92_ppc64le",
"8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch-rhel8-operator@sha256:747bf587b1cb27d3fc872f40938a8f3ded033c97eab756712ca2a427fbeee4f0_s390x",
"8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch-rhel8-operator@sha256:df696bb6cc563e646f51ccd409c961cfb06b39f361857392ec80f30add0927ab_amd64",
"8Base-OSE-LOGGING-5.1:openshift-logging/eventrouter-rhel8@sha256:499aa444f1c77cc0e238577b35ce707a6233b7c10695aa058f036694cc65f62d_s390x",
"8Base-OSE-LOGGING-5.1:openshift-logging/eventrouter-rhel8@sha256:b21561dc5237b5c9bc65ffdfa8e62d364a02631e0e06307883463357229ff06f_amd64",
"8Base-OSE-LOGGING-5.1:openshift-logging/eventrouter-rhel8@sha256:b7706ebba12fba423afe2b333677aa4fa16ecd72cfcd2c5b076dfb34d5d400e6_ppc64le",
"8Base-OSE-LOGGING-5.1:openshift-logging/fluentd-rhel8@sha256:2eb43cd05fa769240e683de25d8913ea1379c0f69d656dec66efd7d4f5e70217_amd64",
"8Base-OSE-LOGGING-5.1:openshift-logging/fluentd-rhel8@sha256:63a5e130e712bf0292167f0aa8c3018b77bdb73042160fd14057d4678ff613ff_ppc64le",
"8Base-OSE-LOGGING-5.1:openshift-logging/fluentd-rhel8@sha256:dd94d77116595d5aede41e3fdd38681767a0ac294b743b9d608268fef97720d1_s390x",
"8Base-OSE-LOGGING-5.1:openshift-logging/kibana6-rhel8@sha256:318f21b10f1b22d14a0bf0d895c597e29f498442bc90fb5c26886e696fbe68a5_s390x",
"8Base-OSE-LOGGING-5.1:openshift-logging/kibana6-rhel8@sha256:86302d1e4e1729fd7364b4db5061b4762c683f9d27ed09a7e1489406ac783d21_amd64",
"8Base-OSE-LOGGING-5.1:openshift-logging/kibana6-rhel8@sha256:b43d04bc71797caab0d1b6bb5f14d18a04b09fee5272e9e03d50056dbb2116fc_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2035951"
}
],
"notes": [
{
"category": "description",
"text": "Apache Log4j2 versions 2.0-beta7 through 2.17.0 (excluding security fix releases 2.3.2 and 2.12.4) are vulnerable to a remote code execution (RCE) attack where an attacker with permission to modify the logging configuration file can construct a malicious configuration using a JDBC Appender with a data source referencing a JNDI URI which can execute remote code. This issue is fixed by limiting JNDI data source names to the java protocol in Log4j2 versions 2.17.1, 2.12.4, and 2.3.2.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "log4j-core: remote code execution via JDBC Appender",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Log4j 1.x is not impacted by this vulnerability. Therefore versions of log4j shipped with Red Hat Enterprise Linux are NOT affected by this flaw.\n\nFor Elasticsearch, as shipped in OpenShift Container Platform and OpenShift Logging, access to the log4j2.properties configuration is limited only to the cluster administrators and exploitation requires cluster logging changes, what reduced the impact of this vulnerability significantly [0].\n\n[0] https://discuss.elastic.co/t/apache-log4j2-remote-code-execution-rce-vulnerability-cve-2021-44228-esa-2021-31/291476#update-jan-6-5",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch6-rhel8@sha256:007deae6e82e1d870385f2c9ed90c1783f9fdb3aca0b97349a66a97e4380b9b4_amd64",
"8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch6-rhel8@sha256:3e971f5c333ced1166981d713355fd55f984108cd50bf458b9ea29eb637df9ce_s390x",
"8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch6-rhel8@sha256:9b1a4b2ca3c32aa6a8a5bbcb28af0e6bbd0ea5368ab317e8a0dc7ba5f9b0ddc4_ppc64le"
],
"known_not_affected": [
"8Base-OSE-LOGGING-5.1:openshift-logging/cluster-logging-operator-bundle@sha256:cd21e02ce7d7900dd20083b561b98161199561726c310c1ff3f619b700a660d9_amd64",
"8Base-OSE-LOGGING-5.1:openshift-logging/cluster-logging-rhel8-operator@sha256:5f1436f57bc60663619d099cc54eac735a4ea885eb224a659b0aad66f14dcc36_s390x",
"8Base-OSE-LOGGING-5.1:openshift-logging/cluster-logging-rhel8-operator@sha256:8715b4821f39144aeb5d015e0621c859b45d3175c0f8415bd1542f7f7f063dec_amd64",
"8Base-OSE-LOGGING-5.1:openshift-logging/cluster-logging-rhel8-operator@sha256:f96340f2ae0699d07b36e2e0e47bdda190635c276eb9122513f57b2f0ffd25f7_ppc64le",
"8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch-operator-bundle@sha256:8c60be512aa5cbec4247f2bcbcb0d829edc2f4b2c28ebd78673be8c15b4c4d99_amd64",
"8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch-proxy-rhel8@sha256:75ad4b059c54e8c089de590a7dd0425a07049fb4721e83e894bf72dba2580fe7_amd64",
"8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch-proxy-rhel8@sha256:7eca37c2de3ab91f5561bc30d6057dcc7e32dd3e41af9c78739b2c840d26f3d4_s390x",
"8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch-proxy-rhel8@sha256:b9025248fa3fe48e38e12409b77b93782a2c2977fd48cf43de74bfbf8ed4a016_ppc64le",
"8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch-rhel8-operator@sha256:0d759e02a84eaf59cffc0143b51fd922363f0488a537562731e5c71bbd555a92_ppc64le",
"8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch-rhel8-operator@sha256:747bf587b1cb27d3fc872f40938a8f3ded033c97eab756712ca2a427fbeee4f0_s390x",
"8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch-rhel8-operator@sha256:df696bb6cc563e646f51ccd409c961cfb06b39f361857392ec80f30add0927ab_amd64",
"8Base-OSE-LOGGING-5.1:openshift-logging/eventrouter-rhel8@sha256:499aa444f1c77cc0e238577b35ce707a6233b7c10695aa058f036694cc65f62d_s390x",
"8Base-OSE-LOGGING-5.1:openshift-logging/eventrouter-rhel8@sha256:b21561dc5237b5c9bc65ffdfa8e62d364a02631e0e06307883463357229ff06f_amd64",
"8Base-OSE-LOGGING-5.1:openshift-logging/eventrouter-rhel8@sha256:b7706ebba12fba423afe2b333677aa4fa16ecd72cfcd2c5b076dfb34d5d400e6_ppc64le",
"8Base-OSE-LOGGING-5.1:openshift-logging/fluentd-rhel8@sha256:2eb43cd05fa769240e683de25d8913ea1379c0f69d656dec66efd7d4f5e70217_amd64",
"8Base-OSE-LOGGING-5.1:openshift-logging/fluentd-rhel8@sha256:63a5e130e712bf0292167f0aa8c3018b77bdb73042160fd14057d4678ff613ff_ppc64le",
"8Base-OSE-LOGGING-5.1:openshift-logging/fluentd-rhel8@sha256:dd94d77116595d5aede41e3fdd38681767a0ac294b743b9d608268fef97720d1_s390x",
"8Base-OSE-LOGGING-5.1:openshift-logging/kibana6-rhel8@sha256:318f21b10f1b22d14a0bf0d895c597e29f498442bc90fb5c26886e696fbe68a5_s390x",
"8Base-OSE-LOGGING-5.1:openshift-logging/kibana6-rhel8@sha256:86302d1e4e1729fd7364b4db5061b4762c683f9d27ed09a7e1489406ac783d21_amd64",
"8Base-OSE-LOGGING-5.1:openshift-logging/kibana6-rhel8@sha256:b43d04bc71797caab0d1b6bb5f14d18a04b09fee5272e9e03d50056dbb2116fc_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-44832"
},
{
"category": "external",
"summary": "RHBZ#2035951",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2035951"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-44832",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44832"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-44832",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-44832"
},
{
"category": "external",
"summary": "https://issues.apache.org/jira/browse/LOG4J2-3293",
"url": "https://issues.apache.org/jira/browse/LOG4J2-3293"
}
],
"release_date": "2021-12-28T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-01-20T21:39:00+00:00",
"details": "For OpenShift Container Platform 4.8 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:\n\nhttps://docs.openshift.com/container-platform/4.8/release_notes/ocp-4-8-release-notes.html\n\nFor Red Hat OpenShift Logging 5.1, see the following instructions to apply this update:\n\nhttps://docs.openshift.com/container-platform/4.8/logging/cluster-logging-upgrading.html",
"product_ids": [
"8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch6-rhel8@sha256:007deae6e82e1d870385f2c9ed90c1783f9fdb3aca0b97349a66a97e4380b9b4_amd64",
"8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch6-rhel8@sha256:3e971f5c333ced1166981d713355fd55f984108cd50bf458b9ea29eb637df9ce_s390x",
"8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch6-rhel8@sha256:9b1a4b2ca3c32aa6a8a5bbcb28af0e6bbd0ea5368ab317e8a0dc7ba5f9b0ddc4_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:0226"
},
{
"category": "workaround",
"details": "As per upstream:\n- In prior releases confirm that if the JDBC Appender is being used it is not configured to use any protocol other than Java.\n- Note that only the log4j-core JAR file is impacted by this vulnerability. Applications using only the log4j-api JAR file without the log4j-core JAR file are not impacted by this vulnerability.",
"product_ids": [
"8Base-OSE-LOGGING-5.1:openshift-logging/cluster-logging-operator-bundle@sha256:cd21e02ce7d7900dd20083b561b98161199561726c310c1ff3f619b700a660d9_amd64",
"8Base-OSE-LOGGING-5.1:openshift-logging/cluster-logging-rhel8-operator@sha256:5f1436f57bc60663619d099cc54eac735a4ea885eb224a659b0aad66f14dcc36_s390x",
"8Base-OSE-LOGGING-5.1:openshift-logging/cluster-logging-rhel8-operator@sha256:8715b4821f39144aeb5d015e0621c859b45d3175c0f8415bd1542f7f7f063dec_amd64",
"8Base-OSE-LOGGING-5.1:openshift-logging/cluster-logging-rhel8-operator@sha256:f96340f2ae0699d07b36e2e0e47bdda190635c276eb9122513f57b2f0ffd25f7_ppc64le",
"8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch-operator-bundle@sha256:8c60be512aa5cbec4247f2bcbcb0d829edc2f4b2c28ebd78673be8c15b4c4d99_amd64",
"8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch-proxy-rhel8@sha256:75ad4b059c54e8c089de590a7dd0425a07049fb4721e83e894bf72dba2580fe7_amd64",
"8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch-proxy-rhel8@sha256:7eca37c2de3ab91f5561bc30d6057dcc7e32dd3e41af9c78739b2c840d26f3d4_s390x",
"8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch-proxy-rhel8@sha256:b9025248fa3fe48e38e12409b77b93782a2c2977fd48cf43de74bfbf8ed4a016_ppc64le",
"8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch-rhel8-operator@sha256:0d759e02a84eaf59cffc0143b51fd922363f0488a537562731e5c71bbd555a92_ppc64le",
"8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch-rhel8-operator@sha256:747bf587b1cb27d3fc872f40938a8f3ded033c97eab756712ca2a427fbeee4f0_s390x",
"8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch-rhel8-operator@sha256:df696bb6cc563e646f51ccd409c961cfb06b39f361857392ec80f30add0927ab_amd64",
"8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch6-rhel8@sha256:007deae6e82e1d870385f2c9ed90c1783f9fdb3aca0b97349a66a97e4380b9b4_amd64",
"8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch6-rhel8@sha256:3e971f5c333ced1166981d713355fd55f984108cd50bf458b9ea29eb637df9ce_s390x",
"8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch6-rhel8@sha256:9b1a4b2ca3c32aa6a8a5bbcb28af0e6bbd0ea5368ab317e8a0dc7ba5f9b0ddc4_ppc64le",
"8Base-OSE-LOGGING-5.1:openshift-logging/eventrouter-rhel8@sha256:499aa444f1c77cc0e238577b35ce707a6233b7c10695aa058f036694cc65f62d_s390x",
"8Base-OSE-LOGGING-5.1:openshift-logging/eventrouter-rhel8@sha256:b21561dc5237b5c9bc65ffdfa8e62d364a02631e0e06307883463357229ff06f_amd64",
"8Base-OSE-LOGGING-5.1:openshift-logging/eventrouter-rhel8@sha256:b7706ebba12fba423afe2b333677aa4fa16ecd72cfcd2c5b076dfb34d5d400e6_ppc64le",
"8Base-OSE-LOGGING-5.1:openshift-logging/fluentd-rhel8@sha256:2eb43cd05fa769240e683de25d8913ea1379c0f69d656dec66efd7d4f5e70217_amd64",
"8Base-OSE-LOGGING-5.1:openshift-logging/fluentd-rhel8@sha256:63a5e130e712bf0292167f0aa8c3018b77bdb73042160fd14057d4678ff613ff_ppc64le",
"8Base-OSE-LOGGING-5.1:openshift-logging/fluentd-rhel8@sha256:dd94d77116595d5aede41e3fdd38681767a0ac294b743b9d608268fef97720d1_s390x",
"8Base-OSE-LOGGING-5.1:openshift-logging/kibana6-rhel8@sha256:318f21b10f1b22d14a0bf0d895c597e29f498442bc90fb5c26886e696fbe68a5_s390x",
"8Base-OSE-LOGGING-5.1:openshift-logging/kibana6-rhel8@sha256:86302d1e4e1729fd7364b4db5061b4762c683f9d27ed09a7e1489406ac783d21_amd64",
"8Base-OSE-LOGGING-5.1:openshift-logging/kibana6-rhel8@sha256:b43d04bc71797caab0d1b6bb5f14d18a04b09fee5272e9e03d50056dbb2116fc_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch6-rhel8@sha256:007deae6e82e1d870385f2c9ed90c1783f9fdb3aca0b97349a66a97e4380b9b4_amd64",
"8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch6-rhel8@sha256:3e971f5c333ced1166981d713355fd55f984108cd50bf458b9ea29eb637df9ce_s390x",
"8Base-OSE-LOGGING-5.1:openshift-logging/elasticsearch6-rhel8@sha256:9b1a4b2ca3c32aa6a8a5bbcb28af0e6bbd0ea5368ab317e8a0dc7ba5f9b0ddc4_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "log4j-core: remote code execution via JDBC Appender"
}
]
}
RHSA-2022:0203
Vulnerability from csaf_redhat - Published: 2022-01-20 09:26 - Updated: 2025-12-05 06:18Summary
Red Hat Security Advisory: Red Hat Fuse 7.8-7.10 security update
Notes
Topic
A micro version update for Fuse 7.8, 7.9, and 7.10 is now available for Red Hat Fuse on Karaf and Red Hat Fuse on Spring Boot. The purpose of this text-only errata is to inform you about the security issues fixed in this release.
Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
The releases of Red Hat Fuse 7.8.2, 7.9.1 and 7.10.1 serve as a patch to Red Hat Fuse on Karaf and Red Hat Fuse on Spring Boot and includes security fixes, which are documented in the Release Notes document linked to in the References.
Security Fix(es):
* log4j-core: Remote code execution in Log4j 2.x when logs contain an attacker-controlled string value (CVE-2021-44228)
* log4j-core: remote code execution via JDBC Appender (CVE-2021-44832)
* log4j-core: DoS in log4j 2.x with thread context message pattern and context lookup pattern (incomplete fix for CVE-2021-44228) (CVE-2021-45046)
* log4j-core: DoS in log4j 2.x with Thread Context Map (MDC) input data contains a recursive lookup and context lookup pattern (CVE-2021-45105)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Critical"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "A micro version update for Fuse 7.8, 7.9, and 7.10 is now available for Red Hat Fuse on Karaf and Red Hat Fuse on Spring Boot. The purpose of this text-only errata is to inform you about the security issues fixed in this release.\n\nRed Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "The releases of Red Hat Fuse 7.8.2, 7.9.1 and 7.10.1 serve as a patch to Red Hat Fuse on Karaf and Red Hat Fuse on Spring Boot and includes security fixes, which are documented in the Release Notes document linked to in the References.\n\nSecurity Fix(es):\n\n* log4j-core: Remote code execution in Log4j 2.x when logs contain an attacker-controlled string value (CVE-2021-44228)\n\n* log4j-core: remote code execution via JDBC Appender (CVE-2021-44832)\n\n* log4j-core: DoS in log4j 2.x with thread context message pattern and context lookup pattern (incomplete fix for CVE-2021-44228) (CVE-2021-45046)\n\n* log4j-core: DoS in log4j 2.x with Thread Context Map (MDC) input data contains a recursive lookup and context lookup pattern (CVE-2021-45105)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2022:0203",
"url": "https://access.redhat.com/errata/RHSA-2022:0203"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#critical",
"url": "https://access.redhat.com/security/updates/classification/#critical"
},
{
"category": "external",
"summary": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=securityPatches\u0026product=jboss.fuse\u0026version=7.08.0",
"url": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=securityPatches\u0026product=jboss.fuse\u0026version=7.08.0"
},
{
"category": "external",
"summary": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=securityPatches\u0026product=jboss.fuse\u0026version=7.09.0",
"url": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=securityPatches\u0026product=jboss.fuse\u0026version=7.09.0"
},
{
"category": "external",
"summary": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=securityPatches\u0026product=jboss.fuse\u0026version=7.10.0",
"url": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=securityPatches\u0026product=jboss.fuse\u0026version=7.10.0"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/vulnerabilities/RHSB-2021-009",
"url": "https://access.redhat.com/security/vulnerabilities/RHSB-2021-009"
},
{
"category": "external",
"summary": "2030932",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2030932"
},
{
"category": "external",
"summary": "2032580",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2032580"
},
{
"category": "external",
"summary": "2034067",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2034067"
},
{
"category": "external",
"summary": "2035951",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2035951"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2022/rhsa-2022_0203.json"
}
],
"title": "Red Hat Security Advisory: Red Hat Fuse 7.8-7.10 security update",
"tracking": {
"current_release_date": "2025-12-05T06:18:56+00:00",
"generator": {
"date": "2025-12-05T06:18:56+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.13"
}
},
"id": "RHSA-2022:0203",
"initial_release_date": "2022-01-20T09:26:34+00:00",
"revision_history": [
{
"date": "2022-01-20T09:26:34+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2022-01-20T09:26:34+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-12-05T06:18:56+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Fuse 7.8.2, 7.9.1, 7.10.1",
"product": {
"name": "Red Hat Fuse 7.8.2, 7.9.1, 7.10.1",
"product_id": "Red Hat Fuse 7.8.2, 7.9.1, 7.10.1",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_fuse:7"
}
}
}
],
"category": "product_family",
"name": "Red Hat JBoss Fuse"
}
],
"category": "vendor",
"name": "Red Hat"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-44228",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2021-12-10T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2030932"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Apache Log4j logging library in versions from 2.0.0 and before 2.15.0. A remote attacker who can control log messages or log message parameters, can execute arbitrary code on the server via JNDI LDAP endpoint.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "log4j-core: Remote code execution in Log4j 2.x when logs contain an attacker-controlled string value",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue only affects log4j versions between 2.0 and 2.14.1. In order to exploit this flaw you need:\n- A remotely accessible endpoint with any protocol (HTTP, TCP, etc) that allows an attacker to send arbitrary data,\n- A log statement in the endpoint that logs the attacker controlled data.\n\nIn Red Hat OpenShift Logging the vulnerable log4j library is shipped in the Elasticsearch components. Because Elasticsearch is not susceptible to remote code execution with this vulnerability due to use of the Java Security Manager and because access to these components is limited, the impact by this vulnerability is reduced to Moderate.\n\nAs per upstream applications using Log4j 1.x may be impacted by this flaw if their configuration uses JNDI. However, the risk is much lower. This flaw in Log4j 1.x is tracked via https://access.redhat.com/security/cve/CVE-2021-4104 and has been rated as having Moderate security impact.\n\nCodeReady Studio version 12.21.1 was released containing a fix for this vulnerability.\n\nThe following products are NOT affected by this flaw and have been explicitly listed here for the benefit of our customers.\n- Red Hat Enterprise Linux\n- Red Hat Advanced Cluster Management for Kubernetes \n- Red Hat Advanced Cluster Security for Kubernetes\n- Red Hat Ansible Automation Platform (Engine and Tower)\n- Red Hat Certificate System\n- Red Hat Directory Server\n- Red Hat Identity Management\n- Red Hat CloudForms \n- Red Hat Update Infrastructure\n- Red Hat Satellite\n- Red Hat Ceph Storage\n- Red Hat Gluster Storage\n- Red Hat OpenShift Data Foundation\n- Red Hat OpenStack Platform\n- Red Hat Virtualization\n- Red Hat Single Sign-On\n- Red Hat 3scale API Management",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Fuse 7.8.2, 7.9.1, 7.10.1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-44228"
},
{
"category": "external",
"summary": "RHBZ#2030932",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2030932"
},
{
"category": "external",
"summary": "RHSB-2021-009",
"url": "https://access.redhat.com/security/vulnerabilities/RHSB-2021-009"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-44228",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44228"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-44228",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-44228"
},
{
"category": "external",
"summary": "https://github.com/advisories/GHSA-jfh8-c2jp-5v3q",
"url": "https://github.com/advisories/GHSA-jfh8-c2jp-5v3q"
},
{
"category": "external",
"summary": "https://logging.apache.org/log4j/2.x/security.html",
"url": "https://logging.apache.org/log4j/2.x/security.html"
},
{
"category": "external",
"summary": "https://www.lunasec.io/docs/blog/log4j-zero-day/",
"url": "https://www.lunasec.io/docs/blog/log4j-zero-day/"
},
{
"category": "external",
"summary": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog",
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
}
],
"release_date": "2021-12-10T02:01:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-01-20T09:26:34+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nInstallation instructions are available from the Fuse product documentation pages:\n\nFuse 7.8:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.8/html/installing_on_apache_karaf/apply-hotfix-patch\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.8/html/deploying_into_spring_boot/patch-red-hat-fuse-applications\n\nFuse 7.9:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.9/html/installing_on_apache_karaf/apply-hotfix-patch\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.9/html/deploying_into_spring_boot/patch-red-hat-fuse-applications\n\nFuse 7.10:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.10/html/installing_on_apache_karaf/apply-hotfix-patch\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.10/html/deploying_into_spring_boot/patch-red-hat-fuse-applications",
"product_ids": [
"Red Hat Fuse 7.8.2, 7.9.1, 7.10.1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:0203"
},
{
"category": "workaround",
"details": "For Log4j versions \u003e=2.10\nset the system property log4j2.formatMsgNoLookups or the environment variable LOG4J_FORMAT_MSG_NO_LOOKUPS to true\n\nFor Log4j versions \u003e=2.7 and \u003c=2.14.1\nall PatternLayout patterns can be modified to specify the message converter as %m{nolookups} instead of just %m\n\nFor Log4j versions \u003e=2.0-beta9 and \u003c=2.10.0\nremove the JndiLookup class from the classpath. For example: \n```\nzip -q -d log4j-core-*.jar org/apache/logging/log4j/core/lookup/JndiLookup.class\n```\n\nOn OpenShift 4 and in OpenShift Logging, the above mitigation can be applied by following the steps in this article: https://access.redhat.com/solutions/6578421\n\nOn OpenShift 3.11, mitigation to the affected Elasticsearch component can be applied by following the steps in this article: https://access.redhat.com/solutions/6578441",
"product_ids": [
"Red Hat Fuse 7.8.2, 7.9.1, 7.10.1"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat Fuse 7.8.2, 7.9.1, 7.10.1"
]
}
],
"threats": [
{
"category": "exploit_status",
"date": "2021-12-10T00:00:00+00:00",
"details": "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
},
{
"category": "impact",
"details": "Critical"
}
],
"title": "log4j-core: Remote code execution in Log4j 2.x when logs contain an attacker-controlled string value"
},
{
"cve": "CVE-2021-44832",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2021-12-28T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2035951"
}
],
"notes": [
{
"category": "description",
"text": "Apache Log4j2 versions 2.0-beta7 through 2.17.0 (excluding security fix releases 2.3.2 and 2.12.4) are vulnerable to a remote code execution (RCE) attack where an attacker with permission to modify the logging configuration file can construct a malicious configuration using a JDBC Appender with a data source referencing a JNDI URI which can execute remote code. This issue is fixed by limiting JNDI data source names to the java protocol in Log4j2 versions 2.17.1, 2.12.4, and 2.3.2.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "log4j-core: remote code execution via JDBC Appender",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Log4j 1.x is not impacted by this vulnerability. Therefore versions of log4j shipped with Red Hat Enterprise Linux are NOT affected by this flaw.\n\nFor Elasticsearch, as shipped in OpenShift Container Platform and OpenShift Logging, access to the log4j2.properties configuration is limited only to the cluster administrators and exploitation requires cluster logging changes, what reduced the impact of this vulnerability significantly [0].\n\n[0] https://discuss.elastic.co/t/apache-log4j2-remote-code-execution-rce-vulnerability-cve-2021-44228-esa-2021-31/291476#update-jan-6-5",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Fuse 7.8.2, 7.9.1, 7.10.1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-44832"
},
{
"category": "external",
"summary": "RHBZ#2035951",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2035951"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-44832",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44832"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-44832",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-44832"
},
{
"category": "external",
"summary": "https://issues.apache.org/jira/browse/LOG4J2-3293",
"url": "https://issues.apache.org/jira/browse/LOG4J2-3293"
}
],
"release_date": "2021-12-28T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-01-20T09:26:34+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nInstallation instructions are available from the Fuse product documentation pages:\n\nFuse 7.8:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.8/html/installing_on_apache_karaf/apply-hotfix-patch\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.8/html/deploying_into_spring_boot/patch-red-hat-fuse-applications\n\nFuse 7.9:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.9/html/installing_on_apache_karaf/apply-hotfix-patch\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.9/html/deploying_into_spring_boot/patch-red-hat-fuse-applications\n\nFuse 7.10:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.10/html/installing_on_apache_karaf/apply-hotfix-patch\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.10/html/deploying_into_spring_boot/patch-red-hat-fuse-applications",
"product_ids": [
"Red Hat Fuse 7.8.2, 7.9.1, 7.10.1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:0203"
},
{
"category": "workaround",
"details": "As per upstream:\n- In prior releases confirm that if the JDBC Appender is being used it is not configured to use any protocol other than Java.\n- Note that only the log4j-core JAR file is impacted by this vulnerability. Applications using only the log4j-api JAR file without the log4j-core JAR file are not impacted by this vulnerability.",
"product_ids": [
"Red Hat Fuse 7.8.2, 7.9.1, 7.10.1"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat Fuse 7.8.2, 7.9.1, 7.10.1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "log4j-core: remote code execution via JDBC Appender"
},
{
"cve": "CVE-2021-45046",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2021-12-14T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2032580"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Apache Log4j logging library in versions from 2.0.0 and before 2.16.0. A remote attacker with control over Thread Context Map (MDC) input data could craft malicious input using a JNDI Lookup pattern resulting in remote code execution (RCE) in a limited number of environments.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "log4j-core: DoS in log4j 2.x with thread context message pattern and context lookup pattern (incomplete fix for CVE-2021-44228)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Although we have matched Apache\u0027s CVSS score, with the exception of the scope metric which will remain unaltered at \"unchanged\"; as we believe code execution would be at the permission levels of the running JVM and not exceeding that of the original CVE-2021-44228 flaw.\n \nWe have given this vulnerability an impact rating of Moderate, this is because of the unlikely nature of log4j lookup mapping values being derived from attacker controlled values. This is not the default configuration for end-applications using log4j 2.x and would require explicit action from a privileged user (a developer or administrator) to access the vulnerability. \nIn certain non-default configurations, it was found that the fix to address CVE-2021-44228 in Apache Log4j 2.15.0 was insufficient.\n\nThis issue affects the log4j version between 2.0 and 2.15. Log4j 1.x is NOT impacted by this vulnerability. \n\nPrerequisites to exploit this flaw are :\n\n- A remotely accessible endpoint with any protocol (HTTP, TCP, etc) that allows an attacker to send arbitrary data,\n- A log statement in the endpoint that logs the attacker controlled data.\n- Log4j configuration file should be explicitly configured to use a non-default Pattern Layout with a Context Lookup eg. ($${ctx:loginId}) \n\nIn most cases, the mitigation suggested for CVE-2021-44228 (i.e. to set the system property `log4j2.noFormatMsgLookup` to `true) does NOT mitigate this specific vulnerability. \nLog4j 2.16.0 fixes this issue by removing support for message lookup patterns and disabling JNDI functionality by default.\n\nFor Elasticsearch, as shipped in OpenShift 3.11, the \"log4j2.formatMsgNoLookups=true\" system property mitigation is sufficient as there are no included non-standard configurations that allow for exploitation:\n\nhttps://github.com/openshift/openshift-ansible/blob/release-3.11/roles/openshift_logging_elasticsearch/templates/log4j2.properties.j2\n\nhttps://discuss.elastic.co/t/apache-log4j2-remote-code-execution-rce-vulnerability-cve-2021-44228-esa-2021-31/291476\n\nFor CodeReady Studio the fix for this flaw is available on CodeReady Studio 12.21.3 and above versions.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Fuse 7.8.2, 7.9.1, 7.10.1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-45046"
},
{
"category": "external",
"summary": "RHBZ#2032580",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2032580"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-45046",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-45046"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-45046",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-45046"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2021-44228",
"url": "https://access.redhat.com/security/cve/CVE-2021-44228"
},
{
"category": "external",
"summary": "https://logging.apache.org/log4j/2.x/security.html",
"url": "https://logging.apache.org/log4j/2.x/security.html"
},
{
"category": "external",
"summary": "https://www.openwall.com/lists/oss-security/2021/12/14/4",
"url": "https://www.openwall.com/lists/oss-security/2021/12/14/4"
},
{
"category": "external",
"summary": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog",
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
}
],
"release_date": "2021-12-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-01-20T09:26:34+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nInstallation instructions are available from the Fuse product documentation pages:\n\nFuse 7.8:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.8/html/installing_on_apache_karaf/apply-hotfix-patch\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.8/html/deploying_into_spring_boot/patch-red-hat-fuse-applications\n\nFuse 7.9:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.9/html/installing_on_apache_karaf/apply-hotfix-patch\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.9/html/deploying_into_spring_boot/patch-red-hat-fuse-applications\n\nFuse 7.10:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.10/html/installing_on_apache_karaf/apply-hotfix-patch\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.10/html/deploying_into_spring_boot/patch-red-hat-fuse-applications",
"product_ids": [
"Red Hat Fuse 7.8.2, 7.9.1, 7.10.1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:0203"
},
{
"category": "workaround",
"details": "For Log4j versions up to and including 2.15.0, this issue can be mitigated by removing the JndiLookup class from the classpath (example: zip -q -d log4j-core-*.jar org/apache/logging/log4j/core/lookup/JndiLookup.class).",
"product_ids": [
"Red Hat Fuse 7.8.2, 7.9.1, 7.10.1"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat Fuse 7.8.2, 7.9.1, 7.10.1"
]
}
],
"threats": [
{
"category": "exploit_status",
"date": "2023-05-01T00:00:00+00:00",
"details": "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
},
{
"category": "impact",
"details": "Moderate"
}
],
"title": "log4j-core: DoS in log4j 2.x with thread context message pattern and context lookup pattern (incomplete fix for CVE-2021-44228)"
},
{
"cve": "CVE-2021-45105",
"cwe": {
"id": "CWE-674",
"name": "Uncontrolled Recursion"
},
"discovery_date": "2021-12-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2034067"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Apache Log4j logging library 2.x. when the logging configuration uses a non-default Pattern Layout with a Context Lookup. Attackers with control over Thread Context Map (MDC) input data can craft malicious input data that contains a recursive lookup and can cause Denial of Service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "log4j-core: DoS in log4j 2.x with Thread Context Map (MDC) input data contains a recursive lookup and context lookup pattern",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Product Security has performed an analysis of this flaw and has classified the Attack Complexity(AC) as High because there are multiple factors involved which are beyond attacker\u0027s control:\n\n- The application has to use the logging configuration using a Context Map Lookup (for example, $${ctx:loginId}) which is a non-default Pattern Layout.\n- The application developer has to use the map org.apache.logging.log4j.ThreadContext in the application code and save at-least one key (for example, ThreadContext.put(\"loginId\", \"myId\");) in the ThreadContext map object.\n- Attackers must also know this saved key name in order to exploit this flaw.\n\nNote that saving keys in this map is a non-essential usage of log4j and just an optional feature provided. Refer to https://logging.apache.org/log4j/2.x/manual/lookups.html#ContextMapLookup to know more about the Context Map Lookup feature of Log4j.\n\nLog4j 1.x is not impacted by this vulnerability. Note that only the log4j-core JAR file is impacted by this vulnerability. Applications using ONLY the log4j-api JAR file without the log4j-core JAR file are NOT impacted by this vulnerability.\n\n\nDespite including a vulnerable version of Log4j 2.x, this vulnerability is not exploitable in Elasticsearch[0], as shipped in OpenShift Container Platform and OpenShift Logging. OpenShift 3.11 specifically does not contain any context lookups:\n\nhttps://github.com/openshift/openshift-ansible/blob/release-3.11/roles/openshift_logging_elasticsearch/templates/log4j2.properties.j2\n\nThis vulnerability is therefore rated Low for Elasticsearch in OpenShift Container Platform and OpenShift Logging.\n\n[0] https://discuss.elastic.co/t/apache-log4j2-remote-code-execution-rce-vulnerability-cve-2021-44228-esa-2021-31/291476#update-december-18-4",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Fuse 7.8.2, 7.9.1, 7.10.1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-45105"
},
{
"category": "external",
"summary": "RHBZ#2034067",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2034067"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-45105",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-45105"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-45105",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-45105"
},
{
"category": "external",
"summary": "https://issues.apache.org/jira/browse/LOG4J2-3230",
"url": "https://issues.apache.org/jira/browse/LOG4J2-3230"
},
{
"category": "external",
"summary": "https://logging.apache.org/log4j/2.x/security.html",
"url": "https://logging.apache.org/log4j/2.x/security.html"
},
{
"category": "external",
"summary": "https://www.openwall.com/lists/oss-security/2021/12/19/1",
"url": "https://www.openwall.com/lists/oss-security/2021/12/19/1"
}
],
"release_date": "2021-12-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-01-20T09:26:34+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nInstallation instructions are available from the Fuse product documentation pages:\n\nFuse 7.8:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.8/html/installing_on_apache_karaf/apply-hotfix-patch\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.8/html/deploying_into_spring_boot/patch-red-hat-fuse-applications\n\nFuse 7.9:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.9/html/installing_on_apache_karaf/apply-hotfix-patch\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.9/html/deploying_into_spring_boot/patch-red-hat-fuse-applications\n\nFuse 7.10:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.10/html/installing_on_apache_karaf/apply-hotfix-patch\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.10/html/deploying_into_spring_boot/patch-red-hat-fuse-applications",
"product_ids": [
"Red Hat Fuse 7.8.2, 7.9.1, 7.10.1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:0203"
},
{
"category": "workaround",
"details": "For Log4j 2 versions up to and including 2.16.0, this flaw can be mitigated by:\n- In PatternLayout in the Log4j logging configuration, replace Context Lookups like ${ctx:loginId} or $${ctx:loginId} with Thread Context Map patterns (%X, %mdc, or %MDC) like %X{loginId}.\n- Otherwise, in the Log4j logging configuration, remove references to Context Lookups like ${ctx:loginId} or $${ctx:loginId} where they originate from sources external to the application such as HTTP headers or user input.",
"product_ids": [
"Red Hat Fuse 7.8.2, 7.9.1, 7.10.1"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Fuse 7.8.2, 7.9.1, 7.10.1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "log4j-core: DoS in log4j 2.x with Thread Context Map (MDC) input data contains a recursive lookup and context lookup pattern"
}
]
}
RHSA-2022_0236
Vulnerability from csaf_redhat - Published: 2022-01-25 15:25 - Updated: 2024-11-24 21:30Summary
Red Hat Security Advisory: OpenShift Container Platform 3.11.570 security update
Notes
Topic
Red Hat OpenShift Container Platform release 3.11.570 is now available with
updates to packages and images that fix several bugs and add enhancements.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat OpenShift Container Platform is Red Hat's cloud computing
Kubernetes application platform solution designed for on-premise or private
cloud deployments.
Security Fix(es):
* log4j-core: remote code execution via JDBC Appender (CVE-2021-44832)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Red Hat OpenShift Container Platform release 3.11.570 is now available with\nupdates to packages and images that fix several bugs and add enhancements.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat OpenShift Container Platform is Red Hat\u0027s cloud computing\nKubernetes application platform solution designed for on-premise or private\ncloud deployments.\n\nSecurity Fix(es):\n\n* log4j-core: remote code execution via JDBC Appender (CVE-2021-44832)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2022:0236",
"url": "https://access.redhat.com/errata/RHSA-2022:0236"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "2035951",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2035951"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2022/rhsa-2022_0236.json"
}
],
"title": "Red Hat Security Advisory: OpenShift Container Platform 3.11.570 security update",
"tracking": {
"current_release_date": "2024-11-24T21:30:33+00:00",
"generator": {
"date": "2024-11-24T21:30:33+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.1"
}
},
"id": "RHSA-2022:0236",
"initial_release_date": "2022-01-25T15:25:30+00:00",
"revision_history": [
{
"date": "2022-01-25T15:25:30+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2022-01-25T15:25:30+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-24T21:30:33+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat OpenShift Container Platform 3.11",
"product": {
"name": "Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift:3.11::el7"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenShift Enterprise"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift3/ose-logging-curator5@sha256:615464e77119620f0e248dc8702c790fc12e004393fcef65731b7ab0c8fe51ea_amd64",
"product": {
"name": "openshift3/ose-logging-curator5@sha256:615464e77119620f0e248dc8702c790fc12e004393fcef65731b7ab0c8fe51ea_amd64",
"product_id": "openshift3/ose-logging-curator5@sha256:615464e77119620f0e248dc8702c790fc12e004393fcef65731b7ab0c8fe51ea_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-logging-curator5@sha256:615464e77119620f0e248dc8702c790fc12e004393fcef65731b7ab0c8fe51ea?arch=amd64\u0026repository_url=registry.redhat.io/openshift3/ose-logging-curator5\u0026tag=v3.11.570-2.ge84e80c"
}
}
},
{
"category": "product_version",
"name": "openshift3/ose-logging-elasticsearch5@sha256:730f0aea1c470224fbe8a4c3e2ad0600bb213f39b79aa5b473146bae50a28b4f_amd64",
"product": {
"name": "openshift3/ose-logging-elasticsearch5@sha256:730f0aea1c470224fbe8a4c3e2ad0600bb213f39b79aa5b473146bae50a28b4f_amd64",
"product_id": "openshift3/ose-logging-elasticsearch5@sha256:730f0aea1c470224fbe8a4c3e2ad0600bb213f39b79aa5b473146bae50a28b4f_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-logging-elasticsearch5@sha256:730f0aea1c470224fbe8a4c3e2ad0600bb213f39b79aa5b473146bae50a28b4f?arch=amd64\u0026repository_url=registry.redhat.io/openshift3/ose-logging-elasticsearch5\u0026tag=v3.11.570-2.ge84e80c"
}
}
},
{
"category": "product_version",
"name": "openshift3/ose-logging-eventrouter@sha256:cc44602e7ec89f3c145288c4e65f0d3d418454fcf4147aa7a1deafeda9329209_amd64",
"product": {
"name": "openshift3/ose-logging-eventrouter@sha256:cc44602e7ec89f3c145288c4e65f0d3d418454fcf4147aa7a1deafeda9329209_amd64",
"product_id": "openshift3/ose-logging-eventrouter@sha256:cc44602e7ec89f3c145288c4e65f0d3d418454fcf4147aa7a1deafeda9329209_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-logging-eventrouter@sha256:cc44602e7ec89f3c145288c4e65f0d3d418454fcf4147aa7a1deafeda9329209?arch=amd64\u0026repository_url=registry.redhat.io/openshift3/ose-logging-eventrouter\u0026tag=v3.11.570-2"
}
}
},
{
"category": "product_version",
"name": "openshift3/ose-logging-fluentd@sha256:d8de79c838c86c85fba55880ff3b59cfb8c6f89b0e092d65e13833d10a949012_amd64",
"product": {
"name": "openshift3/ose-logging-fluentd@sha256:d8de79c838c86c85fba55880ff3b59cfb8c6f89b0e092d65e13833d10a949012_amd64",
"product_id": "openshift3/ose-logging-fluentd@sha256:d8de79c838c86c85fba55880ff3b59cfb8c6f89b0e092d65e13833d10a949012_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-logging-fluentd@sha256:d8de79c838c86c85fba55880ff3b59cfb8c6f89b0e092d65e13833d10a949012?arch=amd64\u0026repository_url=registry.redhat.io/openshift3/ose-logging-fluentd\u0026tag=v3.11.570-2.ge84e80c"
}
}
},
{
"category": "product_version",
"name": "openshift3/logging-fluentd@sha256:d8de79c838c86c85fba55880ff3b59cfb8c6f89b0e092d65e13833d10a949012_amd64",
"product": {
"name": "openshift3/logging-fluentd@sha256:d8de79c838c86c85fba55880ff3b59cfb8c6f89b0e092d65e13833d10a949012_amd64",
"product_id": "openshift3/logging-fluentd@sha256:d8de79c838c86c85fba55880ff3b59cfb8c6f89b0e092d65e13833d10a949012_amd64",
"product_identification_helper": {
"purl": "pkg:oci/logging-fluentd@sha256:d8de79c838c86c85fba55880ff3b59cfb8c6f89b0e092d65e13833d10a949012?arch=amd64\u0026repository_url=registry.redhat.io/openshift3/logging-fluentd\u0026tag=v3.11.570-2.ge84e80c"
}
}
},
{
"category": "product_version",
"name": "openshift3/ose-logging-kibana5@sha256:531d1444a26b4c38316fd7e46e7d619a519e7a2d1b0a78567949160eb0196860_amd64",
"product": {
"name": "openshift3/ose-logging-kibana5@sha256:531d1444a26b4c38316fd7e46e7d619a519e7a2d1b0a78567949160eb0196860_amd64",
"product_id": "openshift3/ose-logging-kibana5@sha256:531d1444a26b4c38316fd7e46e7d619a519e7a2d1b0a78567949160eb0196860_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-logging-kibana5@sha256:531d1444a26b4c38316fd7e46e7d619a519e7a2d1b0a78567949160eb0196860?arch=amd64\u0026repository_url=registry.redhat.io/openshift3/ose-logging-kibana5\u0026tag=v3.11.570-2.ge84e80c"
}
}
}
],
"category": "architecture",
"name": "amd64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift3/logging-fluentd@sha256:d8de79c838c86c85fba55880ff3b59cfb8c6f89b0e092d65e13833d10a949012_amd64 as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:openshift3/logging-fluentd@sha256:d8de79c838c86c85fba55880ff3b59cfb8c6f89b0e092d65e13833d10a949012_amd64"
},
"product_reference": "openshift3/logging-fluentd@sha256:d8de79c838c86c85fba55880ff3b59cfb8c6f89b0e092d65e13833d10a949012_amd64",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift3/ose-logging-curator5@sha256:615464e77119620f0e248dc8702c790fc12e004393fcef65731b7ab0c8fe51ea_amd64 as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:openshift3/ose-logging-curator5@sha256:615464e77119620f0e248dc8702c790fc12e004393fcef65731b7ab0c8fe51ea_amd64"
},
"product_reference": "openshift3/ose-logging-curator5@sha256:615464e77119620f0e248dc8702c790fc12e004393fcef65731b7ab0c8fe51ea_amd64",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift3/ose-logging-elasticsearch5@sha256:730f0aea1c470224fbe8a4c3e2ad0600bb213f39b79aa5b473146bae50a28b4f_amd64 as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:openshift3/ose-logging-elasticsearch5@sha256:730f0aea1c470224fbe8a4c3e2ad0600bb213f39b79aa5b473146bae50a28b4f_amd64"
},
"product_reference": "openshift3/ose-logging-elasticsearch5@sha256:730f0aea1c470224fbe8a4c3e2ad0600bb213f39b79aa5b473146bae50a28b4f_amd64",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift3/ose-logging-eventrouter@sha256:cc44602e7ec89f3c145288c4e65f0d3d418454fcf4147aa7a1deafeda9329209_amd64 as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:openshift3/ose-logging-eventrouter@sha256:cc44602e7ec89f3c145288c4e65f0d3d418454fcf4147aa7a1deafeda9329209_amd64"
},
"product_reference": "openshift3/ose-logging-eventrouter@sha256:cc44602e7ec89f3c145288c4e65f0d3d418454fcf4147aa7a1deafeda9329209_amd64",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift3/ose-logging-fluentd@sha256:d8de79c838c86c85fba55880ff3b59cfb8c6f89b0e092d65e13833d10a949012_amd64 as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:openshift3/ose-logging-fluentd@sha256:d8de79c838c86c85fba55880ff3b59cfb8c6f89b0e092d65e13833d10a949012_amd64"
},
"product_reference": "openshift3/ose-logging-fluentd@sha256:d8de79c838c86c85fba55880ff3b59cfb8c6f89b0e092d65e13833d10a949012_amd64",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift3/ose-logging-kibana5@sha256:531d1444a26b4c38316fd7e46e7d619a519e7a2d1b0a78567949160eb0196860_amd64 as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:openshift3/ose-logging-kibana5@sha256:531d1444a26b4c38316fd7e46e7d619a519e7a2d1b0a78567949160eb0196860_amd64"
},
"product_reference": "openshift3/ose-logging-kibana5@sha256:531d1444a26b4c38316fd7e46e7d619a519e7a2d1b0a78567949160eb0196860_amd64",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-44832",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2021-12-28T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"7Server-RH7-RHOSE-3.11:openshift3/logging-fluentd@sha256:d8de79c838c86c85fba55880ff3b59cfb8c6f89b0e092d65e13833d10a949012_amd64",
"7Server-RH7-RHOSE-3.11:openshift3/ose-logging-curator5@sha256:615464e77119620f0e248dc8702c790fc12e004393fcef65731b7ab0c8fe51ea_amd64",
"7Server-RH7-RHOSE-3.11:openshift3/ose-logging-eventrouter@sha256:cc44602e7ec89f3c145288c4e65f0d3d418454fcf4147aa7a1deafeda9329209_amd64",
"7Server-RH7-RHOSE-3.11:openshift3/ose-logging-fluentd@sha256:d8de79c838c86c85fba55880ff3b59cfb8c6f89b0e092d65e13833d10a949012_amd64",
"7Server-RH7-RHOSE-3.11:openshift3/ose-logging-kibana5@sha256:531d1444a26b4c38316fd7e46e7d619a519e7a2d1b0a78567949160eb0196860_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2035951"
}
],
"notes": [
{
"category": "description",
"text": "Apache Log4j2 versions 2.0-beta7 through 2.17.0 (excluding security fix releases 2.3.2 and 2.12.4) are vulnerable to a remote code execution (RCE) attack where an attacker with permission to modify the logging configuration file can construct a malicious configuration using a JDBC Appender with a data source referencing a JNDI URI which can execute remote code. This issue is fixed by limiting JNDI data source names to the java protocol in Log4j2 versions 2.17.1, 2.12.4, and 2.3.2.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "log4j-core: remote code execution via JDBC Appender",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Log4j 1.x is not impacted by this vulnerability. Therefore versions of log4j shipped with Red Hat Enterprise Linux are NOT affected by this flaw.\n\nFor Elasticsearch, as shipped in OpenShift Container Platform and OpenShift Logging, access to the log4j2.properties configuration is limited only to the cluster administrators and exploitation requires cluster logging changes, what reduced the impact of this vulnerability significantly [0].\n\n[0] https://discuss.elastic.co/t/apache-log4j2-remote-code-execution-rce-vulnerability-cve-2021-44228-esa-2021-31/291476#update-jan-6-5",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RH7-RHOSE-3.11:openshift3/ose-logging-elasticsearch5@sha256:730f0aea1c470224fbe8a4c3e2ad0600bb213f39b79aa5b473146bae50a28b4f_amd64"
],
"known_not_affected": [
"7Server-RH7-RHOSE-3.11:openshift3/logging-fluentd@sha256:d8de79c838c86c85fba55880ff3b59cfb8c6f89b0e092d65e13833d10a949012_amd64",
"7Server-RH7-RHOSE-3.11:openshift3/ose-logging-curator5@sha256:615464e77119620f0e248dc8702c790fc12e004393fcef65731b7ab0c8fe51ea_amd64",
"7Server-RH7-RHOSE-3.11:openshift3/ose-logging-eventrouter@sha256:cc44602e7ec89f3c145288c4e65f0d3d418454fcf4147aa7a1deafeda9329209_amd64",
"7Server-RH7-RHOSE-3.11:openshift3/ose-logging-fluentd@sha256:d8de79c838c86c85fba55880ff3b59cfb8c6f89b0e092d65e13833d10a949012_amd64",
"7Server-RH7-RHOSE-3.11:openshift3/ose-logging-kibana5@sha256:531d1444a26b4c38316fd7e46e7d619a519e7a2d1b0a78567949160eb0196860_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-44832"
},
{
"category": "external",
"summary": "RHBZ#2035951",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2035951"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-44832",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44832"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-44832",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-44832"
},
{
"category": "external",
"summary": "https://issues.apache.org/jira/browse/LOG4J2-3293",
"url": "https://issues.apache.org/jira/browse/LOG4J2-3293"
}
],
"release_date": "2021-12-28T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-01-25T15:25:30+00:00",
"details": "For OpenShift Container Platform 3.11 see the following documentation,\nwhich will be updated shortly for this release, for important instructions\non how to upgrade your cluster and fully apply this asynchronous errata\nupdate:\n\nhttps://docs.openshift.com/container-platform/3.11/release_notes/ocp_3_11_release_notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/3.11/upgrading/index.html",
"product_ids": [
"7Server-RH7-RHOSE-3.11:openshift3/ose-logging-elasticsearch5@sha256:730f0aea1c470224fbe8a4c3e2ad0600bb213f39b79aa5b473146bae50a28b4f_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:0236"
},
{
"category": "workaround",
"details": "As per upstream:\n- In prior releases confirm that if the JDBC Appender is being used it is not configured to use any protocol other than Java.\n- Note that only the log4j-core JAR file is impacted by this vulnerability. Applications using only the log4j-api JAR file without the log4j-core JAR file are not impacted by this vulnerability.",
"product_ids": [
"7Server-RH7-RHOSE-3.11:openshift3/logging-fluentd@sha256:d8de79c838c86c85fba55880ff3b59cfb8c6f89b0e092d65e13833d10a949012_amd64",
"7Server-RH7-RHOSE-3.11:openshift3/ose-logging-curator5@sha256:615464e77119620f0e248dc8702c790fc12e004393fcef65731b7ab0c8fe51ea_amd64",
"7Server-RH7-RHOSE-3.11:openshift3/ose-logging-elasticsearch5@sha256:730f0aea1c470224fbe8a4c3e2ad0600bb213f39b79aa5b473146bae50a28b4f_amd64",
"7Server-RH7-RHOSE-3.11:openshift3/ose-logging-eventrouter@sha256:cc44602e7ec89f3c145288c4e65f0d3d418454fcf4147aa7a1deafeda9329209_amd64",
"7Server-RH7-RHOSE-3.11:openshift3/ose-logging-fluentd@sha256:d8de79c838c86c85fba55880ff3b59cfb8c6f89b0e092d65e13833d10a949012_amd64",
"7Server-RH7-RHOSE-3.11:openshift3/ose-logging-kibana5@sha256:531d1444a26b4c38316fd7e46e7d619a519e7a2d1b0a78567949160eb0196860_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"7Server-RH7-RHOSE-3.11:openshift3/ose-logging-elasticsearch5@sha256:730f0aea1c470224fbe8a4c3e2ad0600bb213f39b79aa5b473146bae50a28b4f_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "log4j-core: remote code execution via JDBC Appender"
}
]
}
WID-SEC-W-2024-0064
Vulnerability from csaf_certbund - Published: 2024-01-10 23:00 - Updated: 2025-04-10 22:00Summary
Juniper Produkte: Mehrere Schwachstellen
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
JUNOS ist das "Juniper Network Operating System", das in Juniper Appliances verwendet wird.
SRX Series Services Gateways ist ein Next-Generation Anti-Threat Firewall von Juniper.
Bei den Switches der Juniper EX-Serie handelt es sich um Access- und Aggregations-/Core-Layer-Switches.
Die Switches der QFX-Serie von Juniper sichern und automatisieren Netzwerke in Rechenzentren.
Die Juniper MX-Serie ist eine Produktfamilie von Routern.
Angriff
Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter, lokaler oder physischer Angreifer kann mehrere Schwachstellen in Juniper JUNOS, Juniper JUNOS Evolved, Juniper SRX Series, Juniper EX Series, Juniper QFX Series, Juniper ACX Series, Juniper PTX Series und Juniper MX Series ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen und seine Berechtigungen zu erweitern.
Betroffene Betriebssysteme
- Appliance
- BIOS/Firmware
{
"document": {
"aggregate_severity": {
"text": "hoch"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "JUNOS ist das \"Juniper Network Operating System\", das in Juniper Appliances verwendet wird.\r\nSRX Series Services Gateways ist ein Next-Generation Anti-Threat Firewall von Juniper.\r\nBei den Switches der Juniper EX-Serie handelt es sich um Access- und Aggregations-/Core-Layer-Switches.\r\nDie Switches der QFX-Serie von Juniper sichern und automatisieren Netzwerke in Rechenzentren. \r\nDie Juniper MX-Serie ist eine Produktfamilie von Routern.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter, lokaler oder physischer Angreifer kann mehrere Schwachstellen in Juniper JUNOS, Juniper JUNOS Evolved, Juniper SRX Series, Juniper EX Series, Juniper QFX Series, Juniper ACX Series, Juniper PTX Series und Juniper MX Series ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren und seine Berechtigungen zu erweitern.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Appliance\n- BIOS/Firmware",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2024-0064 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-0064.json"
},
{
"category": "self",
"summary": "WID-SEC-2024-0064 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-0064"
},
{
"category": "external",
"summary": "Juniper Security Advisory JSA11272 vom 2024-01-10",
"url": "https://supportportal.juniper.net/JSA11272"
},
{
"category": "external",
"summary": "Juniper Security Advisory JSA75233 vom 2024-01-10",
"url": "https://supportportal.juniper.net/JSA75233"
},
{
"category": "external",
"summary": "Juniper Security Advisory JSA75721 vom 2024-01-10",
"url": "https://supportportal.juniper.net/JSA75721"
},
{
"category": "external",
"summary": "Juniper Security Advisory JSA75723 vom 2024-01-10",
"url": "https://supportportal.juniper.net/JSA75723"
},
{
"category": "external",
"summary": "Juniper Security Advisory JSA75725 vom 2024-01-10",
"url": "https://supportportal.juniper.net/JSA75725"
},
{
"category": "external",
"summary": "Juniper Security Advisory JSA75727 vom 2024-01-10",
"url": "https://supportportal.juniper.net/JSA75727"
},
{
"category": "external",
"summary": "Juniper Security Advisory JSA75729 vom 2024-01-10",
"url": "https://supportportal.juniper.net/JSA75729"
},
{
"category": "external",
"summary": "Juniper Security Advisory JSA75730 vom 2024-01-10",
"url": "https://supportportal.juniper.net/JSA75730"
},
{
"category": "external",
"summary": "Juniper Security Advisory JSA75733 vom 2024-01-10",
"url": "https://supportportal.juniper.net/JSA75733"
},
{
"category": "external",
"summary": "Juniper Security Advisory JSA75734 vom 2024-01-10",
"url": "https://supportportal.juniper.net/JSA75734"
},
{
"category": "external",
"summary": "Juniper Security Advisory JSA75735 vom 2024-01-10",
"url": "https://supportportal.juniper.net/JSA75735"
},
{
"category": "external",
"summary": "Juniper Security Advisory JSA75736 vom 2024-01-10",
"url": "https://supportportal.juniper.net/JSA75736"
},
{
"category": "external",
"summary": "Juniper Security Advisory JSA75737 vom 2024-01-10",
"url": "https://supportportal.juniper.net/JSA75737"
},
{
"category": "external",
"summary": "Juniper Security Advisory JSA75738 vom 2024-01-10",
"url": "https://supportportal.juniper.net/JSA75738"
},
{
"category": "external",
"summary": "Juniper Security Advisory JSA75740 vom 2024-01-10",
"url": "https://supportportal.juniper.net/JSA75740"
},
{
"category": "external",
"summary": "Juniper Security Advisory JSA75741 vom 2024-01-10",
"url": "https://supportportal.juniper.net/JSA75741"
},
{
"category": "external",
"summary": "Juniper Security Advisory JSA75742 vom 2024-01-10",
"url": "https://supportportal.juniper.net/JSA75742"
},
{
"category": "external",
"summary": "Juniper Security Advisory JSA75743 vom 2024-01-10",
"url": "https://supportportal.juniper.net/JSA75743"
},
{
"category": "external",
"summary": "Juniper Security Advisory JSA75744 vom 2024-01-10",
"url": "https://supportportal.juniper.net/JSA75744"
},
{
"category": "external",
"summary": "Juniper Security Advisory JSA75745 vom 2024-01-10",
"url": "https://supportportal.juniper.net/JSA75745"
},
{
"category": "external",
"summary": "Juniper Security Advisory JSA75747 vom 2024-01-10",
"url": "https://supportportal.juniper.net/JSA75747"
},
{
"category": "external",
"summary": "Juniper Security Advisory JSA75748 vom 2024-01-10",
"url": "https://supportportal.juniper.net/JSA75748"
},
{
"category": "external",
"summary": "Juniper Security Advisory JSA75752 vom 2024-01-10",
"url": "https://supportportal.juniper.net/JSA75752"
},
{
"category": "external",
"summary": "Juniper Security Advisory JSA75753 vom 2024-01-10",
"url": "https://supportportal.juniper.net/JSA75753"
},
{
"category": "external",
"summary": "Juniper Security Advisory JSA75754 vom 2024-01-10",
"url": "https://supportportal.juniper.net/JSA75754"
},
{
"category": "external",
"summary": "Juniper Security Advisory JSA75755 vom 2024-01-10",
"url": "https://supportportal.juniper.net/JSA75755"
},
{
"category": "external",
"summary": "Juniper Security Advisory JSA75757 vom 2024-01-10",
"url": "https://supportportal.juniper.net/JSA75757"
},
{
"category": "external",
"summary": "Juniper Security Advisory JSA75758 vom 2024-01-10",
"url": "https://supportportal.juniper.net/JSA75758"
},
{
"category": "external",
"summary": "Juniper Security Bulletin",
"url": "https://supportportal.juniper.net/s/article/2025-01-Security-Bulletin-Junos-Space-Multiple-vulnerabilities-resolved-in-24-1R2-release?language=en_US"
}
],
"source_lang": "en-US",
"title": "Juniper Produkte: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2025-04-10T22:00:00.000+00:00",
"generator": {
"date": "2025-04-11T08:49:58.286+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.3.12"
}
},
"id": "WID-SEC-W-2024-0064",
"initial_release_date": "2024-01-10T23:00:00.000+00:00",
"revision_history": [
{
"date": "2024-01-10T23:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
},
{
"date": "2025-04-10T22:00:00.000+00:00",
"number": "2",
"summary": "Neue Updates aufgenommen"
}
],
"status": "final",
"version": "2"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Juniper EX Series",
"product": {
"name": "Juniper EX Series",
"product_id": "T019811",
"product_identification_helper": {
"cpe": "cpe:/h:juniper:ex:-"
}
}
},
{
"category": "product_version",
"name": "4600",
"product": {
"name": "Juniper EX Series 4600",
"product_id": "T021598",
"product_identification_helper": {
"cpe": "cpe:/h:juniper:ex:ex4600"
}
}
},
{
"category": "product_version",
"name": "4100",
"product": {
"name": "Juniper EX Series 4100",
"product_id": "T030475",
"product_identification_helper": {
"cpe": "cpe:/h:juniper:ex:4100"
}
}
},
{
"category": "product_version",
"name": "4400",
"product": {
"name": "Juniper EX Series 4400",
"product_id": "T030476",
"product_identification_helper": {
"cpe": "cpe:/h:juniper:ex:4400"
}
}
},
{
"category": "product_version",
"name": "EX9200",
"product": {
"name": "Juniper EX Series EX9200",
"product_id": "T031997",
"product_identification_helper": {
"cpe": "cpe:/h:juniper:ex:ex9200"
}
}
}
],
"category": "product_name",
"name": "EX Series"
},
{
"branches": [
{
"category": "product_version",
"name": "Evolved",
"product": {
"name": "Juniper JUNOS Evolved",
"product_id": "T018886",
"product_identification_helper": {
"cpe": "cpe:/o:juniper:junos:evolved"
}
}
},
{
"category": "product_version",
"name": "PTX Series",
"product": {
"name": "Juniper JUNOS PTX Series",
"product_id": "T023853",
"product_identification_helper": {
"cpe": "cpe:/o:juniper:junos:ptx_series"
}
}
},
{
"category": "product_name",
"name": "Juniper JUNOS",
"product": {
"name": "Juniper JUNOS",
"product_id": "T030471",
"product_identification_helper": {
"cpe": "cpe:/o:juniper:junos:-"
}
}
},
{
"category": "product_version",
"name": "ACX7024",
"product": {
"name": "Juniper JUNOS ACX7024",
"product_id": "T031994",
"product_identification_helper": {
"cpe": "cpe:/o:juniper:junos:acx7024"
}
}
},
{
"category": "product_version",
"name": "ACX7100-32C",
"product": {
"name": "Juniper JUNOS ACX7100-32C",
"product_id": "T031995",
"product_identification_helper": {
"cpe": "cpe:/o:juniper:junos:acx7100-32c"
}
}
},
{
"category": "product_version",
"name": "ACX7100-48L",
"product": {
"name": "Juniper JUNOS ACX7100-48L",
"product_id": "T031996",
"product_identification_helper": {
"cpe": "cpe:/o:juniper:junos:acx7100-48l"
}
}
}
],
"category": "product_name",
"name": "JUNOS"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c24.1R2",
"product": {
"name": "Juniper Junos Space \u003c24.1R2",
"product_id": "T040074"
}
},
{
"category": "product_version",
"name": "24.1R2",
"product": {
"name": "Juniper Junos Space 24.1R2",
"product_id": "T040074-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:juniper:junos_space:24.1r2"
}
}
}
],
"category": "product_name",
"name": "Junos Space"
},
{
"category": "product_name",
"name": "Juniper MX Series",
"product": {
"name": "Juniper MX Series",
"product_id": "918766",
"product_identification_helper": {
"cpe": "cpe:/h:juniper:mx:-"
}
}
},
{
"branches": [
{
"category": "product_version",
"name": "5000",
"product": {
"name": "Juniper QFX Series 5000",
"product_id": "T021597",
"product_identification_helper": {
"cpe": "cpe:/h:juniper:qfx:qfx5000"
}
}
}
],
"category": "product_name",
"name": "QFX Series"
},
{
"category": "product_name",
"name": "Juniper SRX Series",
"product": {
"name": "Juniper SRX Series",
"product_id": "T021593",
"product_identification_helper": {
"cpe": "cpe:/h:juniper:srx_service_gateways:-"
}
}
}
],
"category": "vendor",
"name": "Juniper"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2016-2183",
"product_status": {
"known_affected": [
"T030475",
"T031995",
"T030476",
"T031994",
"T031997",
"T031996",
"918766",
"T030471",
"T021598",
"T040074",
"T018886",
"T021597",
"T019811",
"T023853",
"T021593"
]
},
"release_date": "2024-01-10T23:00:00.000+00:00",
"title": "CVE-2016-2183"
},
{
"cve": "CVE-2019-17571",
"product_status": {
"known_affected": [
"T030475",
"T031995",
"T030476",
"T031994",
"T031997",
"T031996",
"918766",
"T030471",
"T021598",
"T040074",
"T018886",
"T021597",
"T019811",
"T023853",
"T021593"
]
},
"release_date": "2024-01-10T23:00:00.000+00:00",
"title": "CVE-2019-17571"
},
{
"cve": "CVE-2020-0465",
"product_status": {
"known_affected": [
"T030475",
"T031995",
"T030476",
"T031994",
"T031997",
"T031996",
"918766",
"T030471",
"T021598",
"T040074",
"T018886",
"T021597",
"T019811",
"T023853",
"T021593"
]
},
"release_date": "2024-01-10T23:00:00.000+00:00",
"title": "CVE-2020-0465"
},
{
"cve": "CVE-2020-0466",
"product_status": {
"known_affected": [
"T030475",
"T031995",
"T030476",
"T031994",
"T031997",
"T031996",
"918766",
"T030471",
"T021598",
"T040074",
"T018886",
"T021597",
"T019811",
"T023853",
"T021593"
]
},
"release_date": "2024-01-10T23:00:00.000+00:00",
"title": "CVE-2020-0466"
},
{
"cve": "CVE-2020-12321",
"product_status": {
"known_affected": [
"T030475",
"T031995",
"T030476",
"T031994",
"T031997",
"T031996",
"918766",
"T030471",
"T021598",
"T040074",
"T018886",
"T021597",
"T019811",
"T023853",
"T021593"
]
},
"release_date": "2024-01-10T23:00:00.000+00:00",
"title": "CVE-2020-12321"
},
{
"cve": "CVE-2020-9493",
"product_status": {
"known_affected": [
"T030475",
"T031995",
"T030476",
"T031994",
"T031997",
"T031996",
"918766",
"T030471",
"T021598",
"T040074",
"T018886",
"T021597",
"T019811",
"T023853",
"T021593"
]
},
"release_date": "2024-01-10T23:00:00.000+00:00",
"title": "CVE-2020-9493"
},
{
"cve": "CVE-2021-0920",
"product_status": {
"known_affected": [
"T030475",
"T031995",
"T030476",
"T031994",
"T031997",
"T031996",
"918766",
"T030471",
"T021598",
"T040074",
"T018886",
"T021597",
"T019811",
"T023853",
"T021593"
]
},
"release_date": "2024-01-10T23:00:00.000+00:00",
"title": "CVE-2021-0920"
},
{
"cve": "CVE-2021-25220",
"product_status": {
"known_affected": [
"T030475",
"T031995",
"T030476",
"T031994",
"T031997",
"T031996",
"918766",
"T030471",
"T021598",
"T040074",
"T018886",
"T021597",
"T019811",
"T023853",
"T021593"
]
},
"release_date": "2024-01-10T23:00:00.000+00:00",
"title": "CVE-2021-25220"
},
{
"cve": "CVE-2021-26341",
"product_status": {
"known_affected": [
"T030475",
"T031995",
"T030476",
"T031994",
"T031997",
"T031996",
"918766",
"T030471",
"T021598",
"T040074",
"T018886",
"T021597",
"T019811",
"T023853",
"T021593"
]
},
"release_date": "2024-01-10T23:00:00.000+00:00",
"title": "CVE-2021-26341"
},
{
"cve": "CVE-2021-26691",
"product_status": {
"known_affected": [
"T030475",
"T031995",
"T030476",
"T031994",
"T031997",
"T031996",
"918766",
"T030471",
"T021598",
"T040074",
"T018886",
"T021597",
"T019811",
"T023853",
"T021593"
]
},
"release_date": "2024-01-10T23:00:00.000+00:00",
"title": "CVE-2021-26691"
},
{
"cve": "CVE-2021-33655",
"product_status": {
"known_affected": [
"T030475",
"T031995",
"T030476",
"T031994",
"T031997",
"T031996",
"918766",
"T030471",
"T021598",
"T040074",
"T018886",
"T021597",
"T019811",
"T023853",
"T021593"
]
},
"release_date": "2024-01-10T23:00:00.000+00:00",
"title": "CVE-2021-33655"
},
{
"cve": "CVE-2021-33656",
"product_status": {
"known_affected": [
"T030475",
"T031995",
"T030476",
"T031994",
"T031997",
"T031996",
"918766",
"T030471",
"T021598",
"T040074",
"T018886",
"T021597",
"T019811",
"T023853",
"T021593"
]
},
"release_date": "2024-01-10T23:00:00.000+00:00",
"title": "CVE-2021-33656"
},
{
"cve": "CVE-2021-34798",
"product_status": {
"known_affected": [
"T030475",
"T031995",
"T030476",
"T031994",
"T031997",
"T031996",
"918766",
"T030471",
"T021598",
"T040074",
"T018886",
"T021597",
"T019811",
"T023853",
"T021593"
]
},
"release_date": "2024-01-10T23:00:00.000+00:00",
"title": "CVE-2021-34798"
},
{
"cve": "CVE-2021-3564",
"product_status": {
"known_affected": [
"T030475",
"T031995",
"T030476",
"T031994",
"T031997",
"T031996",
"918766",
"T030471",
"T021598",
"T040074",
"T018886",
"T021597",
"T019811",
"T023853",
"T021593"
]
},
"release_date": "2024-01-10T23:00:00.000+00:00",
"title": "CVE-2021-3564"
},
{
"cve": "CVE-2021-3573",
"product_status": {
"known_affected": [
"T030475",
"T031995",
"T030476",
"T031994",
"T031997",
"T031996",
"918766",
"T030471",
"T021598",
"T040074",
"T018886",
"T021597",
"T019811",
"T023853",
"T021593"
]
},
"release_date": "2024-01-10T23:00:00.000+00:00",
"title": "CVE-2021-3573"
},
{
"cve": "CVE-2021-3621",
"product_status": {
"known_affected": [
"T030475",
"T031995",
"T030476",
"T031994",
"T031997",
"T031996",
"918766",
"T030471",
"T021598",
"T040074",
"T018886",
"T021597",
"T019811",
"T023853",
"T021593"
]
},
"release_date": "2024-01-10T23:00:00.000+00:00",
"title": "CVE-2021-3621"
},
{
"cve": "CVE-2021-3752",
"product_status": {
"known_affected": [
"T030475",
"T031995",
"T030476",
"T031994",
"T031997",
"T031996",
"918766",
"T030471",
"T021598",
"T040074",
"T018886",
"T021597",
"T019811",
"T023853",
"T021593"
]
},
"release_date": "2024-01-10T23:00:00.000+00:00",
"title": "CVE-2021-3752"
},
{
"cve": "CVE-2021-39275",
"product_status": {
"known_affected": [
"T030475",
"T031995",
"T030476",
"T031994",
"T031997",
"T031996",
"918766",
"T030471",
"T021598",
"T040074",
"T018886",
"T021597",
"T019811",
"T023853",
"T021593"
]
},
"release_date": "2024-01-10T23:00:00.000+00:00",
"title": "CVE-2021-39275"
},
{
"cve": "CVE-2021-4155",
"product_status": {
"known_affected": [
"T030475",
"T031995",
"T030476",
"T031994",
"T031997",
"T031996",
"918766",
"T030471",
"T021598",
"T040074",
"T018886",
"T021597",
"T019811",
"T023853",
"T021593"
]
},
"release_date": "2024-01-10T23:00:00.000+00:00",
"title": "CVE-2021-4155"
},
{
"cve": "CVE-2021-44228",
"product_status": {
"known_affected": [
"T030475",
"T031995",
"T030476",
"T031994",
"T031997",
"T031996",
"918766",
"T030471",
"T021598",
"T040074",
"T018886",
"T021597",
"T019811",
"T023853",
"T021593"
]
},
"release_date": "2024-01-10T23:00:00.000+00:00",
"title": "CVE-2021-44228"
},
{
"cve": "CVE-2021-44790",
"product_status": {
"known_affected": [
"T030475",
"T031995",
"T030476",
"T031994",
"T031997",
"T031996",
"918766",
"T030471",
"T021598",
"T040074",
"T018886",
"T021597",
"T019811",
"T023853",
"T021593"
]
},
"release_date": "2024-01-10T23:00:00.000+00:00",
"title": "CVE-2021-44790"
},
{
"cve": "CVE-2021-44832",
"product_status": {
"known_affected": [
"T030475",
"T031995",
"T030476",
"T031994",
"T031997",
"T031996",
"918766",
"T030471",
"T021598",
"T040074",
"T018886",
"T021597",
"T019811",
"T023853",
"T021593"
]
},
"release_date": "2024-01-10T23:00:00.000+00:00",
"title": "CVE-2021-44832"
},
{
"cve": "CVE-2022-0330",
"product_status": {
"known_affected": [
"T030475",
"T031995",
"T030476",
"T031994",
"T031997",
"T031996",
"918766",
"T030471",
"T021598",
"T040074",
"T018886",
"T021597",
"T019811",
"T023853",
"T021593"
]
},
"release_date": "2024-01-10T23:00:00.000+00:00",
"title": "CVE-2022-0330"
},
{
"cve": "CVE-2022-0934",
"product_status": {
"known_affected": [
"T030475",
"T031995",
"T030476",
"T031994",
"T031997",
"T031996",
"918766",
"T030471",
"T021598",
"T040074",
"T018886",
"T021597",
"T019811",
"T023853",
"T021593"
]
},
"release_date": "2024-01-10T23:00:00.000+00:00",
"title": "CVE-2022-0934"
},
{
"cve": "CVE-2022-1462",
"product_status": {
"known_affected": [
"T030475",
"T031995",
"T030476",
"T031994",
"T031997",
"T031996",
"918766",
"T030471",
"T021598",
"T040074",
"T018886",
"T021597",
"T019811",
"T023853",
"T021593"
]
},
"release_date": "2024-01-10T23:00:00.000+00:00",
"title": "CVE-2022-1462"
},
{
"cve": "CVE-2022-1679",
"product_status": {
"known_affected": [
"T030475",
"T031995",
"T030476",
"T031994",
"T031997",
"T031996",
"918766",
"T030471",
"T021598",
"T040074",
"T018886",
"T021597",
"T019811",
"T023853",
"T021593"
]
},
"release_date": "2024-01-10T23:00:00.000+00:00",
"title": "CVE-2022-1679"
},
{
"cve": "CVE-2022-1789",
"product_status": {
"known_affected": [
"T030475",
"T031995",
"T030476",
"T031994",
"T031997",
"T031996",
"918766",
"T030471",
"T021598",
"T040074",
"T018886",
"T021597",
"T019811",
"T023853",
"T021593"
]
},
"release_date": "2024-01-10T23:00:00.000+00:00",
"title": "CVE-2022-1789"
},
{
"cve": "CVE-2022-20141",
"product_status": {
"known_affected": [
"T030475",
"T031995",
"T030476",
"T031994",
"T031997",
"T031996",
"918766",
"T030471",
"T021598",
"T040074",
"T018886",
"T021597",
"T019811",
"T023853",
"T021593"
]
},
"release_date": "2024-01-10T23:00:00.000+00:00",
"title": "CVE-2022-20141"
},
{
"cve": "CVE-2022-21699",
"product_status": {
"known_affected": [
"T030475",
"T031995",
"T030476",
"T031994",
"T031997",
"T031996",
"918766",
"T030471",
"T021598",
"T040074",
"T018886",
"T021597",
"T019811",
"T023853",
"T021593"
]
},
"release_date": "2024-01-10T23:00:00.000+00:00",
"title": "CVE-2022-21699"
},
{
"cve": "CVE-2022-2196",
"product_status": {
"known_affected": [
"T030475",
"T031995",
"T030476",
"T031994",
"T031997",
"T031996",
"918766",
"T030471",
"T021598",
"T040074",
"T018886",
"T021597",
"T019811",
"T023853",
"T021593"
]
},
"release_date": "2024-01-10T23:00:00.000+00:00",
"title": "CVE-2022-2196"
},
{
"cve": "CVE-2022-22942",
"product_status": {
"known_affected": [
"T030475",
"T031995",
"T030476",
"T031994",
"T031997",
"T031996",
"918766",
"T030471",
"T021598",
"T040074",
"T018886",
"T021597",
"T019811",
"T023853",
"T021593"
]
},
"release_date": "2024-01-10T23:00:00.000+00:00",
"title": "CVE-2022-22942"
},
{
"cve": "CVE-2022-23302",
"product_status": {
"known_affected": [
"T030475",
"T031995",
"T030476",
"T031994",
"T031997",
"T031996",
"918766",
"T030471",
"T021598",
"T040074",
"T018886",
"T021597",
"T019811",
"T023853",
"T021593"
]
},
"release_date": "2024-01-10T23:00:00.000+00:00",
"title": "CVE-2022-23302"
},
{
"cve": "CVE-2022-23305",
"product_status": {
"known_affected": [
"T030475",
"T031995",
"T030476",
"T031994",
"T031997",
"T031996",
"918766",
"T030471",
"T021598",
"T040074",
"T018886",
"T021597",
"T019811",
"T023853",
"T021593"
]
},
"release_date": "2024-01-10T23:00:00.000+00:00",
"title": "CVE-2022-23305"
},
{
"cve": "CVE-2022-23307",
"product_status": {
"known_affected": [
"T030475",
"T031995",
"T030476",
"T031994",
"T031997",
"T031996",
"918766",
"T030471",
"T021598",
"T040074",
"T018886",
"T021597",
"T019811",
"T023853",
"T021593"
]
},
"release_date": "2024-01-10T23:00:00.000+00:00",
"title": "CVE-2022-23307"
},
{
"cve": "CVE-2022-25265",
"product_status": {
"known_affected": [
"T030475",
"T031995",
"T030476",
"T031994",
"T031997",
"T031996",
"918766",
"T030471",
"T021598",
"T040074",
"T018886",
"T021597",
"T019811",
"T023853",
"T021593"
]
},
"release_date": "2024-01-10T23:00:00.000+00:00",
"title": "CVE-2022-25265"
},
{
"cve": "CVE-2022-2663",
"product_status": {
"known_affected": [
"T030475",
"T031995",
"T030476",
"T031994",
"T031997",
"T031996",
"918766",
"T030471",
"T021598",
"T040074",
"T018886",
"T021597",
"T019811",
"T023853",
"T021593"
]
},
"release_date": "2024-01-10T23:00:00.000+00:00",
"title": "CVE-2022-2663"
},
{
"cve": "CVE-2022-2795",
"product_status": {
"known_affected": [
"T030475",
"T031995",
"T030476",
"T031994",
"T031997",
"T031996",
"918766",
"T030471",
"T021598",
"T040074",
"T018886",
"T021597",
"T019811",
"T023853",
"T021593"
]
},
"release_date": "2024-01-10T23:00:00.000+00:00",
"title": "CVE-2022-2795"
},
{
"cve": "CVE-2022-2873",
"product_status": {
"known_affected": [
"T030475",
"T031995",
"T030476",
"T031994",
"T031997",
"T031996",
"918766",
"T030471",
"T021598",
"T040074",
"T018886",
"T021597",
"T019811",
"T023853",
"T021593"
]
},
"release_date": "2024-01-10T23:00:00.000+00:00",
"title": "CVE-2022-2873"
},
{
"cve": "CVE-2022-2964",
"product_status": {
"known_affected": [
"T030475",
"T031995",
"T030476",
"T031994",
"T031997",
"T031996",
"918766",
"T030471",
"T021598",
"T040074",
"T018886",
"T021597",
"T019811",
"T023853",
"T021593"
]
},
"release_date": "2024-01-10T23:00:00.000+00:00",
"title": "CVE-2022-2964"
},
{
"cve": "CVE-2022-3028",
"product_status": {
"known_affected": [
"T030475",
"T031995",
"T030476",
"T031994",
"T031997",
"T031996",
"918766",
"T030471",
"T021598",
"T040074",
"T018886",
"T021597",
"T019811",
"T023853",
"T021593"
]
},
"release_date": "2024-01-10T23:00:00.000+00:00",
"title": "CVE-2022-3028"
},
{
"cve": "CVE-2022-30594",
"product_status": {
"known_affected": [
"T030475",
"T031995",
"T030476",
"T031994",
"T031997",
"T031996",
"918766",
"T030471",
"T021598",
"T040074",
"T018886",
"T021597",
"T019811",
"T023853",
"T021593"
]
},
"release_date": "2024-01-10T23:00:00.000+00:00",
"title": "CVE-2022-30594"
},
{
"cve": "CVE-2022-3239",
"product_status": {
"known_affected": [
"T030475",
"T031995",
"T030476",
"T031994",
"T031997",
"T031996",
"918766",
"T030471",
"T021598",
"T040074",
"T018886",
"T021597",
"T019811",
"T023853",
"T021593"
]
},
"release_date": "2024-01-10T23:00:00.000+00:00",
"title": "CVE-2022-3239"
},
{
"cve": "CVE-2022-3524",
"product_status": {
"known_affected": [
"T030475",
"T031995",
"T030476",
"T031994",
"T031997",
"T031996",
"918766",
"T030471",
"T021598",
"T040074",
"T018886",
"T021597",
"T019811",
"T023853",
"T021593"
]
},
"release_date": "2024-01-10T23:00:00.000+00:00",
"title": "CVE-2022-3524"
},
{
"cve": "CVE-2022-3564",
"product_status": {
"known_affected": [
"T030475",
"T031995",
"T030476",
"T031994",
"T031997",
"T031996",
"918766",
"T030471",
"T021598",
"T040074",
"T018886",
"T021597",
"T019811",
"T023853",
"T021593"
]
},
"release_date": "2024-01-10T23:00:00.000+00:00",
"title": "CVE-2022-3564"
},
{
"cve": "CVE-2022-3566",
"product_status": {
"known_affected": [
"T030475",
"T031995",
"T030476",
"T031994",
"T031997",
"T031996",
"918766",
"T030471",
"T021598",
"T040074",
"T018886",
"T021597",
"T019811",
"T023853",
"T021593"
]
},
"release_date": "2024-01-10T23:00:00.000+00:00",
"title": "CVE-2022-3566"
},
{
"cve": "CVE-2022-3567",
"product_status": {
"known_affected": [
"T030475",
"T031995",
"T030476",
"T031994",
"T031997",
"T031996",
"918766",
"T030471",
"T021598",
"T040074",
"T018886",
"T021597",
"T019811",
"T023853",
"T021593"
]
},
"release_date": "2024-01-10T23:00:00.000+00:00",
"title": "CVE-2022-3567"
},
{
"cve": "CVE-2022-3619",
"product_status": {
"known_affected": [
"T030475",
"T031995",
"T030476",
"T031994",
"T031997",
"T031996",
"918766",
"T030471",
"T021598",
"T040074",
"T018886",
"T021597",
"T019811",
"T023853",
"T021593"
]
},
"release_date": "2024-01-10T23:00:00.000+00:00",
"title": "CVE-2022-3619"
},
{
"cve": "CVE-2022-3623",
"product_status": {
"known_affected": [
"T030475",
"T031995",
"T030476",
"T031994",
"T031997",
"T031996",
"918766",
"T030471",
"T021598",
"T040074",
"T018886",
"T021597",
"T019811",
"T023853",
"T021593"
]
},
"release_date": "2024-01-10T23:00:00.000+00:00",
"title": "CVE-2022-3623"
},
{
"cve": "CVE-2022-3625",
"product_status": {
"known_affected": [
"T030475",
"T031995",
"T030476",
"T031994",
"T031997",
"T031996",
"918766",
"T030471",
"T021598",
"T040074",
"T018886",
"T021597",
"T019811",
"T023853",
"T021593"
]
},
"release_date": "2024-01-10T23:00:00.000+00:00",
"title": "CVE-2022-3625"
},
{
"cve": "CVE-2022-3628",
"product_status": {
"known_affected": [
"T030475",
"T031995",
"T030476",
"T031994",
"T031997",
"T031996",
"918766",
"T030471",
"T021598",
"T040074",
"T018886",
"T021597",
"T019811",
"T023853",
"T021593"
]
},
"release_date": "2024-01-10T23:00:00.000+00:00",
"title": "CVE-2022-3628"
},
{
"cve": "CVE-2022-3707",
"product_status": {
"known_affected": [
"T030475",
"T031995",
"T030476",
"T031994",
"T031997",
"T031996",
"918766",
"T030471",
"T021598",
"T040074",
"T018886",
"T021597",
"T019811",
"T023853",
"T021593"
]
},
"release_date": "2024-01-10T23:00:00.000+00:00",
"title": "CVE-2022-3707"
},
{
"cve": "CVE-2022-37434",
"product_status": {
"known_affected": [
"T030475",
"T031995",
"T030476",
"T031994",
"T031997",
"T031996",
"918766",
"T030471",
"T021598",
"T040074",
"T018886",
"T021597",
"T019811",
"T023853",
"T021593"
]
},
"release_date": "2024-01-10T23:00:00.000+00:00",
"title": "CVE-2022-37434"
},
{
"cve": "CVE-2022-38023",
"product_status": {
"known_affected": [
"T030475",
"T031995",
"T030476",
"T031994",
"T031997",
"T031996",
"918766",
"T030471",
"T021598",
"T040074",
"T018886",
"T021597",
"T019811",
"T023853",
"T021593"
]
},
"release_date": "2024-01-10T23:00:00.000+00:00",
"title": "CVE-2022-38023"
},
{
"cve": "CVE-2022-39188",
"product_status": {
"known_affected": [
"T030475",
"T031995",
"T030476",
"T031994",
"T031997",
"T031996",
"918766",
"T030471",
"T021598",
"T040074",
"T018886",
"T021597",
"T019811",
"T023853",
"T021593"
]
},
"release_date": "2024-01-10T23:00:00.000+00:00",
"title": "CVE-2022-39188"
},
{
"cve": "CVE-2022-39189",
"product_status": {
"known_affected": [
"T030475",
"T031995",
"T030476",
"T031994",
"T031997",
"T031996",
"918766",
"T030471",
"T021598",
"T040074",
"T018886",
"T021597",
"T019811",
"T023853",
"T021593"
]
},
"release_date": "2024-01-10T23:00:00.000+00:00",
"title": "CVE-2022-39189"
},
{
"cve": "CVE-2022-41218",
"product_status": {
"known_affected": [
"T030475",
"T031995",
"T030476",
"T031994",
"T031997",
"T031996",
"918766",
"T030471",
"T021598",
"T040074",
"T018886",
"T021597",
"T019811",
"T023853",
"T021593"
]
},
"release_date": "2024-01-10T23:00:00.000+00:00",
"title": "CVE-2022-41218"
},
{
"cve": "CVE-2022-41222",
"product_status": {
"known_affected": [
"T030475",
"T031995",
"T030476",
"T031994",
"T031997",
"T031996",
"918766",
"T030471",
"T021598",
"T040074",
"T018886",
"T021597",
"T019811",
"T023853",
"T021593"
]
},
"release_date": "2024-01-10T23:00:00.000+00:00",
"title": "CVE-2022-41222"
},
{
"cve": "CVE-2022-4129",
"product_status": {
"known_affected": [
"T030475",
"T031995",
"T030476",
"T031994",
"T031997",
"T031996",
"918766",
"T030471",
"T021598",
"T040074",
"T018886",
"T021597",
"T019811",
"T023853",
"T021593"
]
},
"release_date": "2024-01-10T23:00:00.000+00:00",
"title": "CVE-2022-4129"
},
{
"cve": "CVE-2022-4139",
"product_status": {
"known_affected": [
"T030475",
"T031995",
"T030476",
"T031994",
"T031997",
"T031996",
"918766",
"T030471",
"T021598",
"T040074",
"T018886",
"T021597",
"T019811",
"T023853",
"T021593"
]
},
"release_date": "2024-01-10T23:00:00.000+00:00",
"title": "CVE-2022-4139"
},
{
"cve": "CVE-2022-41674",
"product_status": {
"known_affected": [
"T030475",
"T031995",
"T030476",
"T031994",
"T031997",
"T031996",
"918766",
"T030471",
"T021598",
"T040074",
"T018886",
"T021597",
"T019811",
"T023853",
"T021593"
]
},
"release_date": "2024-01-10T23:00:00.000+00:00",
"title": "CVE-2022-41674"
},
{
"cve": "CVE-2022-41974",
"product_status": {
"known_affected": [
"T030475",
"T031995",
"T030476",
"T031994",
"T031997",
"T031996",
"918766",
"T030471",
"T021598",
"T040074",
"T018886",
"T021597",
"T019811",
"T023853",
"T021593"
]
},
"release_date": "2024-01-10T23:00:00.000+00:00",
"title": "CVE-2022-41974"
},
{
"cve": "CVE-2022-4254",
"product_status": {
"known_affected": [
"T030475",
"T031995",
"T030476",
"T031994",
"T031997",
"T031996",
"918766",
"T030471",
"T021598",
"T040074",
"T018886",
"T021597",
"T019811",
"T023853",
"T021593"
]
},
"release_date": "2024-01-10T23:00:00.000+00:00",
"title": "CVE-2022-4254"
},
{
"cve": "CVE-2022-4269",
"product_status": {
"known_affected": [
"T030475",
"T031995",
"T030476",
"T031994",
"T031997",
"T031996",
"918766",
"T030471",
"T021598",
"T040074",
"T018886",
"T021597",
"T019811",
"T023853",
"T021593"
]
},
"release_date": "2024-01-10T23:00:00.000+00:00",
"title": "CVE-2022-4269"
},
{
"cve": "CVE-2022-42703",
"product_status": {
"known_affected": [
"T030475",
"T031995",
"T030476",
"T031994",
"T031997",
"T031996",
"918766",
"T030471",
"T021598",
"T040074",
"T018886",
"T021597",
"T019811",
"T023853",
"T021593"
]
},
"release_date": "2024-01-10T23:00:00.000+00:00",
"title": "CVE-2022-42703"
},
{
"cve": "CVE-2022-42720",
"product_status": {
"known_affected": [
"T030475",
"T031995",
"T030476",
"T031994",
"T031997",
"T031996",
"918766",
"T030471",
"T021598",
"T040074",
"T018886",
"T021597",
"T019811",
"T023853",
"T021593"
]
},
"release_date": "2024-01-10T23:00:00.000+00:00",
"title": "CVE-2022-42720"
},
{
"cve": "CVE-2022-42721",
"product_status": {
"known_affected": [
"T030475",
"T031995",
"T030476",
"T031994",
"T031997",
"T031996",
"918766",
"T030471",
"T021598",
"T040074",
"T018886",
"T021597",
"T019811",
"T023853",
"T021593"
]
},
"release_date": "2024-01-10T23:00:00.000+00:00",
"title": "CVE-2022-42721"
},
{
"cve": "CVE-2022-42722",
"product_status": {
"known_affected": [
"T030475",
"T031995",
"T030476",
"T031994",
"T031997",
"T031996",
"918766",
"T030471",
"T021598",
"T040074",
"T018886",
"T021597",
"T019811",
"T023853",
"T021593"
]
},
"release_date": "2024-01-10T23:00:00.000+00:00",
"title": "CVE-2022-42722"
},
{
"cve": "CVE-2022-42896",
"product_status": {
"known_affected": [
"T030475",
"T031995",
"T030476",
"T031994",
"T031997",
"T031996",
"918766",
"T030471",
"T021598",
"T040074",
"T018886",
"T021597",
"T019811",
"T023853",
"T021593"
]
},
"release_date": "2024-01-10T23:00:00.000+00:00",
"title": "CVE-2022-42896"
},
{
"cve": "CVE-2022-43750",
"product_status": {
"known_affected": [
"T030475",
"T031995",
"T030476",
"T031994",
"T031997",
"T031996",
"918766",
"T030471",
"T021598",
"T040074",
"T018886",
"T021597",
"T019811",
"T023853",
"T021593"
]
},
"release_date": "2024-01-10T23:00:00.000+00:00",
"title": "CVE-2022-43750"
},
{
"cve": "CVE-2022-4378",
"product_status": {
"known_affected": [
"T030475",
"T031995",
"T030476",
"T031994",
"T031997",
"T031996",
"918766",
"T030471",
"T021598",
"T040074",
"T018886",
"T021597",
"T019811",
"T023853",
"T021593"
]
},
"release_date": "2024-01-10T23:00:00.000+00:00",
"title": "CVE-2022-4378"
},
{
"cve": "CVE-2022-43945",
"product_status": {
"known_affected": [
"T030475",
"T031995",
"T030476",
"T031994",
"T031997",
"T031996",
"918766",
"T030471",
"T021598",
"T040074",
"T018886",
"T021597",
"T019811",
"T023853",
"T021593"
]
},
"release_date": "2024-01-10T23:00:00.000+00:00",
"title": "CVE-2022-43945"
},
{
"cve": "CVE-2022-47929",
"product_status": {
"known_affected": [
"T030475",
"T031995",
"T030476",
"T031994",
"T031997",
"T031996",
"918766",
"T030471",
"T021598",
"T040074",
"T018886",
"T021597",
"T019811",
"T023853",
"T021593"
]
},
"release_date": "2024-01-10T23:00:00.000+00:00",
"title": "CVE-2022-47929"
},
{
"cve": "CVE-2023-0266",
"product_status": {
"known_affected": [
"T030475",
"T031995",
"T030476",
"T031994",
"T031997",
"T031996",
"918766",
"T030471",
"T021598",
"T040074",
"T018886",
"T021597",
"T019811",
"T023853",
"T021593"
]
},
"release_date": "2024-01-10T23:00:00.000+00:00",
"title": "CVE-2023-0266"
},
{
"cve": "CVE-2023-0286",
"product_status": {
"known_affected": [
"T030475",
"T031995",
"T030476",
"T031994",
"T031997",
"T031996",
"918766",
"T030471",
"T021598",
"T040074",
"T018886",
"T021597",
"T019811",
"T023853",
"T021593"
]
},
"release_date": "2024-01-10T23:00:00.000+00:00",
"title": "CVE-2023-0286"
},
{
"cve": "CVE-2023-0386",
"product_status": {
"known_affected": [
"T030475",
"T031995",
"T030476",
"T031994",
"T031997",
"T031996",
"918766",
"T030471",
"T021598",
"T040074",
"T018886",
"T021597",
"T019811",
"T023853",
"T021593"
]
},
"release_date": "2024-01-10T23:00:00.000+00:00",
"title": "CVE-2023-0386"
},
{
"cve": "CVE-2023-0394",
"product_status": {
"known_affected": [
"T030475",
"T031995",
"T030476",
"T031994",
"T031997",
"T031996",
"918766",
"T030471",
"T021598",
"T040074",
"T018886",
"T021597",
"T019811",
"T023853",
"T021593"
]
},
"release_date": "2024-01-10T23:00:00.000+00:00",
"title": "CVE-2023-0394"
},
{
"cve": "CVE-2023-0461",
"product_status": {
"known_affected": [
"T030475",
"T031995",
"T030476",
"T031994",
"T031997",
"T031996",
"918766",
"T030471",
"T021598",
"T040074",
"T018886",
"T021597",
"T019811",
"T023853",
"T021593"
]
},
"release_date": "2024-01-10T23:00:00.000+00:00",
"title": "CVE-2023-0461"
},
{
"cve": "CVE-2023-0767",
"product_status": {
"known_affected": [
"T030475",
"T031995",
"T030476",
"T031994",
"T031997",
"T031996",
"918766",
"T030471",
"T021598",
"T040074",
"T018886",
"T021597",
"T019811",
"T023853",
"T021593"
]
},
"release_date": "2024-01-10T23:00:00.000+00:00",
"title": "CVE-2023-0767"
},
{
"cve": "CVE-2023-1195",
"product_status": {
"known_affected": [
"T030475",
"T031995",
"T030476",
"T031994",
"T031997",
"T031996",
"918766",
"T030471",
"T021598",
"T040074",
"T018886",
"T021597",
"T019811",
"T023853",
"T021593"
]
},
"release_date": "2024-01-10T23:00:00.000+00:00",
"title": "CVE-2023-1195"
},
{
"cve": "CVE-2023-1281",
"product_status": {
"known_affected": [
"T030475",
"T031995",
"T030476",
"T031994",
"T031997",
"T031996",
"918766",
"T030471",
"T021598",
"T040074",
"T018886",
"T021597",
"T019811",
"T023853",
"T021593"
]
},
"release_date": "2024-01-10T23:00:00.000+00:00",
"title": "CVE-2023-1281"
},
{
"cve": "CVE-2023-1582",
"product_status": {
"known_affected": [
"T030475",
"T031995",
"T030476",
"T031994",
"T031997",
"T031996",
"918766",
"T030471",
"T021598",
"T040074",
"T018886",
"T021597",
"T019811",
"T023853",
"T021593"
]
},
"release_date": "2024-01-10T23:00:00.000+00:00",
"title": "CVE-2023-1582"
},
{
"cve": "CVE-2023-1829",
"product_status": {
"known_affected": [
"T030475",
"T031995",
"T030476",
"T031994",
"T031997",
"T031996",
"918766",
"T030471",
"T021598",
"T040074",
"T018886",
"T021597",
"T019811",
"T023853",
"T021593"
]
},
"release_date": "2024-01-10T23:00:00.000+00:00",
"title": "CVE-2023-1829"
},
{
"cve": "CVE-2023-20569",
"product_status": {
"known_affected": [
"T030475",
"T031995",
"T030476",
"T031994",
"T031997",
"T031996",
"918766",
"T030471",
"T021598",
"T040074",
"T018886",
"T021597",
"T019811",
"T023853",
"T021593"
]
},
"release_date": "2024-01-10T23:00:00.000+00:00",
"title": "CVE-2023-20569"
},
{
"cve": "CVE-2023-20593",
"product_status": {
"known_affected": [
"T030475",
"T031995",
"T030476",
"T031994",
"T031997",
"T031996",
"918766",
"T030471",
"T021598",
"T040074",
"T018886",
"T021597",
"T019811",
"T023853",
"T021593"
]
},
"release_date": "2024-01-10T23:00:00.000+00:00",
"title": "CVE-2023-20593"
},
{
"cve": "CVE-2023-2124",
"product_status": {
"known_affected": [
"T030475",
"T031995",
"T030476",
"T031994",
"T031997",
"T031996",
"918766",
"T030471",
"T021598",
"T040074",
"T018886",
"T021597",
"T019811",
"T023853",
"T021593"
]
},
"release_date": "2024-01-10T23:00:00.000+00:00",
"title": "CVE-2023-2124"
},
{
"cve": "CVE-2023-21830",
"product_status": {
"known_affected": [
"T030475",
"T031995",
"T030476",
"T031994",
"T031997",
"T031996",
"918766",
"T030471",
"T021598",
"T040074",
"T018886",
"T021597",
"T019811",
"T023853",
"T021593"
]
},
"release_date": "2024-01-10T23:00:00.000+00:00",
"title": "CVE-2023-21830"
},
{
"cve": "CVE-2023-21843",
"product_status": {
"known_affected": [
"T030475",
"T031995",
"T030476",
"T031994",
"T031997",
"T031996",
"918766",
"T030471",
"T021598",
"T040074",
"T018886",
"T021597",
"T019811",
"T023853",
"T021593"
]
},
"release_date": "2024-01-10T23:00:00.000+00:00",
"title": "CVE-2023-21843"
},
{
"cve": "CVE-2023-21930",
"product_status": {
"known_affected": [
"T030475",
"T031995",
"T030476",
"T031994",
"T031997",
"T031996",
"918766",
"T030471",
"T021598",
"T040074",
"T018886",
"T021597",
"T019811",
"T023853",
"T021593"
]
},
"release_date": "2024-01-10T23:00:00.000+00:00",
"title": "CVE-2023-21930"
},
{
"cve": "CVE-2023-21937",
"product_status": {
"known_affected": [
"T030475",
"T031995",
"T030476",
"T031994",
"T031997",
"T031996",
"918766",
"T030471",
"T021598",
"T040074",
"T018886",
"T021597",
"T019811",
"T023853",
"T021593"
]
},
"release_date": "2024-01-10T23:00:00.000+00:00",
"title": "CVE-2023-21937"
},
{
"cve": "CVE-2023-21938",
"product_status": {
"known_affected": [
"T030475",
"T031995",
"T030476",
"T031994",
"T031997",
"T031996",
"918766",
"T030471",
"T021598",
"T040074",
"T018886",
"T021597",
"T019811",
"T023853",
"T021593"
]
},
"release_date": "2024-01-10T23:00:00.000+00:00",
"title": "CVE-2023-21938"
},
{
"cve": "CVE-2023-21939",
"product_status": {
"known_affected": [
"T030475",
"T031995",
"T030476",
"T031994",
"T031997",
"T031996",
"918766",
"T030471",
"T021598",
"T040074",
"T018886",
"T021597",
"T019811",
"T023853",
"T021593"
]
},
"release_date": "2024-01-10T23:00:00.000+00:00",
"title": "CVE-2023-21939"
},
{
"cve": "CVE-2023-2194",
"product_status": {
"known_affected": [
"T030475",
"T031995",
"T030476",
"T031994",
"T031997",
"T031996",
"918766",
"T030471",
"T021598",
"T040074",
"T018886",
"T021597",
"T019811",
"T023853",
"T021593"
]
},
"release_date": "2024-01-10T23:00:00.000+00:00",
"title": "CVE-2023-2194"
},
{
"cve": "CVE-2023-21954",
"product_status": {
"known_affected": [
"T030475",
"T031995",
"T030476",
"T031994",
"T031997",
"T031996",
"918766",
"T030471",
"T021598",
"T040074",
"T018886",
"T021597",
"T019811",
"T023853",
"T021593"
]
},
"release_date": "2024-01-10T23:00:00.000+00:00",
"title": "CVE-2023-21954"
},
{
"cve": "CVE-2023-21967",
"product_status": {
"known_affected": [
"T030475",
"T031995",
"T030476",
"T031994",
"T031997",
"T031996",
"918766",
"T030471",
"T021598",
"T040074",
"T018886",
"T021597",
"T019811",
"T023853",
"T021593"
]
},
"release_date": "2024-01-10T23:00:00.000+00:00",
"title": "CVE-2023-21967"
},
{
"cve": "CVE-2023-21968",
"product_status": {
"known_affected": [
"T030475",
"T031995",
"T030476",
"T031994",
"T031997",
"T031996",
"918766",
"T030471",
"T021598",
"T040074",
"T018886",
"T021597",
"T019811",
"T023853",
"T021593"
]
},
"release_date": "2024-01-10T23:00:00.000+00:00",
"title": "CVE-2023-21968"
},
{
"cve": "CVE-2023-22045",
"product_status": {
"known_affected": [
"T030475",
"T031995",
"T030476",
"T031994",
"T031997",
"T031996",
"918766",
"T030471",
"T021598",
"T040074",
"T018886",
"T021597",
"T019811",
"T023853",
"T021593"
]
},
"release_date": "2024-01-10T23:00:00.000+00:00",
"title": "CVE-2023-22045"
},
{
"cve": "CVE-2023-22049",
"product_status": {
"known_affected": [
"T030475",
"T031995",
"T030476",
"T031994",
"T031997",
"T031996",
"918766",
"T030471",
"T021598",
"T040074",
"T018886",
"T021597",
"T019811",
"T023853",
"T021593"
]
},
"release_date": "2024-01-10T23:00:00.000+00:00",
"title": "CVE-2023-22049"
},
{
"cve": "CVE-2023-22081",
"product_status": {
"known_affected": [
"T030475",
"T031995",
"T030476",
"T031994",
"T031997",
"T031996",
"918766",
"T030471",
"T021598",
"T040074",
"T018886",
"T021597",
"T019811",
"T023853",
"T021593"
]
},
"release_date": "2024-01-10T23:00:00.000+00:00",
"title": "CVE-2023-22081"
},
{
"cve": "CVE-2023-2235",
"product_status": {
"known_affected": [
"T030475",
"T031995",
"T030476",
"T031994",
"T031997",
"T031996",
"918766",
"T030471",
"T021598",
"T040074",
"T018886",
"T021597",
"T019811",
"T023853",
"T021593"
]
},
"release_date": "2024-01-10T23:00:00.000+00:00",
"title": "CVE-2023-2235"
},
{
"cve": "CVE-2023-22809",
"product_status": {
"known_affected": [
"T030475",
"T031995",
"T030476",
"T031994",
"T031997",
"T031996",
"918766",
"T030471",
"T021598",
"T040074",
"T018886",
"T021597",
"T019811",
"T023853",
"T021593"
]
},
"release_date": "2024-01-10T23:00:00.000+00:00",
"title": "CVE-2023-22809"
},
{
"cve": "CVE-2023-23454",
"product_status": {
"known_affected": [
"T030475",
"T031995",
"T030476",
"T031994",
"T031997",
"T031996",
"918766",
"T030471",
"T021598",
"T040074",
"T018886",
"T021597",
"T019811",
"T023853",
"T021593"
]
},
"release_date": "2024-01-10T23:00:00.000+00:00",
"title": "CVE-2023-23454"
},
{
"cve": "CVE-2023-23918",
"product_status": {
"known_affected": [
"T030475",
"T031995",
"T030476",
"T031994",
"T031997",
"T031996",
"918766",
"T030471",
"T021598",
"T040074",
"T018886",
"T021597",
"T019811",
"T023853",
"T021593"
]
},
"release_date": "2024-01-10T23:00:00.000+00:00",
"title": "CVE-2023-23918"
},
{
"cve": "CVE-2023-23920",
"product_status": {
"known_affected": [
"T030475",
"T031995",
"T030476",
"T031994",
"T031997",
"T031996",
"918766",
"T030471",
"T021598",
"T040074",
"T018886",
"T021597",
"T019811",
"T023853",
"T021593"
]
},
"release_date": "2024-01-10T23:00:00.000+00:00",
"title": "CVE-2023-23920"
},
{
"cve": "CVE-2023-24329",
"product_status": {
"known_affected": [
"T030475",
"T031995",
"T030476",
"T031994",
"T031997",
"T031996",
"918766",
"T030471",
"T021598",
"T040074",
"T018886",
"T021597",
"T019811",
"T023853",
"T021593"
]
},
"release_date": "2024-01-10T23:00:00.000+00:00",
"title": "CVE-2023-24329"
},
{
"cve": "CVE-2023-26464",
"product_status": {
"known_affected": [
"T030475",
"T031995",
"T030476",
"T031994",
"T031997",
"T031996",
"918766",
"T030471",
"T021598",
"T040074",
"T018886",
"T021597",
"T019811",
"T023853",
"T021593"
]
},
"release_date": "2024-01-10T23:00:00.000+00:00",
"title": "CVE-2023-26464"
},
{
"cve": "CVE-2023-2650",
"product_status": {
"known_affected": [
"T030475",
"T031995",
"T030476",
"T031994",
"T031997",
"T031996",
"918766",
"T030471",
"T021598",
"T040074",
"T018886",
"T021597",
"T019811",
"T023853",
"T021593"
]
},
"release_date": "2024-01-10T23:00:00.000+00:00",
"title": "CVE-2023-2650"
},
{
"cve": "CVE-2023-2828",
"product_status": {
"known_affected": [
"T030475",
"T031995",
"T030476",
"T031994",
"T031997",
"T031996",
"918766",
"T030471",
"T021598",
"T040074",
"T018886",
"T021597",
"T019811",
"T023853",
"T021593"
]
},
"release_date": "2024-01-10T23:00:00.000+00:00",
"title": "CVE-2023-2828"
},
{
"cve": "CVE-2023-32067",
"product_status": {
"known_affected": [
"T030475",
"T031995",
"T030476",
"T031994",
"T031997",
"T031996",
"918766",
"T030471",
"T021598",
"T040074",
"T018886",
"T021597",
"T019811",
"T023853",
"T021593"
]
},
"release_date": "2024-01-10T23:00:00.000+00:00",
"title": "CVE-2023-32067"
},
{
"cve": "CVE-2023-32360",
"product_status": {
"known_affected": [
"T030475",
"T031995",
"T030476",
"T031994",
"T031997",
"T031996",
"918766",
"T030471",
"T021598",
"T040074",
"T018886",
"T021597",
"T019811",
"T023853",
"T021593"
]
},
"release_date": "2024-01-10T23:00:00.000+00:00",
"title": "CVE-2023-32360"
},
{
"cve": "CVE-2023-3341",
"product_status": {
"known_affected": [
"T030475",
"T031995",
"T030476",
"T031994",
"T031997",
"T031996",
"918766",
"T030471",
"T021598",
"T040074",
"T018886",
"T021597",
"T019811",
"T023853",
"T021593"
]
},
"release_date": "2024-01-10T23:00:00.000+00:00",
"title": "CVE-2023-3341"
},
{
"cve": "CVE-2023-3446",
"product_status": {
"known_affected": [
"T030475",
"T031995",
"T030476",
"T031994",
"T031997",
"T031996",
"918766",
"T030471",
"T021598",
"T040074",
"T018886",
"T021597",
"T019811",
"T023853",
"T021593"
]
},
"release_date": "2024-01-10T23:00:00.000+00:00",
"title": "CVE-2023-3446"
},
{
"cve": "CVE-2023-36842",
"product_status": {
"known_affected": [
"T030475",
"T031995",
"T030476",
"T031994",
"T031997",
"T031996",
"918766",
"T030471",
"T021598",
"T040074",
"T018886",
"T021597",
"T019811",
"T023853",
"T021593"
]
},
"release_date": "2024-01-10T23:00:00.000+00:00",
"title": "CVE-2023-36842"
},
{
"cve": "CVE-2023-3817",
"product_status": {
"known_affected": [
"T030475",
"T031995",
"T030476",
"T031994",
"T031997",
"T031996",
"918766",
"T030471",
"T021598",
"T040074",
"T018886",
"T021597",
"T019811",
"T023853",
"T021593"
]
},
"release_date": "2024-01-10T23:00:00.000+00:00",
"title": "CVE-2023-3817"
},
{
"cve": "CVE-2023-38408",
"product_status": {
"known_affected": [
"T030475",
"T031995",
"T030476",
"T031994",
"T031997",
"T031996",
"918766",
"T030471",
"T021598",
"T040074",
"T018886",
"T021597",
"T019811",
"T023853",
"T021593"
]
},
"release_date": "2024-01-10T23:00:00.000+00:00",
"title": "CVE-2023-38408"
},
{
"cve": "CVE-2023-38802",
"product_status": {
"known_affected": [
"T030475",
"T031995",
"T030476",
"T031994",
"T031997",
"T031996",
"918766",
"T030471",
"T021598",
"T040074",
"T018886",
"T021597",
"T019811",
"T023853",
"T021593"
]
},
"release_date": "2024-01-10T23:00:00.000+00:00",
"title": "CVE-2023-38802"
},
{
"cve": "CVE-2024-21585",
"product_status": {
"known_affected": [
"T030475",
"T031995",
"T030476",
"T031994",
"T031997",
"T031996",
"918766",
"T030471",
"T021598",
"T040074",
"T018886",
"T021597",
"T019811",
"T023853",
"T021593"
]
},
"release_date": "2024-01-10T23:00:00.000+00:00",
"title": "CVE-2024-21585"
},
{
"cve": "CVE-2024-21587",
"product_status": {
"known_affected": [
"T030475",
"T031995",
"T030476",
"T031994",
"T031997",
"T031996",
"918766",
"T030471",
"T021598",
"T040074",
"T018886",
"T021597",
"T019811",
"T023853",
"T021593"
]
},
"release_date": "2024-01-10T23:00:00.000+00:00",
"title": "CVE-2024-21587"
},
{
"cve": "CVE-2024-21589",
"product_status": {
"known_affected": [
"T030475",
"T031995",
"T030476",
"T031994",
"T031997",
"T031996",
"918766",
"T030471",
"T021598",
"T040074",
"T018886",
"T021597",
"T019811",
"T023853",
"T021593"
]
},
"release_date": "2024-01-10T23:00:00.000+00:00",
"title": "CVE-2024-21589"
},
{
"cve": "CVE-2024-21591",
"product_status": {
"known_affected": [
"T030475",
"T031995",
"T030476",
"T031994",
"T031997",
"T031996",
"918766",
"T030471",
"T021598",
"T040074",
"T018886",
"T021597",
"T019811",
"T023853",
"T021593"
]
},
"release_date": "2024-01-10T23:00:00.000+00:00",
"title": "CVE-2024-21591"
},
{
"cve": "CVE-2024-21594",
"product_status": {
"known_affected": [
"T030475",
"T031995",
"T030476",
"T031994",
"T031997",
"T031996",
"918766",
"T030471",
"T021598",
"T040074",
"T018886",
"T021597",
"T019811",
"T023853",
"T021593"
]
},
"release_date": "2024-01-10T23:00:00.000+00:00",
"title": "CVE-2024-21594"
},
{
"cve": "CVE-2024-21595",
"product_status": {
"known_affected": [
"T030475",
"T031995",
"T030476",
"T031994",
"T031997",
"T031996",
"918766",
"T030471",
"T021598",
"T040074",
"T018886",
"T021597",
"T019811",
"T023853",
"T021593"
]
},
"release_date": "2024-01-10T23:00:00.000+00:00",
"title": "CVE-2024-21595"
},
{
"cve": "CVE-2024-21596",
"product_status": {
"known_affected": [
"T030475",
"T031995",
"T030476",
"T031994",
"T031997",
"T031996",
"918766",
"T030471",
"T021598",
"T040074",
"T018886",
"T021597",
"T019811",
"T023853",
"T021593"
]
},
"release_date": "2024-01-10T23:00:00.000+00:00",
"title": "CVE-2024-21596"
},
{
"cve": "CVE-2024-21597",
"product_status": {
"known_affected": [
"T030475",
"T031995",
"T030476",
"T031994",
"T031997",
"T031996",
"918766",
"T030471",
"T021598",
"T040074",
"T018886",
"T021597",
"T019811",
"T023853",
"T021593"
]
},
"release_date": "2024-01-10T23:00:00.000+00:00",
"title": "CVE-2024-21597"
},
{
"cve": "CVE-2024-21599",
"product_status": {
"known_affected": [
"T030475",
"T031995",
"T030476",
"T031994",
"T031997",
"T031996",
"918766",
"T030471",
"T021598",
"T040074",
"T018886",
"T021597",
"T019811",
"T023853",
"T021593"
]
},
"release_date": "2024-01-10T23:00:00.000+00:00",
"title": "CVE-2024-21599"
},
{
"cve": "CVE-2024-21600",
"product_status": {
"known_affected": [
"T030475",
"T031995",
"T030476",
"T031994",
"T031997",
"T031996",
"918766",
"T030471",
"T021598",
"T040074",
"T018886",
"T021597",
"T019811",
"T023853",
"T021593"
]
},
"release_date": "2024-01-10T23:00:00.000+00:00",
"title": "CVE-2024-21600"
},
{
"cve": "CVE-2024-21601",
"product_status": {
"known_affected": [
"T030475",
"T031995",
"T030476",
"T031994",
"T031997",
"T031996",
"918766",
"T030471",
"T021598",
"T040074",
"T018886",
"T021597",
"T019811",
"T023853",
"T021593"
]
},
"release_date": "2024-01-10T23:00:00.000+00:00",
"title": "CVE-2024-21601"
},
{
"cve": "CVE-2024-21602",
"product_status": {
"known_affected": [
"T030475",
"T031995",
"T030476",
"T031994",
"T031997",
"T031996",
"918766",
"T030471",
"T021598",
"T040074",
"T018886",
"T021597",
"T019811",
"T023853",
"T021593"
]
},
"release_date": "2024-01-10T23:00:00.000+00:00",
"title": "CVE-2024-21602"
},
{
"cve": "CVE-2024-21603",
"product_status": {
"known_affected": [
"T030475",
"T031995",
"T030476",
"T031994",
"T031997",
"T031996",
"918766",
"T030471",
"T021598",
"T040074",
"T018886",
"T021597",
"T019811",
"T023853",
"T021593"
]
},
"release_date": "2024-01-10T23:00:00.000+00:00",
"title": "CVE-2024-21603"
},
{
"cve": "CVE-2024-21604",
"product_status": {
"known_affected": [
"T030475",
"T031995",
"T030476",
"T031994",
"T031997",
"T031996",
"918766",
"T030471",
"T021598",
"T040074",
"T018886",
"T021597",
"T019811",
"T023853",
"T021593"
]
},
"release_date": "2024-01-10T23:00:00.000+00:00",
"title": "CVE-2024-21604"
},
{
"cve": "CVE-2024-21606",
"product_status": {
"known_affected": [
"T030475",
"T031995",
"T030476",
"T031994",
"T031997",
"T031996",
"918766",
"T030471",
"T021598",
"T040074",
"T018886",
"T021597",
"T019811",
"T023853",
"T021593"
]
},
"release_date": "2024-01-10T23:00:00.000+00:00",
"title": "CVE-2024-21606"
},
{
"cve": "CVE-2024-21607",
"product_status": {
"known_affected": [
"T030475",
"T031995",
"T030476",
"T031994",
"T031997",
"T031996",
"918766",
"T030471",
"T021598",
"T040074",
"T018886",
"T021597",
"T019811",
"T023853",
"T021593"
]
},
"release_date": "2024-01-10T23:00:00.000+00:00",
"title": "CVE-2024-21607"
},
{
"cve": "CVE-2024-21611",
"product_status": {
"known_affected": [
"T030475",
"T031995",
"T030476",
"T031994",
"T031997",
"T031996",
"918766",
"T030471",
"T021598",
"T040074",
"T018886",
"T021597",
"T019811",
"T023853",
"T021593"
]
},
"release_date": "2024-01-10T23:00:00.000+00:00",
"title": "CVE-2024-21611"
},
{
"cve": "CVE-2024-21612",
"product_status": {
"known_affected": [
"T030475",
"T031995",
"T030476",
"T031994",
"T031997",
"T031996",
"918766",
"T030471",
"T021598",
"T040074",
"T018886",
"T021597",
"T019811",
"T023853",
"T021593"
]
},
"release_date": "2024-01-10T23:00:00.000+00:00",
"title": "CVE-2024-21612"
},
{
"cve": "CVE-2024-21613",
"product_status": {
"known_affected": [
"T030475",
"T031995",
"T030476",
"T031994",
"T031997",
"T031996",
"918766",
"T030471",
"T021598",
"T040074",
"T018886",
"T021597",
"T019811",
"T023853",
"T021593"
]
},
"release_date": "2024-01-10T23:00:00.000+00:00",
"title": "CVE-2024-21613"
},
{
"cve": "CVE-2024-21614",
"product_status": {
"known_affected": [
"T030475",
"T031995",
"T030476",
"T031994",
"T031997",
"T031996",
"918766",
"T030471",
"T021598",
"T040074",
"T018886",
"T021597",
"T019811",
"T023853",
"T021593"
]
},
"release_date": "2024-01-10T23:00:00.000+00:00",
"title": "CVE-2024-21614"
},
{
"cve": "CVE-2024-21616",
"product_status": {
"known_affected": [
"T030475",
"T031995",
"T030476",
"T031994",
"T031997",
"T031996",
"918766",
"T030471",
"T021598",
"T040074",
"T018886",
"T021597",
"T019811",
"T023853",
"T021593"
]
},
"release_date": "2024-01-10T23:00:00.000+00:00",
"title": "CVE-2024-21616"
},
{
"cve": "CVE-2024-21617",
"product_status": {
"known_affected": [
"T030475",
"T031995",
"T030476",
"T031994",
"T031997",
"T031996",
"918766",
"T030471",
"T021598",
"T040074",
"T018886",
"T021597",
"T019811",
"T023853",
"T021593"
]
},
"release_date": "2024-01-10T23:00:00.000+00:00",
"title": "CVE-2024-21617"
}
]
}
WID-SEC-W-2024-2180
Vulnerability from csaf_certbund - Published: 2022-04-19 22:00 - Updated: 2024-09-18 22:00Summary
Oracle Fusion Middleware: Mehrere Schwachstellen
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
Oracle Fusion Middleware bündelt mehrere Produkte zur Erstellung, Betrieb und Management von intelligenten Business Anwendungen.
Angriff
Ein entfernter, anonymer oder lokaler Angreifer kann mehrere Schwachstellen in Oracle Fusion Middleware ausnutzen, um die Vertraulichkeit, Integrität und Verfügbarkeit zu gefährden.
Betroffene Betriebssysteme
- Linux
- UNIX
- Windows
{
"document": {
"aggregate_severity": {
"text": "kritisch"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Oracle Fusion Middleware b\u00fcndelt mehrere Produkte zur Erstellung, Betrieb und Management von intelligenten Business Anwendungen.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein entfernter, anonymer oder lokaler Angreifer kann mehrere Schwachstellen in Oracle Fusion Middleware ausnutzen, um die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit zu gef\u00e4hrden.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Linux\n- UNIX\n- Windows",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2024-2180 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2022/wid-sec-w-2024-2180.json"
},
{
"category": "self",
"summary": "WID-SEC-2024-2180 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-2180"
},
{
"category": "external",
"summary": "Oracle Critical Patch Update April 2022 - Appendix Oracle Fusion Middleware vom 2022-04-19",
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html#AppendixFMW"
},
{
"category": "external",
"summary": "CISA Known Exploited Vulnerabilities Catalog vom 2024-09-18",
"url": "https://www.cisa.gov/news-events/alerts/2024/09/18/cisa-adds-five-known-exploited-vulnerabilities-catalog"
}
],
"source_lang": "en-US",
"title": "Oracle Fusion Middleware: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2024-09-18T22:00:00.000+00:00",
"generator": {
"date": "2024-09-19T08:06:58.739+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.3.8"
}
},
"id": "WID-SEC-W-2024-2180",
"initial_release_date": "2022-04-19T22:00:00.000+00:00",
"revision_history": [
{
"date": "2022-04-19T22:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
},
{
"date": "2024-09-18T22:00:00.000+00:00",
"number": "2",
"summary": "Aktive Ausnutzung gemeldet"
}
],
"status": "final",
"version": "2"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "11.1.1.5.0",
"product": {
"name": "Oracle Fusion Middleware 11.1.1.5.0",
"product_id": "150102",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:fusion_middleware:11.1.1.5.0"
}
}
},
{
"category": "product_version",
"name": "12.2.1.3.0",
"product": {
"name": "Oracle Fusion Middleware 12.2.1.3.0",
"product_id": "618028",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:fusion_middleware:12.2.1.3.0"
}
}
},
{
"category": "product_version",
"name": "12.2.1.4.0",
"product": {
"name": "Oracle Fusion Middleware 12.2.1.4.0",
"product_id": "751674",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:fusion_middleware:12.2.1.4.0"
}
}
},
{
"category": "product_version",
"name": "14.1.1.0.0",
"product": {
"name": "Oracle Fusion Middleware 14.1.1.0.0",
"product_id": "829576",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:fusion_middleware:14.1.1.0.0"
}
}
},
{
"category": "product_version",
"name": "5.5.0.0.0",
"product": {
"name": "Oracle Fusion Middleware 5.5.0.0.0",
"product_id": "T018990",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:fusion_middleware:5.5.0.0.0"
}
}
},
{
"category": "product_version",
"name": "8.5.5",
"product": {
"name": "Oracle Fusion Middleware 8.5.5",
"product_id": "T018991",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:fusion_middleware:8.5.5"
}
}
},
{
"category": "product_version",
"name": "5.9.0.0.0",
"product": {
"name": "Oracle Fusion Middleware 5.9.0.0.0",
"product_id": "T021683",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:fusion_middleware:5.9.0.0.0"
}
}
},
{
"category": "product_version",
"name": "12.2.2.0.0",
"product": {
"name": "Oracle Fusion Middleware 12.2.2.0.0",
"product_id": "T022845",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:fusion_middleware:12.2.2.0.0"
}
}
},
{
"category": "product_version",
"name": "1.4.10",
"product": {
"name": "Oracle Fusion Middleware 1.4.10",
"product_id": "T022846",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:fusion_middleware:1.4.10"
}
}
},
{
"category": "product_version",
"name": "9.1.0",
"product": {
"name": "Oracle Fusion Middleware 9.1.0",
"product_id": "T022847",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:fusion_middleware:9.1.0"
}
}
},
{
"category": "product_version",
"name": "2.4.0",
"product": {
"name": "Oracle Fusion Middleware 2.4.0",
"product_id": "T022848",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:fusion_middleware:2.4.0"
}
}
},
{
"category": "product_version",
"name": "1.4.7",
"product": {
"name": "Oracle Fusion Middleware 1.4.7",
"product_id": "T022849",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:fusion_middleware:1.4.7"
}
}
},
{
"category": "product_version",
"name": "2.2.0",
"product": {
"name": "Oracle Fusion Middleware 2.2.0",
"product_id": "T022850",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:fusion_middleware:2.2.0"
}
}
},
{
"category": "product_version_range",
"name": "\u003c=RC1",
"product": {
"name": "Oracle Fusion Middleware \u003c=RC1",
"product_id": "T022915"
}
},
{
"category": "product_version_range",
"name": "\u003c=RC1",
"product": {
"name": "Oracle Fusion Middleware \u003c=RC1",
"product_id": "T022915-fixed"
}
}
],
"category": "product_name",
"name": "Fusion Middleware"
}
],
"category": "vendor",
"name": "Oracle"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2018-11212",
"notes": [
{
"category": "description",
"text": "In Oracle Fusion Middleware existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder lokaler Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"618028",
"T022848",
"T018990",
"T022849",
"T018991",
"T022845",
"T022846",
"T022847",
"150102",
"T022850",
"751674",
"T021683",
"829576"
],
"last_affected": [
"T022915"
]
},
"release_date": "2022-04-19T22:00:00.000+00:00",
"title": "CVE-2018-11212"
},
{
"cve": "CVE-2019-0227",
"notes": [
{
"category": "description",
"text": "In Oracle Fusion Middleware existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder lokaler Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"618028",
"T022848",
"T018990",
"T022849",
"T018991",
"T022845",
"T022846",
"T022847",
"150102",
"T022850",
"751674",
"T021683",
"829576"
],
"last_affected": [
"T022915"
]
},
"release_date": "2022-04-19T22:00:00.000+00:00",
"title": "CVE-2019-0227"
},
{
"cve": "CVE-2020-17521",
"notes": [
{
"category": "description",
"text": "In Oracle Fusion Middleware existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder lokaler Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"618028",
"T022848",
"T018990",
"T022849",
"T018991",
"T022845",
"T022846",
"T022847",
"150102",
"T022850",
"751674",
"T021683",
"829576"
],
"last_affected": [
"T022915"
]
},
"release_date": "2022-04-19T22:00:00.000+00:00",
"title": "CVE-2020-17521"
},
{
"cve": "CVE-2020-24977",
"notes": [
{
"category": "description",
"text": "In Oracle Fusion Middleware existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder lokaler Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"618028",
"T022848",
"T018990",
"T022849",
"T018991",
"T022845",
"T022846",
"T022847",
"150102",
"T022850",
"751674",
"T021683",
"829576"
],
"last_affected": [
"T022915"
]
},
"release_date": "2022-04-19T22:00:00.000+00:00",
"title": "CVE-2020-24977"
},
{
"cve": "CVE-2020-25649",
"notes": [
{
"category": "description",
"text": "In Oracle Fusion Middleware existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder lokaler Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"618028",
"T022848",
"T018990",
"T022849",
"T018991",
"T022845",
"T022846",
"T022847",
"150102",
"T022850",
"751674",
"T021683",
"829576"
],
"last_affected": [
"T022915"
]
},
"release_date": "2022-04-19T22:00:00.000+00:00",
"title": "CVE-2020-25649"
},
{
"cve": "CVE-2020-7226",
"notes": [
{
"category": "description",
"text": "In Oracle Fusion Middleware existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder lokaler Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"618028",
"T022848",
"T018990",
"T022849",
"T018991",
"T022845",
"T022846",
"T022847",
"150102",
"T022850",
"751674",
"T021683",
"829576"
],
"last_affected": [
"T022915"
]
},
"release_date": "2022-04-19T22:00:00.000+00:00",
"title": "CVE-2020-7226"
},
{
"cve": "CVE-2020-8908",
"notes": [
{
"category": "description",
"text": "In Oracle Fusion Middleware existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder lokaler Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"618028",
"T022848",
"T018990",
"T022849",
"T018991",
"T022845",
"T022846",
"T022847",
"150102",
"T022850",
"751674",
"T021683",
"829576"
],
"last_affected": [
"T022915"
]
},
"release_date": "2022-04-19T22:00:00.000+00:00",
"title": "CVE-2020-8908"
},
{
"cve": "CVE-2021-22901",
"notes": [
{
"category": "description",
"text": "In Oracle Fusion Middleware existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder lokaler Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"618028",
"T022848",
"T018990",
"T022849",
"T018991",
"T022845",
"T022846",
"T022847",
"150102",
"T022850",
"751674",
"T021683",
"829576"
],
"last_affected": [
"T022915"
]
},
"release_date": "2022-04-19T22:00:00.000+00:00",
"title": "CVE-2021-22901"
},
{
"cve": "CVE-2021-28170",
"notes": [
{
"category": "description",
"text": "In Oracle Fusion Middleware existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder lokaler Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"618028",
"T022848",
"T018990",
"T022849",
"T018991",
"T022845",
"T022846",
"T022847",
"150102",
"T022850",
"751674",
"T021683",
"829576"
],
"last_affected": [
"T022915"
]
},
"release_date": "2022-04-19T22:00:00.000+00:00",
"title": "CVE-2021-28170"
},
{
"cve": "CVE-2021-28657",
"notes": [
{
"category": "description",
"text": "In Oracle Fusion Middleware existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder lokaler Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"618028",
"T022848",
"T018990",
"T022849",
"T018991",
"T022845",
"T022846",
"T022847",
"150102",
"T022850",
"751674",
"T021683",
"829576"
],
"last_affected": [
"T022915"
]
},
"release_date": "2022-04-19T22:00:00.000+00:00",
"title": "CVE-2021-28657"
},
{
"cve": "CVE-2021-29425",
"notes": [
{
"category": "description",
"text": "In Oracle Fusion Middleware existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder lokaler Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"618028",
"T022848",
"T018990",
"T022849",
"T018991",
"T022845",
"T022846",
"T022847",
"150102",
"T022850",
"751674",
"T021683",
"829576"
],
"last_affected": [
"T022915"
]
},
"release_date": "2022-04-19T22:00:00.000+00:00",
"title": "CVE-2021-29425"
},
{
"cve": "CVE-2021-30129",
"notes": [
{
"category": "description",
"text": "In Oracle Fusion Middleware existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder lokaler Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"618028",
"T022848",
"T018990",
"T022849",
"T018991",
"T022845",
"T022846",
"T022847",
"150102",
"T022850",
"751674",
"T021683",
"829576"
],
"last_affected": [
"T022915"
]
},
"release_date": "2022-04-19T22:00:00.000+00:00",
"title": "CVE-2021-30129"
},
{
"cve": "CVE-2021-31812",
"notes": [
{
"category": "description",
"text": "In Oracle Fusion Middleware existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder lokaler Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"618028",
"T022848",
"T018990",
"T022849",
"T018991",
"T022845",
"T022846",
"T022847",
"150102",
"T022850",
"751674",
"T021683",
"829576"
],
"last_affected": [
"T022915"
]
},
"release_date": "2022-04-19T22:00:00.000+00:00",
"title": "CVE-2021-31812"
},
{
"cve": "CVE-2021-33037",
"notes": [
{
"category": "description",
"text": "In Oracle Fusion Middleware existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder lokaler Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"618028",
"T022848",
"T018990",
"T022849",
"T018991",
"T022845",
"T022846",
"T022847",
"150102",
"T022850",
"751674",
"T021683",
"829576"
],
"last_affected": [
"T022915"
]
},
"release_date": "2022-04-19T22:00:00.000+00:00",
"title": "CVE-2021-33037"
},
{
"cve": "CVE-2021-36090",
"notes": [
{
"category": "description",
"text": "In Oracle Fusion Middleware existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder lokaler Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"618028",
"T022848",
"T018990",
"T022849",
"T018991",
"T022845",
"T022846",
"T022847",
"150102",
"T022850",
"751674",
"T021683",
"829576"
],
"last_affected": [
"T022915"
]
},
"release_date": "2022-04-19T22:00:00.000+00:00",
"title": "CVE-2021-36090"
},
{
"cve": "CVE-2021-37137",
"notes": [
{
"category": "description",
"text": "In Oracle Fusion Middleware existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder lokaler Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"618028",
"T022848",
"T018990",
"T022849",
"T018991",
"T022845",
"T022846",
"T022847",
"150102",
"T022850",
"751674",
"T021683",
"829576"
],
"last_affected": [
"T022915"
]
},
"release_date": "2022-04-19T22:00:00.000+00:00",
"title": "CVE-2021-37137"
},
{
"cve": "CVE-2021-37714",
"notes": [
{
"category": "description",
"text": "In Oracle Fusion Middleware existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder lokaler Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"618028",
"T022848",
"T018990",
"T022849",
"T018991",
"T022845",
"T022846",
"T022847",
"150102",
"T022850",
"751674",
"T021683",
"829576"
],
"last_affected": [
"T022915"
]
},
"release_date": "2022-04-19T22:00:00.000+00:00",
"title": "CVE-2021-37714"
},
{
"cve": "CVE-2021-39275",
"notes": [
{
"category": "description",
"text": "In Oracle Fusion Middleware existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder lokaler Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"618028",
"T022848",
"T018990",
"T022849",
"T018991",
"T022845",
"T022846",
"T022847",
"150102",
"T022850",
"751674",
"T021683",
"829576"
],
"last_affected": [
"T022915"
]
},
"release_date": "2022-04-19T22:00:00.000+00:00",
"title": "CVE-2021-39275"
},
{
"cve": "CVE-2021-40690",
"notes": [
{
"category": "description",
"text": "In Oracle Fusion Middleware existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder lokaler Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"618028",
"T022848",
"T018990",
"T022849",
"T018991",
"T022845",
"T022846",
"T022847",
"150102",
"T022850",
"751674",
"T021683",
"829576"
],
"last_affected": [
"T022915"
]
},
"release_date": "2022-04-19T22:00:00.000+00:00",
"title": "CVE-2021-40690"
},
{
"cve": "CVE-2021-41165",
"notes": [
{
"category": "description",
"text": "In Oracle Fusion Middleware existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder lokaler Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"618028",
"T022848",
"T018990",
"T022849",
"T018991",
"T022845",
"T022846",
"T022847",
"150102",
"T022850",
"751674",
"T021683",
"829576"
],
"last_affected": [
"T022915"
]
},
"release_date": "2022-04-19T22:00:00.000+00:00",
"title": "CVE-2021-41165"
},
{
"cve": "CVE-2021-41184",
"notes": [
{
"category": "description",
"text": "In Oracle Fusion Middleware existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder lokaler Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"618028",
"T022848",
"T018990",
"T022849",
"T018991",
"T022845",
"T022846",
"T022847",
"150102",
"T022850",
"751674",
"T021683",
"829576"
],
"last_affected": [
"T022915"
]
},
"release_date": "2022-04-19T22:00:00.000+00:00",
"title": "CVE-2021-41184"
},
{
"cve": "CVE-2021-43797",
"notes": [
{
"category": "description",
"text": "In Oracle Fusion Middleware existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder lokaler Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"618028",
"T022848",
"T018990",
"T022849",
"T018991",
"T022845",
"T022846",
"T022847",
"150102",
"T022850",
"751674",
"T021683",
"829576"
],
"last_affected": [
"T022915"
]
},
"release_date": "2022-04-19T22:00:00.000+00:00",
"title": "CVE-2021-43797"
},
{
"cve": "CVE-2021-44224",
"notes": [
{
"category": "description",
"text": "In Oracle Fusion Middleware existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder lokaler Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"618028",
"T022848",
"T018990",
"T022849",
"T018991",
"T022845",
"T022846",
"T022847",
"150102",
"T022850",
"751674",
"T021683",
"829576"
],
"last_affected": [
"T022915"
]
},
"release_date": "2022-04-19T22:00:00.000+00:00",
"title": "CVE-2021-44224"
},
{
"cve": "CVE-2021-44832",
"notes": [
{
"category": "description",
"text": "In Oracle Fusion Middleware existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder lokaler Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"618028",
"T022848",
"T018990",
"T022849",
"T018991",
"T022845",
"T022846",
"T022847",
"150102",
"T022850",
"751674",
"T021683",
"829576"
],
"last_affected": [
"T022915"
]
},
"release_date": "2022-04-19T22:00:00.000+00:00",
"title": "CVE-2021-44832"
},
{
"cve": "CVE-2022-21404",
"notes": [
{
"category": "description",
"text": "In Oracle Fusion Middleware existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder lokaler Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"618028",
"T022848",
"T018990",
"T022849",
"T018991",
"T022845",
"T022846",
"T022847",
"150102",
"T022850",
"751674",
"T021683",
"829576"
],
"last_affected": [
"T022915"
]
},
"release_date": "2022-04-19T22:00:00.000+00:00",
"title": "CVE-2022-21404"
},
{
"cve": "CVE-2022-21419",
"notes": [
{
"category": "description",
"text": "In Oracle Fusion Middleware existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder lokaler Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"618028",
"T022848",
"T018990",
"T022849",
"T018991",
"T022845",
"T022846",
"T022847",
"150102",
"T022850",
"751674",
"T021683",
"829576"
],
"last_affected": [
"T022915"
]
},
"release_date": "2022-04-19T22:00:00.000+00:00",
"title": "CVE-2022-21419"
},
{
"cve": "CVE-2022-21420",
"notes": [
{
"category": "description",
"text": "In Oracle Fusion Middleware existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder lokaler Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"618028",
"T022848",
"T018990",
"T022849",
"T018991",
"T022845",
"T022846",
"T022847",
"150102",
"T022850",
"751674",
"T021683",
"829576"
],
"last_affected": [
"T022915"
]
},
"release_date": "2022-04-19T22:00:00.000+00:00",
"title": "CVE-2022-21420"
},
{
"cve": "CVE-2022-21421",
"notes": [
{
"category": "description",
"text": "In Oracle Fusion Middleware existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder lokaler Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"618028",
"T022848",
"T018990",
"T022849",
"T018991",
"T022845",
"T022846",
"T022847",
"150102",
"T022850",
"751674",
"T021683",
"829576"
],
"last_affected": [
"T022915"
]
},
"release_date": "2022-04-19T22:00:00.000+00:00",
"title": "CVE-2022-21421"
},
{
"cve": "CVE-2022-21441",
"notes": [
{
"category": "description",
"text": "In Oracle Fusion Middleware existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder lokaler Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"618028",
"T022848",
"T018990",
"T022849",
"T018991",
"T022845",
"T022846",
"T022847",
"150102",
"T022850",
"751674",
"T021683",
"829576"
],
"last_affected": [
"T022915"
]
},
"release_date": "2022-04-19T22:00:00.000+00:00",
"title": "CVE-2022-21441"
},
{
"cve": "CVE-2022-21445",
"notes": [
{
"category": "description",
"text": "In Oracle Fusion Middleware existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder lokaler Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"618028",
"T022848",
"T018990",
"T022849",
"T018991",
"T022845",
"T022846",
"T022847",
"150102",
"T022850",
"751674",
"T021683",
"829576"
],
"last_affected": [
"T022915"
]
},
"release_date": "2022-04-19T22:00:00.000+00:00",
"title": "CVE-2022-21445"
},
{
"cve": "CVE-2022-21448",
"notes": [
{
"category": "description",
"text": "In Oracle Fusion Middleware existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder lokaler Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"618028",
"T022848",
"T018990",
"T022849",
"T018991",
"T022845",
"T022846",
"T022847",
"150102",
"T022850",
"751674",
"T021683",
"829576"
],
"last_affected": [
"T022915"
]
},
"release_date": "2022-04-19T22:00:00.000+00:00",
"title": "CVE-2022-21448"
},
{
"cve": "CVE-2022-21453",
"notes": [
{
"category": "description",
"text": "In Oracle Fusion Middleware existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder lokaler Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"618028",
"T022848",
"T018990",
"T022849",
"T018991",
"T022845",
"T022846",
"T022847",
"150102",
"T022850",
"751674",
"T021683",
"829576"
],
"last_affected": [
"T022915"
]
},
"release_date": "2022-04-19T22:00:00.000+00:00",
"title": "CVE-2022-21453"
},
{
"cve": "CVE-2022-21492",
"notes": [
{
"category": "description",
"text": "In Oracle Fusion Middleware existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder lokaler Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"618028",
"T022848",
"T018990",
"T022849",
"T018991",
"T022845",
"T022846",
"T022847",
"150102",
"T022850",
"751674",
"T021683",
"829576"
],
"last_affected": [
"T022915"
]
},
"release_date": "2022-04-19T22:00:00.000+00:00",
"title": "CVE-2022-21492"
},
{
"cve": "CVE-2022-21497",
"notes": [
{
"category": "description",
"text": "In Oracle Fusion Middleware existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder lokaler Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"618028",
"T022848",
"T018990",
"T022849",
"T018991",
"T022845",
"T022846",
"T022847",
"150102",
"T022850",
"751674",
"T021683",
"829576"
],
"last_affected": [
"T022915"
]
},
"release_date": "2022-04-19T22:00:00.000+00:00",
"title": "CVE-2022-21497"
},
{
"cve": "CVE-2022-23305",
"notes": [
{
"category": "description",
"text": "In Oracle Fusion Middleware existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder lokaler Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"618028",
"T022848",
"T018990",
"T022849",
"T018991",
"T022845",
"T022846",
"T022847",
"150102",
"T022850",
"751674",
"T021683",
"829576"
],
"last_affected": [
"T022915"
]
},
"release_date": "2022-04-19T22:00:00.000+00:00",
"title": "CVE-2022-23305"
},
{
"cve": "CVE-2022-23437",
"notes": [
{
"category": "description",
"text": "In Oracle Fusion Middleware existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder lokaler Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"618028",
"T022848",
"T018990",
"T022849",
"T018991",
"T022845",
"T022846",
"T022847",
"150102",
"T022850",
"751674",
"T021683",
"829576"
],
"last_affected": [
"T022915"
]
},
"release_date": "2022-04-19T22:00:00.000+00:00",
"title": "CVE-2022-23437"
}
]
}
WID-SEC-W-2023-1031
Vulnerability from csaf_certbund - Published: 2023-04-18 22:00 - Updated: 2023-04-18 22:00Summary
Oracle Retail Applications: Mehrere Schwachstellen
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
Oracle Retail Applications ist eine Sammlung von Produkten zur Unterstützung u. a. von Handelsfirmen und der Gastronomie.
Angriff
Ein entfernter, anonymer oder authentisierter Angreifer kann mehrere Schwachstellen in Oracle Retail Applications ausnutzen, um die Vertraulichkeit, Integrität und Verfügbarkeit zu gefährden.
Betroffene Betriebssysteme
- UNIX
- Linux
- Windows
- Sonstiges
{
"document": {
"aggregate_severity": {
"text": "hoch"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Oracle Retail Applications ist eine Sammlung von Produkten zur Unterst\u00fctzung u. a. von Handelsfirmen und der Gastronomie.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein entfernter, anonymer oder authentisierter Angreifer kann mehrere Schwachstellen in Oracle Retail Applications ausnutzen, um die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit zu gef\u00e4hrden.",
"title": "Angriff"
},
{
"category": "general",
"text": "- UNIX\n- Linux\n- Windows\n- Sonstiges",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2023-1031 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2023/wid-sec-w-2023-1031.json"
},
{
"category": "self",
"summary": "WID-SEC-2023-1031 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-1031"
},
{
"category": "external",
"summary": "Oracle Critical Patch Update Advisory - April 2023 - Appendix Oracle Retail Applications vom 2023-04-18",
"url": "https://www.oracle.com/security-alerts/cpuapr2023.html#AppendixRAPP"
}
],
"source_lang": "en-US",
"title": "Oracle Retail Applications: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2023-04-18T22:00:00.000+00:00",
"generator": {
"date": "2024-08-15T17:49:31.959+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.3.5"
}
},
"id": "WID-SEC-W-2023-1031",
"initial_release_date": "2023-04-18T22:00:00.000+00:00",
"revision_history": [
{
"date": "2023-04-18T22:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Oracle Retail Applications 16.0.3",
"product": {
"name": "Oracle Retail Applications 16.0.3",
"product_id": "T019034",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:retail_applications:16.0.3"
}
}
},
{
"category": "product_name",
"name": "Oracle Retail Applications 15.0.3.1",
"product": {
"name": "Oracle Retail Applications 15.0.3.1",
"product_id": "T019909",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:retail_applications:15.0.3.1"
}
}
},
{
"category": "product_name",
"name": "Oracle Retail Applications 14.1.3.2",
"product": {
"name": "Oracle Retail Applications 14.1.3.2",
"product_id": "T019910",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:retail_applications:14.1.3.2"
}
}
},
{
"category": "product_name",
"name": "Oracle Retail Applications 15.0.3",
"product": {
"name": "Oracle Retail Applications 15.0.3",
"product_id": "T020721",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:retail_applications:15.0.3"
}
}
},
{
"category": "product_name",
"name": "Oracle Retail Applications 14.2",
"product": {
"name": "Oracle Retail Applications 14.2",
"product_id": "T021712",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:retail_applications:14.2"
}
}
},
{
"category": "product_name",
"name": "Oracle Retail Applications 16.0.2",
"product": {
"name": "Oracle Retail Applications 16.0.2",
"product_id": "T022879",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:retail_applications:16.0.2"
}
}
},
{
"category": "product_name",
"name": "Oracle Retail Applications 19.0.0.6",
"product": {
"name": "Oracle Retail Applications 19.0.0.6",
"product_id": "T027397",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:retail_applications:19.0.0.6"
}
}
},
{
"category": "product_name",
"name": "Oracle Retail Applications 18.0.5",
"product": {
"name": "Oracle Retail Applications 18.0.5",
"product_id": "T027398",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:retail_applications:18.0.5"
}
}
},
{
"category": "product_name",
"name": "Oracle Retail Applications 19.0.4",
"product": {
"name": "Oracle Retail Applications 19.0.4",
"product_id": "T027399",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:retail_applications:19.0.4"
}
}
},
{
"category": "product_name",
"name": "Oracle Retail Applications 20.0.3",
"product": {
"name": "Oracle Retail Applications 20.0.3",
"product_id": "T027400",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:retail_applications:20.0.3"
}
}
},
{
"category": "product_name",
"name": "Oracle Retail Applications 21.0.2",
"product": {
"name": "Oracle Retail Applications 21.0.2",
"product_id": "T027401",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:retail_applications:21.0.2"
}
}
},
{
"category": "product_name",
"name": "Oracle Retail Applications 18.0.0.12",
"product": {
"name": "Oracle Retail Applications 18.0.0.12",
"product_id": "T027402",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:retail_applications:18.0.0.12"
}
}
},
{
"category": "product_name",
"name": "Oracle Retail Applications 17.0.6",
"product": {
"name": "Oracle Retail Applications 17.0.6",
"product_id": "T027403",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:retail_applications:17.0.6"
}
}
}
],
"category": "product_name",
"name": "Retail Applications"
}
],
"category": "vendor",
"name": "Oracle"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-45047",
"notes": [
{
"category": "description",
"text": "In Oracle Retail Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T019034",
"T022879",
"T019910",
"T021712",
"T020721",
"T027403",
"T027401",
"T027402",
"T027399",
"T027400",
"T027397",
"T019909",
"T027398"
]
},
"release_date": "2023-04-18T22:00:00.000+00:00",
"title": "CVE-2022-45047"
},
{
"cve": "CVE-2022-42889",
"notes": [
{
"category": "description",
"text": "In Oracle Retail Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T019034",
"T022879",
"T019910",
"T021712",
"T020721",
"T027403",
"T027401",
"T027402",
"T027399",
"T027400",
"T027397",
"T019909",
"T027398"
]
},
"release_date": "2023-04-18T22:00:00.000+00:00",
"title": "CVE-2022-42889"
},
{
"cve": "CVE-2022-42003",
"notes": [
{
"category": "description",
"text": "In Oracle Retail Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T019034",
"T022879",
"T019910",
"T021712",
"T020721",
"T027403",
"T027401",
"T027402",
"T027399",
"T027400",
"T027397",
"T019909",
"T027398"
]
},
"release_date": "2023-04-18T22:00:00.000+00:00",
"title": "CVE-2022-42003"
},
{
"cve": "CVE-2022-41966",
"notes": [
{
"category": "description",
"text": "In Oracle Retail Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T019034",
"T022879",
"T019910",
"T021712",
"T020721",
"T027403",
"T027401",
"T027402",
"T027399",
"T027400",
"T027397",
"T019909",
"T027398"
]
},
"release_date": "2023-04-18T22:00:00.000+00:00",
"title": "CVE-2022-41966"
},
{
"cve": "CVE-2022-37434",
"notes": [
{
"category": "description",
"text": "In Oracle Retail Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T019034",
"T022879",
"T019910",
"T021712",
"T020721",
"T027403",
"T027401",
"T027402",
"T027399",
"T027400",
"T027397",
"T019909",
"T027398"
]
},
"release_date": "2023-04-18T22:00:00.000+00:00",
"title": "CVE-2022-37434"
},
{
"cve": "CVE-2022-36033",
"notes": [
{
"category": "description",
"text": "In Oracle Retail Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T019034",
"T022879",
"T019910",
"T021712",
"T020721",
"T027403",
"T027401",
"T027402",
"T027399",
"T027400",
"T027397",
"T019909",
"T027398"
]
},
"release_date": "2023-04-18T22:00:00.000+00:00",
"title": "CVE-2022-36033"
},
{
"cve": "CVE-2022-33980",
"notes": [
{
"category": "description",
"text": "In Oracle Retail Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T019034",
"T022879",
"T019910",
"T021712",
"T020721",
"T027403",
"T027401",
"T027402",
"T027399",
"T027400",
"T027397",
"T019909",
"T027398"
]
},
"release_date": "2023-04-18T22:00:00.000+00:00",
"title": "CVE-2022-33980"
},
{
"cve": "CVE-2022-3171",
"notes": [
{
"category": "description",
"text": "In Oracle Retail Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T019034",
"T022879",
"T019910",
"T021712",
"T020721",
"T027403",
"T027401",
"T027402",
"T027399",
"T027400",
"T027397",
"T019909",
"T027398"
]
},
"release_date": "2023-04-18T22:00:00.000+00:00",
"title": "CVE-2022-3171"
},
{
"cve": "CVE-2022-23437",
"notes": [
{
"category": "description",
"text": "In Oracle Retail Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T019034",
"T022879",
"T019910",
"T021712",
"T020721",
"T027403",
"T027401",
"T027402",
"T027399",
"T027400",
"T027397",
"T019909",
"T027398"
]
},
"release_date": "2023-04-18T22:00:00.000+00:00",
"title": "CVE-2022-23437"
},
{
"cve": "CVE-2022-23181",
"notes": [
{
"category": "description",
"text": "In Oracle Retail Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T019034",
"T022879",
"T019910",
"T021712",
"T020721",
"T027403",
"T027401",
"T027402",
"T027399",
"T027400",
"T027397",
"T019909",
"T027398"
]
},
"release_date": "2023-04-18T22:00:00.000+00:00",
"title": "CVE-2022-23181"
},
{
"cve": "CVE-2022-22971",
"notes": [
{
"category": "description",
"text": "In Oracle Retail Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T019034",
"T022879",
"T019910",
"T021712",
"T020721",
"T027403",
"T027401",
"T027402",
"T027399",
"T027400",
"T027397",
"T019909",
"T027398"
]
},
"release_date": "2023-04-18T22:00:00.000+00:00",
"title": "CVE-2022-22971"
},
{
"cve": "CVE-2021-44832",
"notes": [
{
"category": "description",
"text": "In Oracle Retail Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T019034",
"T022879",
"T019910",
"T021712",
"T020721",
"T027403",
"T027401",
"T027402",
"T027399",
"T027400",
"T027397",
"T019909",
"T027398"
]
},
"release_date": "2023-04-18T22:00:00.000+00:00",
"title": "CVE-2021-44832"
},
{
"cve": "CVE-2020-35168",
"notes": [
{
"category": "description",
"text": "In Oracle Retail Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T019034",
"T022879",
"T019910",
"T021712",
"T020721",
"T027403",
"T027401",
"T027402",
"T027399",
"T027400",
"T027397",
"T019909",
"T027398"
]
},
"release_date": "2023-04-18T22:00:00.000+00:00",
"title": "CVE-2020-35168"
}
]
}
WID-SEC-W-2022-0197
Vulnerability from csaf_certbund - Published: 2021-12-28 23:00 - Updated: 2022-12-11 23:00Summary
Apache log4j: Schwachstelle ermöglicht Codeausführung
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
Apache log4j ist ein Framework zum Loggen von Anwendungsmeldungen in Java.
Angriff
Ein entfernter, authentisierter Angreifer kann eine Schwachstelle in Apache log4j ausnutzen, um beliebigen Programmcode auszuführen.
Betroffene Betriebssysteme
- UNIX
- Linux
- Windows
- CISCO Appliance
- Sonstiges
{
"document": {
"aggregate_severity": {
"text": "mittel"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Apache log4j ist ein Framework zum Loggen von Anwendungsmeldungen in Java.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein entfernter, authentisierter Angreifer kann eine Schwachstelle in Apache log4j ausnutzen, um beliebigen Programmcode auszuf\u00fchren.",
"title": "Angriff"
},
{
"category": "general",
"text": "- UNIX\n- Linux\n- Windows\n- CISCO Appliance\n- Sonstiges",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2022-0197 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2021/wid-sec-w-2022-0197.json"
},
{
"category": "self",
"summary": "WID-SEC-2022-0197 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2022-0197"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALAS-2022-225 vom 2022-12-09",
"url": "https://alas.aws.amazon.com/AL2022/ALAS-2022-225.html"
},
{
"category": "external",
"summary": "Apache Log4j 2 Website vom 2021-12-28",
"url": "https://logging.apache.org/log4j/2.x/"
},
{
"category": "external",
"summary": "Debian Security Advisory DLA-2870 vom 2021-12-30",
"url": "https://lists.debian.org/debian-lts-announce/2021/12/msg00036.html"
},
{
"category": "external",
"summary": "Apache Struts Announcement",
"url": "https://struts.apache.org/announce-2022"
},
{
"category": "external",
"summary": "IBM Security Bulletin 6538148 vom 2022-01-05",
"url": "https://www.ibm.com/blogs/psirt/security-bulletin-multiple-vulnerabilities-in-apache-log4j-affect-ibm-websphere-application-server-cve-2021-45105-cve-2021-44832/"
},
{
"category": "external",
"summary": "Cisco Security Advisory cisco-sa-apache-log4j-qRuKNEbd vom 2022-01-06",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd"
},
{
"category": "external",
"summary": "JobScheduler Vulnerability Release 1.13.11 vom 2022-01-10",
"url": "https://kb.sos-berlin.com/display/PKB/Vulnerability+Release+1.13.11"
},
{
"category": "external",
"summary": "HPE Security Bulletin HPESBGN04215 rev.10 vom 2022-01-08",
"url": "https://support.hpe.com/hpesc/public/docDisplay?elq_mid=17739\u0026elq_cid=67018031\u0026docId=hpesbgn04215en_us"
},
{
"category": "external",
"summary": "IBM Security Bulletin 6539408 vom 2022-01-11",
"url": "https://www.ibm.com/blogs/psirt/security-bulletin-multiple-vulnerabilities-in-apache-log4j-affect-the-ibm-websphere-application-server-and-ibm-security-guardium-key-lifecycle-manager-cve-2021-4104-cve-2021-45046-cve-2021-45105/"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-5222-1 vom 2022-01-11",
"url": "https://ubuntu.com/security/notices/USN-5222-1"
},
{
"category": "external",
"summary": "JobScheduler Vulnerability Release 2.2.1 vom 2022-01-11",
"url": "https://kb.sos-berlin.com/display/PKB/Vulnerability+Release+2.2.1"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2022:0138 vom 2022-01-13",
"url": "https://access.redhat.com/errata/RHSA-2022:0138"
},
{
"category": "external",
"summary": "IBM Security Bulletin 6540676 vom 2022-01-15",
"url": "https://www.ibm.com/blogs/psirt/security-bulletin-vulnerability-in-apache-log4j-may-affect-ibm-spectrum-protect-snapshot-on-windows-cve-2021-44832/"
},
{
"category": "external",
"summary": "IBM Security Bulletin 6540560 vom 2022-01-15",
"url": "https://www.ibm.com/blogs/psirt/security-bulletin-security-bulletin-vulnerability-in-apache-log4j-may-affect-ibm-spectrum-protect-operations-center-cve-2021-44832/"
},
{
"category": "external",
"summary": "IBM Security Bulletin 6540846 vom 2022-01-15",
"url": "https://www.ibm.com/blogs/psirt/security-bulletin-vulnerability-in-apache-log4j-may-affect-ibm-spectrum-protect-for-space-management-cve-2021-44832/"
},
{
"category": "external",
"summary": "IBM Security Bulletin 6540692 vom 2022-01-15",
"url": "https://www.ibm.com/blogs/psirt/security-bulletin-vulnerability-in-apache-log4j-impacts-ibm-spectrum-protect-backup-archive-client-and-ibm-spectrum-protect-for-virtual-environments-cve-2021-44832/"
},
{
"category": "external",
"summary": "IBM Security Bulletin 6540874 vom 2022-01-15",
"url": "https://www.ibm.com/blogs/psirt/security-bulletin-vulnerability-in-apache-log4j-may-affect-ibm-spectrum-protect-snapshot-for-vmware-cve-2021-44832/"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2022:0203 vom 2022-01-20",
"url": "https://access.redhat.com/errata/RHSA-2022:0203"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2022:0226 vom 2022-01-21",
"url": "https://access.redhat.com/errata/RHSA-2022:0226"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2022:0227 vom 2022-01-21",
"url": "https://access.redhat.com/errata/RHSA-2022:0227"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2022:0083 vom 2022-01-20",
"url": "https://access.redhat.com/errata/RHSA-2022:0083"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2022:0225 vom 2022-01-21",
"url": "https://access.redhat.com/errata/RHSA-2022:0225"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2022:0216 vom 2022-01-20",
"url": "https://access.redhat.com/errata/RHSA-2022:0216"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2022:0222 vom 2022-01-21",
"url": "https://access.redhat.com/errata/RHSA-2022:0222"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2022:0205 vom 2022-01-20",
"url": "https://access.redhat.com/errata/RHSA-2022:0205"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2022:0223 vom 2022-01-21",
"url": "https://access.redhat.com/errata/RHSA-2022:0223"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2022:0230 vom 2022-01-22",
"url": "https://access.redhat.com/errata/RHSA-2022:0230"
},
{
"category": "external",
"summary": "IBM Security Bulletin 6549888 vom 2022-01-25",
"url": "https://www.ibm.com/blogs/psirt/security-bulletin-a-vulnerability-in-apache-log4j-affects-some-features-of-ibm-db2-cve-2021-44832/"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2022:0236 vom 2022-01-25",
"url": "https://access.redhat.com/errata/RHSA-2022:0236"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2022:0181 vom 2022-01-27",
"url": "https://access.redhat.com/errata/RHSA-2022:0181"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALAS-2022-011 vom 2022-01-27",
"url": "https://alas.aws.amazon.com/AL2022/ALAS-2022-011.html"
},
{
"category": "external",
"summary": "IBM Security Bulletin 6551310 vom 2022-01-28",
"url": "https://www.ibm.com/blogs/psirt/security-bulletin-ibm-tivoli-netcool-omnibus-common-integration-libraries-is-vulnerable-to-arbitrary-code-execution-and-denial-of-service-due-to-apache-log4j-cve-2021-44228-cve-2021-45046-cve-2021/"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALAS-2022-1734 vom 2022-01-27",
"url": "https://alas.aws.amazon.com/AL2/ALAS-2022-1734.html"
},
{
"category": "external",
"summary": "IBM Security Bulletin 6552546 vom 2022-02-02",
"url": "https://www.ibm.com/blogs/psirt/security-bulletin-tivoli-netcool-omnibus-installation-contains-vulnerable-apache-log4j-code-cve-2021-44832-cve-2021-45046-cve-2021-45105/"
},
{
"category": "external",
"summary": "IBM Security Bulletin 6553026 vom 2022-02-05",
"url": "https://www.ibm.com/blogs/psirt/security-bulletin-ibm-infosphere-information-server-is-vulnerable-to-arbitrary-code-execution-due-to-apache-log4j-cve-2021-44832/"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2022:0467 vom 2022-02-08",
"url": "https://access.redhat.com/errata/RHSA-2022:0467"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2022:0485 vom 2022-02-16",
"url": "https://access.redhat.com/errata/RHSA-2022:0485"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2022:0493 vom 2022-02-16",
"url": "https://access.redhat.com/errata/RHSA-2022:0493"
},
{
"category": "external",
"summary": "HCL Article KB0097299 vom 2022-03-23",
"url": "https://support.hcltechsw.com/csm?id=kb_article\u0026sysparm_article=KB0097299"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2022:1296 vom 2022-04-11",
"url": "https://access.redhat.com/errata/RHSA-2022:1296"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2022:1297 vom 2022-04-11",
"url": "https://access.redhat.com/errata/RHSA-2022:1297"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2022:1299 vom 2022-04-11",
"url": "https://access.redhat.com/errata/RHSA-2022:1299"
},
{
"category": "external",
"summary": "IBM Security Bulletin 6593439 vom 2022-06-09",
"url": "https://www.ibm.com/blogs/psirt/security-bulletin-ibm-rational-software-architect-realtime-edition-rsa-rt-is-vulnerable-to-apache-log4j2-cve-2021-44832/"
},
{
"category": "external",
"summary": "AVAYA Security Advisory ASA-2022-001 vom 2022-04-25",
"url": "https://downloads.avaya.com/css/P8/documents/101081576"
},
{
"category": "external",
"summary": "IBM Security Bulletin 6832160 vom 2022-10-27",
"url": "https://www.ibm.com/blogs/psirt/security-bulletin-due-to-use-of-apache-log4j-ibm-qradar-siem-is-vulnerable-to-arbitrary-code-execution-cve-2019-17571-cve-2021-44832-cve-2021-4104/"
}
],
"source_lang": "en-US",
"title": "Apache log4j: Schwachstelle erm\u00f6glicht Codeausf\u00fchrung",
"tracking": {
"current_release_date": "2022-12-11T23:00:00.000+00:00",
"generator": {
"date": "2024-08-15T17:27:14.932+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.3.5"
}
},
"id": "WID-SEC-W-2022-0197",
"initial_release_date": "2021-12-28T23:00:00.000+00:00",
"revision_history": [
{
"date": "2021-12-28T23:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
},
{
"date": "2021-12-29T23:00:00.000+00:00",
"number": "2",
"summary": "Neue Updates von Debian aufgenommen"
},
{
"date": "2022-01-02T23:00:00.000+00:00",
"number": "3",
"summary": "Neue Updates von Apache aufgenommen"
},
{
"date": "2022-01-04T23:00:00.000+00:00",
"number": "4",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2022-01-05T23:00:00.000+00:00",
"number": "5",
"summary": "Referenz(en) aufgenommen: PH38929"
},
{
"date": "2022-01-06T23:00:00.000+00:00",
"number": "6",
"summary": "Neue Updates von Cisco aufgenommen"
},
{
"date": "2022-01-09T23:00:00.000+00:00",
"number": "7",
"summary": "Neue Updates von SOS GmbH und HPE aufgenommen"
},
{
"date": "2022-01-10T23:00:00.000+00:00",
"number": "8",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2022-01-11T23:00:00.000+00:00",
"number": "9",
"summary": "Neue Updates von Ubuntu aufgenommen"
},
{
"date": "2022-01-12T23:00:00.000+00:00",
"number": "10",
"summary": "Neue Updates aufgenommen"
},
{
"date": "2022-01-13T23:00:00.000+00:00",
"number": "11",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2022-01-16T23:00:00.000+00:00",
"number": "12",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2022-01-19T23:00:00.000+00:00",
"number": "13",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2022-01-20T23:00:00.000+00:00",
"number": "14",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2022-01-23T23:00:00.000+00:00",
"number": "15",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2022-01-24T23:00:00.000+00:00",
"number": "16",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2022-01-25T23:00:00.000+00:00",
"number": "17",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2022-01-26T23:00:00.000+00:00",
"number": "18",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2022-01-27T23:00:00.000+00:00",
"number": "19",
"summary": "Neue Updates von Amazon und IBM aufgenommen"
},
{
"date": "2022-02-01T23:00:00.000+00:00",
"number": "20",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2022-02-06T23:00:00.000+00:00",
"number": "21",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2022-02-08T23:00:00.000+00:00",
"number": "22",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2022-02-16T23:00:00.000+00:00",
"number": "23",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2022-03-22T23:00:00.000+00:00",
"number": "24",
"summary": "Neue Updates von HCL aufgenommen"
},
{
"date": "2022-04-11T22:00:00.000+00:00",
"number": "25",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2022-04-26T22:00:00.000+00:00",
"number": "26",
"summary": "Neue Updates von AVAYA aufgenommen"
},
{
"date": "2022-06-08T22:00:00.000+00:00",
"number": "27",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2022-10-26T22:00:00.000+00:00",
"number": "28",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2022-12-11T23:00:00.000+00:00",
"number": "29",
"summary": "Neue Updates von Amazon aufgenommen"
}
],
"status": "final",
"version": "29"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Amazon Linux 2",
"product": {
"name": "Amazon Linux 2",
"product_id": "398363",
"product_identification_helper": {
"cpe": "cpe:/o:amazon:linux_2:-"
}
}
}
],
"category": "vendor",
"name": "Amazon"
},
{
"branches": [
{
"category": "product_name",
"name": "Apache Struts",
"product": {
"name": "Apache Struts",
"product_id": "642",
"product_identification_helper": {
"cpe": "cpe:/a:apache:struts:-"
}
}
},
{
"branches": [
{
"category": "product_name",
"name": "Apache log4j \u003c 2.3.2",
"product": {
"name": "Apache log4j \u003c 2.3.2",
"product_id": "T021443",
"product_identification_helper": {
"cpe": "cpe:/a:apache:log4j:2.3.2"
}
}
},
{
"category": "product_name",
"name": "Apache log4j \u003c 2.12.4",
"product": {
"name": "Apache log4j \u003c 2.12.4",
"product_id": "T021444",
"product_identification_helper": {
"cpe": "cpe:/a:apache:log4j:2.12.4"
}
}
},
{
"category": "product_name",
"name": "Apache log4j \u003c 2.17.1",
"product": {
"name": "Apache log4j \u003c 2.17.1",
"product_id": "T021445",
"product_identification_helper": {
"cpe": "cpe:/a:apache:log4j:2.17.1"
}
}
}
],
"category": "product_name",
"name": "log4j"
}
],
"category": "vendor",
"name": "Apache"
},
{
"branches": [
{
"category": "product_name",
"name": "Avaya Aura Application Enablement Services",
"product": {
"name": "Avaya Aura Application Enablement Services",
"product_id": "T015516",
"product_identification_helper": {
"cpe": "cpe:/a:avaya:aura_application_enablement_services:-"
}
}
},
{
"category": "product_name",
"name": "Avaya Aura Experience Portal",
"product": {
"name": "Avaya Aura Experience Portal",
"product_id": "T015519",
"product_identification_helper": {
"cpe": "cpe:/a:avaya:aura_experience_portal:-"
}
}
},
{
"category": "product_name",
"name": "Avaya one-X",
"product": {
"name": "Avaya one-X",
"product_id": "1024",
"product_identification_helper": {
"cpe": "cpe:/a:avaya:one-x:-"
}
}
}
],
"category": "vendor",
"name": "Avaya"
},
{
"branches": [
{
"category": "product_name",
"name": "Cisco Application Policy Infrastructure Controller",
"product": {
"name": "Cisco Application Policy Infrastructure Controller",
"product_id": "778219",
"product_identification_helper": {
"cpe": "cpe:/a:cisco:application_policy_infrastructure_controller:-"
}
}
},
{
"category": "product_name",
"name": "Cisco Emergency Responder (ER) Director",
"product": {
"name": "Cisco Emergency Responder (ER) Director",
"product_id": "2040",
"product_identification_helper": {
"cpe": "cpe:/a:cisco:emergency_responder:-"
}
}
},
{
"category": "product_name",
"name": "Cisco Finesse Director",
"product": {
"name": "Cisco Finesse Director",
"product_id": "199167",
"product_identification_helper": {
"cpe": "cpe:/a:cisco:finesse:-"
}
}
},
{
"category": "product_name",
"name": "Cisco Firepower",
"product": {
"name": "Cisco Firepower",
"product_id": "T011337",
"product_identification_helper": {
"cpe": "cpe:/a:cisco:firepower:-"
}
}
},
{
"category": "product_name",
"name": "Cisco Identity Services Engine (ISE)",
"product": {
"name": "Cisco Identity Services Engine (ISE)",
"product_id": "T000612",
"product_identification_helper": {
"cpe": "cpe:/a:cisco:identity_services_engine_software:-"
}
}
},
{
"category": "product_name",
"name": "Cisco Integrated Management Controller Supervisor",
"product": {
"name": "Cisco Integrated Management Controller Supervisor",
"product_id": "T021487",
"product_identification_helper": {
"cpe": "cpe:/a:cisco:integrated_management_controller:::supervisor"
}
}
},
{
"category": "product_name",
"name": "Cisco Network Services Orchestrator",
"product": {
"name": "Cisco Network Services Orchestrator",
"product_id": "T021358",
"product_identification_helper": {
"cpe": "cpe:/a:cisco:network_services_orchestrator:-"
}
}
},
{
"branches": [
{
"category": "product_name",
"name": "Cisco Nexus Dashboard",
"product": {
"name": "Cisco Nexus Dashboard",
"product_id": "T021249",
"product_identification_helper": {
"cpe": "cpe:/h:cisco:nexus:::dashboard"
}
}
},
{
"category": "product_name",
"name": "Cisco Nexus Insights",
"product": {
"name": "Cisco Nexus Insights",
"product_id": "T021357",
"product_identification_helper": {
"cpe": "cpe:/h:cisco:nexus:insights"
}
}
}
],
"category": "product_name",
"name": "Nexus"
},
{
"category": "product_name",
"name": "Cisco SD-WAN vManage",
"product": {
"name": "Cisco SD-WAN vManage",
"product_id": "T018812",
"product_identification_helper": {
"cpe": "cpe:/a:cisco:sd_wan:vmanage"
}
}
},
{
"category": "product_name",
"name": "Cisco Unified Communications Manager (CUCM) Director",
"product": {
"name": "Cisco Unified Communications Manager (CUCM) Director",
"product_id": "2142",
"product_identification_helper": {
"cpe": "cpe:/a:cisco:unified_communications_manager:-"
}
}
},
{
"category": "product_name",
"name": "Cisco Unified Communications Manager IM \u0026 Presence Service Director",
"product": {
"name": "Cisco Unified Communications Manager IM \u0026 Presence Service Director",
"product_id": "915287",
"product_identification_helper": {
"cpe": "cpe:/a:cisco:unified_communications_manager_im_and_presence_service:-"
}
}
},
{
"branches": [
{
"category": "product_name",
"name": "Cisco Unified Computing System (UCS)",
"product": {
"name": "Cisco Unified Computing System (UCS)",
"product_id": "163824",
"product_identification_helper": {
"cpe": "cpe:/h:cisco:unified_computing_system:-"
}
}
},
{
"category": "product_name",
"name": "Cisco Unified Computing System (UCS) Director",
"product": {
"name": "Cisco Unified Computing System (UCS) Director",
"product_id": "T017032",
"product_identification_helper": {
"cpe": "cpe:/h:cisco:unified_computing_system:director_6.7.4.1"
}
}
}
],
"category": "product_name",
"name": "Unified Computing System (UCS)"
},
{
"category": "product_name",
"name": "Cisco Unified Contact Center Enterprise Director",
"product": {
"name": "Cisco Unified Contact Center Enterprise Director",
"product_id": "2143",
"product_identification_helper": {
"cpe": "cpe:/a:cisco:unified_contact_center_enterprise:-"
}
}
},
{
"category": "product_name",
"name": "Cisco Unified Contact Center Express (UCCX) Director",
"product": {
"name": "Cisco Unified Contact Center Express (UCCX) Director",
"product_id": "915286",
"product_identification_helper": {
"cpe": "cpe:/a:cisco:unified_contact_center_express:-"
}
}
},
{
"category": "product_name",
"name": "Cisco Unified Intelligence Center Director",
"product": {
"name": "Cisco Unified Intelligence Center Director",
"product_id": "T018811",
"product_identification_helper": {
"cpe": "cpe:/a:cisco:unified_intelligence_center:-"
}
}
},
{
"category": "product_name",
"name": "Cisco Unity Connection Director",
"product": {
"name": "Cisco Unity Connection Director",
"product_id": "T002044",
"product_identification_helper": {
"cpe": "cpe:/a:cisco:unity_connection:-"
}
}
},
{
"category": "product_name",
"name": "Cisco Video Surveillance Operations Manager Director",
"product": {
"name": "Cisco Video Surveillance Operations Manager Director",
"product_id": "196088",
"product_identification_helper": {
"cpe": "cpe:/a:cisco:video_surveillance_operations_manager:-"
}
}
},
{
"category": "product_name",
"name": "Cisco WebEx Meetings Server",
"product": {
"name": "Cisco WebEx Meetings Server",
"product_id": "T001160",
"product_identification_helper": {
"cpe": "cpe:/a:cisco:webex_meetings_server:-"
}
}
}
],
"category": "vendor",
"name": "Cisco"
},
{
"branches": [
{
"category": "product_name",
"name": "Debian Linux",
"product": {
"name": "Debian Linux",
"product_id": "2951",
"product_identification_helper": {
"cpe": "cpe:/o:debian:debian_linux:-"
}
}
}
],
"category": "vendor",
"name": "Debian"
},
{
"branches": [
{
"category": "product_name",
"name": "HPE Intelligent Management Center (IMC)",
"product": {
"name": "HPE Intelligent Management Center (IMC)",
"product_id": "T001888",
"product_identification_helper": {
"cpe": "cpe:/a:hp:intelligent_management_center:-"
}
}
}
],
"category": "vendor",
"name": "HPE"
},
{
"branches": [
{
"category": "product_name",
"name": "IBM DB2",
"product": {
"name": "IBM DB2",
"product_id": "5104",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:db2:-"
}
}
},
{
"branches": [
{
"category": "product_name",
"name": "IBM QRadar SIEM 7.5",
"product": {
"name": "IBM QRadar SIEM 7.5",
"product_id": "T022954",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:qradar_siem:7.5"
}
}
},
{
"category": "product_name",
"name": "IBM QRadar SIEM 7.4",
"product": {
"name": "IBM QRadar SIEM 7.4",
"product_id": "T024775",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:qradar_siem:7.4"
}
}
}
],
"category": "product_name",
"name": "QRadar SIEM"
},
{
"category": "product_name",
"name": "IBM Rational Software Architect",
"product": {
"name": "IBM Rational Software Architect",
"product_id": "T005181",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:rational_software_architect:-"
}
}
},
{
"category": "product_name",
"name": "IBM Security Guardium",
"product": {
"name": "IBM Security Guardium",
"product_id": "T021345",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:security_guardium:-"
}
}
},
{
"category": "product_name",
"name": "IBM Tivoli Netcool/OMNIbus",
"product": {
"name": "IBM Tivoli Netcool/OMNIbus",
"product_id": "T004181",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:tivoli_netcool%2fomnibus:-"
}
}
},
{
"category": "product_name",
"name": "IBM WebSphere Application Server",
"product": {
"name": "IBM WebSphere Application Server",
"product_id": "5198",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:websphere_application_server:-"
}
}
}
],
"category": "vendor",
"name": "IBM"
},
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux",
"product": {
"name": "Red Hat Enterprise Linux",
"product_id": "67646",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:-"
}
}
}
],
"category": "vendor",
"name": "Red Hat"
},
{
"branches": [
{
"category": "product_name",
"name": "SOS GmbH JobScheduler",
"product": {
"name": "SOS GmbH JobScheduler",
"product_id": "T021263",
"product_identification_helper": {
"cpe": "cpe:/a:sos_gmbh:jobscheduler:-"
}
}
}
],
"category": "vendor",
"name": "SOS GmbH"
},
{
"branches": [
{
"category": "product_name",
"name": "Ubuntu Linux",
"product": {
"name": "Ubuntu Linux",
"product_id": "T000126",
"product_identification_helper": {
"cpe": "cpe:/o:canonical:ubuntu_linux:-"
}
}
}
],
"category": "vendor",
"name": "Ubuntu"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-44832",
"notes": [
{
"category": "description",
"text": "Es existiert eine Schwachstelle in Apache log4j. Bestimmte Nutzer-Eingaben werden nur ungen\u00fcgend validiert. Ein entfernter authentisierter Angreifer mit der Berechtigung zum \u00c4ndern der Protokollierungskonfigurationsdatei kann eine b\u00f6sartige Konfiguration mit einem JDBC-Appender mit einer Datenquelle erstellen, die auf einen JNDI-URI verweist. In der Folge kann Code zur Ausf\u00fchrung gebracht werden."
}
],
"product_status": {
"known_affected": [
"T001160",
"67646",
"T017032",
"T021358",
"T021357",
"T000612",
"T001888",
"T005181",
"199167",
"398363",
"163824",
"T015519",
"5198",
"T015516",
"T011337",
"2143",
"2142",
"2040",
"T022954",
"T021345",
"T021487",
"642",
"2951",
"T018811",
"1024",
"T000126",
"T018812",
"T021249",
"5104",
"778219",
"T004181",
"T024775",
"196088",
"915287",
"915286",
"T002044",
"T021263"
]
},
"release_date": "2021-12-28T23:00:00.000+00:00",
"title": "CVE-2021-44832"
}
]
}
WID-SEC-W-2023-1524
Vulnerability from csaf_certbund - Published: 2022-01-31 23:00 - Updated: 2023-06-20 22:00Summary
IBM Spectrum Protect Plus: Mehrere Schwachstellen
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
IBM Spectrum Protect ist eine zentralisierte Backuplösung für Systeme im Netzwerk.
Angriff
Ein entfernter, anonymer oder authentisierter Angreifer kann mehrere Schwachstellen in IBM Spectrum Protect Plus ausnutzen, um einen Denial-of-Service-Zustand zu verursachen, seine Privilegien zu erweitern, Sicherheitsmaßnahmen zu umgehen und beliebigen Code auszuführen.
Betroffene Betriebssysteme
- Linux
{
"document": {
"aggregate_severity": {
"text": "hoch"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "IBM Spectrum Protect ist eine zentralisierte Backupl\u00f6sung f\u00fcr Systeme im Netzwerk.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein entfernter, anonymer oder authentisierter Angreifer kann mehrere Schwachstellen in IBM Spectrum Protect Plus ausnutzen, um einen Denial-of-Service-Zustand zu verursachen, seine Privilegien zu erweitern, Sicherheitsma\u00dfnahmen zu umgehen und beliebigen Code auszuf\u00fchren.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Linux",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2023-1524 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2022/wid-sec-w-2023-1524.json"
},
{
"category": "self",
"summary": "WID-SEC-2023-1524 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-1524"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7005589 vom 2023-06-21",
"url": "https://www.ibm.com/support/pages/node/7005589"
},
{
"category": "external",
"summary": "IBM Security Advisory vom 2022-01-31",
"url": "https://www.ibm.com/support/pages/node/6552186"
},
{
"category": "external",
"summary": "IBM Security Advisory vom 2022-01-31",
"url": "https://www.ibm.com/support/pages/node/6540860"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2022:0735 vom 2022-03-03",
"url": "https://access.redhat.com/errata/RHSA-2022:0735"
}
],
"source_lang": "en-US",
"title": "IBM Spectrum Protect Plus: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2023-06-20T22:00:00.000+00:00",
"generator": {
"date": "2024-08-15T17:52:51.741+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.3.5"
}
},
"id": "WID-SEC-W-2023-1524",
"initial_release_date": "2022-01-31T23:00:00.000+00:00",
"revision_history": [
{
"date": "2022-01-31T23:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
},
{
"date": "2022-03-03T23:00:00.000+00:00",
"number": "2",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2023-06-20T22:00:00.000+00:00",
"number": "3",
"summary": "Neue Updates von IBM aufgenommen"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "IBM Spectrum Protect plus 10.1",
"product": {
"name": "IBM Spectrum Protect plus 10.1",
"product_id": "T015895",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:spectrum_protect:plus_10.1"
}
}
},
{
"category": "product_name",
"name": "IBM Spectrum Protect Plus \u003c 10.1.9.3",
"product": {
"name": "IBM Spectrum Protect Plus \u003c 10.1.9.3",
"product_id": "T021902",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:spectrum_protect:plus__10.1.9.3"
}
}
}
],
"category": "product_name",
"name": "Spectrum Protect"
}
],
"category": "vendor",
"name": "IBM"
},
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux",
"product": {
"name": "Red Hat Enterprise Linux",
"product_id": "67646",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:-"
}
}
}
],
"category": "vendor",
"name": "Red Hat"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-3733",
"notes": [
{
"category": "description",
"text": "In IBM Spectrum Protect Plus existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten Python, Golang Go, MinIO und Apache Log4j. Ein entfernter anonymer oder authentisierter Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu verursachen, seine Privilegien zu erweitern, Sicherheitsma\u00dfnahmen zu umgehen und beliebigen Code auszuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Privilegien."
}
],
"product_status": {
"known_affected": [
"67646",
"T015895",
"T021902"
]
},
"release_date": "2022-01-31T23:00:00.000+00:00",
"title": "CVE-2021-3733"
},
{
"cve": "CVE-2021-3737",
"notes": [
{
"category": "description",
"text": "In IBM Spectrum Protect Plus existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten Python, Golang Go, MinIO und Apache Log4j. Ein entfernter anonymer oder authentisierter Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu verursachen, seine Privilegien zu erweitern, Sicherheitsma\u00dfnahmen zu umgehen und beliebigen Code auszuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Privilegien."
}
],
"product_status": {
"known_affected": [
"67646",
"T015895",
"T021902"
]
},
"release_date": "2022-01-31T23:00:00.000+00:00",
"title": "CVE-2021-3737"
},
{
"cve": "CVE-2021-41771",
"notes": [
{
"category": "description",
"text": "In IBM Spectrum Protect Plus existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten Python, Golang Go, MinIO und Apache Log4j. Ein entfernter anonymer oder authentisierter Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu verursachen, seine Privilegien zu erweitern, Sicherheitsma\u00dfnahmen zu umgehen und beliebigen Code auszuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Privilegien."
}
],
"product_status": {
"known_affected": [
"67646",
"T015895",
"T021902"
]
},
"release_date": "2022-01-31T23:00:00.000+00:00",
"title": "CVE-2021-41771"
},
{
"cve": "CVE-2021-41772",
"notes": [
{
"category": "description",
"text": "In IBM Spectrum Protect Plus existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten Python, Golang Go, MinIO und Apache Log4j. Ein entfernter anonymer oder authentisierter Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu verursachen, seine Privilegien zu erweitern, Sicherheitsma\u00dfnahmen zu umgehen und beliebigen Code auszuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Privilegien."
}
],
"product_status": {
"known_affected": [
"67646",
"T015895",
"T021902"
]
},
"release_date": "2022-01-31T23:00:00.000+00:00",
"title": "CVE-2021-41772"
},
{
"cve": "CVE-2021-43858",
"notes": [
{
"category": "description",
"text": "In IBM Spectrum Protect Plus existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten Python, Golang Go, MinIO und Apache Log4j. Ein entfernter anonymer oder authentisierter Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu verursachen, seine Privilegien zu erweitern, Sicherheitsma\u00dfnahmen zu umgehen und beliebigen Code auszuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Privilegien."
}
],
"product_status": {
"known_affected": [
"67646",
"T015895",
"T021902"
]
},
"release_date": "2022-01-31T23:00:00.000+00:00",
"title": "CVE-2021-43858"
},
{
"cve": "CVE-2021-44716",
"notes": [
{
"category": "description",
"text": "In IBM Spectrum Protect Plus existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten Python, Golang Go, MinIO und Apache Log4j. Ein entfernter anonymer oder authentisierter Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu verursachen, seine Privilegien zu erweitern, Sicherheitsma\u00dfnahmen zu umgehen und beliebigen Code auszuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Privilegien."
}
],
"product_status": {
"known_affected": [
"67646",
"T015895",
"T021902"
]
},
"release_date": "2022-01-31T23:00:00.000+00:00",
"title": "CVE-2021-44716"
},
{
"cve": "CVE-2021-44717",
"notes": [
{
"category": "description",
"text": "In IBM Spectrum Protect Plus existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten Python, Golang Go, MinIO und Apache Log4j. Ein entfernter anonymer oder authentisierter Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu verursachen, seine Privilegien zu erweitern, Sicherheitsma\u00dfnahmen zu umgehen und beliebigen Code auszuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Privilegien."
}
],
"product_status": {
"known_affected": [
"67646",
"T015895",
"T021902"
]
},
"release_date": "2022-01-31T23:00:00.000+00:00",
"title": "CVE-2021-44717"
},
{
"cve": "CVE-2021-44832",
"notes": [
{
"category": "description",
"text": "In IBM Spectrum Protect Plus existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten Python, Golang Go, MinIO und Apache Log4j. Ein entfernter anonymer oder authentisierter Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu verursachen, seine Privilegien zu erweitern, Sicherheitsma\u00dfnahmen zu umgehen und beliebigen Code auszuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Privilegien."
}
],
"product_status": {
"known_affected": [
"67646",
"T015895",
"T021902"
]
},
"release_date": "2022-01-31T23:00:00.000+00:00",
"title": "CVE-2021-44832"
}
]
}
WID-SEC-W-2023-0123
Vulnerability from csaf_certbund - Published: 2023-01-17 23:00 - Updated: 2023-01-17 23:00Summary
Oracle Siebel CRM: Mehrere Schwachstellen
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
Siebel CRM ist eine CRM-Lösung von Oracle.
Angriff
Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in Oracle Siebel CRM ausnutzen, um die Vertraulichkeit, Integrität und Verfügbarkeit zu gefährden.
Betroffene Betriebssysteme
- UNIX
- Linux
- Windows
{
"document": {
"aggregate_severity": {
"text": "hoch"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Siebel CRM ist eine CRM-L\u00f6sung von Oracle.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in Oracle Siebel CRM ausnutzen, um die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit zu gef\u00e4hrden.",
"title": "Angriff"
},
{
"category": "general",
"text": "- UNIX\n- Linux\n- Windows",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2023-0123 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2023/wid-sec-w-2023-0123.json"
},
{
"category": "self",
"summary": "WID-SEC-2023-0123 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-0123"
},
{
"category": "external",
"summary": "Oracle Critical Patch Update Advisory - January 2023 - Appendix Oracle Siebel CRM vom 2023-01-17",
"url": "https://www.oracle.com/security-alerts/cpujan2023.html#AppendixSECR"
}
],
"source_lang": "en-US",
"title": "Oracle Siebel CRM: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2023-01-17T23:00:00.000+00:00",
"generator": {
"date": "2024-08-15T17:41:44.015+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.3.5"
}
},
"id": "WID-SEC-W-2023-0123",
"initial_release_date": "2023-01-17T23:00:00.000+00:00",
"revision_history": [
{
"date": "2023-01-17T23:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Oracle Siebel CRM \u003c= 22.10",
"product": {
"name": "Oracle Siebel CRM \u003c= 22.10",
"product_id": "T025891",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:siebel_crm:22.10"
}
}
}
],
"category": "vendor",
"name": "Oracle"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-2274",
"notes": [
{
"category": "description",
"text": "In Oracle Siebel CRM existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"last_affected": [
"T025891"
]
},
"release_date": "2023-01-17T23:00:00.000+00:00",
"title": "CVE-2022-2274"
},
{
"cve": "CVE-2021-44832",
"notes": [
{
"category": "description",
"text": "In Oracle Siebel CRM existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"last_affected": [
"T025891"
]
},
"release_date": "2023-01-17T23:00:00.000+00:00",
"title": "CVE-2021-44832"
}
]
}
WID-SEC-W-2022-0169
Vulnerability from csaf_certbund - Published: 2022-04-19 22:00 - Updated: 2024-05-28 22:00Summary
Oracle MySQL: Mehrere Schwachstellen
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
MySQL ist ein Open Source Datenbankserver von Oracle.
Angriff
Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in Oracle MySQL ausnutzen, um die Vertraulichkeit, Integrität und Verfügbarkeit zu gefährden.
Betroffene Betriebssysteme
- Linux
- MacOS X
- NetApp Appliance
- UNIX
- Windows
{
"document": {
"aggregate_severity": {
"text": "hoch"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "MySQL ist ein Open Source Datenbankserver von Oracle.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in Oracle MySQL ausnutzen, um die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit zu gef\u00e4hrden.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Linux\n- MacOS X\n- NetApp Appliance\n- UNIX\n- Windows",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2022-0169 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2022/wid-sec-w-2022-0169.json"
},
{
"category": "self",
"summary": "WID-SEC-2022-0169 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2022-0169"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-5490-1 vom 2022-06-21",
"url": "https://ubuntu.com/security/notices/USN-5490-1"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2022:2003-1 vom 2022-06-07",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2022-June/011247.html"
},
{
"category": "external",
"summary": "Oracle Critical Patch Update April 2022 - Appendix Oracle MySQL vom 2022-04-19",
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html#AppendixMSQL"
},
{
"category": "external",
"summary": "NetApp Security Advisory NTAP-20220429-0005 vom 2022-04-29",
"url": "https://security.netapp.com/advisory/ntap-20220429-0005/"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-5400-1 vom 2022-05-03",
"url": "https://ubuntu.com/security/notices/USN-5400-1"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-5400-2 vom 2022-05-04",
"url": "https://ubuntu.com/security/notices/USN-5400-2"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-5400-3 vom 2022-05-05",
"url": "https://ubuntu.com/security/notices/USN-5400-3"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALAS-2022-098 vom 2022-07-21",
"url": "https://alas.aws.amazon.com/AL2022/ALAS-2022-098.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2022:6306 vom 2022-09-01",
"url": "https://access.redhat.com/errata/RHSA-2022:6306"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2022:6518 vom 2022-09-14",
"url": "https://access.redhat.com/errata/RHSA-2022:6518"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2022:6590 vom 2022-09-21",
"url": "https://access.redhat.com/errata/RHSA-2022:6590"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2022-6590 vom 2022-09-22",
"url": "https://linux.oracle.com/errata/ELSA-2022-6590.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2022:1040-3 vom 2022-10-06",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2022-October/012505.html"
},
{
"category": "external",
"summary": "Juniper Security Bulletin",
"url": "https://supportportal.juniper.net/s/article/2022-10-Security-Bulletin-Junos-Space-Multiple-vulnerabilities-resolved-in-22-2R1-release"
},
{
"category": "external",
"summary": "Oracle Linux Bulletin-October 2022 vom 2022-10-18",
"url": "https://www.oracle.com/security-alerts/linuxbulletinoct2022.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2022:7119 vom 2022-10-25",
"url": "https://access.redhat.com/errata/RHSA-2022:7119"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2022-7119 vom 2022-10-27",
"url": "https://linux.oracle.com/errata/ELSA-2022-7119.html"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALAS-2022-165 vom 2022-11-04",
"url": "https://alas.aws.amazon.com/AL2022/ALAS-2022-165.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2022:7464 vom 2022-11-08",
"url": "https://access.redhat.com/errata/RHSA-2022:7464"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2022:7970 vom 2022-11-15",
"url": "https://access.redhat.com/errata/RHSA-2022:7970"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2022-7970 vom 2022-11-22",
"url": "https://linux.oracle.com/errata/ELSA-2022-7970.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2022:8860 vom 2022-12-08",
"url": "https://access.redhat.com/errata/RHSA-2022:8860"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2022:8847 vom 2022-12-08",
"url": "https://access.redhat.com/errata/RHSA-2022:8847"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2022:8893 vom 2022-12-15",
"url": "https://access.redhat.com/errata/RHSA-2022:8893"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALAS-2023-1931 vom 2023-02-06",
"url": "https://alas.aws.amazon.com/AL2/ALAS-2023-1931.html"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALAS-2023-1676 vom 2023-02-06",
"url": "https://alas.aws.amazon.com/ALAS-2023-1676.html"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALAS2-2023-1948 vom 2023-02-22",
"url": "https://alas.aws.amazon.com/AL2/ALAS-2023-1948.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:3433 vom 2024-05-28",
"url": "https://access.redhat.com/errata/RHSA-2024:3433"
}
],
"source_lang": "en-US",
"title": "Oracle MySQL: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2024-05-28T22:00:00.000+00:00",
"generator": {
"date": "2024-08-15T17:27:04.345+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.3.5"
}
},
"id": "WID-SEC-W-2022-0169",
"initial_release_date": "2022-04-19T22:00:00.000+00:00",
"revision_history": [
{
"date": "2022-04-19T22:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
},
{
"date": "2022-05-01T22:00:00.000+00:00",
"number": "2",
"summary": "Neue Updates von NetApp aufgenommen"
},
{
"date": "2022-05-03T22:00:00.000+00:00",
"number": "3",
"summary": "Neue Updates von Ubuntu aufgenommen"
},
{
"date": "2022-05-04T22:00:00.000+00:00",
"number": "4",
"summary": "Neue Updates von Ubuntu aufgenommen"
},
{
"date": "2022-05-05T22:00:00.000+00:00",
"number": "5",
"summary": "Neue Updates von Ubuntu aufgenommen"
},
{
"date": "2022-06-07T22:00:00.000+00:00",
"number": "6",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2022-06-21T22:00:00.000+00:00",
"number": "7",
"summary": "Neue Updates von Ubuntu aufgenommen"
},
{
"date": "2022-07-20T22:00:00.000+00:00",
"number": "8",
"summary": "Neue Updates von Amazon aufgenommen"
},
{
"date": "2022-09-01T22:00:00.000+00:00",
"number": "9",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2022-09-14T22:00:00.000+00:00",
"number": "10",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2022-09-20T22:00:00.000+00:00",
"number": "11",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2022-09-21T22:00:00.000+00:00",
"number": "12",
"summary": "Neue Updates von Oracle Linux aufgenommen"
},
{
"date": "2022-10-06T22:00:00.000+00:00",
"number": "13",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2022-10-12T22:00:00.000+00:00",
"number": "14",
"summary": "Neue Updates aufgenommen"
},
{
"date": "2022-10-18T22:00:00.000+00:00",
"number": "15",
"summary": "Neue Updates aufgenommen"
},
{
"date": "2022-10-25T22:00:00.000+00:00",
"number": "16",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2022-10-26T22:00:00.000+00:00",
"number": "17",
"summary": "Neue Updates von Oracle Linux aufgenommen"
},
{
"date": "2022-11-06T23:00:00.000+00:00",
"number": "18",
"summary": "Neue Updates von Amazon aufgenommen"
},
{
"date": "2022-11-08T23:00:00.000+00:00",
"number": "19",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2022-11-15T23:00:00.000+00:00",
"number": "20",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2022-11-21T23:00:00.000+00:00",
"number": "21",
"summary": "Neue Updates von Oracle Linux aufgenommen"
},
{
"date": "2022-12-07T23:00:00.000+00:00",
"number": "22",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2022-12-15T23:00:00.000+00:00",
"number": "23",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2023-02-06T23:00:00.000+00:00",
"number": "24",
"summary": "Neue Updates von Amazon aufgenommen"
},
{
"date": "2023-02-22T23:00:00.000+00:00",
"number": "25",
"summary": "Neue Updates von Amazon aufgenommen"
},
{
"date": "2024-05-28T22:00:00.000+00:00",
"number": "26",
"summary": "Neue Updates von Red Hat aufgenommen"
}
],
"status": "final",
"version": "26"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Amazon Linux 2",
"product": {
"name": "Amazon Linux 2",
"product_id": "398363",
"product_identification_helper": {
"cpe": "cpe:/o:amazon:linux_2:-"
}
}
}
],
"category": "vendor",
"name": "Amazon"
},
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c22.2R1",
"product": {
"name": "Juniper Junos Space \u003c22.2R1",
"product_id": "T003343"
}
}
],
"category": "product_name",
"name": "Junos Space"
}
],
"category": "vendor",
"name": "Juniper"
},
{
"branches": [
{
"category": "product_name",
"name": "NetApp ActiveIQ Unified Manager",
"product": {
"name": "NetApp ActiveIQ Unified Manager",
"product_id": "T016960",
"product_identification_helper": {
"cpe": "cpe:/a:netapp:active_iq_unified_manager:-"
}
}
}
],
"category": "vendor",
"name": "NetApp"
},
{
"branches": [
{
"category": "product_name",
"name": "Oracle Linux",
"product": {
"name": "Oracle Linux",
"product_id": "T004914",
"product_identification_helper": {
"cpe": "cpe:/o:oracle:linux:-"
}
}
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c=8.0.29",
"product": {
"name": "Oracle MySQL \u003c=8.0.29",
"product_id": "T022871"
}
},
{
"category": "product_version_range",
"name": "\u003c=8.0.28",
"product": {
"name": "Oracle MySQL \u003c=8.0.28",
"product_id": "T022872"
}
},
{
"category": "product_version_range",
"name": "\u003c=5.7.37",
"product": {
"name": "Oracle MySQL \u003c=5.7.37",
"product_id": "T022873"
}
},
{
"category": "product_version_range",
"name": "\u003c=7.4.35",
"product": {
"name": "Oracle MySQL \u003c=7.4.35",
"product_id": "T022874"
}
},
{
"category": "product_version_range",
"name": "\u003c=7.5.25",
"product": {
"name": "Oracle MySQL \u003c=7.5.25",
"product_id": "T022875"
}
},
{
"category": "product_version_range",
"name": "\u003c=7.6.21",
"product": {
"name": "Oracle MySQL \u003c=7.6.21",
"product_id": "T022876"
}
}
],
"category": "product_name",
"name": "MySQL"
}
],
"category": "vendor",
"name": "Oracle"
},
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux",
"product": {
"name": "Red Hat Enterprise Linux",
"product_id": "67646",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:-"
}
}
},
{
"category": "product_name",
"name": "Red Hat OpenShift",
"product": {
"name": "Red Hat OpenShift",
"product_id": "367115",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift:-"
}
}
}
],
"category": "vendor",
"name": "Red Hat"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux",
"product": {
"name": "SUSE Linux",
"product_id": "T002207",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse_linux:-"
}
}
}
],
"category": "vendor",
"name": "SUSE"
},
{
"branches": [
{
"category": "product_name",
"name": "Ubuntu Linux",
"product": {
"name": "Ubuntu Linux",
"product_id": "T000126",
"product_identification_helper": {
"cpe": "cpe:/o:canonical:ubuntu_linux:-"
}
}
}
],
"category": "vendor",
"name": "Ubuntu"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-22570",
"notes": [
{
"category": "description",
"text": "In Oracle MySQL existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T003343",
"T002207",
"67646",
"T000126",
"367115",
"398363",
"T004914",
"T016960"
],
"last_affected": [
"T022873",
"T022874",
"T022875",
"T022876",
"T022871",
"T022872"
]
},
"release_date": "2022-04-19T22:00:00.000+00:00",
"title": "CVE-2021-22570"
},
{
"cve": "CVE-2021-41184",
"notes": [
{
"category": "description",
"text": "In Oracle MySQL existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T003343",
"T002207",
"67646",
"T000126",
"367115",
"398363",
"T004914",
"T016960"
],
"last_affected": [
"T022873",
"T022874",
"T022875",
"T022876",
"T022871",
"T022872"
]
},
"release_date": "2022-04-19T22:00:00.000+00:00",
"title": "CVE-2021-41184"
},
{
"cve": "CVE-2021-42340",
"notes": [
{
"category": "description",
"text": "In Oracle MySQL existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T003343",
"T002207",
"67646",
"T000126",
"367115",
"398363",
"T004914",
"T016960"
],
"last_affected": [
"T022873",
"T022874",
"T022875",
"T022876",
"T022871",
"T022872"
]
},
"release_date": "2022-04-19T22:00:00.000+00:00",
"title": "CVE-2021-42340"
},
{
"cve": "CVE-2021-44832",
"notes": [
{
"category": "description",
"text": "In Oracle MySQL existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T003343",
"T002207",
"67646",
"T000126",
"367115",
"398363",
"T004914",
"T016960"
],
"last_affected": [
"T022873",
"T022874",
"T022875",
"T022876",
"T022871",
"T022872"
]
},
"release_date": "2022-04-19T22:00:00.000+00:00",
"title": "CVE-2021-44832"
},
{
"cve": "CVE-2022-0778",
"notes": [
{
"category": "description",
"text": "In Oracle MySQL existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T003343",
"T002207",
"67646",
"T000126",
"367115",
"398363",
"T004914",
"T016960"
],
"last_affected": [
"T022873",
"T022874",
"T022875",
"T022876",
"T022871",
"T022872"
]
},
"release_date": "2022-04-19T22:00:00.000+00:00",
"title": "CVE-2022-0778"
},
{
"cve": "CVE-2022-21412",
"notes": [
{
"category": "description",
"text": "In Oracle MySQL existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T003343",
"T002207",
"67646",
"T000126",
"367115",
"398363",
"T004914",
"T016960"
],
"last_affected": [
"T022873",
"T022874",
"T022875",
"T022876",
"T022871",
"T022872"
]
},
"release_date": "2022-04-19T22:00:00.000+00:00",
"title": "CVE-2022-21412"
},
{
"cve": "CVE-2022-21413",
"notes": [
{
"category": "description",
"text": "In Oracle MySQL existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T003343",
"T002207",
"67646",
"T000126",
"367115",
"398363",
"T004914",
"T016960"
],
"last_affected": [
"T022873",
"T022874",
"T022875",
"T022876",
"T022871",
"T022872"
]
},
"release_date": "2022-04-19T22:00:00.000+00:00",
"title": "CVE-2022-21413"
},
{
"cve": "CVE-2022-21414",
"notes": [
{
"category": "description",
"text": "In Oracle MySQL existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T003343",
"T002207",
"67646",
"T000126",
"367115",
"398363",
"T004914",
"T016960"
],
"last_affected": [
"T022873",
"T022874",
"T022875",
"T022876",
"T022871",
"T022872"
]
},
"release_date": "2022-04-19T22:00:00.000+00:00",
"title": "CVE-2022-21414"
},
{
"cve": "CVE-2022-21415",
"notes": [
{
"category": "description",
"text": "In Oracle MySQL existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T003343",
"T002207",
"67646",
"T000126",
"367115",
"398363",
"T004914",
"T016960"
],
"last_affected": [
"T022873",
"T022874",
"T022875",
"T022876",
"T022871",
"T022872"
]
},
"release_date": "2022-04-19T22:00:00.000+00:00",
"title": "CVE-2022-21415"
},
{
"cve": "CVE-2022-21417",
"notes": [
{
"category": "description",
"text": "In Oracle MySQL existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T003343",
"T002207",
"67646",
"T000126",
"367115",
"398363",
"T004914",
"T016960"
],
"last_affected": [
"T022873",
"T022874",
"T022875",
"T022876",
"T022871",
"T022872"
]
},
"release_date": "2022-04-19T22:00:00.000+00:00",
"title": "CVE-2022-21417"
},
{
"cve": "CVE-2022-21418",
"notes": [
{
"category": "description",
"text": "In Oracle MySQL existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T003343",
"T002207",
"67646",
"T000126",
"367115",
"398363",
"T004914",
"T016960"
],
"last_affected": [
"T022873",
"T022874",
"T022875",
"T022876",
"T022871",
"T022872"
]
},
"release_date": "2022-04-19T22:00:00.000+00:00",
"title": "CVE-2022-21418"
},
{
"cve": "CVE-2022-21423",
"notes": [
{
"category": "description",
"text": "In Oracle MySQL existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T003343",
"T002207",
"67646",
"T000126",
"367115",
"398363",
"T004914",
"T016960"
],
"last_affected": [
"T022873",
"T022874",
"T022875",
"T022876",
"T022871",
"T022872"
]
},
"release_date": "2022-04-19T22:00:00.000+00:00",
"title": "CVE-2022-21423"
},
{
"cve": "CVE-2022-21425",
"notes": [
{
"category": "description",
"text": "In Oracle MySQL existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T003343",
"T002207",
"67646",
"T000126",
"367115",
"398363",
"T004914",
"T016960"
],
"last_affected": [
"T022873",
"T022874",
"T022875",
"T022876",
"T022871",
"T022872"
]
},
"release_date": "2022-04-19T22:00:00.000+00:00",
"title": "CVE-2022-21425"
},
{
"cve": "CVE-2022-21427",
"notes": [
{
"category": "description",
"text": "In Oracle MySQL existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T003343",
"T002207",
"67646",
"T000126",
"367115",
"398363",
"T004914",
"T016960"
],
"last_affected": [
"T022873",
"T022874",
"T022875",
"T022876",
"T022871",
"T022872"
]
},
"release_date": "2022-04-19T22:00:00.000+00:00",
"title": "CVE-2022-21427"
},
{
"cve": "CVE-2022-21435",
"notes": [
{
"category": "description",
"text": "In Oracle MySQL existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T003343",
"T002207",
"67646",
"T000126",
"367115",
"398363",
"T004914",
"T016960"
],
"last_affected": [
"T022873",
"T022874",
"T022875",
"T022876",
"T022871",
"T022872"
]
},
"release_date": "2022-04-19T22:00:00.000+00:00",
"title": "CVE-2022-21435"
},
{
"cve": "CVE-2022-21436",
"notes": [
{
"category": "description",
"text": "In Oracle MySQL existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T003343",
"T002207",
"67646",
"T000126",
"367115",
"398363",
"T004914",
"T016960"
],
"last_affected": [
"T022873",
"T022874",
"T022875",
"T022876",
"T022871",
"T022872"
]
},
"release_date": "2022-04-19T22:00:00.000+00:00",
"title": "CVE-2022-21436"
},
{
"cve": "CVE-2022-21437",
"notes": [
{
"category": "description",
"text": "In Oracle MySQL existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T003343",
"T002207",
"67646",
"T000126",
"367115",
"398363",
"T004914",
"T016960"
],
"last_affected": [
"T022873",
"T022874",
"T022875",
"T022876",
"T022871",
"T022872"
]
},
"release_date": "2022-04-19T22:00:00.000+00:00",
"title": "CVE-2022-21437"
},
{
"cve": "CVE-2022-21438",
"notes": [
{
"category": "description",
"text": "In Oracle MySQL existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T003343",
"T002207",
"67646",
"T000126",
"367115",
"398363",
"T004914",
"T016960"
],
"last_affected": [
"T022873",
"T022874",
"T022875",
"T022876",
"T022871",
"T022872"
]
},
"release_date": "2022-04-19T22:00:00.000+00:00",
"title": "CVE-2022-21438"
},
{
"cve": "CVE-2022-21440",
"notes": [
{
"category": "description",
"text": "In Oracle MySQL existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T003343",
"T002207",
"67646",
"T000126",
"367115",
"398363",
"T004914",
"T016960"
],
"last_affected": [
"T022873",
"T022874",
"T022875",
"T022876",
"T022871",
"T022872"
]
},
"release_date": "2022-04-19T22:00:00.000+00:00",
"title": "CVE-2022-21440"
},
{
"cve": "CVE-2022-21444",
"notes": [
{
"category": "description",
"text": "In Oracle MySQL existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T003343",
"T002207",
"67646",
"T000126",
"367115",
"398363",
"T004914",
"T016960"
],
"last_affected": [
"T022873",
"T022874",
"T022875",
"T022876",
"T022871",
"T022872"
]
},
"release_date": "2022-04-19T22:00:00.000+00:00",
"title": "CVE-2022-21444"
},
{
"cve": "CVE-2022-21451",
"notes": [
{
"category": "description",
"text": "In Oracle MySQL existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T003343",
"T002207",
"67646",
"T000126",
"367115",
"398363",
"T004914",
"T016960"
],
"last_affected": [
"T022873",
"T022874",
"T022875",
"T022876",
"T022871",
"T022872"
]
},
"release_date": "2022-04-19T22:00:00.000+00:00",
"title": "CVE-2022-21451"
},
{
"cve": "CVE-2022-21452",
"notes": [
{
"category": "description",
"text": "In Oracle MySQL existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T003343",
"T002207",
"67646",
"T000126",
"367115",
"398363",
"T004914",
"T016960"
],
"last_affected": [
"T022873",
"T022874",
"T022875",
"T022876",
"T022871",
"T022872"
]
},
"release_date": "2022-04-19T22:00:00.000+00:00",
"title": "CVE-2022-21452"
},
{
"cve": "CVE-2022-21454",
"notes": [
{
"category": "description",
"text": "In Oracle MySQL existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T003343",
"T002207",
"67646",
"T000126",
"367115",
"398363",
"T004914",
"T016960"
],
"last_affected": [
"T022873",
"T022874",
"T022875",
"T022876",
"T022871",
"T022872"
]
},
"release_date": "2022-04-19T22:00:00.000+00:00",
"title": "CVE-2022-21454"
},
{
"cve": "CVE-2022-21457",
"notes": [
{
"category": "description",
"text": "In Oracle MySQL existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T003343",
"T002207",
"67646",
"T000126",
"367115",
"398363",
"T004914",
"T016960"
],
"last_affected": [
"T022873",
"T022874",
"T022875",
"T022876",
"T022871",
"T022872"
]
},
"release_date": "2022-04-19T22:00:00.000+00:00",
"title": "CVE-2022-21457"
},
{
"cve": "CVE-2022-21459",
"notes": [
{
"category": "description",
"text": "In Oracle MySQL existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T003343",
"T002207",
"67646",
"T000126",
"367115",
"398363",
"T004914",
"T016960"
],
"last_affected": [
"T022873",
"T022874",
"T022875",
"T022876",
"T022871",
"T022872"
]
},
"release_date": "2022-04-19T22:00:00.000+00:00",
"title": "CVE-2022-21459"
},
{
"cve": "CVE-2022-21460",
"notes": [
{
"category": "description",
"text": "In Oracle MySQL existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T003343",
"T002207",
"67646",
"T000126",
"367115",
"398363",
"T004914",
"T016960"
],
"last_affected": [
"T022873",
"T022874",
"T022875",
"T022876",
"T022871",
"T022872"
]
},
"release_date": "2022-04-19T22:00:00.000+00:00",
"title": "CVE-2022-21460"
},
{
"cve": "CVE-2022-21462",
"notes": [
{
"category": "description",
"text": "In Oracle MySQL existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T003343",
"T002207",
"67646",
"T000126",
"367115",
"398363",
"T004914",
"T016960"
],
"last_affected": [
"T022873",
"T022874",
"T022875",
"T022876",
"T022871",
"T022872"
]
},
"release_date": "2022-04-19T22:00:00.000+00:00",
"title": "CVE-2022-21462"
},
{
"cve": "CVE-2022-21478",
"notes": [
{
"category": "description",
"text": "In Oracle MySQL existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T003343",
"T002207",
"67646",
"T000126",
"367115",
"398363",
"T004914",
"T016960"
],
"last_affected": [
"T022873",
"T022874",
"T022875",
"T022876",
"T022871",
"T022872"
]
},
"release_date": "2022-04-19T22:00:00.000+00:00",
"title": "CVE-2022-21478"
},
{
"cve": "CVE-2022-21479",
"notes": [
{
"category": "description",
"text": "In Oracle MySQL existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T003343",
"T002207",
"67646",
"T000126",
"367115",
"398363",
"T004914",
"T016960"
],
"last_affected": [
"T022873",
"T022874",
"T022875",
"T022876",
"T022871",
"T022872"
]
},
"release_date": "2022-04-19T22:00:00.000+00:00",
"title": "CVE-2022-21479"
},
{
"cve": "CVE-2022-21482",
"notes": [
{
"category": "description",
"text": "In Oracle MySQL existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T003343",
"T002207",
"67646",
"T000126",
"367115",
"398363",
"T004914",
"T016960"
],
"last_affected": [
"T022873",
"T022874",
"T022875",
"T022876",
"T022871",
"T022872"
]
},
"release_date": "2022-04-19T22:00:00.000+00:00",
"title": "CVE-2022-21482"
},
{
"cve": "CVE-2022-21483",
"notes": [
{
"category": "description",
"text": "In Oracle MySQL existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T003343",
"T002207",
"67646",
"T000126",
"367115",
"398363",
"T004914",
"T016960"
],
"last_affected": [
"T022873",
"T022874",
"T022875",
"T022876",
"T022871",
"T022872"
]
},
"release_date": "2022-04-19T22:00:00.000+00:00",
"title": "CVE-2022-21483"
},
{
"cve": "CVE-2022-21484",
"notes": [
{
"category": "description",
"text": "In Oracle MySQL existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T003343",
"T002207",
"67646",
"T000126",
"367115",
"398363",
"T004914",
"T016960"
],
"last_affected": [
"T022873",
"T022874",
"T022875",
"T022876",
"T022871",
"T022872"
]
},
"release_date": "2022-04-19T22:00:00.000+00:00",
"title": "CVE-2022-21484"
},
{
"cve": "CVE-2022-21485",
"notes": [
{
"category": "description",
"text": "In Oracle MySQL existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T003343",
"T002207",
"67646",
"T000126",
"367115",
"398363",
"T004914",
"T016960"
],
"last_affected": [
"T022873",
"T022874",
"T022875",
"T022876",
"T022871",
"T022872"
]
},
"release_date": "2022-04-19T22:00:00.000+00:00",
"title": "CVE-2022-21485"
},
{
"cve": "CVE-2022-21486",
"notes": [
{
"category": "description",
"text": "In Oracle MySQL existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T003343",
"T002207",
"67646",
"T000126",
"367115",
"398363",
"T004914",
"T016960"
],
"last_affected": [
"T022873",
"T022874",
"T022875",
"T022876",
"T022871",
"T022872"
]
},
"release_date": "2022-04-19T22:00:00.000+00:00",
"title": "CVE-2022-21486"
},
{
"cve": "CVE-2022-21489",
"notes": [
{
"category": "description",
"text": "In Oracle MySQL existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T003343",
"T002207",
"67646",
"T000126",
"367115",
"398363",
"T004914",
"T016960"
],
"last_affected": [
"T022873",
"T022874",
"T022875",
"T022876",
"T022871",
"T022872"
]
},
"release_date": "2022-04-19T22:00:00.000+00:00",
"title": "CVE-2022-21489"
},
{
"cve": "CVE-2022-21490",
"notes": [
{
"category": "description",
"text": "In Oracle MySQL existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T003343",
"T002207",
"67646",
"T000126",
"367115",
"398363",
"T004914",
"T016960"
],
"last_affected": [
"T022873",
"T022874",
"T022875",
"T022876",
"T022871",
"T022872"
]
},
"release_date": "2022-04-19T22:00:00.000+00:00",
"title": "CVE-2022-21490"
},
{
"cve": "CVE-2022-22965",
"notes": [
{
"category": "description",
"text": "In Oracle MySQL existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T003343",
"T002207",
"67646",
"T000126",
"367115",
"398363",
"T004914",
"T016960"
],
"last_affected": [
"T022873",
"T022874",
"T022875",
"T022876",
"T022871",
"T022872"
]
},
"release_date": "2022-04-19T22:00:00.000+00:00",
"title": "CVE-2022-22965"
},
{
"cve": "CVE-2022-23181",
"notes": [
{
"category": "description",
"text": "In Oracle MySQL existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T003343",
"T002207",
"67646",
"T000126",
"367115",
"398363",
"T004914",
"T016960"
],
"last_affected": [
"T022873",
"T022874",
"T022875",
"T022876",
"T022871",
"T022872"
]
},
"release_date": "2022-04-19T22:00:00.000+00:00",
"title": "CVE-2022-23181"
},
{
"cve": "CVE-2022-23305",
"notes": [
{
"category": "description",
"text": "In Oracle MySQL existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T003343",
"T002207",
"67646",
"T000126",
"367115",
"398363",
"T004914",
"T016960"
],
"last_affected": [
"T022873",
"T022874",
"T022875",
"T022876",
"T022871",
"T022872"
]
},
"release_date": "2022-04-19T22:00:00.000+00:00",
"title": "CVE-2022-23305"
}
]
}
WID-SEC-W-2023-0122
Vulnerability from csaf_certbund - Published: 2023-01-17 23:00 - Updated: 2023-01-17 23:00Summary
Oracle Supply Chain: Mehrere Schwachstellen
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
Die Oracle Supply Chain ist eine Sammlung von Applikationen für verschiedene Zwecke.
Angriff
Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in Oracle Supply Chain ausnutzen, um die Vertraulichkeit, Integrität und Verfügbarkeit zu gefährden.
Betroffene Betriebssysteme
- UNIX
- Linux
- Windows
{
"document": {
"aggregate_severity": {
"text": "mittel"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Die Oracle Supply Chain ist eine Sammlung von Applikationen f\u00fcr verschiedene Zwecke.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in Oracle Supply Chain ausnutzen, um die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit zu gef\u00e4hrden.",
"title": "Angriff"
},
{
"category": "general",
"text": "- UNIX\n- Linux\n- Windows",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2023-0122 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2023/wid-sec-w-2023-0122.json"
},
{
"category": "self",
"summary": "WID-SEC-2023-0122 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-0122"
},
{
"category": "external",
"summary": "Oracle Critical Patch Update Advisory - January 2023 - Appendix Oracle Supply Chain vom 2023-01-17",
"url": "https://www.oracle.com/security-alerts/cpujan2023.html#AppendixSCP"
}
],
"source_lang": "en-US",
"title": "Oracle Supply Chain: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2023-01-17T23:00:00.000+00:00",
"generator": {
"date": "2024-08-15T17:41:43.641+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.3.5"
}
},
"id": "WID-SEC-W-2023-0122",
"initial_release_date": "2023-01-17T23:00:00.000+00:00",
"revision_history": [
{
"date": "2023-01-17T23:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Oracle Supply Chain 9.3.6",
"product": {
"name": "Oracle Supply Chain 9.3.6",
"product_id": "T019052",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:supply_chain:9.3.6"
}
}
},
{
"category": "product_name",
"name": "Oracle Supply Chain 12.1",
"product": {
"name": "Oracle Supply Chain 12.1",
"product_id": "T019054",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:supply_chain:12.1"
}
}
},
{
"category": "product_name",
"name": "Oracle Supply Chain 12.2",
"product": {
"name": "Oracle Supply Chain 12.2",
"product_id": "T019055",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:supply_chain:12.2"
}
}
},
{
"category": "product_name",
"name": "Oracle Supply Chain 12.2.11",
"product": {
"name": "Oracle Supply Chain 12.2.11",
"product_id": "T021721",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:supply_chain:12.2.11"
}
}
},
{
"category": "product_name",
"name": "Oracle Supply Chain \u003c 21.0.2.6",
"product": {
"name": "Oracle Supply Chain \u003c 21.0.2.6",
"product_id": "T025892",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:supply_chain:21.0.2.6"
}
}
},
{
"category": "product_name",
"name": "Oracle Supply Chain 12.2.7",
"product": {
"name": "Oracle Supply Chain 12.2.7",
"product_id": "T025893",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:supply_chain:12.2.7"
}
}
},
{
"category": "product_name",
"name": "Oracle Supply Chain 12.2.8",
"product": {
"name": "Oracle Supply Chain 12.2.8",
"product_id": "T025894",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:supply_chain:12.2.8"
}
}
},
{
"category": "product_name",
"name": "Oracle Supply Chain 12.2.9",
"product": {
"name": "Oracle Supply Chain 12.2.9",
"product_id": "T025895",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:supply_chain:12.2.9"
}
}
},
{
"category": "product_name",
"name": "Oracle Supply Chain 12.2.10",
"product": {
"name": "Oracle Supply Chain 12.2.10",
"product_id": "T025896",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:supply_chain:12.2.10"
}
}
},
{
"category": "product_name",
"name": "Oracle Supply Chain 12.2.12",
"product": {
"name": "Oracle Supply Chain 12.2.12",
"product_id": "T025897",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:supply_chain:12.2.12"
}
}
},
{
"category": "product_name",
"name": "Oracle Supply Chain \u003c 21.0.2.0",
"product": {
"name": "Oracle Supply Chain \u003c 21.0.2.0",
"product_id": "T025898",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:supply_chain:21.0.2.0"
}
}
}
],
"category": "product_name",
"name": "Supply Chain"
}
],
"category": "vendor",
"name": "Oracle"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-21850",
"notes": [
{
"category": "description",
"text": "In Oracle Supply Chain existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T021721",
"T019052",
"T025895",
"T025894",
"T019054",
"T025897",
"T025896",
"T019055",
"T025893"
]
},
"release_date": "2023-01-17T23:00:00.000+00:00",
"title": "CVE-2023-21850"
},
{
"cve": "CVE-2022-42252",
"notes": [
{
"category": "description",
"text": "In Oracle Supply Chain existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T021721",
"T019052",
"T025895",
"T025894",
"T019054",
"T025897",
"T025896",
"T019055",
"T025893"
]
},
"release_date": "2023-01-17T23:00:00.000+00:00",
"title": "CVE-2022-42252"
},
{
"cve": "CVE-2022-34169",
"notes": [
{
"category": "description",
"text": "In Oracle Supply Chain existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T021721",
"T019052",
"T025895",
"T025894",
"T019054",
"T025897",
"T025896",
"T019055",
"T025893"
]
},
"release_date": "2023-01-17T23:00:00.000+00:00",
"title": "CVE-2022-34169"
},
{
"cve": "CVE-2022-24839",
"notes": [
{
"category": "description",
"text": "In Oracle Supply Chain existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T021721",
"T019052",
"T025895",
"T025894",
"T019054",
"T025897",
"T025896",
"T019055",
"T025893"
]
},
"release_date": "2023-01-17T23:00:00.000+00:00",
"title": "CVE-2022-24839"
},
{
"cve": "CVE-2021-44832",
"notes": [
{
"category": "description",
"text": "In Oracle Supply Chain existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T021721",
"T019052",
"T025895",
"T025894",
"T019054",
"T025897",
"T025896",
"T019055",
"T025893"
]
},
"release_date": "2023-01-17T23:00:00.000+00:00",
"title": "CVE-2021-44832"
},
{
"cve": "CVE-2020-27844",
"notes": [
{
"category": "description",
"text": "In Oracle Supply Chain existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T021721",
"T019052",
"T025895",
"T025894",
"T019054",
"T025897",
"T025896",
"T019055",
"T025893"
]
},
"release_date": "2023-01-17T23:00:00.000+00:00",
"title": "CVE-2020-27844"
},
{
"cve": "CVE-2019-7317",
"notes": [
{
"category": "description",
"text": "In Oracle Supply Chain existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T021721",
"T019052",
"T025895",
"T025894",
"T019054",
"T025897",
"T025896",
"T019055",
"T025893"
]
},
"release_date": "2023-01-17T23:00:00.000+00:00",
"title": "CVE-2019-7317"
},
{
"cve": "CVE-2019-12415",
"notes": [
{
"category": "description",
"text": "In Oracle Supply Chain existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T021721",
"T019052",
"T025895",
"T025894",
"T019054",
"T025897",
"T025896",
"T019055",
"T025893"
]
},
"release_date": "2023-01-17T23:00:00.000+00:00",
"title": "CVE-2019-12415"
}
]
}
OPENSUSE-SU-2021:4208-1
Vulnerability from csaf_opensuse - Published: 2021-12-30 11:56 - Updated: 2021-12-30 11:56Summary
Security update for log4j
Notes
Title of the patch
Security update for log4j
Description of the patch
This update for log4j fixes the following issues:
- CVE-2021-44832: Fixes a remote code execution via JDBC Appender (bsc#1194127)
Patchnames
openSUSE-SLE-15.3-2021-4208
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for log4j",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for log4j fixes the following issues:\n\n- CVE-2021-44832: Fixes a remote code execution via JDBC Appender (bsc#1194127)\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-SLE-15.3-2021-4208",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2021_4208-1.json"
},
{
"category": "self",
"summary": "URL for openSUSE-SU-2021:4208-1",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/QD3TW7GD6PF3ZSKL2TJG3Z462FFFLJND/"
},
{
"category": "self",
"summary": "E-Mail link for openSUSE-SU-2021:4208-1",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/QD3TW7GD6PF3ZSKL2TJG3Z462FFFLJND/"
},
{
"category": "self",
"summary": "SUSE Bug 1194127",
"url": "https://bugzilla.suse.com/1194127"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-44832 page",
"url": "https://www.suse.com/security/cve/CVE-2021-44832/"
}
],
"title": "Security update for log4j",
"tracking": {
"current_release_date": "2021-12-30T11:56:04Z",
"generator": {
"date": "2021-12-30T11:56:04Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2021:4208-1",
"initial_release_date": "2021-12-30T11:56:04Z",
"revision_history": [
{
"date": "2021-12-30T11:56:04Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "log4j-2.17.0-4.16.1.noarch",
"product": {
"name": "log4j-2.17.0-4.16.1.noarch",
"product_id": "log4j-2.17.0-4.16.1.noarch"
}
},
{
"category": "product_version",
"name": "log4j-javadoc-2.17.0-4.16.1.noarch",
"product": {
"name": "log4j-javadoc-2.17.0-4.16.1.noarch",
"product_id": "log4j-javadoc-2.17.0-4.16.1.noarch"
}
},
{
"category": "product_version",
"name": "log4j-jcl-2.17.0-4.16.1.noarch",
"product": {
"name": "log4j-jcl-2.17.0-4.16.1.noarch",
"product_id": "log4j-jcl-2.17.0-4.16.1.noarch"
}
},
{
"category": "product_version",
"name": "log4j-slf4j-2.17.0-4.16.1.noarch",
"product": {
"name": "log4j-slf4j-2.17.0-4.16.1.noarch",
"product_id": "log4j-slf4j-2.17.0-4.16.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Leap 15.3",
"product": {
"name": "openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:leap:15.3"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "log4j-2.17.0-4.16.1.noarch as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:log4j-2.17.0-4.16.1.noarch"
},
"product_reference": "log4j-2.17.0-4.16.1.noarch",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "log4j-javadoc-2.17.0-4.16.1.noarch as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:log4j-javadoc-2.17.0-4.16.1.noarch"
},
"product_reference": "log4j-javadoc-2.17.0-4.16.1.noarch",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "log4j-jcl-2.17.0-4.16.1.noarch as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:log4j-jcl-2.17.0-4.16.1.noarch"
},
"product_reference": "log4j-jcl-2.17.0-4.16.1.noarch",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "log4j-slf4j-2.17.0-4.16.1.noarch as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:log4j-slf4j-2.17.0-4.16.1.noarch"
},
"product_reference": "log4j-slf4j-2.17.0-4.16.1.noarch",
"relates_to_product_reference": "openSUSE Leap 15.3"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-44832",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-44832"
}
],
"notes": [
{
"category": "general",
"text": "Apache Log4j2 versions 2.0-beta7 through 2.17.0 (excluding security fix releases 2.3.2 and 2.12.4) are vulnerable to a remote code execution (RCE) attack when a configuration uses a JDBC Appender with a JNDI LDAP data source URI when an attacker has control of the target LDAP server. This issue is fixed by limiting JNDI data source names to the java protocol in Log4j2 versions 2.17.1, 2.12.4, and 2.3.2.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.3:log4j-2.17.0-4.16.1.noarch",
"openSUSE Leap 15.3:log4j-javadoc-2.17.0-4.16.1.noarch",
"openSUSE Leap 15.3:log4j-jcl-2.17.0-4.16.1.noarch",
"openSUSE Leap 15.3:log4j-slf4j-2.17.0-4.16.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-44832",
"url": "https://www.suse.com/security/cve/CVE-2021-44832"
},
{
"category": "external",
"summary": "SUSE Bug 1194127 for CVE-2021-44832",
"url": "https://bugzilla.suse.com/1194127"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.3:log4j-2.17.0-4.16.1.noarch",
"openSUSE Leap 15.3:log4j-javadoc-2.17.0-4.16.1.noarch",
"openSUSE Leap 15.3:log4j-jcl-2.17.0-4.16.1.noarch",
"openSUSE Leap 15.3:log4j-slf4j-2.17.0-4.16.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.3:log4j-2.17.0-4.16.1.noarch",
"openSUSE Leap 15.3:log4j-javadoc-2.17.0-4.16.1.noarch",
"openSUSE Leap 15.3:log4j-jcl-2.17.0-4.16.1.noarch",
"openSUSE Leap 15.3:log4j-slf4j-2.17.0-4.16.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2021-12-30T11:56:04Z",
"details": "moderate"
}
],
"title": "CVE-2021-44832"
}
]
}
OPENSUSE-SU-2022:0002-1
Vulnerability from csaf_opensuse - Published: 2022-01-02 17:01 - Updated: 2022-01-02 17:01Summary
Security update for log4j
Notes
Title of the patch
Security update for log4j
Description of the patch
This update for log4j fixes the following issues:
- CVE-2021-44832: Fixes a remote code execution via JDBC Appender (bsc#1194127)
This update was imported from the SUSE:SLE-15-SP2:Update update project.
Patchnames
openSUSE-2022-2
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for log4j",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for log4j fixes the following issues:\n\n- CVE-2021-44832: Fixes a remote code execution via JDBC Appender (bsc#1194127)\n\nThis update was imported from the SUSE:SLE-15-SP2:Update update project.",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-2022-2",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2022_0002-1.json"
},
{
"category": "self",
"summary": "URL for openSUSE-SU-2022:0002-1",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/YBITTL424FAEN3BI2PM3NGBMPREUS3P4/"
},
{
"category": "self",
"summary": "E-Mail link for openSUSE-SU-2022:0002-1",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/YBITTL424FAEN3BI2PM3NGBMPREUS3P4/"
},
{
"category": "self",
"summary": "SUSE Bug 1194127",
"url": "https://bugzilla.suse.com/1194127"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-44832 page",
"url": "https://www.suse.com/security/cve/CVE-2021-44832/"
}
],
"title": "Security update for log4j",
"tracking": {
"current_release_date": "2022-01-02T17:01:06Z",
"generator": {
"date": "2022-01-02T17:01:06Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2022:0002-1",
"initial_release_date": "2022-01-02T17:01:06Z",
"revision_history": [
{
"date": "2022-01-02T17:01:06Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "log4j-2.17.0-lp152.3.15.1.noarch",
"product": {
"name": "log4j-2.17.0-lp152.3.15.1.noarch",
"product_id": "log4j-2.17.0-lp152.3.15.1.noarch"
}
},
{
"category": "product_version",
"name": "log4j-javadoc-2.17.0-lp152.3.15.1.noarch",
"product": {
"name": "log4j-javadoc-2.17.0-lp152.3.15.1.noarch",
"product_id": "log4j-javadoc-2.17.0-lp152.3.15.1.noarch"
}
},
{
"category": "product_version",
"name": "log4j-jcl-2.17.0-lp152.3.15.1.noarch",
"product": {
"name": "log4j-jcl-2.17.0-lp152.3.15.1.noarch",
"product_id": "log4j-jcl-2.17.0-lp152.3.15.1.noarch"
}
},
{
"category": "product_version",
"name": "log4j-slf4j-2.17.0-lp152.3.15.1.noarch",
"product": {
"name": "log4j-slf4j-2.17.0-lp152.3.15.1.noarch",
"product_id": "log4j-slf4j-2.17.0-lp152.3.15.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Leap 15.2",
"product": {
"name": "openSUSE Leap 15.2",
"product_id": "openSUSE Leap 15.2",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:leap:15.2"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "log4j-2.17.0-lp152.3.15.1.noarch as component of openSUSE Leap 15.2",
"product_id": "openSUSE Leap 15.2:log4j-2.17.0-lp152.3.15.1.noarch"
},
"product_reference": "log4j-2.17.0-lp152.3.15.1.noarch",
"relates_to_product_reference": "openSUSE Leap 15.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "log4j-javadoc-2.17.0-lp152.3.15.1.noarch as component of openSUSE Leap 15.2",
"product_id": "openSUSE Leap 15.2:log4j-javadoc-2.17.0-lp152.3.15.1.noarch"
},
"product_reference": "log4j-javadoc-2.17.0-lp152.3.15.1.noarch",
"relates_to_product_reference": "openSUSE Leap 15.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "log4j-jcl-2.17.0-lp152.3.15.1.noarch as component of openSUSE Leap 15.2",
"product_id": "openSUSE Leap 15.2:log4j-jcl-2.17.0-lp152.3.15.1.noarch"
},
"product_reference": "log4j-jcl-2.17.0-lp152.3.15.1.noarch",
"relates_to_product_reference": "openSUSE Leap 15.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "log4j-slf4j-2.17.0-lp152.3.15.1.noarch as component of openSUSE Leap 15.2",
"product_id": "openSUSE Leap 15.2:log4j-slf4j-2.17.0-lp152.3.15.1.noarch"
},
"product_reference": "log4j-slf4j-2.17.0-lp152.3.15.1.noarch",
"relates_to_product_reference": "openSUSE Leap 15.2"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-44832",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-44832"
}
],
"notes": [
{
"category": "general",
"text": "Apache Log4j2 versions 2.0-beta7 through 2.17.0 (excluding security fix releases 2.3.2 and 2.12.4) are vulnerable to a remote code execution (RCE) attack when a configuration uses a JDBC Appender with a JNDI LDAP data source URI when an attacker has control of the target LDAP server. This issue is fixed by limiting JNDI data source names to the java protocol in Log4j2 versions 2.17.1, 2.12.4, and 2.3.2.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.2:log4j-2.17.0-lp152.3.15.1.noarch",
"openSUSE Leap 15.2:log4j-javadoc-2.17.0-lp152.3.15.1.noarch",
"openSUSE Leap 15.2:log4j-jcl-2.17.0-lp152.3.15.1.noarch",
"openSUSE Leap 15.2:log4j-slf4j-2.17.0-lp152.3.15.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-44832",
"url": "https://www.suse.com/security/cve/CVE-2021-44832"
},
{
"category": "external",
"summary": "SUSE Bug 1194127 for CVE-2021-44832",
"url": "https://bugzilla.suse.com/1194127"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.2:log4j-2.17.0-lp152.3.15.1.noarch",
"openSUSE Leap 15.2:log4j-javadoc-2.17.0-lp152.3.15.1.noarch",
"openSUSE Leap 15.2:log4j-jcl-2.17.0-lp152.3.15.1.noarch",
"openSUSE Leap 15.2:log4j-slf4j-2.17.0-lp152.3.15.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.2:log4j-2.17.0-lp152.3.15.1.noarch",
"openSUSE Leap 15.2:log4j-javadoc-2.17.0-lp152.3.15.1.noarch",
"openSUSE Leap 15.2:log4j-jcl-2.17.0-lp152.3.15.1.noarch",
"openSUSE Leap 15.2:log4j-slf4j-2.17.0-lp152.3.15.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-01-02T17:01:06Z",
"details": "moderate"
}
],
"title": "CVE-2021-44832"
}
]
}
OPENSUSE-SU-2024:11702-1
Vulnerability from csaf_opensuse - Published: 2024-06-15 00:00 - Updated: 2024-06-15 00:00Summary
log4j-2.17.1-1.1 on GA media
Notes
Title of the patch
log4j-2.17.1-1.1 on GA media
Description of the patch
These are all security issues fixed in the log4j-2.17.1-1.1 package on the GA media of openSUSE Tumbleweed.
Patchnames
openSUSE-Tumbleweed-2024-11702
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "log4j-2.17.1-1.1 on GA media",
"title": "Title of the patch"
},
{
"category": "description",
"text": "These are all security issues fixed in the log4j-2.17.1-1.1 package on the GA media of openSUSE Tumbleweed.",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-Tumbleweed-2024-11702",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2024_11702-1.json"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-44832 page",
"url": "https://www.suse.com/security/cve/CVE-2021-44832/"
}
],
"title": "log4j-2.17.1-1.1 on GA media",
"tracking": {
"current_release_date": "2024-06-15T00:00:00Z",
"generator": {
"date": "2024-06-15T00:00:00Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2024:11702-1",
"initial_release_date": "2024-06-15T00:00:00Z",
"revision_history": [
{
"date": "2024-06-15T00:00:00Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "log4j-2.17.1-1.1.aarch64",
"product": {
"name": "log4j-2.17.1-1.1.aarch64",
"product_id": "log4j-2.17.1-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "log4j-javadoc-2.17.1-1.1.aarch64",
"product": {
"name": "log4j-javadoc-2.17.1-1.1.aarch64",
"product_id": "log4j-javadoc-2.17.1-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "log4j-jcl-2.17.1-1.1.aarch64",
"product": {
"name": "log4j-jcl-2.17.1-1.1.aarch64",
"product_id": "log4j-jcl-2.17.1-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "log4j-slf4j-2.17.1-1.1.aarch64",
"product": {
"name": "log4j-slf4j-2.17.1-1.1.aarch64",
"product_id": "log4j-slf4j-2.17.1-1.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "log4j-2.17.1-1.1.ppc64le",
"product": {
"name": "log4j-2.17.1-1.1.ppc64le",
"product_id": "log4j-2.17.1-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "log4j-javadoc-2.17.1-1.1.ppc64le",
"product": {
"name": "log4j-javadoc-2.17.1-1.1.ppc64le",
"product_id": "log4j-javadoc-2.17.1-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "log4j-jcl-2.17.1-1.1.ppc64le",
"product": {
"name": "log4j-jcl-2.17.1-1.1.ppc64le",
"product_id": "log4j-jcl-2.17.1-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "log4j-slf4j-2.17.1-1.1.ppc64le",
"product": {
"name": "log4j-slf4j-2.17.1-1.1.ppc64le",
"product_id": "log4j-slf4j-2.17.1-1.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "log4j-2.17.1-1.1.s390x",
"product": {
"name": "log4j-2.17.1-1.1.s390x",
"product_id": "log4j-2.17.1-1.1.s390x"
}
},
{
"category": "product_version",
"name": "log4j-javadoc-2.17.1-1.1.s390x",
"product": {
"name": "log4j-javadoc-2.17.1-1.1.s390x",
"product_id": "log4j-javadoc-2.17.1-1.1.s390x"
}
},
{
"category": "product_version",
"name": "log4j-jcl-2.17.1-1.1.s390x",
"product": {
"name": "log4j-jcl-2.17.1-1.1.s390x",
"product_id": "log4j-jcl-2.17.1-1.1.s390x"
}
},
{
"category": "product_version",
"name": "log4j-slf4j-2.17.1-1.1.s390x",
"product": {
"name": "log4j-slf4j-2.17.1-1.1.s390x",
"product_id": "log4j-slf4j-2.17.1-1.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "log4j-2.17.1-1.1.x86_64",
"product": {
"name": "log4j-2.17.1-1.1.x86_64",
"product_id": "log4j-2.17.1-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "log4j-javadoc-2.17.1-1.1.x86_64",
"product": {
"name": "log4j-javadoc-2.17.1-1.1.x86_64",
"product_id": "log4j-javadoc-2.17.1-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "log4j-jcl-2.17.1-1.1.x86_64",
"product": {
"name": "log4j-jcl-2.17.1-1.1.x86_64",
"product_id": "log4j-jcl-2.17.1-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "log4j-slf4j-2.17.1-1.1.x86_64",
"product": {
"name": "log4j-slf4j-2.17.1-1.1.x86_64",
"product_id": "log4j-slf4j-2.17.1-1.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Tumbleweed",
"product": {
"name": "openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:tumbleweed"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "log4j-2.17.1-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:log4j-2.17.1-1.1.aarch64"
},
"product_reference": "log4j-2.17.1-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "log4j-2.17.1-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:log4j-2.17.1-1.1.ppc64le"
},
"product_reference": "log4j-2.17.1-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "log4j-2.17.1-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:log4j-2.17.1-1.1.s390x"
},
"product_reference": "log4j-2.17.1-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "log4j-2.17.1-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:log4j-2.17.1-1.1.x86_64"
},
"product_reference": "log4j-2.17.1-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "log4j-javadoc-2.17.1-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:log4j-javadoc-2.17.1-1.1.aarch64"
},
"product_reference": "log4j-javadoc-2.17.1-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "log4j-javadoc-2.17.1-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:log4j-javadoc-2.17.1-1.1.ppc64le"
},
"product_reference": "log4j-javadoc-2.17.1-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "log4j-javadoc-2.17.1-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:log4j-javadoc-2.17.1-1.1.s390x"
},
"product_reference": "log4j-javadoc-2.17.1-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "log4j-javadoc-2.17.1-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:log4j-javadoc-2.17.1-1.1.x86_64"
},
"product_reference": "log4j-javadoc-2.17.1-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "log4j-jcl-2.17.1-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:log4j-jcl-2.17.1-1.1.aarch64"
},
"product_reference": "log4j-jcl-2.17.1-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "log4j-jcl-2.17.1-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:log4j-jcl-2.17.1-1.1.ppc64le"
},
"product_reference": "log4j-jcl-2.17.1-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "log4j-jcl-2.17.1-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:log4j-jcl-2.17.1-1.1.s390x"
},
"product_reference": "log4j-jcl-2.17.1-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "log4j-jcl-2.17.1-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:log4j-jcl-2.17.1-1.1.x86_64"
},
"product_reference": "log4j-jcl-2.17.1-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "log4j-slf4j-2.17.1-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:log4j-slf4j-2.17.1-1.1.aarch64"
},
"product_reference": "log4j-slf4j-2.17.1-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "log4j-slf4j-2.17.1-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:log4j-slf4j-2.17.1-1.1.ppc64le"
},
"product_reference": "log4j-slf4j-2.17.1-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "log4j-slf4j-2.17.1-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:log4j-slf4j-2.17.1-1.1.s390x"
},
"product_reference": "log4j-slf4j-2.17.1-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "log4j-slf4j-2.17.1-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:log4j-slf4j-2.17.1-1.1.x86_64"
},
"product_reference": "log4j-slf4j-2.17.1-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-44832",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-44832"
}
],
"notes": [
{
"category": "general",
"text": "Apache Log4j2 versions 2.0-beta7 through 2.17.0 (excluding security fix releases 2.3.2 and 2.12.4) are vulnerable to a remote code execution (RCE) attack when a configuration uses a JDBC Appender with a JNDI LDAP data source URI when an attacker has control of the target LDAP server. This issue is fixed by limiting JNDI data source names to the java protocol in Log4j2 versions 2.17.1, 2.12.4, and 2.3.2.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:log4j-2.17.1-1.1.aarch64",
"openSUSE Tumbleweed:log4j-2.17.1-1.1.ppc64le",
"openSUSE Tumbleweed:log4j-2.17.1-1.1.s390x",
"openSUSE Tumbleweed:log4j-2.17.1-1.1.x86_64",
"openSUSE Tumbleweed:log4j-javadoc-2.17.1-1.1.aarch64",
"openSUSE Tumbleweed:log4j-javadoc-2.17.1-1.1.ppc64le",
"openSUSE Tumbleweed:log4j-javadoc-2.17.1-1.1.s390x",
"openSUSE Tumbleweed:log4j-javadoc-2.17.1-1.1.x86_64",
"openSUSE Tumbleweed:log4j-jcl-2.17.1-1.1.aarch64",
"openSUSE Tumbleweed:log4j-jcl-2.17.1-1.1.ppc64le",
"openSUSE Tumbleweed:log4j-jcl-2.17.1-1.1.s390x",
"openSUSE Tumbleweed:log4j-jcl-2.17.1-1.1.x86_64",
"openSUSE Tumbleweed:log4j-slf4j-2.17.1-1.1.aarch64",
"openSUSE Tumbleweed:log4j-slf4j-2.17.1-1.1.ppc64le",
"openSUSE Tumbleweed:log4j-slf4j-2.17.1-1.1.s390x",
"openSUSE Tumbleweed:log4j-slf4j-2.17.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-44832",
"url": "https://www.suse.com/security/cve/CVE-2021-44832"
},
{
"category": "external",
"summary": "SUSE Bug 1194127 for CVE-2021-44832",
"url": "https://bugzilla.suse.com/1194127"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:log4j-2.17.1-1.1.aarch64",
"openSUSE Tumbleweed:log4j-2.17.1-1.1.ppc64le",
"openSUSE Tumbleweed:log4j-2.17.1-1.1.s390x",
"openSUSE Tumbleweed:log4j-2.17.1-1.1.x86_64",
"openSUSE Tumbleweed:log4j-javadoc-2.17.1-1.1.aarch64",
"openSUSE Tumbleweed:log4j-javadoc-2.17.1-1.1.ppc64le",
"openSUSE Tumbleweed:log4j-javadoc-2.17.1-1.1.s390x",
"openSUSE Tumbleweed:log4j-javadoc-2.17.1-1.1.x86_64",
"openSUSE Tumbleweed:log4j-jcl-2.17.1-1.1.aarch64",
"openSUSE Tumbleweed:log4j-jcl-2.17.1-1.1.ppc64le",
"openSUSE Tumbleweed:log4j-jcl-2.17.1-1.1.s390x",
"openSUSE Tumbleweed:log4j-jcl-2.17.1-1.1.x86_64",
"openSUSE Tumbleweed:log4j-slf4j-2.17.1-1.1.aarch64",
"openSUSE Tumbleweed:log4j-slf4j-2.17.1-1.1.ppc64le",
"openSUSE Tumbleweed:log4j-slf4j-2.17.1-1.1.s390x",
"openSUSE Tumbleweed:log4j-slf4j-2.17.1-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:log4j-2.17.1-1.1.aarch64",
"openSUSE Tumbleweed:log4j-2.17.1-1.1.ppc64le",
"openSUSE Tumbleweed:log4j-2.17.1-1.1.s390x",
"openSUSE Tumbleweed:log4j-2.17.1-1.1.x86_64",
"openSUSE Tumbleweed:log4j-javadoc-2.17.1-1.1.aarch64",
"openSUSE Tumbleweed:log4j-javadoc-2.17.1-1.1.ppc64le",
"openSUSE Tumbleweed:log4j-javadoc-2.17.1-1.1.s390x",
"openSUSE Tumbleweed:log4j-javadoc-2.17.1-1.1.x86_64",
"openSUSE Tumbleweed:log4j-jcl-2.17.1-1.1.aarch64",
"openSUSE Tumbleweed:log4j-jcl-2.17.1-1.1.ppc64le",
"openSUSE Tumbleweed:log4j-jcl-2.17.1-1.1.s390x",
"openSUSE Tumbleweed:log4j-jcl-2.17.1-1.1.x86_64",
"openSUSE Tumbleweed:log4j-slf4j-2.17.1-1.1.aarch64",
"openSUSE Tumbleweed:log4j-slf4j-2.17.1-1.1.ppc64le",
"openSUSE Tumbleweed:log4j-slf4j-2.17.1-1.1.s390x",
"openSUSE Tumbleweed:log4j-slf4j-2.17.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2021-44832"
}
]
}
GHSA-8489-44MV-GGJ8
Vulnerability from github – Published: 2022-01-04 16:14 – Updated: 2025-05-09 12:33
VLAI?
Summary
Improper Input Validation and Injection in Apache Log4j2
Details
Apache Log4j2 versions 2.0-beta7 through 2.17.0 (excluding security fix releases 2.3.2 and 2.12.4) are vulnerable to an attack where an attacker with permission to modify the logging configuration file can construct a malicious configuration using a JDBC Appender with a data source referencing a JNDI URI which can execute remote code. This issue is fixed by limiting JNDI data source names to the java protocol in Log4j2 versions 2.17.1, 2.12.4, and 2.3.2.
Affected packages
Only the org.apache.logging.log4j:log4j-core package is directly affected by this vulnerability. The org.apache.logging.log4j:log4j-api should be kept at the same version as the org.apache.logging.log4j:log4j-core package to ensure compatability if in use.
This issue does not impact default configurations of Log4j2 and requires an attacker to have control over the Log4j2 configuration, which reduces the likelihood of being exploited.
Severity ?
6.6 (Medium)
{
"affected": [
{
"package": {
"ecosystem": "Maven",
"name": "org.apache.logging.log4j:log4j-core"
},
"ranges": [
{
"events": [
{
"introduced": "2.0-beta7"
},
{
"fixed": "2.3.2"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "Maven",
"name": "org.apache.logging.log4j:log4j-core"
},
"ranges": [
{
"events": [
{
"introduced": "2.4"
},
{
"fixed": "2.12.4"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "Maven",
"name": "org.apache.logging.log4j:log4j-core"
},
"ranges": [
{
"events": [
{
"introduced": "2.13.0"
},
{
"fixed": "2.17.1"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "Maven",
"name": "org.ops4j.pax.logging:pax-logging-log4j2"
},
"ranges": [
{
"events": [
{
"introduced": "1.8.0"
},
{
"fixed": "1.9.2"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "Maven",
"name": "org.ops4j.pax.logging:pax-logging-log4j2"
},
"ranges": [
{
"events": [
{
"introduced": "1.10.0"
},
{
"fixed": "1.10.9"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "Maven",
"name": "org.ops4j.pax.logging:pax-logging-log4j2"
},
"ranges": [
{
"events": [
{
"introduced": "1.11.0"
},
{
"fixed": "1.11.13"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "Maven",
"name": "org.ops4j.pax.logging:pax-logging-log4j2"
},
"ranges": [
{
"events": [
{
"introduced": "2.0.0"
},
{
"fixed": "2.0.14"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2021-44832"
],
"database_specific": {
"cwe_ids": [
"CWE-20",
"CWE-74"
],
"github_reviewed": true,
"github_reviewed_at": "2021-12-28T21:14:19Z",
"nvd_published_at": "2021-12-28T20:15:00Z",
"severity": "MODERATE"
},
"details": "Apache Log4j2 versions 2.0-beta7 through 2.17.0 (excluding security fix releases 2.3.2 and 2.12.4) are vulnerable to an attack where an attacker with permission to modify the logging configuration file can construct a malicious configuration using a JDBC Appender with a data source referencing a JNDI URI which can execute remote code. This issue is fixed by limiting JNDI data source names to the java protocol in Log4j2 versions 2.17.1, 2.12.4, and 2.3.2.\n\n\n# Affected packages\nOnly the `org.apache.logging.log4j:log4j-core` package is directly affected by this vulnerability. The `org.apache.logging.log4j:log4j-api` should be kept at the same version as the `org.apache.logging.log4j:log4j-core` package to ensure compatability if in use.\n\nThis issue does not impact default configurations of Log4j2 and requires an attacker to have control over the Log4j2 configuration, which reduces the likelihood of being exploited.",
"id": "GHSA-8489-44mv-ggj8",
"modified": "2025-05-09T12:33:01Z",
"published": "2022-01-04T16:14:20Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-44832"
},
{
"type": "WEB",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-784507.pdf"
},
{
"type": "PACKAGE",
"url": "https://github.com/apache/logging-log4j2"
},
{
"type": "WEB",
"url": "https://issues.apache.org/jira/browse/LOG4J2-3293"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread/s1o5vlo78ypqxnzn6p8zf6t9shtq5143"
},
{
"type": "WEB",
"url": "https://lists.debian.org/debian-lts-announce/2021/12/msg00036.html"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EVV25FXL4FU5X6X5BSL7RLQ7T6F65MRA"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T57MPJUW3MA6QGWZRTMCHHMMPQNVKGFC"
},
{
"type": "WEB",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd"
},
{
"type": "WEB",
"url": "https://security.netapp.com/advisory/ntap-20220104-0001"
},
{
"type": "WEB",
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
},
{
"type": "WEB",
"url": "https://www.oracle.com/security-alerts/cpujan2022.html"
},
{
"type": "WEB",
"url": "https://www.oracle.com/security-alerts/cpujul2022.html"
},
{
"type": "WEB",
"url": "http://www.openwall.com/lists/oss-security/2021/12/28/1"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
],
"summary": "Improper Input Validation and Injection in Apache Log4j2"
}
CERTFR-2021-ALE-022
Vulnerability from certfr_alerte - Published: - Updated:
Une vulnérabilité a été découverte dans la bibliothèque de journalisation Apache log4j. Cette bibliothèque est très souvent utilisée dans les projets de développement d'application Java/J2EE ainsi que par les éditeurs de solutions logicielles sur étagère basées sur Java/J2EE.
Cette vulnérabilité permet à un attaquant de provoquer une exécution de code arbitraire à distance s'il a la capacité de soumettre une donnée à une application qui utilise la bibliothèque log4j pour journaliser l'évènement. Cette attaque peut être réalisée sans être authentifié, par exemple en tirant parti d'une page d'authentification qui journalise les erreurs d'authentification.
Des preuves de concept ont déjà été publiées. Cette vulnérabilité fait désormais l'objet d'une exploitation active.
Détection
Le CERT-FR recommande de réaliser une analyse approfondie des journaux réseau. Les motifs suivants permettent d'identifier une tentative d'exploitation de cette vulnérabilité lorsqu'ils sont utilisés dans les URLs ou certaines en-têtes HTTP comme *user-agent* : > > > > > > > \${jndi: > > > > > > > > \$%7Bjndi: (prend en compte un obscurcissement simple) > > > > > > > > Cependant, les attaquants peuvent utiliser des moyens d’obscurcissement pour contourner les motifs de détection précédents. Les motifs suivants permettent de prendre en compte certaines méthodes d'obscurcissement mais peuvent provoquer des faux positifs :Afin de déterminer si une tentative d'exploitation a réussi, et dans le cas où vous disposeriez de journaux contenant des requêtes DNS, il est recommandé de les corréler aux résultats des motifs précédemment énoncés. En effet, si l’exécution d'une requête de type *\${jndi:xxx://nom.domaine.com}* a fonctionné, une résolution DNS sera alors effectuée pour résoudre le nom de domaine externe *nom*.*domaine.com*. L'émission d'une requête DNS peut également faire l'objet d'une trace dans les journaux du serveur applicatif. Ainsi, il peut être utile de chercher le motif *com.sun.jndi.dns.DnsContext@* dans ces journaux. Note : une résolution de domaine externe ne signifie pas qu'une exécution de code a réussi mais permet de confirmer que l'application est vulnérable. Il sera donc nécessaire de poursuivre l'analyse des journaux pour détecter une compromission. En complément des informations ci-dessus, une requête de type *\${jndi:dns://serveur_dns/enregistrement_TXT}* est également utilisable par l'attaquant pour tester la présence de la vulnérabilité. Il est également intéressant de rechercher les motifs suivants dans les fichiers journaux des applications :\${\${
\${::-
%24%7B%3A%3A-
\${env:
\${date:
\${lower:
\${upper:
hostName}
}\${
\${ (génère beaucoup de faux positifs, mais très exhaustif)
- le motif com.sun.jndi.ldap.LdapCtx@ (et non pas com.sun.jndi.dns.DnsContext@ comme indiqué précédemment) apparaîtra lorsqu'une injection LDAP est utilisée pour récupérer du contenu qui ne serait pas un objet java au standard rfc2713 : il peut s'agir d'un scan de détection ou d'une tentative erronée d'un attaquant
- l'injection sera enregistrée dans les journaux telle qu'elle a été soumise par l'attaquant si le serveur LDAP n'est pas joignable ou si l'objet qu'il souhaitait télécharger n'est pas trouvé sur le serveur LDAP : il est donc possible de trouver des tentatives d'injection sous une forme obscurcie dans les journaux, les motifs précédemment listés peuvent donc être utilisés pour identifier toutes les tentatives
- une erreur contenant le motif "Reference Class Name:" suivi d'un nom de classe puis des lignes commençant par "Type:" et "Content:" peut apparaître dans les journaux si l'injection LDAP fonctionne mais que la classe contenant la charge utile ne peut pas être récupérée sur le serveur LDAP visé
- il peut être intéressant de chercher des injections en DNS et LDAP
basées sur la classe JavaLookup tels que \${java:hw},
\${java:vm} et \${java:os}. Ces dernières sont utilisées par les
attaquants pour obtenir des informations sur la machine ciblée.*
*
[Mise à jour du 07 janvier 2022] Le CERT-FR propose au téléchargement un ensemble de règles de détection basées sur la syntaxe utilisée par l'outil suricata. Ces règles peuvent être mises en œuvre, après adaptation, sur un équipement de détection réseau ou un pare-feu applicatif. Un guide de mise en œuvre est également proposé.
### Précisions sur les CVE-2021-45046 et CVE-2021-45105 La version 2.15.0 recommandée jusqu'à présent est affectée par une autre vulnérabilité, désignée par l'identifiant CVE-2021-45046 \[4\]. Cette vulnérabilité permet à un attaquant non authentifié d'effectuer un déni de service. Par ailleurs, des chercheurs ont mis en évidence la possibilité d'exfiltrer des données dans certaines configurations non détaillées. Par ailleurs, les versions 2.16.0 et 2.12.2 sont affectées par une nouvelle vulnérabilité, désignée par l'identifiant CVE-2021-45105 \[5\], qui permet de provoquer un déni de service à distance. ### Précisions sur la CVE-2021-44832 La version 2.17.0 recommandée jusqu'à présent est affectée par une vulnérabilité, désignée par l'identifiant CVE-2021-44832 \[6\]. Cette vulnérabilité permet à un attaquant, autorisé à modifier le fichier de configuration Log4J, d'effectuer une exécution de code à distance. La complexité de l'attaque étant élevée, le CERT-FR continue de recommander la mise à jour des composants Log4j à la version 2.17.0 pour java 8 et 2.12.3 pour java7. Par ailleurs, il est fortement recommandé de rester attentif aux nouvelles vulnérabilités Log4j qui pourraient être identifiées à l'avenir ainsi qu'aux correctifs proposés par Apache. ### Précisions sur les modes d'attaque Il convient également de noter que des techniques permettent d'exploiter la vulnérabilité localement sans recourir à un serveur tiers malveillant. L'attaquant peut injecter un code malveillant dans la requête initiale s'il a suffisamment d'informations sur l'application vulnérable qu'il cible. Cette attaque requiert donc une première phase de reconnaissance et de collecte de données. Cette phase est possible tant que n'ont pas été appliqués : d'une part, un filtrage réseau adéquat et d'autre part, le correctif ou, à défaut, les mesures de contournement. Il est donc important de disposer des journaux de ces environnements pour rechercher des éventuelles traces d'exfiltration de données. Les moyens de détection précédemment peuvent être utilisés à cette fin. Pour rappel : une application utilisant une version non vulnérable de log4j peut transmettre des données à une autre application qui utilise une version vulnérable de cette bibliothèque. L’attaquant pourra exploiter la vulnérabilité dans la seconde application en soumettant une donnée malveillante via la première. Par conséquent, le CERT-FR recommande de ne pas limiter l'identification de la vulnérabilité aux seules applications exposées sur Internet, mais également aux applications internes. L'utilisation d'outils tels que ceux listés ci-dessous facilitera leur identification.Contournement provisoire
La version 1 de log4j a été initialement déclarée vulnérable cependant la vulnérabilité n'existe que si le composant JMS Appender est configuré pour prendre en compte JNDI. Il s'agit donc d'une configuration très spécifique [1][3].
Il est recommandé d'utiliser une version à jour de l'environnement d'exécution Java (les versions 8u191 et ultérieures apportent des restrictions pour les appels JNDI basés sur LDAP et RMI), cependant les codes d'exploitation les plus récents sont en mesure de contourner ces protections pour continuer d'exploiter la vulnérabilité.
La mise en place de filtres au niveau de vos pare-feux applicatifs pour bloquer les tentatives d'exploitation de cette vulnérabilité peut constituer une première mesure d'urgence mais elle reste insuffisante : les attaquants utilisent différentes techniques d'obscurcissement des données injectées pour contourner ces filtres.
Les contournements proposés initialement ne permettent plus de se prémunir contre certaines formes d'exploitation. Face à la possibilité que d'autres exploitations soient encore découvertes y compris pour la version 2.15.0, le CERT-FR recommande d'utiliser les versions les plus à jour de la bibliothèque.
En cas d'impossibilité de migration, il reste possible de supprimer la classe Java vulnérable. Cette opération impose de tester le fonctionnement de l'application afin d'identifier les impacts de la modification sur son fonctionnement.
Cette suppression peut par exemple être effectuée avec la commande suivante : zip -q -d log4j-core-*.jar org/apache/logging/log4j/core/lookup/JndiLookup.class
Outillage
- Des outils de recherche de la bibliothèque Log4j sont proposés par le **CERT/CC** (non qualifiés par le CERT-FR) : - Le site du **NCSC-NL** recense également des outils, qui n'ont pas été qualifiés par le NCSC-NL ni par le CERT-FR : - La **CISA** a publié un scanner basé sur des outils issus de la communauté open-source :Solution
Il est fortement recommandé aux utilisateurs d'applications ou de logiciels sur étagère basés sur la technologie Java/J2EE :
- de conserver les journaux a minima depuis le 1er décembre 2021 à des fins d'analyse ultérieure ;
- de préparer sans délai des mesures de préservation en cas d'incident majeur, notamment par la mise hors ligne de sauvegardes à jour ;
- de filtrer et de journaliser les flux sortants des serveurs pour les limiter aux seuls flux autorisés vers des services de confiance ;
- de prendre contact avec le développeur ou l'éditeur pour vérifier s'ils sont exposés à cette vulnérabilité et si un correctif est disponible.
Il est fortement recommandé aux développeurs/éditeurs :
- d'inventorier les solutions affectées par les vulnérabilités ;
- d'informer les utilisateurs et clients de leurs statuts et des actions en cours ;
- de corriger les solutions en utilisant à minima la version 2.17.0 pour java 8 ou la version 2.12.3 pour java 7 et idéalement la version 2.17.1 pour java 8 ou la version 2.12.4 pour java 7 ;
- de fournir une nouvelle version de leurs solutions dans les plus brefs délais.
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
La mise à jour d’un produit ou d’un logiciel est une opération délicate qui doit être menée avec prudence. Il est notamment recommandé d’effectuer des tests autant que possible. Des dispositions doivent également être prises pour garantir la continuité de service en cas de difficultés lors de l’application des mises à jour comme des correctifs ou des changements de version.
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Apache | N/A | Apache Log4j versions 2.0 à 2.14.1 | ||
| Apache | N/A | Apache Log4j versions 1.x (versions obsolètes) sous réserve d'une configuration particulière, cf. ci-dessous | ||
| Apache | N/A | Apache Log4j version 2.15.0 | ||
| Apache | N/A | Les produits utilisant une version vulnérable de Apache Log4j : les CERT nationaux européens tiennent à jour une liste complète des produits et de leur statut vis-à-vis de la vulnérabilité [2] | ||
| Apache | N/A | Apache Log4j versions 2.16.0 et 2.12.2 (java 7) |
References
| Title | Publication Time | Tags | ||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Apache Log4j versions 2.0 \u00e0 2.14.1",
"product": {
"name": "N/A",
"vendor": {
"name": "Apache",
"scada": false
}
}
},
{
"description": "Apache Log4j versions 1.x (versions obsol\u00e8tes) sous r\u00e9serve d\u0027une configuration particuli\u00e8re, cf. ci-dessous",
"product": {
"name": "N/A",
"vendor": {
"name": "Apache",
"scada": false
}
}
},
{
"description": "Apache Log4j version 2.15.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Apache",
"scada": false
}
}
},
{
"description": "Les produits utilisant une version vuln\u00e9rable de Apache Log4j : les CERT nationaux europ\u00e9ens tiennent \u00e0 jour une liste compl\u00e8te des produits et de leur statut vis-\u00e0-vis de la vuln\u00e9rabilit\u00e9 [2]",
"product": {
"name": "N/A",
"vendor": {
"name": "Apache",
"scada": false
}
}
},
{
"description": "Apache Log4j versions 2.16.0 et 2.12.2 (java 7)",
"product": {
"name": "N/A",
"vendor": {
"name": "Apache",
"scada": false
}
}
}
],
"affected_systems_content": "",
"closed_at": "2022-05-04",
"content": "## Contournement provisoire\n\nLa version 1 de log4j a \u00e9t\u00e9 initialement d\u00e9clar\u00e9e vuln\u00e9rable cependant\nla vuln\u00e9rabilit\u00e9 n\u0027existe que si le composant *JMS Appender* est\nconfigur\u00e9 pour prendre en compte *JNDI*. Il s\u0027agit donc d\u0027une\nconfiguration tr\u00e8s sp\u00e9cifique \\[1\\]\\[3\\].\n\nIl est recommand\u00e9 d\u0027utiliser une version \u00e0 jour de l\u0027environnement\nd\u0027ex\u00e9cution Java (les versions 8u191 et ult\u00e9rieures apportent des\nrestrictions pour les appels JNDI bas\u00e9s sur LDAP et RMI), cependant les\ncodes d\u0027exploitation les plus r\u00e9cents sont en mesure de contourner ces\nprotections pour continuer d\u0027exploiter la vuln\u00e9rabilit\u00e9.\n\n\u003cspan class=\"mx_MTextBody mx_EventTile_content\"\u003e\u003cspan\nclass=\"mx_EventTile_body\" dir=\"auto\"\u003eLa mise en place de filtres au\nniveau de vos pare-feux applicatifs pour bloquer les tentatives\nd\u0027exploitation de cette vuln\u00e9rabilit\u00e9 peut constituer une premi\u00e8re\nmesure d\u0027urgence mais elle reste insuffisante : les attaquants utilisent\ndiff\u00e9rentes techniques d\u0027obscurcissement des donn\u00e9es inject\u00e9es pour\ncontourner ces filtres. \u003c/span\u003e\u003c/span\u003e\n\n**Les contournements propos\u00e9s initialement ne permettent plus de se\npr\u00e9munir contre certaines formes d\u0027exploitation. Face \u00e0 la possibilit\u00e9\nque d\u0027autres exploitations soient encore d\u00e9couvertes y compris pour la\nversion 2.15.0, le CERT-FR recommande d\u0027utiliser les versions les plus \u00e0\njour de la biblioth\u00e8que.**\n\nEn cas d\u0027impossibilit\u00e9 de migration, il reste possible de **supprimer la\nclasse Java vuln\u00e9rable**. Cette op\u00e9ration impose de tester le\nfonctionnement de l\u0027application afin d\u0027identifier les impacts de la\nmodification sur son fonctionnement.\n\nCette suppression peut par exemple \u00eatre effectu\u00e9e avec la commande\nsuivante : *zip -q -d log4j-core-\\*.jar\norg/apache/logging/log4j/core/lookup/JndiLookup.class*\n\n### Outillage\n\n\u003cdiv markdown=\"1\"\u003e\n\n\u003cdiv markdown=\"1\"\u003e\n\n- Des outils de recherche de la biblioth\u00e8que Log4j sont propos\u00e9s par\n le **CERT/CC** (non qualifi\u00e9s par le CERT-FR) :\n \u003chttps://github.com/CERTCC/CVE-2021-44228_scanner\u003e\n- Le site du **NCSC-NL** recense \u00e9galement des outils, qui n\u0027ont pas\n \u00e9t\u00e9 qualifi\u00e9s par le NCSC-NL ni par le CERT-FR :\n \u003chttps://github.com/NCSC-NL/log4shell/tree/main/scanning\u003e\n- La **CISA** a publi\u00e9 un scanner bas\u00e9 sur des outils issus de la\n communaut\u00e9 open-source : \u003chttps://github.com/cisagov/log4j-scanner\u003e\n\n\u003c/div\u003e\n\n\u003c/div\u003e\n\n\u003cdiv markdown=\"1\"\u003e\n\n\u003c/div\u003e\n\n## Solution\n\nIl est fortement recommand\u00e9 \u003cu\u003eaux utilisateurs\u003c/u\u003e d\u0027applications ou de\nlogiciels sur \u00e9tag\u00e8re bas\u00e9s sur la technologie Java/J2EE :\n\n- de conserver les journaux a minima depuis le 1er d\u00e9cembre 2021 \u00e0 des\n fins d\u0027analyse ult\u00e9rieure ;\n- de pr\u00e9parer sans d\u00e9lai des mesures de pr\u00e9servation en cas d\u0027incident\n majeur, notamment par la mise hors ligne de sauvegardes \u00e0 jour ;\n- de filtrer et de journaliser les flux sortants des serveurs pour les\n limiter aux seuls flux autoris\u00e9s vers des services de confiance ;\n- de prendre contact avec le d\u00e9veloppeur ou l\u0027\u00e9diteur pour v\u00e9rifier\n s\u0027ils sont expos\u00e9s \u00e0 cette vuln\u00e9rabilit\u00e9 et si un correctif est\n disponible.\n\nIl est fortement recommand\u00e9 aux \u003cu\u003ed\u00e9veloppeurs/\u00e9diteurs\u003c/u\u003e :\n\n- d\u0027inventorier les solutions affect\u00e9es par les vuln\u00e9rabilit\u00e9s ;\n- d\u0027informer les utilisateurs et clients de leurs statuts et des\n actions en cours ;\n- de corriger les solutions en utilisant **\u00e0 minima la version 2.17.0\n pour java 8** ou **la version 2.12.3 pour java 7** et **id\u00e9alement\n la version 2.17.1 pour java 8** ou **la version 2.12.4 pour java 7**\n ;\n- de fournir une nouvelle version de leurs solutions dans les plus\n brefs d\u00e9lais.\n\n\u00a0\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n\n\u00a0\n\n------------------------------------------------------------------------\n\nLa mise \u00e0 jour d\u2019un produit ou d\u2019un logiciel est une op\u00e9ration d\u00e9licate\nqui doit \u00eatre men\u00e9e avec prudence. Il est notamment recommand\u00e9\nd\u2019effectuer des tests autant que possible. Des dispositions doivent\n\u00e9galement \u00eatre prises pour garantir la continuit\u00e9 de service en cas de\ndifficult\u00e9s lors de l\u2019application des mises \u00e0 jour comme des correctifs\nou des changements de version.\n\n",
"cves": [
{
"name": "CVE-2021-4104",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-4104"
},
{
"name": "CVE-2021-44832",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44832"
},
{
"name": "CVE-2021-45105",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-45105"
},
{
"name": "CVE-2021-45046",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-45046"
},
{
"name": "CVE-2021-44228",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44228"
}
],
"links": [
{
"title": "[6] R\u00e9f\u00e9rence CVE CVE-2021-44832",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44832"
},
{
"title": "[1]",
"url": "https://github.com/apache/logging-log4j2/pull/608#issuecomment-990494126"
},
{
"title": "[5] R\u00e9f\u00e9rence CVE CVE-2021-45105",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-45105"
},
{
"title": "R\u00e9f\u00e9rence CVE CVE-2021-44228",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44228"
},
{
"title": "[4] R\u00e9f\u00e9rence CVE CVE-2021-45046",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-45046"
},
{
"title": "[2] liste des produits et de leurs statuts vis-\u00e0-vis de la vuln\u00e9rabilit\u00e9",
"url": "https://github.com/NCSC-NL/log4shell/tree/main/software"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Apache du 09 d\u00e9cembre 2021",
"url": "https://logging.apache.org/log4j/2.x/security.html"
},
{
"title": "[3] R\u00e9f\u00e9rence CVE CVE-2021-4104",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-4104"
}
],
"reference": "CERTFR-2021-ALE-022",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2021-12-10T00:00:00.000000"
},
{
"description": "Compl\u00e9ment concernant les versions vuln\u00e9rables",
"revision_date": "2021-12-12T00:00:00.000000"
},
{
"description": "compl\u00e9ment concernant la jre",
"revision_date": "2021-12-12T00:00:00.000000"
},
{
"description": "ajout d\u0027aide \u00e0 la d\u00e9tection, note sur l\u0027utilisation des pare-feux applicatifs, compl\u00e9ment sur les solutions.",
"revision_date": "2021-12-14T00:00:00.000000"
},
{
"description": "Ajout de r\u00e9f\u00e9rence vers les outils de d\u00e9tection et note importante sur les m\u00e9thodes d\u0027attaque ainsi que les derni\u00e8res versions de log4j",
"revision_date": "2021-12-15T00:00:00.000000"
},
{
"description": "Evolution de la section solution",
"revision_date": "2021-12-16T00:00:00.000000"
},
{
"description": "prise en compte de la CVE-2021-45105 et ajout d\u0027\u00e9l\u00e9ments d\u0027aide \u00e0 la d\u00e9tection",
"revision_date": "2021-12-20T00:00:00.000000"
},
{
"description": "correction motif de d\u00e9tection, compl\u00e9ment outillage, note sur la possibilit\u00e9 d\u0027exploiter la vuln\u00e9rabilit\u00e9 sur une application interne",
"revision_date": "2021-12-22T00:00:00.000000"
},
{
"description": "Prise en compte de la CVE-2021-44832",
"revision_date": "2022-01-05T00:00:00.000000"
},
{
"description": "correction date 05 janvier 2022, ajout du fichier signatures",
"revision_date": "2022-01-07T00:00:00.000000"
},
{
"description": "Cl\u00f4ture de l\u0027alerte. Cela ne signifie pas la fin d\u0027une menace. Seule l\u0027application de la mise \u00e0 jour permet de vous pr\u00e9munir contre l\u0027exploitation de la vuln\u00e9rabilit\u00e9 correspondante.",
"revision_date": "2022-05-04T00:00:00.000000"
}
],
"risks": [
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
}
],
"summary": "Une vuln\u00e9rabilit\u00e9 a \u00e9t\u00e9 d\u00e9couverte dans la biblioth\u00e8que de\njournalisation Apache log4j. Cette biblioth\u00e8que est tr\u00e8s souvent\nutilis\u00e9e dans les projets de d\u00e9veloppement d\u0027application Java/J2EE ainsi\nque par les \u00e9diteurs de solutions logicielles sur \u00e9tag\u00e8re bas\u00e9es sur\nJava/J2EE.\n\nCette vuln\u00e9rabilit\u00e9 permet \u00e0 un attaquant de provoquer une ex\u00e9cution de\ncode arbitraire \u00e0 distance s\u0027il a la capacit\u00e9 de soumettre une donn\u00e9e \u00e0\nune application qui utilise la biblioth\u00e8que log4j pour journaliser\nl\u0027\u00e9v\u00e8nement. Cette attaque peut \u00eatre r\u00e9alis\u00e9e sans \u00eatre authentifi\u00e9, par\nexemple en tirant parti d\u0027une page d\u0027authentification qui journalise les\nerreurs d\u0027authentification.\n\nDes preuves de concept ont d\u00e9j\u00e0 \u00e9t\u00e9 publi\u00e9es. Cette vuln\u00e9rabilit\u00e9 fait\nd\u00e9sormais l\u0027objet d\u0027une exploitation active.\n\n\u003cdiv markdown=\"1\"\u003e\n\n\u003cdiv markdown=\"1\"\u003e\n\n\u003cdiv markdown=\"1\"\u003e\n\n\u003c/div\u003e\n\n\u003c/div\u003e\n\n\u003c/div\u003e\n\n### D\u00e9tection\n\n\u003cdiv markdown=\"1\"\u003e\n\n\u003cdiv markdown=\"1\"\u003e\n\nLe CERT-FR recommande de r\u00e9aliser une analyse approfondie des journaux\nr\u00e9seau. Les motifs suivants permettent d\u0027identifier une tentative\nd\u0027exploitation de cette vuln\u00e9rabilit\u00e9 lorsqu\u0027ils sont utilis\u00e9s dans les\nURLs ou certaines en-t\u00eates HTTP comme *user-agent* :\n\n\u003c/div\u003e\n\n\u003e \u003cdiv markdown=\"1\"\u003e\n\u003e\n\u003e \u003c/div\u003e\n\u003e\n\u003e \u003cdiv markdown=\"1\"\u003e\n\u003e\n\u003e \\${jndi:\n\u003e\n\u003e \u003c/div\u003e\n\u003e\n\u003e \u003cdiv markdown=\"1\"\u003e\n\u003e\n\u003e \u003cdiv markdown=\"1\"\u003e\n\u003e\n\u003e \\$%7Bjndi:\u00a0\u00a0\u00a0\u00a0 (prend en compte un obscurcissement simple)\n\u003e\n\u003e \u003c/div\u003e\n\u003e\n\u003e \u003c/div\u003e\n\u003e\n\u003e \u003cdiv markdown=\"1\"\u003e\n\u003e\n\u003e \u003c/div\u003e\n\n\u003cdiv markdown=\"1\"\u003e\n\nCependant, les attaquants peuvent utiliser des moyens d\u2019obscurcissement\npour contourner les motifs de d\u00e9tection pr\u00e9c\u00e9dents. Les motifs suivants\npermettent de prendre en compte certaines m\u00e9thodes d\u0027obscurcissement\nmais \u003cstrong\u003epeuvent provoquer des faux positifs : \n\u003c/strong\u003e\n\n\u003c/div\u003e\n\n\u003c/div\u003e\n\n\u003e \u003cdiv markdown=\"1\"\u003e\n\u003e\n\u003e \u003cdiv markdown=\"1\"\u003e\n\u003e\n\u003e \\${\\${\n\u003e\n\u003e \u003c/div\u003e\n\u003e\n\u003e \u003c/div\u003e\n\u003e\n\u003e \u003cdiv markdown=\"1\"\u003e\n\u003e\n\u003e \u003cspan class=\"mx_MTextBody mx_EventTile_content\"\u003e\u003cspan\n\u003e class=\"mx_EventTile_body\" dir=\"auto\"\u003e\\${::-\u003c/span\u003e\u003c/span\u003e\n\u003e\n\u003e \u003c/div\u003e\n\u003e\n\u003e \u003cdiv markdown=\"1\"\u003e\n\u003e\n\u003e \u003cspan class=\"mx_MTextBody mx_EventTile_content\"\u003e\u003cspan\n\u003e class=\"mx_EventTile_body\" dir=\"auto\"\u003e%24%7B%3A%3A-\u003c/span\u003e\u003c/span\u003e\n\u003e\n\u003e \u003c/div\u003e\n\u003e\n\u003e \u003cdiv markdown=\"1\"\u003e\n\u003e\n\u003e \u003cspan class=\"mx_MTextBody mx_EventTile_content\"\u003e\u003cspan\n\u003e class=\"mx_EventTile_body\" dir=\"auto\"\u003e\\${env:\u003c/span\u003e\u003c/span\u003e\n\u003e\n\u003e \u003c/div\u003e\n\u003e\n\u003e \u003cdiv markdown=\"1\"\u003e\n\u003e\n\u003e \u003cspan class=\"mx_MTextBody mx_EventTile_content\"\u003e\u003cspan\n\u003e class=\"mx_EventTile_body\" dir=\"auto\"\u003e\\${date:\u003c/span\u003e\u003c/span\u003e\n\u003e\n\u003e \u003c/div\u003e\n\u003e\n\u003e \u003cdiv markdown=\"1\"\u003e\n\u003e\n\u003e \u003cspan class=\"mx_MTextBody mx_EventTile_content\"\u003e\u003cspan\n\u003e class=\"mx_EventTile_body\" dir=\"auto\"\u003e\\${lower:\u003c/span\u003e\u003c/span\u003e\n\u003e\n\u003e \u003c/div\u003e\n\u003e\n\u003e \u003cdiv markdown=\"1\"\u003e\n\u003e\n\u003e \u003cspan class=\"mx_MTextBody mx_EventTile_content\"\u003e\u003cspan\n\u003e class=\"mx_EventTile_body\" dir=\"auto\"\u003e\\${upper:\u003c/span\u003e\u003c/span\u003e\n\u003e\n\u003e \u003c/div\u003e\n\u003e\n\u003e \u003cdiv markdown=\"1\"\u003e\n\u003e\n\u003e \u003cspan class=\"mx_MTextBody mx_EventTile_content\"\u003e\u003cspan\n\u003e class=\"mx_EventTile_body\" dir=\"auto\"\u003ehostName}\u003c/span\u003e\u003c/span\u003e\n\u003e\n\u003e \u003c/div\u003e\n\u003e\n\u003e \u003cdiv markdown=\"1\"\u003e\n\u003e\n\u003e \u003cspan class=\"mx_MTextBody mx_EventTile_content\"\u003e\u003cspan\n\u003e class=\"mx_EventTile_body\" dir=\"auto\"\u003e}\\${\u003c/span\u003e\u003c/span\u003e\n\u003e\n\u003e \u003c/div\u003e\n\u003e\n\u003e \u003cdiv markdown=\"1\"\u003e\n\u003e\n\u003e \\${\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 (g\u00e9n\u00e8re beaucoup de faux positifs, mais tr\u00e8s\n\u003e exhaustif)\n\u003e\n\u003e \u003c/div\u003e\n\n\u003cdiv markdown=\"1\"\u003e\n\n\u003cdiv markdown=\"1\"\u003e\n\n\u003cspan style=\"color: #ff0000;\" darkreader-inline-color=\"\"\u003e\u003cstrong\u003e\u00a0\u003c/strong\u003e\u003c/span\u003e\n\n\u003c/div\u003e\n\n\u003cdiv markdown=\"1\"\u003e\n\n\u003cdiv markdown=\"1\"\u003e\n\nAfin de d\u00e9terminer si une tentative d\u0027exploitation a r\u00e9ussi, et dans le\ncas o\u00f9 vous disposeriez de journaux contenant des requ\u00eates DNS, il est\nrecommand\u00e9 de les corr\u00e9ler aux r\u00e9sultats des motifs pr\u00e9c\u00e9demment\n\u00e9nonc\u00e9s. En effet, si l\u2019ex\u00e9cution d\u0027une requ\u00eate de type\n*\\${jndi:xxx://nom.domaine.com}* a fonctionn\u00e9, une r\u00e9solution DNS sera\nalors effectu\u00e9e pour r\u00e9soudre le nom de domaine externe\n*nom*.*domaine.com*. L\u0027\u00e9mission d\u0027une requ\u00eate DNS peut \u00e9galement faire\nl\u0027objet d\u0027une trace dans les journaux du serveur applicatif. Ainsi, il\npeut \u00eatre utile de chercher le motif *com.sun.jndi.dns.DnsContext@* dans\nces journaux.\n\n\u003c/div\u003e\n\n\u003cdiv markdown=\"1\"\u003e\n\nNote : une r\u00e9solution de domaine externe ne signifie pas qu\u0027une\nex\u00e9cution de code a r\u00e9ussi mais permet de \u003cstrong\u003econfirmer que l\u0027application\nest vuln\u00e9rable\u003c/strong\u003e. Il sera donc n\u00e9cessaire de poursuivre l\u0027analyse des\njournaux pour d\u00e9tecter une compromission.\n\n\u003c/div\u003e\n\n\u003cdiv markdown=\"1\"\u003e\n\n\u003c/div\u003e\n\n\u003cdiv markdown=\"1\"\u003e\n\nEn compl\u00e9ment des informations ci-dessus, une requ\u00eate de type\n*\\${jndi:dns://serveur_dns/enregistrement_TXT}* est \u00e9galement utilisable\npar l\u0027attaquant pour tester la pr\u00e9sence de la vuln\u00e9rabilit\u00e9.\n\n\u003c/div\u003e\n\n\u003c/div\u003e\n\n\u003cdiv markdown=\"1\"\u003e\n\n\u003c/div\u003e\n\n\u003c/div\u003e\n\n\u003cdiv markdown=\"1\"\u003e\n\nIl est \u00e9galement int\u00e9ressant de rechercher les motifs suivants dans les\nfichiers journaux des applications :\n\n\u003c/div\u003e\n\n- le motif\u00a0*\u003cspan class=\"mx_MTextBody mx_EventTile_content\"\u003e\u003cspan\n class=\"mx_EventTile_body markdown-body\"\n dir=\"auto\"\u003ecom.sun.jndi.ldap.LdapCtx@\u003c/span\u003e\u003c/span\u003e* (et non pas\n *com.sun.jndi.dns.DnsContext@* comme indiqu\u00e9 pr\u00e9c\u00e9demment)\n appara\u00eetra lorsqu\u0027une injection LDAP est utilis\u00e9e pour r\u00e9cup\u00e9rer du\n contenu qui ne serait pas un objet java au standard rfc2713 : il\n peut s\u0027agir d\u0027un scan de d\u00e9tection ou d\u0027une tentative erron\u00e9e d\u0027un\n attaquant\n- l\u0027injection sera enregistr\u00e9e dans les journaux telle qu\u0027elle a \u00e9t\u00e9\n soumise par l\u0027attaquant si le serveur LDAP n\u0027est pas joignable ou si\n l\u0027objet qu\u0027il souhaitait t\u00e9l\u00e9charger n\u0027est pas trouv\u00e9 sur le serveur\n LDAP : il est donc possible de trouver des tentatives d\u0027injection\n sous une forme obscurcie dans les journaux, les motifs pr\u00e9c\u00e9demment\n list\u00e9s peuvent donc \u00eatre utilis\u00e9s pour identifier toutes les\n tentatives\n- une erreur contenant le motif \"Reference Class Name:\" suivi d\u0027un nom\n de classe puis des lignes commen\u00e7ant par \"*Type:*\" et \"*Content:*\"\n peut appara\u00eetre dans les journaux si l\u0027injection LDAP fonctionne\n mais que la classe contenant la charge utile ne peut pas \u00eatre\n r\u00e9cup\u00e9r\u00e9e sur le serveur LDAP vis\u00e9\n- il peut \u00eatre int\u00e9ressant de chercher des injections en DNS et LDAP\n bas\u00e9es sur la classe *JavaLookup* tels que *\\${java:hw}*,\n *\\${java:vm}* et *\\${java:os}*. Ces derni\u00e8res sont utilis\u00e9es par les\n attaquants pour obtenir des informations sur la machine cibl\u00e9e.* \n *\n\n\u003cspan style=\"color: #ff0000;\"\u003e\u003cstrong\u003e\\[Mise \u00e0 jour du 07 janvier\n2022\\]\u003c/strong\u003e\u003c/span\u003e Le CERT-FR propose au t\u00e9l\u00e9chargement un ensemble de\nr\u00e8gles de d\u00e9tection bas\u00e9es sur la syntaxe utilis\u00e9e par l\u0027outil suricata.\nCes r\u00e8gles peuvent \u00eatre mises en \u0153uvre, apr\u00e8s adaptation, sur un\n\u00e9quipement de d\u00e9tection r\u00e9seau ou un pare-feu applicatif. Un guide de\nmise en \u0153uvre est \u00e9galement propos\u00e9.\n\n- le guide est disponible \u003cspan style=\"color: #ff0000;\"\u003e\u003ca\n href=\"/uploads/ANSSI_Detection_log4j_NP_TLP_WHITE_v1.0.6.pdf\"\n style=\"color: #ff0000;\"\u003eici\u003c/a\u003e\u003c/span\u003e.\n- les r\u00e8gles sont disponibles\n [ici](/uploads/anssi_cve_2021_44228_and_jndi_export_v3.txt).\n\n\u003cdiv markdown=\"1\"\u003e\n\n\u003cdiv markdown=\"1\"\u003e\n\n### Pr\u00e9cisions sur les CVE-2021-45046 et CVE-2021-45105\n\n\u003cdiv markdown=\"1\"\u003e\n\n\u003cdiv markdown=\"1\"\u003e\n\nLa version 2.15.0 recommand\u00e9e jusqu\u0027\u00e0 pr\u00e9sent est affect\u00e9e par une autre\nvuln\u00e9rabilit\u00e9, d\u00e9sign\u00e9e par l\u0027identifiant CVE-2021-45046 \\[4\\]. Cette\nvuln\u00e9rabilit\u00e9 permet \u00e0 un attaquant non authentifi\u00e9 d\u0027effectuer un d\u00e9ni\nde service. Par ailleurs, des chercheurs ont mis en \u00e9vidence la\npossibilit\u00e9 d\u0027exfiltrer des donn\u00e9es dans certaines configurations non\nd\u00e9taill\u00e9es.\n\n\u003c/div\u003e\n\n\u003cdiv markdown=\"1\"\u003e\n\nPar ailleurs, les versions 2.16.0 et 2.12.2 sont affect\u00e9es par une\nnouvelle vuln\u00e9rabilit\u00e9, d\u00e9sign\u00e9e par l\u0027identifiant CVE-2021-45105 \\[5\\],\nqui permet de provoquer un d\u00e9ni de service \u00e0 distance.\n\n\u003c/div\u003e\n\n### Pr\u00e9cisions sur la CVE-2021-44832\n\nLa version 2.17.0 recommand\u00e9e jusqu\u0027\u00e0 pr\u00e9sent est affect\u00e9e par une\nvuln\u00e9rabilit\u00e9, d\u00e9sign\u00e9e par l\u0027identifiant CVE-2021-44832 \\[6\\]. Cette\nvuln\u00e9rabilit\u00e9 permet \u00e0 un attaquant, autoris\u00e9 \u00e0 modifier le fichier de\nconfiguration Log4J, d\u0027effectuer une ex\u00e9cution de code \u00e0 distance. La\ncomplexit\u00e9 de l\u0027attaque \u00e9tant \u00e9lev\u00e9e, le CERT-FR continue de recommander\nla mise \u00e0 jour des composants Log4j \u00e0 la version 2.17.0 pour java 8 et\n2.12.3 pour java7. Par ailleurs, il est fortement recommand\u00e9 de rester\nattentif aux nouvelles vuln\u00e9rabilit\u00e9s Log4j qui pourraient \u00eatre\nidentifi\u00e9es \u00e0 l\u0027avenir ainsi qu\u0027aux correctifs propos\u00e9s par Apache.\n\n### Pr\u00e9cisions sur les modes d\u0027attaque\n\n\u003cdiv markdown=\"1\"\u003e\n\n\u003cdiv markdown=\"1\"\u003e\n\nIl convient \u00e9galement de noter que des techniques permettent d\u0027exploiter\nla vuln\u00e9rabilit\u00e9 localement sans recourir \u00e0 un serveur tiers\nmalveillant. L\u0027attaquant peut injecter un code malveillant dans la\nrequ\u00eate initiale s\u0027il a suffisamment d\u0027informations sur l\u0027application\nvuln\u00e9rable qu\u0027il cible. Cette attaque requiert donc une premi\u00e8re phase\nde reconnaissance et de collecte de donn\u00e9es. Cette phase est possible\ntant que n\u0027ont pas \u00e9t\u00e9 appliqu\u00e9s : d\u0027une part, un filtrage r\u00e9seau\nad\u00e9quat et d\u0027autre part, le correctif ou, \u00e0 d\u00e9faut, les mesures de\ncontournement. Il est donc important de disposer des journaux de ces\nenvironnements pour rechercher des \u00e9ventuelles traces d\u0027exfiltration de\ndonn\u00e9es. Les moyens de d\u00e9tection pr\u00e9c\u00e9demment peuvent \u00eatre utilis\u00e9s \u00e0\ncette fin.\n\n\u003c/div\u003e\n\n\u003cdiv markdown=\"1\"\u003e\n\n\u003cspan style=\"color: #ff0000;\" darkreader-inline-color=\"\"\u003e\u003cstrong\u003e\u00a0\u003c/strong\u003e\u003c/span\u003e\n\n\u003c/div\u003e\n\n\u003cdiv markdown=\"1\"\u003e\n\n\u003cdiv markdown=\"1\"\u003e\n\nPour rappel : une application utilisant une version non vuln\u00e9rable de\nlog4j peut transmettre des donn\u00e9es \u00e0 une autre application qui utilise\nune version vuln\u00e9rable de cette biblioth\u00e8que. L\u2019attaquant pourra\nexploiter la vuln\u00e9rabilit\u00e9 dans la seconde application en soumettant une\ndonn\u00e9e malveillante via la premi\u00e8re. Par cons\u00e9quent, le CERT-FR\nrecommande de ne pas limiter l\u0027identification de la vuln\u00e9rabilit\u00e9 aux\nseules applications expos\u00e9es sur Internet, mais \u00e9galement aux\napplications internes. L\u0027utilisation d\u0027outils tels que ceux list\u00e9s\nci-dessous facilitera leur identification.\n\n\u003c/div\u003e\n\n\u003c/div\u003e\n\n\u003c/div\u003e\n\n\u003c/div\u003e\n\n\u003c/div\u003e\n\n\u003c/div\u003e\n",
"title": "[MaJ] Vuln\u00e9rabilit\u00e9 dans Apache Log4j",
"vendor_advisories": []
}
CERTFR-2021-ALE-022
Vulnerability from certfr_alerte - Published: - Updated:
Une vulnérabilité a été découverte dans la bibliothèque de journalisation Apache log4j. Cette bibliothèque est très souvent utilisée dans les projets de développement d'application Java/J2EE ainsi que par les éditeurs de solutions logicielles sur étagère basées sur Java/J2EE.
Cette vulnérabilité permet à un attaquant de provoquer une exécution de code arbitraire à distance s'il a la capacité de soumettre une donnée à une application qui utilise la bibliothèque log4j pour journaliser l'évènement. Cette attaque peut être réalisée sans être authentifié, par exemple en tirant parti d'une page d'authentification qui journalise les erreurs d'authentification.
Des preuves de concept ont déjà été publiées. Cette vulnérabilité fait désormais l'objet d'une exploitation active.
Détection
Le CERT-FR recommande de réaliser une analyse approfondie des journaux réseau. Les motifs suivants permettent d'identifier une tentative d'exploitation de cette vulnérabilité lorsqu'ils sont utilisés dans les URLs ou certaines en-têtes HTTP comme *user-agent* : > > > > > > > \${jndi: > > > > > > > > \$%7Bjndi: (prend en compte un obscurcissement simple) > > > > > > > > Cependant, les attaquants peuvent utiliser des moyens d’obscurcissement pour contourner les motifs de détection précédents. Les motifs suivants permettent de prendre en compte certaines méthodes d'obscurcissement mais peuvent provoquer des faux positifs :Afin de déterminer si une tentative d'exploitation a réussi, et dans le cas où vous disposeriez de journaux contenant des requêtes DNS, il est recommandé de les corréler aux résultats des motifs précédemment énoncés. En effet, si l’exécution d'une requête de type *\${jndi:xxx://nom.domaine.com}* a fonctionné, une résolution DNS sera alors effectuée pour résoudre le nom de domaine externe *nom*.*domaine.com*. L'émission d'une requête DNS peut également faire l'objet d'une trace dans les journaux du serveur applicatif. Ainsi, il peut être utile de chercher le motif *com.sun.jndi.dns.DnsContext@* dans ces journaux. Note : une résolution de domaine externe ne signifie pas qu'une exécution de code a réussi mais permet de confirmer que l'application est vulnérable. Il sera donc nécessaire de poursuivre l'analyse des journaux pour détecter une compromission. En complément des informations ci-dessus, une requête de type *\${jndi:dns://serveur_dns/enregistrement_TXT}* est également utilisable par l'attaquant pour tester la présence de la vulnérabilité. Il est également intéressant de rechercher les motifs suivants dans les fichiers journaux des applications :\${\${
\${::-
%24%7B%3A%3A-
\${env:
\${date:
\${lower:
\${upper:
hostName}
}\${
\${ (génère beaucoup de faux positifs, mais très exhaustif)
- le motif com.sun.jndi.ldap.LdapCtx@ (et non pas com.sun.jndi.dns.DnsContext@ comme indiqué précédemment) apparaîtra lorsqu'une injection LDAP est utilisée pour récupérer du contenu qui ne serait pas un objet java au standard rfc2713 : il peut s'agir d'un scan de détection ou d'une tentative erronée d'un attaquant
- l'injection sera enregistrée dans les journaux telle qu'elle a été soumise par l'attaquant si le serveur LDAP n'est pas joignable ou si l'objet qu'il souhaitait télécharger n'est pas trouvé sur le serveur LDAP : il est donc possible de trouver des tentatives d'injection sous une forme obscurcie dans les journaux, les motifs précédemment listés peuvent donc être utilisés pour identifier toutes les tentatives
- une erreur contenant le motif "Reference Class Name:" suivi d'un nom de classe puis des lignes commençant par "Type:" et "Content:" peut apparaître dans les journaux si l'injection LDAP fonctionne mais que la classe contenant la charge utile ne peut pas être récupérée sur le serveur LDAP visé
- il peut être intéressant de chercher des injections en DNS et LDAP
basées sur la classe JavaLookup tels que \${java:hw},
\${java:vm} et \${java:os}. Ces dernières sont utilisées par les
attaquants pour obtenir des informations sur la machine ciblée.*
*
[Mise à jour du 07 janvier 2022] Le CERT-FR propose au téléchargement un ensemble de règles de détection basées sur la syntaxe utilisée par l'outil suricata. Ces règles peuvent être mises en œuvre, après adaptation, sur un équipement de détection réseau ou un pare-feu applicatif. Un guide de mise en œuvre est également proposé.
### Précisions sur les CVE-2021-45046 et CVE-2021-45105 La version 2.15.0 recommandée jusqu'à présent est affectée par une autre vulnérabilité, désignée par l'identifiant CVE-2021-45046 \[4\]. Cette vulnérabilité permet à un attaquant non authentifié d'effectuer un déni de service. Par ailleurs, des chercheurs ont mis en évidence la possibilité d'exfiltrer des données dans certaines configurations non détaillées. Par ailleurs, les versions 2.16.0 et 2.12.2 sont affectées par une nouvelle vulnérabilité, désignée par l'identifiant CVE-2021-45105 \[5\], qui permet de provoquer un déni de service à distance. ### Précisions sur la CVE-2021-44832 La version 2.17.0 recommandée jusqu'à présent est affectée par une vulnérabilité, désignée par l'identifiant CVE-2021-44832 \[6\]. Cette vulnérabilité permet à un attaquant, autorisé à modifier le fichier de configuration Log4J, d'effectuer une exécution de code à distance. La complexité de l'attaque étant élevée, le CERT-FR continue de recommander la mise à jour des composants Log4j à la version 2.17.0 pour java 8 et 2.12.3 pour java7. Par ailleurs, il est fortement recommandé de rester attentif aux nouvelles vulnérabilités Log4j qui pourraient être identifiées à l'avenir ainsi qu'aux correctifs proposés par Apache. ### Précisions sur les modes d'attaque Il convient également de noter que des techniques permettent d'exploiter la vulnérabilité localement sans recourir à un serveur tiers malveillant. L'attaquant peut injecter un code malveillant dans la requête initiale s'il a suffisamment d'informations sur l'application vulnérable qu'il cible. Cette attaque requiert donc une première phase de reconnaissance et de collecte de données. Cette phase est possible tant que n'ont pas été appliqués : d'une part, un filtrage réseau adéquat et d'autre part, le correctif ou, à défaut, les mesures de contournement. Il est donc important de disposer des journaux de ces environnements pour rechercher des éventuelles traces d'exfiltration de données. Les moyens de détection précédemment peuvent être utilisés à cette fin. Pour rappel : une application utilisant une version non vulnérable de log4j peut transmettre des données à une autre application qui utilise une version vulnérable de cette bibliothèque. L’attaquant pourra exploiter la vulnérabilité dans la seconde application en soumettant une donnée malveillante via la première. Par conséquent, le CERT-FR recommande de ne pas limiter l'identification de la vulnérabilité aux seules applications exposées sur Internet, mais également aux applications internes. L'utilisation d'outils tels que ceux listés ci-dessous facilitera leur identification.Contournement provisoire
La version 1 de log4j a été initialement déclarée vulnérable cependant la vulnérabilité n'existe que si le composant JMS Appender est configuré pour prendre en compte JNDI. Il s'agit donc d'une configuration très spécifique [1][3].
Il est recommandé d'utiliser une version à jour de l'environnement d'exécution Java (les versions 8u191 et ultérieures apportent des restrictions pour les appels JNDI basés sur LDAP et RMI), cependant les codes d'exploitation les plus récents sont en mesure de contourner ces protections pour continuer d'exploiter la vulnérabilité.
La mise en place de filtres au niveau de vos pare-feux applicatifs pour bloquer les tentatives d'exploitation de cette vulnérabilité peut constituer une première mesure d'urgence mais elle reste insuffisante : les attaquants utilisent différentes techniques d'obscurcissement des données injectées pour contourner ces filtres.
Les contournements proposés initialement ne permettent plus de se prémunir contre certaines formes d'exploitation. Face à la possibilité que d'autres exploitations soient encore découvertes y compris pour la version 2.15.0, le CERT-FR recommande d'utiliser les versions les plus à jour de la bibliothèque.
En cas d'impossibilité de migration, il reste possible de supprimer la classe Java vulnérable. Cette opération impose de tester le fonctionnement de l'application afin d'identifier les impacts de la modification sur son fonctionnement.
Cette suppression peut par exemple être effectuée avec la commande suivante : zip -q -d log4j-core-*.jar org/apache/logging/log4j/core/lookup/JndiLookup.class
Outillage
- Des outils de recherche de la bibliothèque Log4j sont proposés par le **CERT/CC** (non qualifiés par le CERT-FR) : - Le site du **NCSC-NL** recense également des outils, qui n'ont pas été qualifiés par le NCSC-NL ni par le CERT-FR : - La **CISA** a publié un scanner basé sur des outils issus de la communauté open-source :Solution
Il est fortement recommandé aux utilisateurs d'applications ou de logiciels sur étagère basés sur la technologie Java/J2EE :
- de conserver les journaux a minima depuis le 1er décembre 2021 à des fins d'analyse ultérieure ;
- de préparer sans délai des mesures de préservation en cas d'incident majeur, notamment par la mise hors ligne de sauvegardes à jour ;
- de filtrer et de journaliser les flux sortants des serveurs pour les limiter aux seuls flux autorisés vers des services de confiance ;
- de prendre contact avec le développeur ou l'éditeur pour vérifier s'ils sont exposés à cette vulnérabilité et si un correctif est disponible.
Il est fortement recommandé aux développeurs/éditeurs :
- d'inventorier les solutions affectées par les vulnérabilités ;
- d'informer les utilisateurs et clients de leurs statuts et des actions en cours ;
- de corriger les solutions en utilisant à minima la version 2.17.0 pour java 8 ou la version 2.12.3 pour java 7 et idéalement la version 2.17.1 pour java 8 ou la version 2.12.4 pour java 7 ;
- de fournir une nouvelle version de leurs solutions dans les plus brefs délais.
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
La mise à jour d’un produit ou d’un logiciel est une opération délicate qui doit être menée avec prudence. Il est notamment recommandé d’effectuer des tests autant que possible. Des dispositions doivent également être prises pour garantir la continuité de service en cas de difficultés lors de l’application des mises à jour comme des correctifs ou des changements de version.
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Apache | N/A | Apache Log4j versions 2.0 à 2.14.1 | ||
| Apache | N/A | Apache Log4j versions 1.x (versions obsolètes) sous réserve d'une configuration particulière, cf. ci-dessous | ||
| Apache | N/A | Apache Log4j version 2.15.0 | ||
| Apache | N/A | Les produits utilisant une version vulnérable de Apache Log4j : les CERT nationaux européens tiennent à jour une liste complète des produits et de leur statut vis-à-vis de la vulnérabilité [2] | ||
| Apache | N/A | Apache Log4j versions 2.16.0 et 2.12.2 (java 7) |
References
| Title | Publication Time | Tags | ||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Apache Log4j versions 2.0 \u00e0 2.14.1",
"product": {
"name": "N/A",
"vendor": {
"name": "Apache",
"scada": false
}
}
},
{
"description": "Apache Log4j versions 1.x (versions obsol\u00e8tes) sous r\u00e9serve d\u0027une configuration particuli\u00e8re, cf. ci-dessous",
"product": {
"name": "N/A",
"vendor": {
"name": "Apache",
"scada": false
}
}
},
{
"description": "Apache Log4j version 2.15.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Apache",
"scada": false
}
}
},
{
"description": "Les produits utilisant une version vuln\u00e9rable de Apache Log4j : les CERT nationaux europ\u00e9ens tiennent \u00e0 jour une liste compl\u00e8te des produits et de leur statut vis-\u00e0-vis de la vuln\u00e9rabilit\u00e9 [2]",
"product": {
"name": "N/A",
"vendor": {
"name": "Apache",
"scada": false
}
}
},
{
"description": "Apache Log4j versions 2.16.0 et 2.12.2 (java 7)",
"product": {
"name": "N/A",
"vendor": {
"name": "Apache",
"scada": false
}
}
}
],
"affected_systems_content": "",
"closed_at": "2022-05-04",
"content": "## Contournement provisoire\n\nLa version 1 de log4j a \u00e9t\u00e9 initialement d\u00e9clar\u00e9e vuln\u00e9rable cependant\nla vuln\u00e9rabilit\u00e9 n\u0027existe que si le composant *JMS Appender* est\nconfigur\u00e9 pour prendre en compte *JNDI*. Il s\u0027agit donc d\u0027une\nconfiguration tr\u00e8s sp\u00e9cifique \\[1\\]\\[3\\].\n\nIl est recommand\u00e9 d\u0027utiliser une version \u00e0 jour de l\u0027environnement\nd\u0027ex\u00e9cution Java (les versions 8u191 et ult\u00e9rieures apportent des\nrestrictions pour les appels JNDI bas\u00e9s sur LDAP et RMI), cependant les\ncodes d\u0027exploitation les plus r\u00e9cents sont en mesure de contourner ces\nprotections pour continuer d\u0027exploiter la vuln\u00e9rabilit\u00e9.\n\n\u003cspan class=\"mx_MTextBody mx_EventTile_content\"\u003e\u003cspan\nclass=\"mx_EventTile_body\" dir=\"auto\"\u003eLa mise en place de filtres au\nniveau de vos pare-feux applicatifs pour bloquer les tentatives\nd\u0027exploitation de cette vuln\u00e9rabilit\u00e9 peut constituer une premi\u00e8re\nmesure d\u0027urgence mais elle reste insuffisante : les attaquants utilisent\ndiff\u00e9rentes techniques d\u0027obscurcissement des donn\u00e9es inject\u00e9es pour\ncontourner ces filtres. \u003c/span\u003e\u003c/span\u003e\n\n**Les contournements propos\u00e9s initialement ne permettent plus de se\npr\u00e9munir contre certaines formes d\u0027exploitation. Face \u00e0 la possibilit\u00e9\nque d\u0027autres exploitations soient encore d\u00e9couvertes y compris pour la\nversion 2.15.0, le CERT-FR recommande d\u0027utiliser les versions les plus \u00e0\njour de la biblioth\u00e8que.**\n\nEn cas d\u0027impossibilit\u00e9 de migration, il reste possible de **supprimer la\nclasse Java vuln\u00e9rable**. Cette op\u00e9ration impose de tester le\nfonctionnement de l\u0027application afin d\u0027identifier les impacts de la\nmodification sur son fonctionnement.\n\nCette suppression peut par exemple \u00eatre effectu\u00e9e avec la commande\nsuivante : *zip -q -d log4j-core-\\*.jar\norg/apache/logging/log4j/core/lookup/JndiLookup.class*\n\n### Outillage\n\n\u003cdiv markdown=\"1\"\u003e\n\n\u003cdiv markdown=\"1\"\u003e\n\n- Des outils de recherche de la biblioth\u00e8que Log4j sont propos\u00e9s par\n le **CERT/CC** (non qualifi\u00e9s par le CERT-FR) :\n \u003chttps://github.com/CERTCC/CVE-2021-44228_scanner\u003e\n- Le site du **NCSC-NL** recense \u00e9galement des outils, qui n\u0027ont pas\n \u00e9t\u00e9 qualifi\u00e9s par le NCSC-NL ni par le CERT-FR :\n \u003chttps://github.com/NCSC-NL/log4shell/tree/main/scanning\u003e\n- La **CISA** a publi\u00e9 un scanner bas\u00e9 sur des outils issus de la\n communaut\u00e9 open-source : \u003chttps://github.com/cisagov/log4j-scanner\u003e\n\n\u003c/div\u003e\n\n\u003c/div\u003e\n\n\u003cdiv markdown=\"1\"\u003e\n\n\u003c/div\u003e\n\n## Solution\n\nIl est fortement recommand\u00e9 \u003cu\u003eaux utilisateurs\u003c/u\u003e d\u0027applications ou de\nlogiciels sur \u00e9tag\u00e8re bas\u00e9s sur la technologie Java/J2EE :\n\n- de conserver les journaux a minima depuis le 1er d\u00e9cembre 2021 \u00e0 des\n fins d\u0027analyse ult\u00e9rieure ;\n- de pr\u00e9parer sans d\u00e9lai des mesures de pr\u00e9servation en cas d\u0027incident\n majeur, notamment par la mise hors ligne de sauvegardes \u00e0 jour ;\n- de filtrer et de journaliser les flux sortants des serveurs pour les\n limiter aux seuls flux autoris\u00e9s vers des services de confiance ;\n- de prendre contact avec le d\u00e9veloppeur ou l\u0027\u00e9diteur pour v\u00e9rifier\n s\u0027ils sont expos\u00e9s \u00e0 cette vuln\u00e9rabilit\u00e9 et si un correctif est\n disponible.\n\nIl est fortement recommand\u00e9 aux \u003cu\u003ed\u00e9veloppeurs/\u00e9diteurs\u003c/u\u003e :\n\n- d\u0027inventorier les solutions affect\u00e9es par les vuln\u00e9rabilit\u00e9s ;\n- d\u0027informer les utilisateurs et clients de leurs statuts et des\n actions en cours ;\n- de corriger les solutions en utilisant **\u00e0 minima la version 2.17.0\n pour java 8** ou **la version 2.12.3 pour java 7** et **id\u00e9alement\n la version 2.17.1 pour java 8** ou **la version 2.12.4 pour java 7**\n ;\n- de fournir une nouvelle version de leurs solutions dans les plus\n brefs d\u00e9lais.\n\n\u00a0\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n\n\u00a0\n\n------------------------------------------------------------------------\n\nLa mise \u00e0 jour d\u2019un produit ou d\u2019un logiciel est une op\u00e9ration d\u00e9licate\nqui doit \u00eatre men\u00e9e avec prudence. Il est notamment recommand\u00e9\nd\u2019effectuer des tests autant que possible. Des dispositions doivent\n\u00e9galement \u00eatre prises pour garantir la continuit\u00e9 de service en cas de\ndifficult\u00e9s lors de l\u2019application des mises \u00e0 jour comme des correctifs\nou des changements de version.\n\n",
"cves": [
{
"name": "CVE-2021-4104",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-4104"
},
{
"name": "CVE-2021-44832",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44832"
},
{
"name": "CVE-2021-45105",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-45105"
},
{
"name": "CVE-2021-45046",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-45046"
},
{
"name": "CVE-2021-44228",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44228"
}
],
"links": [
{
"title": "[6] R\u00e9f\u00e9rence CVE CVE-2021-44832",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44832"
},
{
"title": "[1]",
"url": "https://github.com/apache/logging-log4j2/pull/608#issuecomment-990494126"
},
{
"title": "[5] R\u00e9f\u00e9rence CVE CVE-2021-45105",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-45105"
},
{
"title": "R\u00e9f\u00e9rence CVE CVE-2021-44228",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44228"
},
{
"title": "[4] R\u00e9f\u00e9rence CVE CVE-2021-45046",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-45046"
},
{
"title": "[2] liste des produits et de leurs statuts vis-\u00e0-vis de la vuln\u00e9rabilit\u00e9",
"url": "https://github.com/NCSC-NL/log4shell/tree/main/software"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Apache du 09 d\u00e9cembre 2021",
"url": "https://logging.apache.org/log4j/2.x/security.html"
},
{
"title": "[3] R\u00e9f\u00e9rence CVE CVE-2021-4104",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-4104"
}
],
"reference": "CERTFR-2021-ALE-022",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2021-12-10T00:00:00.000000"
},
{
"description": "Compl\u00e9ment concernant les versions vuln\u00e9rables",
"revision_date": "2021-12-12T00:00:00.000000"
},
{
"description": "compl\u00e9ment concernant la jre",
"revision_date": "2021-12-12T00:00:00.000000"
},
{
"description": "ajout d\u0027aide \u00e0 la d\u00e9tection, note sur l\u0027utilisation des pare-feux applicatifs, compl\u00e9ment sur les solutions.",
"revision_date": "2021-12-14T00:00:00.000000"
},
{
"description": "Ajout de r\u00e9f\u00e9rence vers les outils de d\u00e9tection et note importante sur les m\u00e9thodes d\u0027attaque ainsi que les derni\u00e8res versions de log4j",
"revision_date": "2021-12-15T00:00:00.000000"
},
{
"description": "Evolution de la section solution",
"revision_date": "2021-12-16T00:00:00.000000"
},
{
"description": "prise en compte de la CVE-2021-45105 et ajout d\u0027\u00e9l\u00e9ments d\u0027aide \u00e0 la d\u00e9tection",
"revision_date": "2021-12-20T00:00:00.000000"
},
{
"description": "correction motif de d\u00e9tection, compl\u00e9ment outillage, note sur la possibilit\u00e9 d\u0027exploiter la vuln\u00e9rabilit\u00e9 sur une application interne",
"revision_date": "2021-12-22T00:00:00.000000"
},
{
"description": "Prise en compte de la CVE-2021-44832",
"revision_date": "2022-01-05T00:00:00.000000"
},
{
"description": "correction date 05 janvier 2022, ajout du fichier signatures",
"revision_date": "2022-01-07T00:00:00.000000"
},
{
"description": "Cl\u00f4ture de l\u0027alerte. Cela ne signifie pas la fin d\u0027une menace. Seule l\u0027application de la mise \u00e0 jour permet de vous pr\u00e9munir contre l\u0027exploitation de la vuln\u00e9rabilit\u00e9 correspondante.",
"revision_date": "2022-05-04T00:00:00.000000"
}
],
"risks": [
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
}
],
"summary": "Une vuln\u00e9rabilit\u00e9 a \u00e9t\u00e9 d\u00e9couverte dans la biblioth\u00e8que de\njournalisation Apache log4j. Cette biblioth\u00e8que est tr\u00e8s souvent\nutilis\u00e9e dans les projets de d\u00e9veloppement d\u0027application Java/J2EE ainsi\nque par les \u00e9diteurs de solutions logicielles sur \u00e9tag\u00e8re bas\u00e9es sur\nJava/J2EE.\n\nCette vuln\u00e9rabilit\u00e9 permet \u00e0 un attaquant de provoquer une ex\u00e9cution de\ncode arbitraire \u00e0 distance s\u0027il a la capacit\u00e9 de soumettre une donn\u00e9e \u00e0\nune application qui utilise la biblioth\u00e8que log4j pour journaliser\nl\u0027\u00e9v\u00e8nement. Cette attaque peut \u00eatre r\u00e9alis\u00e9e sans \u00eatre authentifi\u00e9, par\nexemple en tirant parti d\u0027une page d\u0027authentification qui journalise les\nerreurs d\u0027authentification.\n\nDes preuves de concept ont d\u00e9j\u00e0 \u00e9t\u00e9 publi\u00e9es. Cette vuln\u00e9rabilit\u00e9 fait\nd\u00e9sormais l\u0027objet d\u0027une exploitation active.\n\n\u003cdiv markdown=\"1\"\u003e\n\n\u003cdiv markdown=\"1\"\u003e\n\n\u003cdiv markdown=\"1\"\u003e\n\n\u003c/div\u003e\n\n\u003c/div\u003e\n\n\u003c/div\u003e\n\n### D\u00e9tection\n\n\u003cdiv markdown=\"1\"\u003e\n\n\u003cdiv markdown=\"1\"\u003e\n\nLe CERT-FR recommande de r\u00e9aliser une analyse approfondie des journaux\nr\u00e9seau. Les motifs suivants permettent d\u0027identifier une tentative\nd\u0027exploitation de cette vuln\u00e9rabilit\u00e9 lorsqu\u0027ils sont utilis\u00e9s dans les\nURLs ou certaines en-t\u00eates HTTP comme *user-agent* :\n\n\u003c/div\u003e\n\n\u003e \u003cdiv markdown=\"1\"\u003e\n\u003e\n\u003e \u003c/div\u003e\n\u003e\n\u003e \u003cdiv markdown=\"1\"\u003e\n\u003e\n\u003e \\${jndi:\n\u003e\n\u003e \u003c/div\u003e\n\u003e\n\u003e \u003cdiv markdown=\"1\"\u003e\n\u003e\n\u003e \u003cdiv markdown=\"1\"\u003e\n\u003e\n\u003e \\$%7Bjndi:\u00a0\u00a0\u00a0\u00a0 (prend en compte un obscurcissement simple)\n\u003e\n\u003e \u003c/div\u003e\n\u003e\n\u003e \u003c/div\u003e\n\u003e\n\u003e \u003cdiv markdown=\"1\"\u003e\n\u003e\n\u003e \u003c/div\u003e\n\n\u003cdiv markdown=\"1\"\u003e\n\nCependant, les attaquants peuvent utiliser des moyens d\u2019obscurcissement\npour contourner les motifs de d\u00e9tection pr\u00e9c\u00e9dents. Les motifs suivants\npermettent de prendre en compte certaines m\u00e9thodes d\u0027obscurcissement\nmais \u003cstrong\u003epeuvent provoquer des faux positifs : \n\u003c/strong\u003e\n\n\u003c/div\u003e\n\n\u003c/div\u003e\n\n\u003e \u003cdiv markdown=\"1\"\u003e\n\u003e\n\u003e \u003cdiv markdown=\"1\"\u003e\n\u003e\n\u003e \\${\\${\n\u003e\n\u003e \u003c/div\u003e\n\u003e\n\u003e \u003c/div\u003e\n\u003e\n\u003e \u003cdiv markdown=\"1\"\u003e\n\u003e\n\u003e \u003cspan class=\"mx_MTextBody mx_EventTile_content\"\u003e\u003cspan\n\u003e class=\"mx_EventTile_body\" dir=\"auto\"\u003e\\${::-\u003c/span\u003e\u003c/span\u003e\n\u003e\n\u003e \u003c/div\u003e\n\u003e\n\u003e \u003cdiv markdown=\"1\"\u003e\n\u003e\n\u003e \u003cspan class=\"mx_MTextBody mx_EventTile_content\"\u003e\u003cspan\n\u003e class=\"mx_EventTile_body\" dir=\"auto\"\u003e%24%7B%3A%3A-\u003c/span\u003e\u003c/span\u003e\n\u003e\n\u003e \u003c/div\u003e\n\u003e\n\u003e \u003cdiv markdown=\"1\"\u003e\n\u003e\n\u003e \u003cspan class=\"mx_MTextBody mx_EventTile_content\"\u003e\u003cspan\n\u003e class=\"mx_EventTile_body\" dir=\"auto\"\u003e\\${env:\u003c/span\u003e\u003c/span\u003e\n\u003e\n\u003e \u003c/div\u003e\n\u003e\n\u003e \u003cdiv markdown=\"1\"\u003e\n\u003e\n\u003e \u003cspan class=\"mx_MTextBody mx_EventTile_content\"\u003e\u003cspan\n\u003e class=\"mx_EventTile_body\" dir=\"auto\"\u003e\\${date:\u003c/span\u003e\u003c/span\u003e\n\u003e\n\u003e \u003c/div\u003e\n\u003e\n\u003e \u003cdiv markdown=\"1\"\u003e\n\u003e\n\u003e \u003cspan class=\"mx_MTextBody mx_EventTile_content\"\u003e\u003cspan\n\u003e class=\"mx_EventTile_body\" dir=\"auto\"\u003e\\${lower:\u003c/span\u003e\u003c/span\u003e\n\u003e\n\u003e \u003c/div\u003e\n\u003e\n\u003e \u003cdiv markdown=\"1\"\u003e\n\u003e\n\u003e \u003cspan class=\"mx_MTextBody mx_EventTile_content\"\u003e\u003cspan\n\u003e class=\"mx_EventTile_body\" dir=\"auto\"\u003e\\${upper:\u003c/span\u003e\u003c/span\u003e\n\u003e\n\u003e \u003c/div\u003e\n\u003e\n\u003e \u003cdiv markdown=\"1\"\u003e\n\u003e\n\u003e \u003cspan class=\"mx_MTextBody mx_EventTile_content\"\u003e\u003cspan\n\u003e class=\"mx_EventTile_body\" dir=\"auto\"\u003ehostName}\u003c/span\u003e\u003c/span\u003e\n\u003e\n\u003e \u003c/div\u003e\n\u003e\n\u003e \u003cdiv markdown=\"1\"\u003e\n\u003e\n\u003e \u003cspan class=\"mx_MTextBody mx_EventTile_content\"\u003e\u003cspan\n\u003e class=\"mx_EventTile_body\" dir=\"auto\"\u003e}\\${\u003c/span\u003e\u003c/span\u003e\n\u003e\n\u003e \u003c/div\u003e\n\u003e\n\u003e \u003cdiv markdown=\"1\"\u003e\n\u003e\n\u003e \\${\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 (g\u00e9n\u00e8re beaucoup de faux positifs, mais tr\u00e8s\n\u003e exhaustif)\n\u003e\n\u003e \u003c/div\u003e\n\n\u003cdiv markdown=\"1\"\u003e\n\n\u003cdiv markdown=\"1\"\u003e\n\n\u003cspan style=\"color: #ff0000;\" darkreader-inline-color=\"\"\u003e\u003cstrong\u003e\u00a0\u003c/strong\u003e\u003c/span\u003e\n\n\u003c/div\u003e\n\n\u003cdiv markdown=\"1\"\u003e\n\n\u003cdiv markdown=\"1\"\u003e\n\nAfin de d\u00e9terminer si une tentative d\u0027exploitation a r\u00e9ussi, et dans le\ncas o\u00f9 vous disposeriez de journaux contenant des requ\u00eates DNS, il est\nrecommand\u00e9 de les corr\u00e9ler aux r\u00e9sultats des motifs pr\u00e9c\u00e9demment\n\u00e9nonc\u00e9s. En effet, si l\u2019ex\u00e9cution d\u0027une requ\u00eate de type\n*\\${jndi:xxx://nom.domaine.com}* a fonctionn\u00e9, une r\u00e9solution DNS sera\nalors effectu\u00e9e pour r\u00e9soudre le nom de domaine externe\n*nom*.*domaine.com*. L\u0027\u00e9mission d\u0027une requ\u00eate DNS peut \u00e9galement faire\nl\u0027objet d\u0027une trace dans les journaux du serveur applicatif. Ainsi, il\npeut \u00eatre utile de chercher le motif *com.sun.jndi.dns.DnsContext@* dans\nces journaux.\n\n\u003c/div\u003e\n\n\u003cdiv markdown=\"1\"\u003e\n\nNote : une r\u00e9solution de domaine externe ne signifie pas qu\u0027une\nex\u00e9cution de code a r\u00e9ussi mais permet de \u003cstrong\u003econfirmer que l\u0027application\nest vuln\u00e9rable\u003c/strong\u003e. Il sera donc n\u00e9cessaire de poursuivre l\u0027analyse des\njournaux pour d\u00e9tecter une compromission.\n\n\u003c/div\u003e\n\n\u003cdiv markdown=\"1\"\u003e\n\n\u003c/div\u003e\n\n\u003cdiv markdown=\"1\"\u003e\n\nEn compl\u00e9ment des informations ci-dessus, une requ\u00eate de type\n*\\${jndi:dns://serveur_dns/enregistrement_TXT}* est \u00e9galement utilisable\npar l\u0027attaquant pour tester la pr\u00e9sence de la vuln\u00e9rabilit\u00e9.\n\n\u003c/div\u003e\n\n\u003c/div\u003e\n\n\u003cdiv markdown=\"1\"\u003e\n\n\u003c/div\u003e\n\n\u003c/div\u003e\n\n\u003cdiv markdown=\"1\"\u003e\n\nIl est \u00e9galement int\u00e9ressant de rechercher les motifs suivants dans les\nfichiers journaux des applications :\n\n\u003c/div\u003e\n\n- le motif\u00a0*\u003cspan class=\"mx_MTextBody mx_EventTile_content\"\u003e\u003cspan\n class=\"mx_EventTile_body markdown-body\"\n dir=\"auto\"\u003ecom.sun.jndi.ldap.LdapCtx@\u003c/span\u003e\u003c/span\u003e* (et non pas\n *com.sun.jndi.dns.DnsContext@* comme indiqu\u00e9 pr\u00e9c\u00e9demment)\n appara\u00eetra lorsqu\u0027une injection LDAP est utilis\u00e9e pour r\u00e9cup\u00e9rer du\n contenu qui ne serait pas un objet java au standard rfc2713 : il\n peut s\u0027agir d\u0027un scan de d\u00e9tection ou d\u0027une tentative erron\u00e9e d\u0027un\n attaquant\n- l\u0027injection sera enregistr\u00e9e dans les journaux telle qu\u0027elle a \u00e9t\u00e9\n soumise par l\u0027attaquant si le serveur LDAP n\u0027est pas joignable ou si\n l\u0027objet qu\u0027il souhaitait t\u00e9l\u00e9charger n\u0027est pas trouv\u00e9 sur le serveur\n LDAP : il est donc possible de trouver des tentatives d\u0027injection\n sous une forme obscurcie dans les journaux, les motifs pr\u00e9c\u00e9demment\n list\u00e9s peuvent donc \u00eatre utilis\u00e9s pour identifier toutes les\n tentatives\n- une erreur contenant le motif \"Reference Class Name:\" suivi d\u0027un nom\n de classe puis des lignes commen\u00e7ant par \"*Type:*\" et \"*Content:*\"\n peut appara\u00eetre dans les journaux si l\u0027injection LDAP fonctionne\n mais que la classe contenant la charge utile ne peut pas \u00eatre\n r\u00e9cup\u00e9r\u00e9e sur le serveur LDAP vis\u00e9\n- il peut \u00eatre int\u00e9ressant de chercher des injections en DNS et LDAP\n bas\u00e9es sur la classe *JavaLookup* tels que *\\${java:hw}*,\n *\\${java:vm}* et *\\${java:os}*. Ces derni\u00e8res sont utilis\u00e9es par les\n attaquants pour obtenir des informations sur la machine cibl\u00e9e.* \n *\n\n\u003cspan style=\"color: #ff0000;\"\u003e\u003cstrong\u003e\\[Mise \u00e0 jour du 07 janvier\n2022\\]\u003c/strong\u003e\u003c/span\u003e Le CERT-FR propose au t\u00e9l\u00e9chargement un ensemble de\nr\u00e8gles de d\u00e9tection bas\u00e9es sur la syntaxe utilis\u00e9e par l\u0027outil suricata.\nCes r\u00e8gles peuvent \u00eatre mises en \u0153uvre, apr\u00e8s adaptation, sur un\n\u00e9quipement de d\u00e9tection r\u00e9seau ou un pare-feu applicatif. Un guide de\nmise en \u0153uvre est \u00e9galement propos\u00e9.\n\n- le guide est disponible \u003cspan style=\"color: #ff0000;\"\u003e\u003ca\n href=\"/uploads/ANSSI_Detection_log4j_NP_TLP_WHITE_v1.0.6.pdf\"\n style=\"color: #ff0000;\"\u003eici\u003c/a\u003e\u003c/span\u003e.\n- les r\u00e8gles sont disponibles\n [ici](/uploads/anssi_cve_2021_44228_and_jndi_export_v3.txt).\n\n\u003cdiv markdown=\"1\"\u003e\n\n\u003cdiv markdown=\"1\"\u003e\n\n### Pr\u00e9cisions sur les CVE-2021-45046 et CVE-2021-45105\n\n\u003cdiv markdown=\"1\"\u003e\n\n\u003cdiv markdown=\"1\"\u003e\n\nLa version 2.15.0 recommand\u00e9e jusqu\u0027\u00e0 pr\u00e9sent est affect\u00e9e par une autre\nvuln\u00e9rabilit\u00e9, d\u00e9sign\u00e9e par l\u0027identifiant CVE-2021-45046 \\[4\\]. Cette\nvuln\u00e9rabilit\u00e9 permet \u00e0 un attaquant non authentifi\u00e9 d\u0027effectuer un d\u00e9ni\nde service. Par ailleurs, des chercheurs ont mis en \u00e9vidence la\npossibilit\u00e9 d\u0027exfiltrer des donn\u00e9es dans certaines configurations non\nd\u00e9taill\u00e9es.\n\n\u003c/div\u003e\n\n\u003cdiv markdown=\"1\"\u003e\n\nPar ailleurs, les versions 2.16.0 et 2.12.2 sont affect\u00e9es par une\nnouvelle vuln\u00e9rabilit\u00e9, d\u00e9sign\u00e9e par l\u0027identifiant CVE-2021-45105 \\[5\\],\nqui permet de provoquer un d\u00e9ni de service \u00e0 distance.\n\n\u003c/div\u003e\n\n### Pr\u00e9cisions sur la CVE-2021-44832\n\nLa version 2.17.0 recommand\u00e9e jusqu\u0027\u00e0 pr\u00e9sent est affect\u00e9e par une\nvuln\u00e9rabilit\u00e9, d\u00e9sign\u00e9e par l\u0027identifiant CVE-2021-44832 \\[6\\]. Cette\nvuln\u00e9rabilit\u00e9 permet \u00e0 un attaquant, autoris\u00e9 \u00e0 modifier le fichier de\nconfiguration Log4J, d\u0027effectuer une ex\u00e9cution de code \u00e0 distance. La\ncomplexit\u00e9 de l\u0027attaque \u00e9tant \u00e9lev\u00e9e, le CERT-FR continue de recommander\nla mise \u00e0 jour des composants Log4j \u00e0 la version 2.17.0 pour java 8 et\n2.12.3 pour java7. Par ailleurs, il est fortement recommand\u00e9 de rester\nattentif aux nouvelles vuln\u00e9rabilit\u00e9s Log4j qui pourraient \u00eatre\nidentifi\u00e9es \u00e0 l\u0027avenir ainsi qu\u0027aux correctifs propos\u00e9s par Apache.\n\n### Pr\u00e9cisions sur les modes d\u0027attaque\n\n\u003cdiv markdown=\"1\"\u003e\n\n\u003cdiv markdown=\"1\"\u003e\n\nIl convient \u00e9galement de noter que des techniques permettent d\u0027exploiter\nla vuln\u00e9rabilit\u00e9 localement sans recourir \u00e0 un serveur tiers\nmalveillant. L\u0027attaquant peut injecter un code malveillant dans la\nrequ\u00eate initiale s\u0027il a suffisamment d\u0027informations sur l\u0027application\nvuln\u00e9rable qu\u0027il cible. Cette attaque requiert donc une premi\u00e8re phase\nde reconnaissance et de collecte de donn\u00e9es. Cette phase est possible\ntant que n\u0027ont pas \u00e9t\u00e9 appliqu\u00e9s : d\u0027une part, un filtrage r\u00e9seau\nad\u00e9quat et d\u0027autre part, le correctif ou, \u00e0 d\u00e9faut, les mesures de\ncontournement. Il est donc important de disposer des journaux de ces\nenvironnements pour rechercher des \u00e9ventuelles traces d\u0027exfiltration de\ndonn\u00e9es. Les moyens de d\u00e9tection pr\u00e9c\u00e9demment peuvent \u00eatre utilis\u00e9s \u00e0\ncette fin.\n\n\u003c/div\u003e\n\n\u003cdiv markdown=\"1\"\u003e\n\n\u003cspan style=\"color: #ff0000;\" darkreader-inline-color=\"\"\u003e\u003cstrong\u003e\u00a0\u003c/strong\u003e\u003c/span\u003e\n\n\u003c/div\u003e\n\n\u003cdiv markdown=\"1\"\u003e\n\n\u003cdiv markdown=\"1\"\u003e\n\nPour rappel : une application utilisant une version non vuln\u00e9rable de\nlog4j peut transmettre des donn\u00e9es \u00e0 une autre application qui utilise\nune version vuln\u00e9rable de cette biblioth\u00e8que. L\u2019attaquant pourra\nexploiter la vuln\u00e9rabilit\u00e9 dans la seconde application en soumettant une\ndonn\u00e9e malveillante via la premi\u00e8re. Par cons\u00e9quent, le CERT-FR\nrecommande de ne pas limiter l\u0027identification de la vuln\u00e9rabilit\u00e9 aux\nseules applications expos\u00e9es sur Internet, mais \u00e9galement aux\napplications internes. L\u0027utilisation d\u0027outils tels que ceux list\u00e9s\nci-dessous facilitera leur identification.\n\n\u003c/div\u003e\n\n\u003c/div\u003e\n\n\u003c/div\u003e\n\n\u003c/div\u003e\n\n\u003c/div\u003e\n\n\u003c/div\u003e\n",
"title": "[MaJ] Vuln\u00e9rabilit\u00e9 dans Apache Log4j",
"vendor_advisories": []
}
CISCO-SA-APACHE-LOG4J-QRUKNEBD
Vulnerability from csaf_cisco - Published: 2021-12-10 18:45 - Updated: 2022-01-31 21:16Summary
Vulnerabilities in Apache Log4j Library Affecting Cisco Products: December 2021
Notes
Summary
Critical Vulnerabilities in Apache Log4j Java Logging Library
On December 9, 2021, the following critical vulnerability in the Apache Log4j Java logging library affecting all Log4j2 versions earlier than 2.15.0 was disclosed:
CVE-2021-44228: Apache Log4j2 JNDI features do not protect against attacker controlled LDAP and other JNDI related endpoints
On December 14, 2021, the following critical vulnerability, which affects certain Apache Log4j use cases in versions 2.15.0 and earlier, was disclosed:
CVE-2021-45046: Apache Log4j2 Thread Context Message Pattern and Context Lookup Pattern vulnerable to a denial of service attack
On December 18, 2021, a vulnerability in the Apache Log4j component affecting versions 2.16 and earlier was disclosed:
CVE-2021-45105: Apache Log4j2 does not always protect from infinite recursion in lookup evaluation
On December 28, 2021, a vulnerability in the Apache Log4j component affecting versions 2.17 and earlier was disclosed:
CVE-2021-44832: Apache Log4j2 vulnerable to RCE via JDBC Appender when attacker controls configuration
For a description of these vulnerabilities, see the Apache Log4j Security Vulnerabilities ["https://logging.apache.org/log4j/2.x/security.html"] page.
Cisco's Response to These Vulnerabilities
Cisco assessed all products and services for impact from both CVE-2021-44228 and CVE-2021-45046. To help detect exploitation of these vulnerabilities, Cisco has released Snort rules at the following location: Talos Rules 2021-12-21 ["https://www.snort.org/advisories/talos-rules-2021-12-21"]
Product fixes that are listed in this advisory will address both CVE-2021-44228 and CVE-2021-45046 unless otherwise noted.
Cisco has reviewed CVE-2021-45105 and CVE-2021-44832 and has determined that no Cisco products or cloud offerings are impacted by these vulnerabilities.
Cisco's standard practice is to update integrated third-party software components to later versions as they become available.
Affected Products
Cisco investigated its product line to determine which products may be affected by these vulnerabilities.
This advisory only lists Cisco products and services that are known to include the impacted software component and thus may be vulnerable. Products and services that do not contain the impacted software component are not vulnerable and therefore are not listed in this advisory. Any Cisco product or service that is not explicitly listed in the Affected Products section of this advisory is not affected by the vulnerability or vulnerabilities described.
The Vulnerable Products ["#vp"] section includes Cisco bug IDs for each affected product. The bugs are accessible through the Cisco Bug Search Tool and contain additional platform-specific information, including workarounds (if available) and fixed software releases.
Vulnerable Products
Cisco investigated its product line to determine which products may be affected by these vulnerabilities.
The following table lists Cisco products that are affected by one or both of the vulnerabilities that are described in this advisory. Customers should refer to the associated Cisco bug(s) for further details.
Product Cisco Bug ID Fixed Release Availability ["https://sec.cloudapps.cisco.com/security/center/resources/security_vulnerability_policy.html#fixes"] Collaboration and Social Media Cisco Webex Meetings Server CSCwa47283 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa47283"] CWMS-3.0MR4SP3 patch (21 Dec 2021)
CWMS-4.0MR4SP3 patch (21 Dec 2021)
CWMS-3.0MR4SP2 patch (14 Dec 2021)
CWMS-4.0MR4SP2 patch (14 Dec 2021) Endpoint Clients and Client Software Cisco CX Cloud Agent Software CSCwa47272 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa47272"] 1.12.2 (17 Dec 2021) Network Application, Service, and Acceleration Cisco Call Studio CSCwa54008 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa54008"] 11.6(2) (23 Dec 2021)
12.0(1) (23 Dec 2021)
12.5(1) (23 Dec 2021)
12.6(1) (23 Dec 2021) Cisco Nexus Insights CSCwa47284 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa47284"] 6.0.2 (17 Dec 2021) Network and Content Security Devices Cisco Firepower Threat Defense (FTD) managed by Firepower Device Manager (FDM) CSCwa46963 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa46963"] 6.2.3 hotfix (Available)
6.4.0 hotfix (Available)
6.6.5 hotfix (Available)
6.7.0 hotfix (Available)
7.0.1 hotfix (Available)
7.1.0 hotfix (Available) Cisco Identity Services Engine (ISE) CSCwa47133 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa47133"] 2.4 hotfix (15 Dec 2021)
2.6 hotfix (15 Dec 2021)
2.7 hotfix (15 Dec 2021)
3.0 hotfix (15 Dec 2021)
3.1 hotfix (17 Dec 2021) Network Management and Provisioning Cisco Application Policy Infrastructure Controller (APIC) - Network Insights Base App CSCwa47295 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa47295"] 4.2(7r) (Available)
5.2(3g) (Available) Cisco Automated Subsea Tuning CSCwa48806 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa48806"] 2.1.0.4 (22 Dec 2021) Cisco Business Process Automation CSCwa47269 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa47269"] 3.0.000.115 (patch) (17 Dec 2021)
3.1.000.044 (patch) (17 Dec 2021)
3.2.000.009 (patch) (17 Dec 2021) Cisco CloudCenter Cost Optimizer CSCwa48074 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa48074"] 5.5.2 (Available) Cisco CloudCenter Suite Admin CSCwa47349 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa47349"] 5.3.1 (Available) Cisco CloudCenter Workload Manager CSCwa47350 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa47350"] 5.5.2 (Available) Cisco CloudCenter CSCwa48832 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa48832"] 4.10.0.16 (22 Dec 2021) Cisco Common Services Platform Collector (CSPC) CSCwa47271 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa47271"] 2.10.0.1 hotfix (Available)
2.9.1.3 hotfix (Available) Cisco Crosswork Data Gateway CSCwa47257 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa47257"] 2.0.2 patch (21 Dec 2021)
3.0.1 patch (21 Dec 2021) Cisco Crosswork Network Controller CSCwa49936 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa49936"] 2.0.1 patch (22 Dec 2021)
3.0.1 patch (22 Dec 2021) Cisco Crosswork Optimization Engine CSCwa49939 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa49939"] 2.0.1 patch (21 Dec 2021)
3.0.1 patch (21 Dec 2021) Cisco Crosswork Platform Infrastructure CSCwa47367 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa47367"] 4.0.1 patch (22 Dec 2021)
4.1.1 patch (22 Dec 2021) Cisco Crosswork Situation Manager CSCwa51878 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa51878"] 8.0.0.8 patch (21 Dec 2021) Cisco Crosswork Zero Touch Provisioning (ZTP) CSCwa47259 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa47259"] 2.0.1 patch (21 Dec 2021)
3.0.1 patch (21 Dec 2021) Cisco Cyber Vision Sensor Management Extension CSCwa49482 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa49482"] 4.0.3 (22 Dec 2021) Cisco DNA Spaces Connector CSCwa47320 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa47320"] v2.0.588 (Available)
v2.2.12 (Available) Cisco Data Center Network Manager (DCNM) CSCwa47291 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa47291"] 12.0(2f) (Available)
11.5(3) patch (Available)
11.5(2) patch (Available)
11.5(1) patch (Available)
11.4(1) patch (Available)
11.3(1) patch (Available) Cisco Evolved Programmable Network Manager CSCwa47310 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa47310"] 5.1.3.1 patch (22 Dec 2021)
5.0.2.1 patch (13 Jan 2022)
4.1.1.1 patch (13 Jan 2022) Cisco Intersight Virtual Appliance CSCwa47304 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa47304"] 1.0.9-361 (20 Dec 2021) Cisco Network Services Orchestrator (NSO) CSCwa47342 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa47342"] nso-5.3.5.1 (17 Dec 2021)
nso-5.4.5.2 (17 Dec 2021)
nso-5.5.4.1 (17 Dec 2021)
nso-5.6.3.1 (17 Dec 2021) Cisco Nexus Dashboard, formerly Cisco Application Services Engine CSCwa47299 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa47299"] 2.1.2 (23 Dec 2021) Cisco Prime Service Catalog CSCwa47347 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa47347"] 12.1 patch (20 Dec 2021) Cisco Secure Agile Exchange (SAE) Core Function Pack CSCwa52921 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa52921"] 2.4.1 (14 Jan 2022) Cisco Smart PHY CSCwa50021 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa50021"] 3.1.4 patch (Available)
3.2.0 patch (Available)
3.2.1 patch (Available)
21.3 patch (21 Jan 2022) Cisco Virtual Topology System (VTS) CSCwa47334 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa47334"] 2.6.7 (22 Dec 2021) Cisco Virtualized Infrastructure Manager CSCwa49924 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa49924"] 3.2.x patch (17 Dec 2021)
3.4.4 patch (17 Dec 2021)
3.4.6 patch (17 Dec 2021)
4.2.0 patch (17 Dec 2021)
4.2.1 patch (17 Dec 2021) Cisco WAN Automation Engine (WAE) CSCwa47369 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa47369"] 7.5.0.1 (22 Dec 2021)
7.4.0.1 (28 Jan 2022)
7.3.0.2 (28 Jan 2022) Routing and Switching - Enterprise and Service Provider Cisco DNA Center CSCwa47322 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa47322"] 2.2.2.8 patch (Available)
2.1.2.8 patch (Available)
2.2.3.4 patch (Available) Cisco IOx Fog Director CSCwa47370 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa47370"] 1.14.5 patch (16 Dec 2021)
1.16.4 patch (Available) Cisco Network Assurance Engine CSCwa47285 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa47285"] 6.0.2 (23 Dec 2021) Cisco Network Convergence System 1004 CSCwa52235 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa52235"] 7.3.2 SMU/GISO (14 Jan 2022)
7.3.1 SMU (21 Jan 2022) Cisco Optical Network Controller CSCwa48793 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa48793"] 1.1.0 (22 Dec 2021) Cisco SD-WAN vManage CSCwa47745 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa47745"] 20.3.4.1 (Available)
20.6.2.1 (Available)
20.5.1.1 (Available)
20.4.2.1 (Available) Unified Computing Cisco Integrated Management Controller (IMC) Supervisor CSCwa47307 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa47307"] 2.3.2.1 (23 Dec 2021) Cisco UCS Central Software CSCwa47303 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa47303"] 2.0(1p) (22 Dec 2021) Cisco UCS Director CSCwa47288 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa47288"] 6.8.2.0 (23 Dec 2021) Cisco Workload Optimization Manager CSCwa50220 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa50220"] 3.2.1 patch (Available) Voice and Unified Communications Devices Cisco BroadWorks CSCwa47315 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa47315"] 2021.11_1.162 (13 Dec 2021)
ap381882 (15 Dec 2021) Cisco Cloud Connect CSCwa51545 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa51545"] 12.6(1) (Available) Cisco Contact Center Domain Manager (CCDM) CSCwa47383 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa47383"] 12.5(1) ES6 (Available)
12.6(1) ES3 (Available) Cisco Contact Center Management Portal (CCMP) CSCwa47383 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa47383"] 12.5(1) ES6 (Available)
12.6(1) ES3 (Available) Cisco Emergency Responder CSCwa47391 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa47391"] 11.5(4)SU9 patch (16 Dec 2021)
11.5(4)SU10 patch (16 Dec 2021) Cisco Enterprise Chat and Email CSCwa47392 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa47392"] 12.0(1) patch (Available)
12.5 (1) patch (Available)
12.6(1) patch (Available) Cisco Finesse CSCwa46459 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa46459"] 12.6(1)ES03 (23 Dec 2021) Cisco Packaged Contact Center Enterprise CSCwa47274 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa47274"] 11.6(2) (Available)
12.0(1) (Available)
12.5(1) (Available)
12.6(1) (Available) Cisco Paging Server CSCwa47395 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa47395"] 14.4.2 (21 Dec 2021) Cisco Unified Communications Manager / Cisco Unified Communications Manager Session Management Edition CSCwa47249 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa47249"] 11.5(1)SU7 patch (16 Dec 2021)
11.5(1)SU8 patch (16 Dec 2021)
11.5(1)SU9 patch (16 Dec 2021)
11.5(1)SU10 patch (16 Dec 2021)
11.5(1.18119-2) through 11.5(1.23162-1) patch (16 Dec 2021) Cisco Unified Communications Manager IM &Presence Service CSCwa47393 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa47393"] 11.5(1)SU7 patch (16 Dec 2021)
11.5(1)SU8 patch (16 Dec 2021)
11.5(1)SU9 patch (16 Dec 2021)
11.5(1)SU10 patch (16 Dec 2021)
11.5(1.18900-16) patch (16 Dec 2021)
11.5(1.18901-3) patch (16 Dec 2021) Cisco Unified Contact Center Enterprise - Live Data server CSCwa46810 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa46810"] 11.6(1)ES23 (23 Dec 2021)
12.0(1)ES18 (23 Dec 2021)
12.5(1)ES13 (23 Dec 2021)
12.6(1)ES03 (23 Dec 2021) Cisco Unified Contact Center Enterprise CSCwa47273 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa47273"] 11.6(2) (Available)
12.0(1) (Available)
12.5(1) (Available)
12.6(1) (Available) Cisco Unified Contact Center Express CSCwa47388 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa47388"] 12.5(1)SU1 (23 Dec 2021) Cisco Unified Customer Voice Portal CSCwa47275 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa47275"] 11.6(2) (Available)
12.0(1) (Available)
12.5(1) (Available)
12.6(1) (23 Dec 2021) Cisco Unified Intelligence Center CSCwa46525 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa46525"] 12.6(1) (23 Dec 2021) Cisco Unified SIP Proxy Software CSCwa47265 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa47265"] 10.2.1v2 patch (23 Dec 2021) Cisco Unity Connection CSCwa47387 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa47387"] 11.5(1)SU7 patch (16 Dec 2021)
11.5(1)SU8 patch (16 Dec 2021)
11.5(1)SU9 patch (16 Dec 2021)
11.5(1)SU10 patch (16 Dec 2021)
11.5(1.18119-2) through 11.5(1.23162-1) patch (16 Dec 2021) Cisco Virtualized Voice Browser CSCwa47397 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa47397"] 12.5(1) (Available)
12.6(1) (23 Dec 2021) Cisco Webex Workforce Optimization CSCwa51476 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa51476"] Product is End of Software Maintenance - No Fixes Planned Video, Streaming, TelePresence, and Transcoding Devices Cisco Video Surveillance Operations Manager CSCwa47360 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa47360"] 7.14.4 patch (Available) Cisco Vision Dynamic Signage Director CSCwa47351 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa47351"] Contact Cisco TAC for a patch
6.4 SP3 (17 Jan 2021) Wireless Cisco Connected Mobile Experiences (CMX) CSCwa47312 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa47312"] 10.6.3-70 patch (Available)
10.6.3-105 patch (Available)
10.6.2-89 patch (Available)
10.4.1 patch (Available)
Products Confirmed Not Vulnerable
Cisco investigated its product line to determine which products may be affected by these vulnerabilities.
Any product not listed in the Products Under Investigation or Vulnerable Products section of this advisory is to be considered not vulnerable.
Cisco has confirmed that these vulnerabilities do not affect the following Cisco products:
Cable Devices
Cisco GS7000 Nodes
Cisco RF Gateway Series
Cisco Remote PHY 120
Collaboration and Social Media
Cisco SocialMiner
Endpoint Clients and Client Software
Cisco AnyConnect Secure Mobility Client
Cisco Jabber Guest
Cisco Jabber
Cisco Secure Endpoint, formerly Cisco Advanced Malware Protection for Endpoints
Cisco Webex App
Meraki Products
Cisco Meraki Go Series
Cisco Meraki MR Series Cloud-Managed Wireless Access Points
Cisco Meraki MS Series Switches
Cisco Meraki MT Series Sensors
Cisco Meraki MV Series Cloud-Managed Smart Cameras
Cisco Meraki MX Series Cloud-Managed Security and SD-WAN
Cisco Meraki Systems Manager (SM)
Cisco Meraki Z-Series Cloud-Managed Teleworker Gateway
Network Application, Service, and Acceleration
Cisco Cloud Services Platform 2100
Cisco Cloud Services Platform 5000 Series
Cisco Nexus Dashboard Data Broker
Cisco Tetration Analytics
Cisco Wide Area Application Services (WAAS)
ConfD
Network and Content Security Devices
Cisco AMP Virtual Private Cloud Appliance
Cisco Adaptive Security Appliance (ASA) Software
Cisco Adaptive Security Device Manager
Cisco Adaptive Security Virtual Appliance (ASAv)
Cisco Advanced Web Security Reporting Application
Cisco Email Security Appliance (ESA)
Cisco FXOS Firepower Chassis Manager
Cisco Firepower Management Center
Cisco Firepower Next-Generation Intrusion Prevention System (NGIPS)
Cisco Firepower Threat Defense (FTD) managed by Cisco Firepower Management Center
Cisco Secure Email Encryption Add-in
Cisco Secure Email Encryption Plugin for Outlook
Cisco Secure Email Security Plugin for Outlook
Cisco Secure Email and Web Manager, formerly Cisco Content Security Management Appliance (SMA)
Cisco Secure Network Analytics, formerly Stealthwatch Enterprise, Advanced Host Group Automation (AHGA)
Cisco Secure Network Analytics, formerly Stealthwatch Enterprise, Flow Adapter
Cisco Secure Network Analytics, formerly Stealthwatch Enterprise, Network Forensics Automation (NFA)
Cisco Secure Network Analytics, formerly Stealthwatch Enterprise, Proxy Adapter
Cisco Secure Network Analytics, formerly Stealthwatch
Cisco Secure Services Proxy (CSSP)
Cisco Security Malware Analytics Appliance, formerly Cisco Threat Grid Appliance
Cisco Security Manager
Cisco Web Security Appliance (WSA)
Network Management and Provisioning
Cisco ACI Multi-Site Orchestrator
Cisco CloudCenter Action Orchestrator
Cisco Connected Grid Device Manager
Cisco Container Platform
Cisco Crosswork Change Automation
Cisco Crosswork Health Insights
Cisco Crosswork Service Health
Cisco Elastic Services Controller (ESC)
Cisco Intelligent Node (iNode) Manager
Cisco Intersight Mobile App
Cisco IoT Field Network Director, formerly Cisco Connected Grid Network Management System
Cisco Modeling Labs
Cisco NCS 2000 Shelf Virtualization Orchestrator
Cisco Optical Network Planner
Cisco Policy Suite
Cisco Prime Access Registrar
Cisco Prime Cable Provisioning
Cisco Prime Central for Service Providers
Cisco Prime Collaboration Assurance
Cisco Prime Collaboration Deployment
Cisco Prime Collaboration Provisioning
Cisco Prime IP Express
Cisco Prime Infrastructure
Cisco Prime License Manager
Cisco Prime Network Registrar
Cisco Prime Network
Cisco Prime Optical for Service Providers
Cisco Prime Performance Manager
Cisco Prime Provisioning
Cisco Process Orchestrator
Cisco Smart Software Manager On-Prem
Cisco Telemetry Broker
Routing and Switching - Enterprise and Service Provider
Cisco ACI Virtual Edge
Cisco ASR 5000 Series Routers
Cisco Application Policy Infrastructure Controller Enterprise Module (APIC-EM)
Cisco Enterprise NFV Infrastructure Software (NFVIS)
Cisco GGSN Gateway GPRS Support Node
Cisco IOS XR Software
Cisco IOS and IOS XE Software
Cisco IP Services Gateway (IPSG)
Cisco MDS 9000 Series Multilayer Switches
Cisco MME Mobility Management Entity
Cisco Mobility Unified Reporting and Analytics System
Cisco Network Convergence System 2000 Series
Cisco Nexus 3000 Series Switches
Cisco Nexus 5500 Platform Switches
Cisco Nexus 5600 Platform Switches
Cisco Nexus 6000 Series Switches
Cisco Nexus 7000 Series Switches
Cisco Nexus 9000 Series Fabric Switches in Application Centric Infrastructure (ACI) mode
Cisco Nexus 9000 Series Switches in standalone NX-OS mode
Cisco ONS 15454 Series Multiservice Provisioning Platforms
Cisco PDSN/HA Packet Data Serving Node and Home Agent
Cisco PGW Packet Data Network Gateway
Cisco SD-WAN vBond Controller Software
Cisco SD-WAN vEdge 100 Series Routers
Cisco SD-WAN vEdge 1000 Series Routers
Cisco SD-WAN vEdge 2000 Series Routers
Cisco SD-WAN vEdge 5000 Series Routers
Cisco SD-WAN vEdge Cloud Router Platform
Cisco SD-WAN vSmart Controller Software
Cisco System Architecture Evolution Gateway (SAEGW)
Cisco Ultra Cloud Core - Access and Mobility Management Function
Cisco Ultra Cloud Core - Policy Control Function
Cisco Ultra Cloud Core - Redundancy Configuration Manager
Cisco Ultra Cloud Core - Session Management Function
Cisco Ultra Cloud Core - Subscriber Microservices Infrastructure
Cisco Ultra Packet Core
Cisco Ultra Services Platform
Routing and Switching - Small Business
Cisco 220 Series Smart Plus Switches
Cisco 250 Series Smart Switches
Cisco 350 Series Managed Switches
Cisco 550 Series Stackable Managed Switches
Cisco Business 220 Series Smart Switches
Cisco Business 250 Series Smart Switches
Cisco Business 350 Series Managed Switches
Cisco Business Dashboard
Cisco RV110W Wireless-N VPN Firewall
Cisco RV130 VPN Router
Cisco RV130W Wireless-N Multifunction VPN Router
Cisco RV132W ADSL2+ Wireless-N VPN Router
Cisco RV134W VDSL2 Wireless-AC VPN Router
Cisco RV160 VPN Router
Cisco RV160W Wireless-AC VPN Router
Cisco RV215W Wireless-N VPN Router
Cisco RV260 VPN Routers
Cisco RV260P VPN Router with PoE
Cisco RV260W Wireless-AC VPN Router
Cisco RV320 Dual Gigabit WAN VPN Router
Cisco RV325 Dual Gigabit WAN VPN Router
Cisco RV340 Dual WAN Gigabit VPN Router
Cisco RV340W Dual WAN Gigabit Wireless-AC VPN Router
Cisco RV345 Dual WAN Gigabit VPN Router
Cisco RV345P Dual WAN Gigabit POE VPN Router
Cisco Small Business 200 Series Smart Switches
Cisco Small Business 300 Series Managed Switches
Cisco Small Business 500 Series Stackable Managed Switches
Cisco WAP125 Wireless-AC Dual Band Desktop Access Point with PoE
Cisco WAP150 Wireless-AC/N Dual Radio Access Point with PoE
Cisco WAP361 Wireless-AC/N Dual Radio Wall Plate Access Point with PoE
Cisco WAP371 Wireless-AC/N Radio Access Point with Single Point Setup
Cisco WAP571 Wireless-AC/N Premium Dual Radio Access Point with PoE
Cisco WAP571E Wireless-AC/N Premium Dual Radio Outdoor Access Point
Cisco WAP581 Wireless-AC Dual Radio Wave 2 Access Point with 2.5GbE LAN
Unified Computing
Cisco 5000 Series Enterprise Network Compute System (ENCS)
Cisco HyperFlex System
Cisco Hyperflex Storage Replication Adapter
Cisco UCS C-Series Rack Servers and S-Series Storage Servers - Integrated Management Controller (CIMC)
Cisco UCS E-Series Servers
Cisco UCS Manager
Voice and Unified Communications Devices
Cisco Headset 500 and 700 Series
Cisco Hosted Collaboration Mediation Fulfillment
Cisco IP Phones with Multiplatform Firmware
Cisco IP Phones
Cisco TelePresence Endpoints
Cisco Unified Attendant Console Advanced
Cisco Unified Attendant Console Business Edition
Cisco Unified Attendant Console Department Edition
Cisco Unified Attendant Console Enterprise Edition
Cisco Unified Attendant Console Premium Edition
Cisco Unified Communications Domain Manager
Cisco Unity Express
Cisco Webex Devices
Cisco Webex Hybrid Data Security Node
Cisco Webex Video Mesh
Video, Streaming, TelePresence, and Transcoding Devices
Cisco Expressway Series
Cisco Meeting Management (CMM)
Cisco Meeting Server
Cisco TelePresence Management Suite
Cisco TelePresence Video Communication Server (VCS)
Cisco Video Surveillance Media Server
Wireless
Cisco AireOS Wireless LAN Controllers
Cisco Aironet Access Points
Cisco Business 100 and 200 Series Access Points
Cisco Business Wireless
Cisco Catalyst 9100 Series Access Points
Cisco Catalyst 9800 Series Wireless Controllers
Cisco IOS Access Points
Cisco Mobility Services Engine
Cisco Ultra-Reliable Wireless Backhaul
Cisco Cloud Offerings
Cisco investigated its cloud offerings to determine which products may be affected by these vulnerabilities. The following table lists Cisco cloud offerings that were part of this investigation.
Product CVE-2021-44228 CVE-2021-45046 AppDynamics Remediated - service-specific details ["https://docs.appdynamics.com/display/PAA/Security+Advisory%3A+Apache+Log4j+Vulnerability"] Remediated - service-specific details ["https://docs.appdynamics.com/display/PAA/Security+Advisory%3A+Apache+Log4j+Vulnerability"] AppDynamics with Cisco Secure Application Remediated - service-specific details ["https://docs.appdynamics.com/display/PAA/Security+Advisory%3A+Apache+Log4j+Vulnerability"] Remediated - service-specific details ["https://docs.appdynamics.com/display/PAA/Security+Advisory%3A+Apache+Log4j+Vulnerability"] Cisco Cloud Email Security Not vulnerable Not vulnerable Cisco Cloudlock Remediated Remediated Cisco Cloudlock for Government Remediated Remediated Cisco Cognitive Intelligence Not vulnerable Not vulnerable Cisco Collaboration Experience Service (CES) Not vulnerable Not vulnerable Cisco Collaboration Experience Service Management (CESM) Not vulnerable Not vulnerable Cisco Crosswork Cloud Not vulnerable Not vulnerable Cisco CX Cloud Remediated Remediated Cisco Defense Orchestrator Not vulnerable Not vulnerable Cisco DNA Spaces Remediated Remediated Cisco Intersight Remediated Remediated Cisco IoT Control Center Remediated Remediated Cisco IoT Operations Dashboard Remediated Remediated Cisco Kinetic for Cities Remediated Remediated Cisco Kinetic Gateway Management Module Remediated Remediated Cisco Managed Services Accelerator (MSX) Remediated Remediated Cisco Placetel Not vulnerable Not vulnerable Cisco PX Cloud Remediated Remediated Cisco SD-WAN Cloud Remediated Remediated Cisco SD-WAN vAnalytics Not vulnerable Not vulnerable Cisco Secure Application (integrated with AppDynamics) Not vulnerable ["https://docs.appdynamics.com/display/PAA/Security+Advisory%3A+Apache+Log4j+Vulnerability"] Not vulnerable ["https://docs.appdynamics.com/display/PAA/Security+Advisory%3A+Apache+Log4j+Vulnerability"] Cisco Secure Cloud Analytics, formerly Cisco Stealthwatch Cloud Not vulnerable Not vulnerable Cisco Secure Cloud Insights Not vulnerable Not vulnerable Cisco Secure Email Cloud Mailbox, formerly Cisco Cloud Mailbox Defense Not vulnerable Not vulnerable Cisco Secure Email Encryption Service, formerly Cisco Registered Envelope Service Not vulnerable Not vulnerable Cisco Secure Endpoint, formerly Cisco Advanced Malware Protection for Endpoints Not vulnerable Not vulnerable Cisco Secure Malware Analytics, formerly Cisco Threat Grid Not vulnerable Not vulnerable Cisco SecureX Not vulnerable Not vulnerable Cisco ServiceGrid Not vulnerable Not vulnerable Cisco Smart Net Total Care Remediated Remediated Cisco Umbrella DNS Remediated Remediated Cisco Umbrella SIG Remediated Remediated Cisco Unified Communications Management Cloud - UC Management Remediated Remediated Cisco Unified Communications Manager Cloud Commercial Remediated Remediated Cisco Unified Communications Manager Cloud for Government Remediated Remediated Cisco Webex Calling Remediated Remediated Cisco Webex Calling Carrier Remediated Remediated Cisco Webex Cloud Registered Endpoints Not vulnerable Not vulnerable Cisco Webex Cloud-Connected UC Remediated Remediated Cisco Webex Contact Center Remediated Remediated Cisco Webex Contact Center Enterprise Remediated Remediated Cisco Webex Control Hub Remediated Remediated Cisco Webex Experience Management Not vulnerable Not vulnerable Cisco Webex FedRAMP Remediated Remediated Cisco Webex for Government FedRAMP Remediated Remediated Cisco Webex Meetings Remediated Remediated Cisco Webex Meetings Slow Channel Remediated Remediated Cisco Webex Messaging Remediated Remediated Cisco Webex Site Admin webpage Remediated Remediated Duo Security Remediated Remediated Duo Security for Government Remediated Remediated eSIM Flex Remediated Remediated IMIassist Not vulnerable Not vulnerable IMIcampaign Not vulnerable Not vulnerable IMIconnect Remediated Remediated IMIengage Not vulnerable Not vulnerable IMImessenger/TextLocal Messenger Not vulnerable Not vulnerable IMImobile - Webex Contact Center Integration Remediated Remediated IMInotify Not vulnerable Not vulnerable IMIsocial Not vulnerable Not vulnerable Kenna.AppSec Remediated Remediated Kenna.VI/VI+ Remediated Remediated Kenna.VM Remediated Remediated Meraki Not vulnerable Not vulnerable Partner Supporting Service(PSS) Remediated Remediated Slido Not vulnerable Not vulnerable Smart Call Home(SCH) Remediated Remediated Socio Not vulnerable Not vulnerable ThousandEyes Remediated Remediated UC-One - UMS Not vulnerable Not vulnerable
Workarounds
Any workarounds are documented in the product-specific Cisco bugs, which are identified in the Vulnerable Products ["#vp"] section of this advisory.
Fixed Software
For information about fixed software releases, consult the Cisco bugs identified in the Vulnerable Products ["#vp"] section of this advisory.
When considering software upgrades, customers are advised to regularly consult the advisories for Cisco products, which are available from the Cisco Security Advisories page, to determine exposure and a complete upgrade solution.
In all cases, customers should ensure that the devices to be upgraded contain sufficient memory and confirm that current hardware and software configurations will continue to be supported properly by the new release. If the information is not clear, customers are advised to contact the Cisco Technical Assistance Center (TAC) or their contracted maintenance providers.
Vulnerability Policy
To learn about Cisco security vulnerability disclosure policies and publications, see the Security Vulnerability Policy ["https://sec.cloudapps.cisco.com/security/center/resources/security_vulnerability_policy.html"]. This document also contains instructions for obtaining fixed software and receiving security vulnerability information from Cisco.
Exploitation and Public Announcements
The Cisco Product Security Incident Response Team (PSIRT) is aware that proof-of-concept exploit code is available for the vulnerabilities described in this advisory.
Source
These vulnerabilities were disclosed by the Apache Software Foundation.
Legal Disclaimer
THIS DOCUMENT IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. CISCO RESERVES THE RIGHT TO CHANGE OR UPDATE THIS DOCUMENT AT ANY TIME.
A standalone copy or paraphrase of the text of this document that omits the distribution URL is an uncontrolled copy and may lack important information or contain factual errors. The information in this document is intended for end users of Cisco products.
{
"document": {
"acknowledgments": [
{
"summary": "These vulnerabilities were disclosed by the Apache Software Foundation."
}
],
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"notes": [
{
"category": "summary",
"text": "Critical Vulnerabilities in Apache Log4j Java Logging Library\r\n\r\nOn December 9, 2021, the following critical vulnerability in the Apache Log4j Java logging library affecting all Log4j2 versions earlier than 2.15.0 was disclosed:\r\n\r\nCVE-2021-44228: Apache Log4j2 JNDI features do not protect against attacker controlled LDAP and other JNDI related endpoints\r\n\r\nOn December 14, 2021, the following critical vulnerability, which affects certain Apache Log4j use cases in versions 2.15.0 and earlier, was disclosed:\r\n\r\nCVE-2021-45046: Apache Log4j2 Thread Context Message Pattern and Context Lookup Pattern vulnerable to a denial of service attack\r\n\r\nOn December 18, 2021, a vulnerability in the Apache Log4j component affecting versions 2.16 and earlier was disclosed:\r\n\r\nCVE-2021-45105: Apache Log4j2 does not always protect from infinite recursion in lookup evaluation\r\n\r\nOn December 28, 2021, a vulnerability in the Apache Log4j component affecting versions 2.17 and earlier was disclosed:\r\n\r\nCVE-2021-44832: Apache Log4j2 vulnerable to RCE via JDBC Appender when attacker controls configuration\r\n\r\nFor a description of these vulnerabilities, see the Apache Log4j Security Vulnerabilities [\"https://logging.apache.org/log4j/2.x/security.html\"] page.\r\n\r\nCisco\u0027s Response to These Vulnerabilities\r\n\r\nCisco assessed all products and services for impact from both CVE-2021-44228 and CVE-2021-45046. To help detect exploitation of these vulnerabilities, Cisco has released Snort rules at the following location: Talos Rules 2021-12-21 [\"https://www.snort.org/advisories/talos-rules-2021-12-21\"]\r\n\r\nProduct fixes that are listed in this advisory will address both CVE-2021-44228 and CVE-2021-45046 unless otherwise noted.\r\n\r\nCisco has reviewed CVE-2021-45105 and CVE-2021-44832 and has determined that no Cisco products or cloud offerings are impacted by these vulnerabilities.\r\n\r\nCisco\u0027s standard practice is to update integrated third-party software components to later versions as they become available.\r\n\r\n",
"title": "Summary"
},
{
"category": "general",
"text": "Cisco investigated its product line to determine which products may be affected by these vulnerabilities.\r\n\r\nThis advisory only lists Cisco products and services that are known to include the impacted software component and thus may be vulnerable. Products and services that do not contain the impacted software component are not vulnerable and therefore are not listed in this advisory. Any Cisco product or service that is not explicitly listed in the Affected Products section of this advisory is not affected by the vulnerability or vulnerabilities described.\r\n\r\nThe Vulnerable Products [\"#vp\"] section includes Cisco bug IDs for each affected product. The bugs are accessible through the Cisco Bug Search Tool and contain additional platform-specific information, including workarounds (if available) and fixed software releases.",
"title": "Affected Products"
},
{
"category": "general",
"text": "Cisco investigated its product line to determine which products may be affected by these vulnerabilities.\r\n\r\nThe following table lists Cisco products that are affected by one or both of the vulnerabilities that are described in this advisory. Customers should refer to the associated Cisco bug(s) for further details.\r\n Product Cisco Bug ID Fixed Release Availability [\"https://sec.cloudapps.cisco.com/security/center/resources/security_vulnerability_policy.html#fixes\"] Collaboration and Social Media Cisco Webex Meetings Server CSCwa47283 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa47283\"] CWMS-3.0MR4SP3 patch (21 Dec 2021)\r\nCWMS-4.0MR4SP3 patch (21 Dec 2021)\r\nCWMS-3.0MR4SP2 patch (14 Dec 2021)\r\nCWMS-4.0MR4SP2 patch (14 Dec 2021) Endpoint Clients and Client Software Cisco CX Cloud Agent Software CSCwa47272 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa47272\"] 1.12.2 (17 Dec 2021) Network Application, Service, and Acceleration Cisco Call Studio CSCwa54008 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa54008\"] 11.6(2) (23 Dec 2021)\r\n12.0(1) (23 Dec 2021)\r\n12.5(1) (23 Dec 2021)\r\n12.6(1) (23 Dec 2021) Cisco Nexus Insights CSCwa47284 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa47284\"] 6.0.2 (17 Dec 2021) Network and Content Security Devices Cisco Firepower Threat Defense (FTD) managed by Firepower Device Manager (FDM) CSCwa46963 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa46963\"] 6.2.3 hotfix (Available)\r\n6.4.0 hotfix (Available)\r\n6.6.5 hotfix (Available)\r\n6.7.0 hotfix (Available)\r\n7.0.1 hotfix (Available)\r\n7.1.0 hotfix (Available) Cisco Identity Services Engine (ISE) CSCwa47133 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa47133\"] 2.4 hotfix (15 Dec 2021)\r\n2.6 hotfix (15 Dec 2021)\r\n2.7 hotfix (15 Dec 2021)\r\n3.0 hotfix (15 Dec 2021)\r\n3.1 hotfix (17 Dec 2021) Network Management and Provisioning Cisco Application Policy Infrastructure Controller (APIC) - Network Insights Base App CSCwa47295 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa47295\"] 4.2(7r) (Available)\r\n5.2(3g) (Available) Cisco Automated Subsea Tuning CSCwa48806 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa48806\"] 2.1.0.4 (22 Dec 2021) Cisco Business Process Automation CSCwa47269 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa47269\"] 3.0.000.115 (patch) (17 Dec 2021)\r\n3.1.000.044 (patch) (17 Dec 2021)\r\n3.2.000.009 (patch) (17 Dec 2021) Cisco CloudCenter Cost Optimizer CSCwa48074 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa48074\"] 5.5.2 (Available) Cisco CloudCenter Suite Admin CSCwa47349 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa47349\"] 5.3.1 (Available) Cisco CloudCenter Workload Manager CSCwa47350 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa47350\"] 5.5.2 (Available) Cisco CloudCenter CSCwa48832 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa48832\"] 4.10.0.16 (22 Dec 2021) Cisco Common Services Platform Collector (CSPC) CSCwa47271 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa47271\"] 2.10.0.1 hotfix (Available)\r\n2.9.1.3 hotfix (Available) Cisco Crosswork Data Gateway CSCwa47257 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa47257\"] 2.0.2 patch (21 Dec 2021)\r\n3.0.1 patch (21 Dec 2021) Cisco Crosswork Network Controller CSCwa49936 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa49936\"] 2.0.1 patch (22 Dec 2021)\r\n3.0.1 patch (22 Dec 2021) Cisco Crosswork Optimization Engine CSCwa49939 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa49939\"] 2.0.1 patch (21 Dec 2021)\r\n3.0.1 patch (21 Dec 2021) Cisco Crosswork Platform Infrastructure CSCwa47367 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa47367\"] 4.0.1 patch (22 Dec 2021)\r\n4.1.1 patch (22 Dec 2021) Cisco Crosswork Situation Manager CSCwa51878 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa51878\"] 8.0.0.8 patch (21 Dec 2021) Cisco Crosswork Zero Touch Provisioning (ZTP) CSCwa47259 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa47259\"] 2.0.1 patch (21 Dec 2021)\r\n3.0.1 patch (21 Dec 2021) Cisco Cyber Vision Sensor Management Extension CSCwa49482 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa49482\"] 4.0.3 (22 Dec 2021) Cisco DNA Spaces Connector CSCwa47320 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa47320\"] v2.0.588 (Available)\r\nv2.2.12 (Available) Cisco Data Center Network Manager (DCNM) CSCwa47291 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa47291\"] 12.0(2f) (Available)\r\n11.5(3) patch (Available)\r\n11.5(2) patch (Available)\r\n11.5(1) patch (Available)\r\n11.4(1) patch (Available)\r\n11.3(1) patch (Available) Cisco Evolved Programmable Network Manager CSCwa47310 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa47310\"] 5.1.3.1 patch (22 Dec 2021)\r\n5.0.2.1 patch (13 Jan 2022)\r\n4.1.1.1 patch (13 Jan 2022) Cisco Intersight Virtual Appliance CSCwa47304 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa47304\"] 1.0.9-361 (20 Dec 2021) Cisco Network Services Orchestrator (NSO) CSCwa47342 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa47342\"] nso-5.3.5.1 (17 Dec 2021)\r\nnso-5.4.5.2 (17 Dec 2021)\r\nnso-5.5.4.1 (17 Dec 2021)\r\nnso-5.6.3.1 (17 Dec 2021) Cisco Nexus Dashboard, formerly Cisco Application Services Engine CSCwa47299 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa47299\"] 2.1.2 (23 Dec 2021) Cisco Prime Service Catalog CSCwa47347 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa47347\"] 12.1 patch (20 Dec 2021) Cisco Secure Agile Exchange (SAE) Core Function Pack CSCwa52921 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa52921\"] 2.4.1 (14 Jan 2022) Cisco Smart PHY CSCwa50021 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa50021\"] 3.1.4 patch (Available)\r\n3.2.0 patch (Available)\r\n3.2.1 patch (Available)\r\n21.3 patch (21 Jan 2022) Cisco Virtual Topology System (VTS) CSCwa47334 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa47334\"] 2.6.7 (22 Dec 2021) Cisco Virtualized Infrastructure Manager CSCwa49924 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa49924\"] 3.2.x patch (17 Dec 2021)\r\n3.4.4 patch (17 Dec 2021)\r\n3.4.6 patch (17 Dec 2021)\r\n4.2.0 patch (17 Dec 2021)\r\n4.2.1 patch (17 Dec 2021) Cisco WAN Automation Engine (WAE) CSCwa47369 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa47369\"] 7.5.0.1 (22 Dec 2021)\r\n7.4.0.1 (28 Jan 2022)\r\n7.3.0.2 (28 Jan 2022) Routing and Switching - Enterprise and Service Provider Cisco DNA Center CSCwa47322 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa47322\"] 2.2.2.8 patch (Available)\r\n2.1.2.8 patch (Available)\r\n2.2.3.4 patch (Available) Cisco IOx Fog Director CSCwa47370 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa47370\"] 1.14.5 patch (16 Dec 2021)\r\n1.16.4 patch (Available) Cisco Network Assurance Engine CSCwa47285 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa47285\"] 6.0.2 (23 Dec 2021) Cisco Network Convergence System 1004 CSCwa52235 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa52235\"] 7.3.2 SMU/GISO (14 Jan 2022)\r\n7.3.1 SMU (21 Jan 2022) Cisco Optical Network Controller CSCwa48793 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa48793\"] 1.1.0 (22 Dec 2021) Cisco SD-WAN vManage CSCwa47745 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa47745\"] 20.3.4.1 (Available)\r\n20.6.2.1 (Available)\r\n20.5.1.1 (Available)\r\n20.4.2.1 (Available) Unified Computing Cisco Integrated Management Controller (IMC) Supervisor CSCwa47307 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa47307\"] 2.3.2.1 (23 Dec 2021) Cisco UCS Central Software CSCwa47303 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa47303\"] 2.0(1p) (22 Dec 2021) Cisco UCS Director CSCwa47288 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa47288\"] 6.8.2.0 (23 Dec 2021) Cisco Workload Optimization Manager CSCwa50220 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa50220\"] 3.2.1 patch (Available) Voice and Unified Communications Devices Cisco BroadWorks CSCwa47315 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa47315\"] 2021.11_1.162 (13 Dec 2021)\r\nap381882 (15 Dec 2021) Cisco Cloud Connect CSCwa51545 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa51545\"] 12.6(1) (Available) Cisco Contact Center Domain Manager (CCDM) CSCwa47383 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa47383\"] 12.5(1) ES6 (Available)\r\n12.6(1) ES3 (Available) Cisco Contact Center Management Portal (CCMP) CSCwa47383 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa47383\"] 12.5(1) ES6 (Available)\r\n12.6(1) ES3 (Available) Cisco Emergency Responder CSCwa47391 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa47391\"] 11.5(4)SU9 patch (16 Dec 2021)\r\n11.5(4)SU10 patch (16 Dec 2021) Cisco Enterprise Chat and Email CSCwa47392 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa47392\"] 12.0(1) patch (Available)\r\n12.5 (1) patch (Available)\r\n12.6(1) patch (Available) Cisco Finesse CSCwa46459 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa46459\"] 12.6(1)ES03 (23 Dec 2021) Cisco Packaged Contact Center Enterprise CSCwa47274 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa47274\"] 11.6(2) (Available)\r\n12.0(1) (Available)\r\n12.5(1) (Available)\r\n12.6(1) (Available) Cisco Paging Server CSCwa47395 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa47395\"] 14.4.2 (21 Dec 2021) Cisco Unified Communications Manager / Cisco Unified Communications Manager Session Management Edition CSCwa47249 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa47249\"] 11.5(1)SU7 patch (16 Dec 2021)\r\n11.5(1)SU8 patch (16 Dec 2021)\r\n11.5(1)SU9 patch (16 Dec 2021)\r\n11.5(1)SU10 patch (16 Dec 2021)\r\n11.5(1.18119-2) through 11.5(1.23162-1) patch (16 Dec 2021) Cisco Unified Communications Manager IM \u0026Presence Service CSCwa47393 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa47393\"] 11.5(1)SU7 patch (16 Dec 2021)\r\n11.5(1)SU8 patch (16 Dec 2021)\r\n11.5(1)SU9 patch (16 Dec 2021)\r\n11.5(1)SU10 patch (16 Dec 2021)\r\n11.5(1.18900-16) patch (16 Dec 2021)\r\n11.5(1.18901-3) patch (16 Dec 2021) Cisco Unified Contact Center Enterprise - Live Data server CSCwa46810 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa46810\"] 11.6(1)ES23 (23 Dec 2021)\r\n12.0(1)ES18 (23 Dec 2021)\r\n12.5(1)ES13 (23 Dec 2021)\r\n12.6(1)ES03 (23 Dec 2021) Cisco Unified Contact Center Enterprise CSCwa47273 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa47273\"] 11.6(2) (Available)\r\n12.0(1) (Available)\r\n12.5(1) (Available)\r\n12.6(1) (Available) Cisco Unified Contact Center Express CSCwa47388 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa47388\"] 12.5(1)SU1 (23 Dec 2021) Cisco Unified Customer Voice Portal CSCwa47275 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa47275\"] 11.6(2) (Available)\r\n12.0(1) (Available)\r\n12.5(1) (Available)\r\n12.6(1) (23 Dec 2021) Cisco Unified Intelligence Center CSCwa46525 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa46525\"] 12.6(1) (23 Dec 2021) Cisco Unified SIP Proxy Software CSCwa47265 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa47265\"] 10.2.1v2 patch (23 Dec 2021) Cisco Unity Connection CSCwa47387 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa47387\"] 11.5(1)SU7 patch (16 Dec 2021)\r\n11.5(1)SU8 patch (16 Dec 2021)\r\n11.5(1)SU9 patch (16 Dec 2021)\r\n11.5(1)SU10 patch (16 Dec 2021)\r\n11.5(1.18119-2) through 11.5(1.23162-1) patch (16 Dec 2021) Cisco Virtualized Voice Browser CSCwa47397 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa47397\"] 12.5(1) (Available)\r\n12.6(1) (23 Dec 2021) Cisco Webex Workforce Optimization CSCwa51476 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa51476\"] Product is End of Software Maintenance - No Fixes Planned Video, Streaming, TelePresence, and Transcoding Devices Cisco Video Surveillance Operations Manager CSCwa47360 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa47360\"] 7.14.4 patch (Available) Cisco Vision Dynamic Signage Director CSCwa47351 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa47351\"] Contact Cisco TAC for a patch\r\n6.4 SP3 (17 Jan 2021) Wireless Cisco Connected Mobile Experiences (CMX) CSCwa47312 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa47312\"] 10.6.3-70 patch (Available)\r\n10.6.3-105 patch (Available)\r\n10.6.2-89 patch (Available)\r\n10.4.1 patch (Available)",
"title": "Vulnerable Products"
},
{
"category": "general",
"text": "Cisco investigated its product line to determine which products may be affected by these vulnerabilities.\r\n\r\nAny product not listed in the Products Under Investigation or Vulnerable Products section of this advisory is to be considered not vulnerable.\r\n\r\nCisco has confirmed that these vulnerabilities do not affect the following Cisco products:\r\n\r\nCable Devices\r\n\r\nCisco GS7000 Nodes\r\nCisco RF Gateway Series\r\nCisco Remote PHY 120\r\n\r\nCollaboration and Social Media\r\n\r\nCisco SocialMiner\r\n\r\nEndpoint Clients and Client Software\r\n\r\nCisco AnyConnect Secure Mobility Client\r\nCisco Jabber Guest\r\nCisco Jabber\r\nCisco Secure Endpoint, formerly Cisco Advanced Malware Protection for Endpoints\r\nCisco Webex App\r\n\r\nMeraki Products\r\n\r\nCisco Meraki Go Series\r\nCisco Meraki MR Series Cloud-Managed Wireless Access Points\r\nCisco Meraki MS Series Switches\r\nCisco Meraki MT Series Sensors\r\nCisco Meraki MV Series Cloud-Managed Smart Cameras\r\nCisco Meraki MX Series Cloud-Managed Security and SD-WAN\r\nCisco Meraki Systems Manager (SM)\r\nCisco Meraki Z-Series Cloud-Managed Teleworker Gateway\r\n\r\nNetwork Application, Service, and Acceleration\r\n\r\nCisco Cloud Services Platform 2100\r\nCisco Cloud Services Platform 5000 Series\r\nCisco Nexus Dashboard Data Broker\r\nCisco Tetration Analytics\r\nCisco Wide Area Application Services (WAAS)\r\nConfD\r\n\r\nNetwork and Content Security Devices\r\n\r\nCisco AMP Virtual Private Cloud Appliance\r\nCisco Adaptive Security Appliance (ASA) Software\r\nCisco Adaptive Security Device Manager\r\nCisco Adaptive Security Virtual Appliance (ASAv)\r\nCisco Advanced Web Security Reporting Application\r\nCisco Email Security Appliance (ESA)\r\nCisco FXOS Firepower Chassis Manager\r\nCisco Firepower Management Center\r\nCisco Firepower Next-Generation Intrusion Prevention System (NGIPS)\r\nCisco Firepower Threat Defense (FTD) managed by Cisco Firepower Management Center\r\nCisco Secure Email Encryption Add-in\r\nCisco Secure Email Encryption Plugin for Outlook\r\nCisco Secure Email Security Plugin for Outlook\r\nCisco Secure Email and Web Manager, formerly Cisco Content Security Management Appliance (SMA)\r\nCisco Secure Network Analytics, formerly Stealthwatch Enterprise, Advanced Host Group Automation (AHGA)\r\nCisco Secure Network Analytics, formerly Stealthwatch Enterprise, Flow Adapter\r\nCisco Secure Network Analytics, formerly Stealthwatch Enterprise, Network Forensics Automation (NFA)\r\nCisco Secure Network Analytics, formerly Stealthwatch Enterprise, Proxy Adapter\r\nCisco Secure Network Analytics, formerly Stealthwatch\r\nCisco Secure Services Proxy (CSSP)\r\nCisco Security Malware Analytics Appliance, formerly Cisco Threat Grid Appliance\r\nCisco Security Manager\r\nCisco Web Security Appliance (WSA)\r\n\r\nNetwork Management and Provisioning\r\n\r\nCisco ACI Multi-Site Orchestrator\r\nCisco CloudCenter Action Orchestrator\r\nCisco Connected Grid Device Manager\r\nCisco Container Platform\r\nCisco Crosswork Change Automation\r\nCisco Crosswork Health Insights\r\nCisco Crosswork Service Health\r\nCisco Elastic Services Controller (ESC)\r\nCisco Intelligent Node (iNode) Manager\r\nCisco Intersight Mobile App\r\nCisco IoT Field Network Director, formerly Cisco Connected Grid Network Management System\r\nCisco Modeling Labs\r\nCisco NCS 2000 Shelf Virtualization Orchestrator\r\nCisco Optical Network Planner\r\nCisco Policy Suite\r\nCisco Prime Access Registrar\r\nCisco Prime Cable Provisioning\r\nCisco Prime Central for Service Providers\r\nCisco Prime Collaboration Assurance\r\nCisco Prime Collaboration Deployment\r\nCisco Prime Collaboration Provisioning\r\nCisco Prime IP Express\r\nCisco Prime Infrastructure\r\nCisco Prime License Manager\r\nCisco Prime Network Registrar\r\nCisco Prime Network\r\nCisco Prime Optical for Service Providers\r\nCisco Prime Performance Manager\r\nCisco Prime Provisioning\r\nCisco Process Orchestrator\r\nCisco Smart Software Manager On-Prem\r\nCisco Telemetry Broker\r\n\r\nRouting and Switching - Enterprise and Service Provider\r\n\r\nCisco ACI Virtual Edge\r\nCisco ASR 5000 Series Routers\r\nCisco Application Policy Infrastructure Controller Enterprise Module (APIC-EM)\r\nCisco Enterprise NFV Infrastructure Software (NFVIS)\r\nCisco GGSN Gateway GPRS Support Node\r\nCisco IOS XR Software\r\nCisco IOS and IOS XE Software\r\nCisco IP Services Gateway (IPSG)\r\nCisco MDS 9000 Series Multilayer Switches\r\nCisco MME Mobility Management Entity\r\nCisco Mobility Unified Reporting and Analytics System\r\nCisco Network Convergence System 2000 Series\r\nCisco Nexus 3000 Series Switches\r\nCisco Nexus 5500 Platform Switches\r\nCisco Nexus 5600 Platform Switches\r\nCisco Nexus 6000 Series Switches\r\nCisco Nexus 7000 Series Switches\r\nCisco Nexus 9000 Series Fabric Switches in Application Centric Infrastructure (ACI) mode\r\nCisco Nexus 9000 Series Switches in standalone NX-OS mode\r\nCisco ONS 15454 Series Multiservice Provisioning Platforms\r\nCisco PDSN/HA Packet Data Serving Node and Home Agent\r\nCisco PGW Packet Data Network Gateway\r\nCisco SD-WAN vBond Controller Software\r\nCisco SD-WAN vEdge 100 Series Routers\r\nCisco SD-WAN vEdge 1000 Series Routers\r\nCisco SD-WAN vEdge 2000 Series Routers\r\nCisco SD-WAN vEdge 5000 Series Routers\r\nCisco SD-WAN vEdge Cloud Router Platform\r\nCisco SD-WAN vSmart Controller Software\r\nCisco System Architecture Evolution Gateway (SAEGW)\r\nCisco Ultra Cloud Core - Access and Mobility Management Function\r\nCisco Ultra Cloud Core - Policy Control Function\r\nCisco Ultra Cloud Core - Redundancy Configuration Manager\r\nCisco Ultra Cloud Core - Session Management Function\r\nCisco Ultra Cloud Core - Subscriber Microservices Infrastructure\r\nCisco Ultra Packet Core\r\nCisco Ultra Services Platform\r\n\r\nRouting and Switching - Small Business\r\n\r\nCisco 220 Series Smart Plus Switches\r\nCisco 250 Series Smart Switches\r\nCisco 350 Series Managed Switches\r\nCisco 550 Series Stackable Managed Switches\r\nCisco Business 220 Series Smart Switches\r\nCisco Business 250 Series Smart Switches\r\nCisco Business 350 Series Managed Switches\r\nCisco Business Dashboard\r\nCisco RV110W Wireless-N VPN Firewall\r\nCisco RV130 VPN Router\r\nCisco RV130W Wireless-N Multifunction VPN Router\r\nCisco RV132W ADSL2+ Wireless-N VPN Router\r\nCisco RV134W VDSL2 Wireless-AC VPN Router\r\nCisco RV160 VPN Router\r\nCisco RV160W Wireless-AC VPN Router\r\nCisco RV215W Wireless-N VPN Router\r\nCisco RV260 VPN Routers\r\nCisco RV260P VPN Router with PoE\r\nCisco RV260W Wireless-AC VPN Router\r\nCisco RV320 Dual Gigabit WAN VPN Router\r\nCisco RV325 Dual Gigabit WAN VPN Router\r\nCisco RV340 Dual WAN Gigabit VPN Router\r\nCisco RV340W Dual WAN Gigabit Wireless-AC VPN Router\r\nCisco RV345 Dual WAN Gigabit VPN Router\r\nCisco RV345P Dual WAN Gigabit POE VPN Router\r\nCisco Small Business 200 Series Smart Switches\r\nCisco Small Business 300 Series Managed Switches\r\nCisco Small Business 500 Series Stackable Managed Switches\r\nCisco WAP125 Wireless-AC Dual Band Desktop Access Point with PoE\r\nCisco WAP150 Wireless-AC/N Dual Radio Access Point with PoE\r\nCisco WAP361 Wireless-AC/N Dual Radio Wall Plate Access Point with PoE\r\nCisco WAP371 Wireless-AC/N Radio Access Point with Single Point Setup\r\nCisco WAP571 Wireless-AC/N Premium Dual Radio Access Point with PoE\r\nCisco WAP571E Wireless-AC/N Premium Dual Radio Outdoor Access Point\r\nCisco WAP581 Wireless-AC Dual Radio Wave 2 Access Point with 2.5GbE LAN\r\n\r\nUnified Computing\r\n\r\nCisco 5000 Series Enterprise Network Compute System (ENCS)\r\nCisco HyperFlex System\r\nCisco Hyperflex Storage Replication Adapter\r\nCisco UCS C-Series Rack Servers and S-Series Storage Servers - Integrated Management Controller (CIMC)\r\nCisco UCS E-Series Servers\r\nCisco UCS Manager\r\n\r\nVoice and Unified Communications Devices\r\n\r\nCisco Headset 500 and 700 Series\r\nCisco Hosted Collaboration Mediation Fulfillment\r\nCisco IP Phones with Multiplatform Firmware\r\nCisco IP Phones\r\nCisco TelePresence Endpoints\r\nCisco Unified Attendant Console Advanced\r\nCisco Unified Attendant Console Business Edition\r\nCisco Unified Attendant Console Department Edition\r\nCisco Unified Attendant Console Enterprise Edition\r\nCisco Unified Attendant Console Premium Edition\r\nCisco Unified Communications Domain Manager\r\nCisco Unity Express\r\nCisco Webex Devices\r\nCisco Webex Hybrid Data Security Node\r\nCisco Webex Video Mesh\r\n\r\nVideo, Streaming, TelePresence, and Transcoding Devices\r\n\r\nCisco Expressway Series\r\nCisco Meeting Management (CMM)\r\nCisco Meeting Server\r\nCisco TelePresence Management Suite\r\nCisco TelePresence Video Communication Server (VCS)\r\nCisco Video Surveillance Media Server\r\n\r\nWireless\r\n\r\nCisco AireOS Wireless LAN Controllers\r\nCisco Aironet Access Points\r\nCisco Business 100 and 200 Series Access Points\r\nCisco Business Wireless\r\nCisco Catalyst 9100 Series Access Points\r\nCisco Catalyst 9800 Series Wireless Controllers\r\nCisco IOS Access Points\r\nCisco Mobility Services Engine\r\nCisco Ultra-Reliable Wireless Backhaul\r\n Cisco Cloud Offerings\r\nCisco investigated its cloud offerings to determine which products may be affected by these vulnerabilities. The following table lists Cisco cloud offerings that were part of this investigation.\r\n\r\n Product CVE-2021-44228 CVE-2021-45046 AppDynamics Remediated - service-specific details [\"https://docs.appdynamics.com/display/PAA/Security+Advisory%3A+Apache+Log4j+Vulnerability\"] Remediated - service-specific details [\"https://docs.appdynamics.com/display/PAA/Security+Advisory%3A+Apache+Log4j+Vulnerability\"] AppDynamics with Cisco Secure Application Remediated - service-specific details [\"https://docs.appdynamics.com/display/PAA/Security+Advisory%3A+Apache+Log4j+Vulnerability\"] Remediated - service-specific details [\"https://docs.appdynamics.com/display/PAA/Security+Advisory%3A+Apache+Log4j+Vulnerability\"] Cisco Cloud Email Security Not vulnerable Not vulnerable Cisco Cloudlock Remediated Remediated Cisco Cloudlock for Government Remediated Remediated Cisco Cognitive Intelligence Not vulnerable Not vulnerable Cisco Collaboration Experience Service (CES) Not vulnerable Not vulnerable Cisco Collaboration Experience Service Management (CESM) Not vulnerable Not vulnerable Cisco Crosswork Cloud Not vulnerable Not vulnerable Cisco CX Cloud Remediated Remediated Cisco Defense Orchestrator Not vulnerable Not vulnerable Cisco DNA Spaces Remediated Remediated Cisco Intersight Remediated Remediated Cisco IoT Control Center Remediated Remediated Cisco IoT Operations Dashboard Remediated Remediated Cisco Kinetic for Cities Remediated Remediated Cisco Kinetic Gateway Management Module Remediated Remediated Cisco Managed Services Accelerator (MSX) Remediated Remediated Cisco Placetel Not vulnerable Not vulnerable Cisco PX Cloud Remediated Remediated Cisco SD-WAN Cloud Remediated Remediated Cisco SD-WAN vAnalytics Not vulnerable Not vulnerable Cisco Secure Application (integrated with AppDynamics) Not vulnerable [\"https://docs.appdynamics.com/display/PAA/Security+Advisory%3A+Apache+Log4j+Vulnerability\"] Not vulnerable [\"https://docs.appdynamics.com/display/PAA/Security+Advisory%3A+Apache+Log4j+Vulnerability\"] Cisco Secure Cloud Analytics, formerly Cisco Stealthwatch Cloud Not vulnerable Not vulnerable Cisco Secure Cloud Insights Not vulnerable Not vulnerable Cisco Secure Email Cloud Mailbox, formerly Cisco Cloud Mailbox Defense Not vulnerable Not vulnerable Cisco Secure Email Encryption Service, formerly Cisco Registered Envelope Service Not vulnerable Not vulnerable Cisco Secure Endpoint, formerly Cisco Advanced Malware Protection for Endpoints Not vulnerable Not vulnerable Cisco Secure Malware Analytics, formerly Cisco Threat Grid Not vulnerable Not vulnerable Cisco SecureX Not vulnerable Not vulnerable Cisco ServiceGrid Not vulnerable Not vulnerable Cisco Smart Net Total Care Remediated Remediated Cisco Umbrella DNS Remediated Remediated Cisco Umbrella SIG Remediated Remediated Cisco Unified Communications Management Cloud - UC Management Remediated Remediated Cisco Unified Communications Manager Cloud Commercial Remediated Remediated Cisco Unified Communications Manager Cloud for Government Remediated Remediated Cisco Webex Calling Remediated Remediated Cisco Webex Calling Carrier Remediated Remediated Cisco Webex Cloud Registered Endpoints Not vulnerable Not vulnerable Cisco Webex Cloud-Connected UC Remediated Remediated Cisco Webex Contact Center Remediated Remediated Cisco Webex Contact Center Enterprise Remediated Remediated Cisco Webex Control Hub Remediated Remediated Cisco Webex Experience Management Not vulnerable Not vulnerable Cisco Webex FedRAMP Remediated Remediated Cisco Webex for Government FedRAMP Remediated Remediated Cisco Webex Meetings Remediated Remediated Cisco Webex Meetings Slow Channel Remediated Remediated Cisco Webex Messaging Remediated Remediated Cisco Webex Site Admin webpage Remediated Remediated Duo Security Remediated Remediated Duo Security for Government Remediated Remediated eSIM Flex Remediated Remediated IMIassist Not vulnerable Not vulnerable IMIcampaign Not vulnerable Not vulnerable IMIconnect Remediated Remediated IMIengage Not vulnerable Not vulnerable IMImessenger/TextLocal Messenger Not vulnerable Not vulnerable IMImobile - Webex Contact Center Integration Remediated Remediated IMInotify Not vulnerable Not vulnerable IMIsocial Not vulnerable Not vulnerable Kenna.AppSec Remediated Remediated Kenna.VI/VI+ Remediated Remediated Kenna.VM Remediated Remediated Meraki Not vulnerable Not vulnerable Partner Supporting Service(PSS) Remediated Remediated Slido Not vulnerable Not vulnerable Smart Call Home(SCH) Remediated Remediated Socio Not vulnerable Not vulnerable ThousandEyes Remediated Remediated UC-One - UMS Not vulnerable Not vulnerable",
"title": "Products Confirmed Not Vulnerable"
},
{
"category": "general",
"text": "Any workarounds are documented in the product-specific Cisco bugs, which are identified in the Vulnerable Products [\"#vp\"] section of this advisory.",
"title": "Workarounds"
},
{
"category": "general",
"text": "For information about fixed software releases, consult the Cisco bugs identified in the Vulnerable Products [\"#vp\"] section of this advisory.\r\n\r\nWhen considering software upgrades, customers are advised to regularly consult the advisories for Cisco products, which are available from the Cisco Security Advisories page, to determine exposure and a complete upgrade solution.\r\n\r\nIn all cases, customers should ensure that the devices to be upgraded contain sufficient memory and confirm that current hardware and software configurations will continue to be supported properly by the new release. If the information is not clear, customers are advised to contact the Cisco Technical Assistance Center (TAC) or their contracted maintenance providers.",
"title": "Fixed Software"
},
{
"category": "general",
"text": "To learn about Cisco security vulnerability disclosure policies and publications, see the Security Vulnerability Policy [\"https://sec.cloudapps.cisco.com/security/center/resources/security_vulnerability_policy.html\"]. This document also contains instructions for obtaining fixed software and receiving security vulnerability information from Cisco.",
"title": "Vulnerability Policy"
},
{
"category": "general",
"text": "The Cisco Product Security Incident Response Team (PSIRT) is aware that proof-of-concept exploit code is available for the vulnerabilities described in this advisory.",
"title": "Exploitation and Public Announcements"
},
{
"category": "general",
"text": "These vulnerabilities were disclosed by the Apache Software Foundation.",
"title": "Source"
},
{
"category": "legal_disclaimer",
"text": "THIS DOCUMENT IS PROVIDED ON AN \"AS IS\" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. CISCO RESERVES THE RIGHT TO CHANGE OR UPDATE THIS DOCUMENT AT ANY TIME.\r\n\r\nA standalone copy or paraphrase of the text of this document that omits the distribution URL is an uncontrolled copy and may lack important information or contain factual errors. The information in this document is intended for end users of Cisco products.",
"title": "Legal Disclaimer"
}
],
"publisher": {
"category": "vendor",
"contact_details": "psirt@cisco.com",
"issuing_authority": "Cisco PSIRT",
"name": "Cisco",
"namespace": "https://wwww.cisco.com"
},
"references": [
{
"category": "self",
"summary": "Vulnerabilities in Apache Log4j Library Affecting Cisco Products: December 2021",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd"
},
{
"category": "external",
"summary": "Cisco Security Vulnerability Policy",
"url": "https://sec.cloudapps.cisco.com/security/center/resources/security_vulnerability_policy.html"
},
{
"category": "external",
"summary": "Apache Log4j Security Vulnerabilities",
"url": "https://logging.apache.org/log4j/2.x/security.html"
},
{
"category": "external",
"summary": "Talos Rules 2021-12-21",
"url": "https://www.snort.org/advisories/talos-rules-2021-12-21"
},
{
"category": "external",
"summary": "Fixed Release Availability",
"url": "https://sec.cloudapps.cisco.com/security/center/resources/security_vulnerability_policy.html#fixes"
},
{
"category": "external",
"summary": "CSCwa47283",
"url": "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa47283"
},
{
"category": "external",
"summary": "CSCwa47272",
"url": "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa47272"
},
{
"category": "external",
"summary": "CSCwa54008",
"url": "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa54008"
},
{
"category": "external",
"summary": "CSCwa47284",
"url": "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa47284"
},
{
"category": "external",
"summary": "CSCwa46963",
"url": "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa46963"
},
{
"category": "external",
"summary": "CSCwa47133",
"url": "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa47133"
},
{
"category": "external",
"summary": "CSCwa47295",
"url": "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa47295"
},
{
"category": "external",
"summary": "CSCwa48806",
"url": "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa48806"
},
{
"category": "external",
"summary": "CSCwa47269",
"url": "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa47269"
},
{
"category": "external",
"summary": "CSCwa48074",
"url": "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa48074"
},
{
"category": "external",
"summary": "CSCwa47349",
"url": "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa47349"
},
{
"category": "external",
"summary": "CSCwa47350",
"url": "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa47350"
},
{
"category": "external",
"summary": "CSCwa48832",
"url": "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa48832"
},
{
"category": "external",
"summary": "CSCwa47271",
"url": "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa47271"
},
{
"category": "external",
"summary": "CSCwa47257",
"url": "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa47257"
},
{
"category": "external",
"summary": "CSCwa49936",
"url": "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa49936"
},
{
"category": "external",
"summary": "CSCwa49939",
"url": "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa49939"
},
{
"category": "external",
"summary": "CSCwa47367",
"url": "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa47367"
},
{
"category": "external",
"summary": "CSCwa51878",
"url": "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa51878"
},
{
"category": "external",
"summary": "CSCwa47259",
"url": "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa47259"
},
{
"category": "external",
"summary": "CSCwa49482",
"url": "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa49482"
},
{
"category": "external",
"summary": "CSCwa47320",
"url": "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa47320"
},
{
"category": "external",
"summary": "CSCwa47291",
"url": "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa47291"
},
{
"category": "external",
"summary": "CSCwa47310",
"url": "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa47310"
},
{
"category": "external",
"summary": "CSCwa47304",
"url": "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa47304"
},
{
"category": "external",
"summary": "CSCwa47342",
"url": "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa47342"
},
{
"category": "external",
"summary": "CSCwa47299",
"url": "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa47299"
},
{
"category": "external",
"summary": "CSCwa47347",
"url": "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa47347"
},
{
"category": "external",
"summary": "CSCwa52921",
"url": "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa52921"
},
{
"category": "external",
"summary": "CSCwa50021",
"url": "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa50021"
},
{
"category": "external",
"summary": "CSCwa47334",
"url": "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa47334"
},
{
"category": "external",
"summary": "CSCwa49924",
"url": "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa49924"
},
{
"category": "external",
"summary": "CSCwa47369",
"url": "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa47369"
},
{
"category": "external",
"summary": "CSCwa47322",
"url": "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa47322"
},
{
"category": "external",
"summary": "CSCwa47370",
"url": "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa47370"
},
{
"category": "external",
"summary": "CSCwa47285",
"url": "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa47285"
},
{
"category": "external",
"summary": "CSCwa52235",
"url": "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa52235"
},
{
"category": "external",
"summary": "CSCwa48793",
"url": "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa48793"
},
{
"category": "external",
"summary": "CSCwa47745",
"url": "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa47745"
},
{
"category": "external",
"summary": "CSCwa47307",
"url": "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa47307"
},
{
"category": "external",
"summary": "CSCwa47303",
"url": "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa47303"
},
{
"category": "external",
"summary": "CSCwa47288",
"url": "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa47288"
},
{
"category": "external",
"summary": "CSCwa50220",
"url": "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa50220"
},
{
"category": "external",
"summary": "CSCwa47315",
"url": "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa47315"
},
{
"category": "external",
"summary": "CSCwa51545",
"url": "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa51545"
},
{
"category": "external",
"summary": "CSCwa47383",
"url": "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa47383"
},
{
"category": "external",
"summary": "CSCwa47391",
"url": "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa47391"
},
{
"category": "external",
"summary": "CSCwa47392",
"url": "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa47392"
},
{
"category": "external",
"summary": "CSCwa46459",
"url": "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa46459"
},
{
"category": "external",
"summary": "CSCwa47274",
"url": "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa47274"
},
{
"category": "external",
"summary": "CSCwa47395",
"url": "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa47395"
},
{
"category": "external",
"summary": "CSCwa47249",
"url": "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa47249"
},
{
"category": "external",
"summary": "CSCwa47393",
"url": "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa47393"
},
{
"category": "external",
"summary": "CSCwa46810",
"url": "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa46810"
},
{
"category": "external",
"summary": "CSCwa47273",
"url": "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa47273"
},
{
"category": "external",
"summary": "CSCwa47388",
"url": "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa47388"
},
{
"category": "external",
"summary": "CSCwa47275",
"url": "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa47275"
},
{
"category": "external",
"summary": "CSCwa46525",
"url": "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa46525"
},
{
"category": "external",
"summary": "CSCwa47265",
"url": "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa47265"
},
{
"category": "external",
"summary": "CSCwa47387",
"url": "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa47387"
},
{
"category": "external",
"summary": "CSCwa47397",
"url": "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa47397"
},
{
"category": "external",
"summary": "CSCwa51476",
"url": "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa51476"
},
{
"category": "external",
"summary": "CSCwa47360",
"url": "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa47360"
},
{
"category": "external",
"summary": "CSCwa47351",
"url": "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa47351"
},
{
"category": "external",
"summary": "CSCwa47312",
"url": "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa47312"
},
{
"category": "external",
"summary": "Remediated - service-specific details",
"url": "https://docs.appdynamics.com/display/PAA/Security+Advisory%3A+Apache+Log4j+Vulnerability"
}
],
"title": "Vulnerabilities in Apache Log4j Library Affecting Cisco Products: December 2021",
"tracking": {
"current_release_date": "2022-01-31T21:16:10+00:00",
"generator": {
"date": "2024-05-10T23:12:04+00:00",
"engine": {
"name": "TVCE"
}
},
"id": "cisco-sa-apache-log4j-qRuKNEbd",
"initial_release_date": "2021-12-10T18:45:00+00:00",
"revision_history": [
{
"date": "2021-12-10T18:49:19+00:00",
"number": "1.0.0",
"summary": "Initial public release."
},
{
"date": "2021-12-10T20:58:15+00:00",
"number": "1.1.0",
"summary": "Added Snort rule link."
},
{
"date": "2021-12-11T00:58:43+00:00",
"number": "1.2.0",
"summary": "Added Products Under Investigation."
},
{
"date": "2021-12-11T19:15:38+00:00",
"number": "1.3.0",
"summary": "Indicated advisory update schedule. Updated the vulnerable products and products confirmed not vulnerable."
},
{
"date": "2021-12-11T23:12:24+00:00",
"number": "1.4.0",
"summary": "Updated the products under investigation, vulnerable products, and products confirmed not vulnerable."
},
{
"date": "2021-12-12T15:01:39+00:00",
"number": "1.5.0",
"summary": "Updated the products under investigation, vulnerable products, and products confirmed not vulnerable."
},
{
"date": "2021-12-12T18:11:59+00:00",
"number": "1.6.0",
"summary": "Updated the products under investigation, vulnerable products, and products confirmed not vulnerable."
},
{
"date": "2021-12-12T19:02:40+00:00",
"number": "1.7.0",
"summary": "Updated the products under investigation, vulnerable products, and products confirmed not vulnerable."
},
{
"date": "2021-12-12T23:05:52+00:00",
"number": "1.8.0",
"summary": "Updated the products under investigation, vulnerable products, and products confirmed not vulnerable."
},
{
"date": "2021-12-13T15:31:38+00:00",
"number": "1.9.0",
"summary": "Updated the products under investigation, vulnerable products, and products confirmed not vulnerable."
},
{
"date": "2021-12-13T20:34:26+00:00",
"number": "1.10.0",
"summary": "Updated the products under investigation, vulnerable products, and products confirmed not vulnerable."
},
{
"date": "2021-12-13T23:43:56+00:00",
"number": "1.11.0",
"summary": "Updated the products under investigation, vulnerable products, and products confirmed not vulnerable."
},
{
"date": "2021-12-14T15:42:33+00:00",
"number": "1.12.0",
"summary": "Updated the products under investigation, vulnerable products, and products confirmed not vulnerable."
},
{
"date": "2021-12-14T19:36:34+00:00",
"number": "1.13.0",
"summary": "Updated the products under investigation, vulnerable products, and products confirmed not vulnerable."
},
{
"date": "2021-12-14T23:57:07+00:00",
"number": "1.14.0",
"summary": "Updated the products under investigation, vulnerable products, and products confirmed not vulnerable."
},
{
"date": "2021-12-15T15:08:09+00:00",
"number": "1.15.0",
"summary": "Updated the products under investigation, vulnerable products, and products confirmed not vulnerable."
},
{
"date": "2021-12-15T19:27:33+00:00",
"number": "1.16.0",
"summary": "Updated the summary, products under investigation, vulnerable products, and products confirmed not vulnerable."
},
{
"date": "2021-12-15T23:51:35+00:00",
"number": "1.17.0",
"summary": "Updated the products under investigation, vulnerable products, and products confirmed not vulnerable."
},
{
"date": "2021-12-16T15:22:33+00:00",
"number": "1.18.0",
"summary": "Updated the products under investigation, vulnerable products, and products confirmed not vulnerable."
},
{
"date": "2021-12-16T19:07:05+00:00",
"number": "1.19.0",
"summary": "Updated the products under investigation, vulnerable products, and products confirmed not vulnerable."
},
{
"date": "2021-12-16T23:12:10+00:00",
"number": "1.20.0",
"summary": "Updated the products under investigation, vulnerable products, and products confirmed not vulnerable."
},
{
"date": "2021-12-17T19:02:40+00:00",
"number": "1.21.0",
"summary": "Updated the summary, products under investigation, vulnerable products, and products confirmed not vulnerable."
},
{
"date": "2021-12-18T00:07:30+00:00",
"number": "1.22.0",
"summary": "Updated the products under investigation, vulnerable products, and products confirmed not vulnerable."
},
{
"date": "2021-12-19T16:29:55+00:00",
"number": "1.23.0",
"summary": "Updated summary and products under investigation."
},
{
"date": "2021-12-20T20:29:03+00:00",
"number": "1.24.0",
"summary": "Updated vulnerable products and products confirmed not vulnerable."
},
{
"date": "2021-12-21T20:55:00+00:00",
"number": "1.25.0",
"summary": "Updated vulnerable products and products confirmed not vulnerable."
},
{
"date": "2021-12-22T20:47:44+00:00",
"number": "1.26.0",
"summary": "Updated vulnerable products and products confirmed not vulnerable. Updated the summary to indicate that no Cisco products are affected by CVE-2021-45105."
},
{
"date": "2021-12-22T22:58:15+00:00",
"number": "1.27.0",
"summary": "Updated vulnerable products."
},
{
"date": "2022-01-06T23:16:04+00:00",
"number": "1.28.0",
"summary": "Updated summary and vulnerable products."
},
{
"date": "2022-01-07T18:00:53+00:00",
"number": "1.29.0",
"summary": "Updated vulnerable products."
},
{
"date": "2022-01-10T18:01:02+00:00",
"number": "1.30.0",
"summary": "Updated vulnerable products."
},
{
"date": "2022-01-11T20:28:32+00:00",
"number": "1.31.0",
"summary": "Updated products confirmed not vulnerable."
},
{
"date": "2022-01-31T21:16:10+00:00",
"number": "1.32.0",
"summary": "Updated vulnerable products."
}
],
"status": "final",
"version": "1.32.0"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"category": "product_family",
"name": "Cisco Unified Communications Manager IM and Presence Service",
"product": {
"name": "Cisco Unified Communications Manager IM and Presence Service ",
"product_id": "CSAFPID-189784"
}
},
{
"category": "product_family",
"name": "Cisco Evolved Programmable Network Manager (EPNM)",
"product": {
"name": "Cisco Evolved Programmable Network Manager (EPNM) ",
"product_id": "CSAFPID-213688"
}
},
{
"category": "product_family",
"name": "Cisco Network Services Orchestrator",
"product": {
"name": "Cisco Network Services Orchestrator ",
"product_id": "CSAFPID-227765"
}
},
{
"category": "product_family",
"name": "Cisco Unified Communications Manager / Cisco Unity Connection",
"product": {
"name": "Cisco Unified Communications Manager / Cisco Unity Connection ",
"product_id": "CSAFPID-277610"
}
}
],
"category": "vendor",
"name": "Cisco"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-44832",
"notes": [
{
"category": "other",
"text": "Complete.",
"title": "Affected Product Comprehensiveness"
}
],
"product_status": {
"known_affected": [
"CSAFPID-213688",
"CSAFPID-227765",
"CSAFPID-277610",
"CSAFPID-189784"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Cisco has released software updates that address this vulnerability.",
"product_ids": [
"CSAFPID-189784",
"CSAFPID-213688",
"CSAFPID-227765",
"CSAFPID-277610"
],
"url": "https://software.cisco.com"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-213688",
"CSAFPID-227765",
"CSAFPID-277610",
"CSAFPID-189784"
]
}
],
"title": "vuln-CVE-2021-44832"
},
{
"cve": "CVE-2021-45046",
"ids": [
{
"system_name": "Cisco Bug ID",
"text": "CSCwa47310"
},
{
"system_name": "Cisco Bug ID",
"text": "CSCwa56230"
}
],
"notes": [
{
"category": "other",
"text": "Complete.",
"title": "Affected Product Comprehensiveness"
}
],
"product_status": {
"known_affected": [
"CSAFPID-227765",
"CSAFPID-277610",
"CSAFPID-213688",
"CSAFPID-189784"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Cisco has released software updates that address this vulnerability.",
"product_ids": [
"CSAFPID-189784",
"CSAFPID-213688",
"CSAFPID-227765",
"CSAFPID-277610"
],
"url": "https://software.cisco.com"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.0,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-227765",
"CSAFPID-277610",
"CSAFPID-213688",
"CSAFPID-189784"
]
}
],
"title": "vuln-CVE-2021-45046"
},
{
"cve": "CVE-2021-44228",
"ids": [
{
"system_name": "Cisco Bug ID",
"text": "CSCwa56230"
}
],
"notes": [
{
"category": "other",
"text": "Complete.",
"title": "Affected Product Comprehensiveness"
}
],
"product_status": {
"known_affected": [
"CSAFPID-277610",
"CSAFPID-189784"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Cisco has released software updates that address this vulnerability.",
"product_ids": [
"CSAFPID-189784",
"CSAFPID-277610"
],
"url": "https://software.cisco.com"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 10.0,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-277610",
"CSAFPID-189784"
]
}
],
"title": "Vulnerability in Apache Log4j Library Affecting Cisco Products: December 2021"
},
{
"cve": "CVE-2021-45105",
"ids": [
{
"system_name": "Cisco Bug ID",
"text": "CSCwa56230"
},
{
"system_name": "Cisco Bug ID",
"text": "CSCwa54650"
},
{
"system_name": "Cisco Bug ID",
"text": "CSCwa47310"
}
],
"notes": [
{
"category": "other",
"text": "Complete.",
"title": "Affected Product Comprehensiveness"
}
],
"product_status": {
"known_affected": [
"CSAFPID-189784",
"CSAFPID-213688"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Cisco has released software updates that address this vulnerability.",
"product_ids": [
"CSAFPID-189784",
"CSAFPID-213688"
],
"url": "https://software.cisco.com"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-189784",
"CSAFPID-213688"
]
}
],
"title": "Vulnerability in Apache Log4j Library Affecting Cisco Products: December 2021 (CVE-2021-45105)"
}
]
}
VAR-202112-2011
Vulnerability from variot - Updated: 2024-07-23 21:55Apache Log4j2 versions 2.0-beta7 through 2.17.0 (excluding security fix releases 2.3.2 and 2.12.4) are vulnerable to a remote code execution (RCE) attack when a configuration uses a JDBC Appender with a JNDI LDAP data source URI when an attacker has control of the target LDAP server. This issue is fixed by limiting JNDI data source names to the java protocol in Log4j2 versions 2.17.1, 2.12.4, and 2.3.2. Apache Log4j is a Java-based open source logging tool of the Apache Foundation. Apache Log4j2 2.0-beta7 to 2.17.0 versions have a security vulnerability, which stems from the lack of effective protection and filtering for JDBC Appender and JNDI in the software. The purpose of this text-only errata is to inform you about the security issues fixed in this release.
Installation instructions are available from the Fuse product documentation pages:
Fuse 7.8: https://access.redhat.com/documentation/en-us/red_hat_fuse/7.8/html/installing_on_apache_karaf/apply-hotfix-patch https://access.redhat.com/documentation/en-us/red_hat_fuse/7.8/html/deploying_into_spring_boot/patch-red-hat-fuse-applications
Fuse 7.9: https://access.redhat.com/documentation/en-us/red_hat_fuse/7.9/html/installing_on_apache_karaf/apply-hotfix-patch https://access.redhat.com/documentation/en-us/red_hat_fuse/7.9/html/deploying_into_spring_boot/patch-red-hat-fuse-applications
Fuse 7.10: https://access.redhat.com/documentation/en-us/red_hat_fuse/7.10/html/installing_on_apache_karaf/apply-hotfix-patch https://access.redhat.com/documentation/en-us/red_hat_fuse/7.10/html/deploying_into_spring_boot/patch-red-hat-fuse-applications
The References section of this erratum contains a download link for the update. You must be logged in to download the update. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
===================================================================== Red Hat Security Advisory
Synopsis: Low: Red Hat JBoss Enterprise Application Platform 7.4.4 security update Advisory ID: RHSA-2022:1297-01 Product: Red Hat JBoss Enterprise Application Platform Advisory URL: https://access.redhat.com/errata/RHSA-2022:1297 Issue date: 2022-04-11 CVE Names: CVE-2021-4104 CVE-2021-44832 CVE-2021-45046 CVE-2021-45105 CVE-2022-23302 CVE-2022-23305 CVE-2022-23307 =====================================================================
- Summary:
A security update is now available for Red Hat JBoss Enterprise Application Platform 7.4 for Red Hat Enterprise Linux 8.
Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
- Relevant releases/architectures:
Red Hat JBoss EAP 7.4 for RHEL 8 - noarch, x86_64
- Description:
Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime.
This release of Red Hat JBoss Enterprise Application Platform 7.4.4 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.4.3 and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.4.4 Release Notes for information about the most significant bug fixes and enhancements included in this release.
Security Fix(es):
-
log4j: SQL injection in Log4j 1.x when application is configured to use JDBCAppender (CVE-2022-23305)
-
log4j: Unsafe deserialization flaw in Chainsaw log viewer (CVE-2022-23307)
-
log4j: Remote code execution in Log4j 1.x when application is configured to use JMSAppender (CVE-2021-4104)
-
log4j-core: remote code execution via JDBC Appender (CVE-2021-44832)
-
log4j-core: DoS in log4j 2.x with thread context message pattern and context lookup pattern (incomplete fix for CVE-2021-44228) (CVE-2021-45046)
-
log4j-core: DoS in log4j 2.x with Thread Context Map (MDC) input data contains a recursive lookup and context lookup pattern (CVE-2021-45105)
-
log4j: Remote code execution in Log4j 1.x when application is configured to use JMSSink (CVE-2022-23302)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
- Solution:
Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
- Bugs fixed (https://bugzilla.redhat.com/):
2031667 - CVE-2021-4104 log4j: Remote code execution in Log4j 1.x when application is configured to use JMSAppender 2032580 - CVE-2021-45046 log4j-core: DoS in log4j 2.x with thread context message pattern and context lookup pattern (incomplete fix for CVE-2021-44228) 2034067 - CVE-2021-45105 log4j-core: DoS in log4j 2.x with Thread Context Map (MDC) input data contains a recursive lookup and context lookup pattern 2035951 - CVE-2021-44832 log4j-core: remote code execution via JDBC Appender 2041949 - CVE-2022-23302 log4j: Remote code execution in Log4j 1.x when application is configured to use JMSSink 2041959 - CVE-2022-23305 log4j: SQL injection in Log4j 1.x when application is configured to use JDBCAppender 2041967 - CVE-2022-23307 log4j: Unsafe deserialization flaw in Chainsaw log viewer
- JIRA issues fixed (https://issues.jboss.org/):
JBEAP-22105 - (7.4.z) Upgrade from com.io7m.xom:xom 1.2.10 to xom:xom 1.3.7 JBEAP-22385 - (7.4.z) Upgrade ASM from 7.1 to 9.1 JBEAP-22731 - (7.4.z) Upgrade Artemis from 2.16.0.redhat-00032 to 2.16.0.redhat-00034 JBEAP-22738 - (7.4.z) Upgrade jbossws-cxf from 5.4.2.Final to 5.4.4.Final(Fix UsernameTokenElytronTestCase on SE 17) JBEAP-22819 - [GSS] (7.4.z) HAL-1762 - Aliases are removed from the credential store when passwords are updated from the admin console JBEAP-22839 - GSS Upgrade yasson from 1.0.9.redhat-00001 to 1.0.10.redhat-00001 JBEAP-22864 - (7.4.z) Upgrade HAL from 3.3.8.Final-redhat-00001 to 3.3.9.Final-redhat-00001 JBEAP-22900 - Tracker bug for the EAP 7.4.4 release for RHEL-8 JBEAP-22904 - (7.4.z) Upgrade Hibernate ORM from 5.3.24.Final-redhat-00001 to 5.3.25.Final-redhat-00002 JBEAP-22911 - (7.4.z) Upgrade OpenSSL from 2.1.3.Final-redhat-00001 to 2.2.0.Final-redhat-00001 JBEAP-22912 - (7.4.z) Upgrade OpenSSL Natives from 2.1.0.SP01-redhat-00001 to 2.2.0.Final-redhat-00001 JBEAP-22913 - (7.4.z) Upgrade WildFly Core from 15.0.6.Final-redhat-00003 to 15.0.7.Final-redhat-00001 JBEAP-22935 - (7.4.z) Upgrade jboss-vfs from 3.2.15.Final-redhat-00001 to 3.2.16.Final-redhat-00001 JBEAP-22945 - (7.4.z) Upgrade org.apache.logging.log4j from 2.14.0.redhat-00002 to 2.17.1.redhat-00001 JBEAP-22973 - (7.4.z) Upgrade Elytron from 1.15.9.Final-redhat-00001 to 1.15.11.Final-redhat-00002 JBEAP-23038 - (7.4.z) Upgrade galleon-plugins from 5.1.4.Final to 5.2.6.Final JBEAP-23040 - (7.4.z) Upgrade galleon-plugins in wildfly-core-eap from 5.1.4.Final to 5.2.6.Final JBEAP-23045 - (7.4.z) Upgrade Undertow from 2.2.13.SP2-redhat-00001 to 2.2.16.Final-redhat-0001 JBEAP-23101 - (7.4.z) Upgrade Infinispan from 11.0.12.Final to 11.0.15.Final JBEAP-23105 - (7.4.z) Upgrade Narayana from 5.11.3.Final-redhat-00001 to 5.11.4.Final-redhat-00001 JBEAP-23143 - (7.4.z) Upgrade from org.eclipse.jdt.core.compiler:ecj:4.6.1 to org.eclipse.jdt:ecj:3.26 JBEAP-23177 - (7.4.z) Upgrade XNIO from 3.8.5.SP1-redhat-00001 to 3.8.6.Final-redhat-00001 JBEAP-23323 - GSS WFLY-16112 - Batch JobOperatorService should look for only active job names to stop during suspend JBEAP-23373 - (7.4.z) Upgrade OpenSSL from 2.2.0.Final-redhat-00001 to 2.2.0.Final-redhat-00002 JBEAP-23374 - (7.4.z) Upgrade WildFly Core from 15.0.7.Final-redhat-00001 to 15.0.8.Final-redhat-00001 JBEAP-23375 - (7.4.z) Upgrade OpenSSL Natives from 2.2.0.Final-redhat-00001 to 2.2.0.Final-redhat-00002
- Package List:
Red Hat JBoss EAP 7.4 for RHEL 8:
Source: eap7-activemq-artemis-2.16.0-7.redhat_00034.1.el8eap.src.rpm eap7-ecj-3.26.0-1.redhat_00002.1.el8eap.src.rpm eap7-hal-console-3.3.9-1.Final_redhat_00001.1.el8eap.src.rpm eap7-hibernate-5.3.25-1.Final_redhat_00002.1.el8eap.src.rpm eap7-infinispan-11.0.15-1.Final_redhat_00001.1.el8eap.src.rpm eap7-jboss-server-migration-1.10.0-15.Final_redhat_00014.1.el8eap.src.rpm eap7-jboss-vfs-3.2.16-1.Final_redhat_00001.1.el8eap.src.rpm eap7-jboss-xnio-base-3.8.6-1.Final_redhat_00001.1.el8eap.src.rpm eap7-jbossws-cxf-5.4.4-1.Final_redhat_00001.1.el8eap.src.rpm eap7-log4j-2.17.1-1.redhat_00001.1.el8eap.src.rpm eap7-narayana-5.11.4-1.Final_redhat_00001.1.el8eap.src.rpm eap7-objectweb-asm-9.1.0-1.redhat_00002.1.el8eap.src.rpm eap7-undertow-2.2.16-1.Final_redhat_00001.1.el8eap.src.rpm eap7-wildfly-7.4.4-3.GA_redhat_00011.1.el8eap.src.rpm eap7-wildfly-elytron-1.15.11-1.Final_redhat_00002.1.el8eap.src.rpm eap7-wildfly-openssl-2.2.0-3.Final_redhat_00002.1.el8eap.src.rpm eap7-wildfly-openssl-el8-x86_64-2.2.0-2.Final_redhat_00002.1.el8eap.src.rpm eap7-xom-1.3.7-1.redhat_00001.1.el8eap.src.rpm eap7-yasson-1.0.10-1.redhat_00001.1.el8eap.src.rpm
noarch: eap7-activemq-artemis-2.16.0-7.redhat_00034.1.el8eap.noarch.rpm eap7-activemq-artemis-cli-2.16.0-7.redhat_00034.1.el8eap.noarch.rpm eap7-activemq-artemis-commons-2.16.0-7.redhat_00034.1.el8eap.noarch.rpm eap7-activemq-artemis-core-client-2.16.0-7.redhat_00034.1.el8eap.noarch.rpm eap7-activemq-artemis-dto-2.16.0-7.redhat_00034.1.el8eap.noarch.rpm eap7-activemq-artemis-hornetq-protocol-2.16.0-7.redhat_00034.1.el8eap.noarch.rpm eap7-activemq-artemis-hqclient-protocol-2.16.0-7.redhat_00034.1.el8eap.noarch.rpm eap7-activemq-artemis-jdbc-store-2.16.0-7.redhat_00034.1.el8eap.noarch.rpm eap7-activemq-artemis-jms-client-2.16.0-7.redhat_00034.1.el8eap.noarch.rpm eap7-activemq-artemis-jms-server-2.16.0-7.redhat_00034.1.el8eap.noarch.rpm eap7-activemq-artemis-journal-2.16.0-7.redhat_00034.1.el8eap.noarch.rpm eap7-activemq-artemis-ra-2.16.0-7.redhat_00034.1.el8eap.noarch.rpm eap7-activemq-artemis-selector-2.16.0-7.redhat_00034.1.el8eap.noarch.rpm eap7-activemq-artemis-server-2.16.0-7.redhat_00034.1.el8eap.noarch.rpm eap7-activemq-artemis-service-extensions-2.16.0-7.redhat_00034.1.el8eap.noarch.rpm eap7-activemq-artemis-tools-2.16.0-7.redhat_00034.1.el8eap.noarch.rpm eap7-ecj-3.26.0-1.redhat_00002.1.el8eap.noarch.rpm eap7-hal-console-3.3.9-1.Final_redhat_00001.1.el8eap.noarch.rpm eap7-hibernate-5.3.25-1.Final_redhat_00002.1.el8eap.noarch.rpm eap7-hibernate-core-5.3.25-1.Final_redhat_00002.1.el8eap.noarch.rpm eap7-hibernate-entitymanager-5.3.25-1.Final_redhat_00002.1.el8eap.noarch.rpm eap7-hibernate-envers-5.3.25-1.Final_redhat_00002.1.el8eap.noarch.rpm eap7-hibernate-java8-5.3.25-1.Final_redhat_00002.1.el8eap.noarch.rpm eap7-infinispan-11.0.15-1.Final_redhat_00001.1.el8eap.noarch.rpm eap7-infinispan-cachestore-jdbc-11.0.15-1.Final_redhat_00001.1.el8eap.noarch.rpm eap7-infinispan-cachestore-remote-11.0.15-1.Final_redhat_00001.1.el8eap.noarch.rpm eap7-infinispan-client-hotrod-11.0.15-1.Final_redhat_00001.1.el8eap.noarch.rpm eap7-infinispan-commons-11.0.15-1.Final_redhat_00001.1.el8eap.noarch.rpm eap7-infinispan-component-annotations-11.0.15-1.Final_redhat_00001.1.el8eap.noarch.rpm eap7-infinispan-core-11.0.15-1.Final_redhat_00001.1.el8eap.noarch.rpm eap7-infinispan-hibernate-cache-commons-11.0.15-1.Final_redhat_00001.1.el8eap.noarch.rpm eap7-infinispan-hibernate-cache-spi-11.0.15-1.Final_redhat_00001.1.el8eap.noarch.rpm eap7-infinispan-hibernate-cache-v53-11.0.15-1.Final_redhat_00001.1.el8eap.noarch.rpm eap7-jboss-server-migration-1.10.0-15.Final_redhat_00014.1.el8eap.noarch.rpm eap7-jboss-server-migration-cli-1.10.0-15.Final_redhat_00014.1.el8eap.noarch.rpm eap7-jboss-server-migration-core-1.10.0-15.Final_redhat_00014.1.el8eap.noarch.rpm eap7-jboss-vfs-3.2.16-1.Final_redhat_00001.1.el8eap.noarch.rpm eap7-jboss-xnio-base-3.8.6-1.Final_redhat_00001.1.el8eap.noarch.rpm eap7-jbossws-cxf-5.4.4-1.Final_redhat_00001.1.el8eap.noarch.rpm eap7-log4j-2.17.1-1.redhat_00001.1.el8eap.noarch.rpm eap7-narayana-5.11.4-1.Final_redhat_00001.1.el8eap.noarch.rpm eap7-narayana-compensations-5.11.4-1.Final_redhat_00001.1.el8eap.noarch.rpm eap7-narayana-jbosstxbridge-5.11.4-1.Final_redhat_00001.1.el8eap.noarch.rpm eap7-narayana-jbossxts-5.11.4-1.Final_redhat_00001.1.el8eap.noarch.rpm eap7-narayana-jts-idlj-5.11.4-1.Final_redhat_00001.1.el8eap.noarch.rpm eap7-narayana-jts-integration-5.11.4-1.Final_redhat_00001.1.el8eap.noarch.rpm eap7-narayana-restat-api-5.11.4-1.Final_redhat_00001.1.el8eap.noarch.rpm eap7-narayana-restat-bridge-5.11.4-1.Final_redhat_00001.1.el8eap.noarch.rpm eap7-narayana-restat-integration-5.11.4-1.Final_redhat_00001.1.el8eap.noarch.rpm eap7-narayana-restat-util-5.11.4-1.Final_redhat_00001.1.el8eap.noarch.rpm eap7-narayana-txframework-5.11.4-1.Final_redhat_00001.1.el8eap.noarch.rpm eap7-objectweb-asm-9.1.0-1.redhat_00002.1.el8eap.noarch.rpm eap7-undertow-2.2.16-1.Final_redhat_00001.1.el8eap.noarch.rpm eap7-wildfly-7.4.4-3.GA_redhat_00011.1.el8eap.noarch.rpm eap7-wildfly-elytron-1.15.11-1.Final_redhat_00002.1.el8eap.noarch.rpm eap7-wildfly-elytron-tool-1.15.11-1.Final_redhat_00002.1.el8eap.noarch.rpm eap7-wildfly-javadocs-7.4.4-3.GA_redhat_00011.1.el8eap.noarch.rpm eap7-wildfly-modules-7.4.4-3.GA_redhat_00011.1.el8eap.noarch.rpm eap7-wildfly-openssl-2.2.0-3.Final_redhat_00002.1.el8eap.noarch.rpm eap7-wildfly-openssl-java-2.2.0-3.Final_redhat_00002.1.el8eap.noarch.rpm eap7-xom-1.3.7-1.redhat_00001.1.el8eap.noarch.rpm eap7-yasson-1.0.10-1.redhat_00001.1.el8eap.noarch.rpm
x86_64: eap7-wildfly-openssl-el8-x86_64-2.2.0-2.Final_redhat_00002.1.el8eap.x86_64.rpm eap7-wildfly-openssl-el8-x86_64-debuginfo-2.2.0-2.Final_redhat_00002.1.el8eap.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/
- References:
https://access.redhat.com/security/cve/CVE-2021-4104 https://access.redhat.com/security/cve/CVE-2021-44832 https://access.redhat.com/security/cve/CVE-2021-45046 https://access.redhat.com/security/cve/CVE-2021-45105 https://access.redhat.com/security/cve/CVE-2022-23302 https://access.redhat.com/security/cve/CVE-2022-23305 https://access.redhat.com/security/cve/CVE-2022-23307 https://access.redhat.com/security/updates/classification/#low https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.4/ https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.4/html-single/installation_guide/
- Contact:
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/
Copyright 2022 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1
iQIVAwUBYlRUqtzjgjWX9erEAQhXfxAApQ6HkBUo8Tg+GWEosSpAx0AEsVPMojWK HU3uJRF8jp0KXqchc+KVlalBJAWHPBUDr4xBpsISqwr7T/9iYonKlo4ijA/68b2K khbFyt6o6i2dXrYygT5fcMtukSjN2T/hfCc2ZE2yiHTO3Ou4AALyZ2xCyYtfSpuZ rZLVvgCWrnak2msgkoNl0/sZxnjw6b+ZJczKkq3QqPVWOYlV/Qdl5NGy16i0rbEo P1rWXJrOUlEBctJEs756cqeIJesYKHZqqPx/kHaNyzdxDh99hKGZx7oturscAN6e sPfSSdyd5jsOcWD7UlHV9ukoPQxf1ouVBa0qkpL0wCoR3GFF6Pls1bMEFzUoz3/R IwagVxsr38duK3isv34l6IQ+RP0oSWN0rgPUu69tAlEV+YwLgA5JUOpz1i7FTmXt l3i5+wMlo9Xc/Hy+j7unW8Do7s/i0YuFVTuM6H9KEITuFjgFA2tB9CpzoAFzWLk0 U8zCL80Rwy1wiMydSrLjtg3YUPB6ibh2NJ02O7R+bNhJ8bN4yuDuWkDqy4VdPXGp zhed3dZmYAXD9/x+mnfghcbJZwigzGT9Qv78zYafB3f8K7cEVEDJK3aZMOkkh9ca dcaLs5WRv8ZTytFPv+KGKRJ/cc/UHAvh8zumMZdVMp1oty/k/OYWhgaEJMWGQDCe UnHI/WwB37w= =eCh2 -----END PGP SIGNATURE----- -- RHSA-announce mailing list RHSA-announce@redhat.com https://listman.redhat.com/mailman/listinfo/rhsa-announce . JIRA issues fixed (https://issues.jboss.org/):
LOG-2089 - resourceVersion is overflowing type Integer causing ES rejection [openshift-logging 5.0]
All OpenShift Container Platform 4.7 users are advised to upgrade to these updated packages and images when they are available in the appropriate release channel. To check for available updates, use the OpenShift Console or the CLI oc command. Instructions for upgrading a cluster are available at https://docs.openshift.com/container-platform/4.7/updating/updating-cluster-cli.html
- Solution:
For OpenShift Container Platform 4.7 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:
https://docs.openshift.com/container-platform/4.7/release_notes/ocp-4-7-release-notes.html
Details on how to access this content are available at https://docs.openshift.com/container-platform/4.7/updating/updating-cluster-cli.html
- Bugs fixed (https://bugzilla.redhat.com/):
2035951 - CVE-2021-44832 log4j-core: remote code execution via JDBC Appender
5
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202112-2011",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "health sciences data management workbench",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "3.1.0.3"
},
{
"model": "log4j",
"scope": "lt",
"trust": 1.0,
"vendor": "apache",
"version": "2.12.4"
},
{
"model": "health sciences data management workbench",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "3.0.0.0"
},
{
"model": "primavera gateway",
"scope": "gte",
"trust": 1.0,
"vendor": "oracle",
"version": "17.12.0"
},
{
"model": "weblogic server",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "14.1.1.0.0"
},
{
"model": "retail xstore point of service",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "20.0.1"
},
{
"model": "primavera gateway",
"scope": "gte",
"trust": 1.0,
"vendor": "oracle",
"version": "20.12.0"
},
{
"model": "log4j",
"scope": "gte",
"trust": 1.0,
"vendor": "apache",
"version": "2.13.0"
},
{
"model": "primavera gateway",
"scope": "lte",
"trust": 1.0,
"vendor": "oracle",
"version": "18.8.13"
},
{
"model": "log4j",
"scope": "gte",
"trust": 1.0,
"vendor": "apache",
"version": "2.0.1"
},
{
"model": "log4j",
"scope": "eq",
"trust": 1.0,
"vendor": "apache",
"version": "2.0"
},
{
"model": "log4j",
"scope": "lt",
"trust": 1.0,
"vendor": "apache",
"version": "2.17.1"
},
{
"model": "policy automation",
"scope": "lte",
"trust": 1.0,
"vendor": "oracle",
"version": "12.2.24"
},
{
"model": "primavera p6 enterprise project portfolio management",
"scope": "gte",
"trust": 1.0,
"vendor": "oracle",
"version": "20.12.0.0"
},
{
"model": "primavera p6 enterprise project portfolio management",
"scope": "gte",
"trust": 1.0,
"vendor": "oracle",
"version": "19.12.0.0"
},
{
"model": "weblogic server",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "12.2.1.4.0"
},
{
"model": "primavera unifier",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "20.12"
},
{
"model": "siebel ui framework",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "21.12"
},
{
"model": "primavera gateway",
"scope": "lte",
"trust": 1.0,
"vendor": "oracle",
"version": "19.12.12"
},
{
"model": "retail assortment planning",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "16.0.3"
},
{
"model": "retail xstore point of service",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "21.0.1"
},
{
"model": "retail xstore point of service",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "19.0.2"
},
{
"model": "primavera gateway",
"scope": "lte",
"trust": 1.0,
"vendor": "oracle",
"version": "20.12.7"
},
{
"model": "log4j",
"scope": "lt",
"trust": 1.0,
"vendor": "apache",
"version": "2.3.2"
},
{
"model": "primavera gateway",
"scope": "gte",
"trust": 1.0,
"vendor": "oracle",
"version": "18.8.0"
},
{
"model": "primavera p6 enterprise project portfolio management",
"scope": "lte",
"trust": 1.0,
"vendor": "oracle",
"version": "20.12.12.0"
},
{
"model": "primavera gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "21.12.0"
},
{
"model": "cloudcenter",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "4.10.0.16"
},
{
"model": "primavera unifier",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "19.12"
},
{
"model": "fedora",
"scope": "eq",
"trust": 1.0,
"vendor": "fedoraproject",
"version": "35"
},
{
"model": "health sciences data management workbench",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "2.5.2.1"
},
{
"model": "log4j",
"scope": "gte",
"trust": 1.0,
"vendor": "apache",
"version": "2.4"
},
{
"model": "communications diameter signaling router",
"scope": "gte",
"trust": 1.0,
"vendor": "oracle",
"version": "8.0.0.0"
},
{
"model": "policy automation for mobile devices",
"scope": "lte",
"trust": 1.0,
"vendor": "oracle",
"version": "12.2.24"
},
{
"model": "retail order broker",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "18.0"
},
{
"model": "primavera gateway",
"scope": "gte",
"trust": 1.0,
"vendor": "oracle",
"version": "19.12.0"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "debian",
"version": "9.0"
},
{
"model": "fedora",
"scope": "eq",
"trust": 1.0,
"vendor": "fedoraproject",
"version": "34"
},
{
"model": "communications diameter signaling router",
"scope": "lte",
"trust": 1.0,
"vendor": "oracle",
"version": "8.5.1.0"
},
{
"model": "weblogic server",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "12.2.1.3.0"
},
{
"model": "retail xstore point of service",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "17.0.4"
},
{
"model": "communications offline mediation controller",
"scope": "lt",
"trust": 1.0,
"vendor": "oracle",
"version": "12.0.0.4.4"
},
{
"model": "primavera p6 enterprise project portfolio management",
"scope": "lte",
"trust": 1.0,
"vendor": "oracle",
"version": "19.12.18.0"
},
{
"model": "communications diameter signaling router",
"scope": "gte",
"trust": 1.0,
"vendor": "oracle",
"version": "8.3.0.0"
},
{
"model": "primavera unifier",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "21.12"
},
{
"model": "communications interactive session recorder",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "6.3"
},
{
"model": "policy automation",
"scope": "gte",
"trust": 1.0,
"vendor": "oracle",
"version": "12.2.0"
},
{
"model": "communications interactive session recorder",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "6.4"
},
{
"model": "retail fiscal management",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "14.2"
},
{
"model": "product lifecycle analytics",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "3.6.1"
},
{
"model": "communications brm - elastic charging engine",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "12.0.0.5.0"
},
{
"model": "siebel ui framework",
"scope": "lte",
"trust": 1.0,
"vendor": "oracle",
"version": "21.12"
},
{
"model": "primavera unifier",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "18.8"
},
{
"model": "retail xstore point of service",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "18.0.3"
},
{
"model": "primavera gateway",
"scope": "lte",
"trust": 1.0,
"vendor": "oracle",
"version": "17.12.11"
},
{
"model": "flexcube private banking",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "12.1.0"
},
{
"model": "primavera p6 enterprise project portfolio management",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "21.12.0.0"
},
{
"model": "primavera p6 enterprise project portfolio management",
"scope": "gte",
"trust": 1.0,
"vendor": "oracle",
"version": "19.12.0"
},
{
"model": "policy automation for mobile devices",
"scope": "gte",
"trust": 1.0,
"vendor": "oracle",
"version": "12.2.0"
},
{
"model": "retail order broker",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "19.1"
},
{
"model": "communications offline mediation controller",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "12.0.0.5.0"
},
{
"model": "communications brm - elastic charging engine",
"scope": "lt",
"trust": 1.0,
"vendor": "oracle",
"version": "12.0.0.4.6"
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2021-44832"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:apache:log4j:2.0:rc1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:log4j:2.0:beta9:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:log4j:2.0:rc2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:log4j:2.0:beta8:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:log4j:2.0:beta7:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:log4j:2.0:-:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:log4j:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "2.17.1",
"versionStartIncluding": "2.13.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:log4j:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "2.12.4",
"versionStartIncluding": "2.4",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:log4j:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "2.3.2",
"versionStartIncluding": "2.0.1",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:oracle:weblogic_server:12.2.1.3.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:primavera_unifier:18.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:weblogic_server:12.2.1.4.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:primavera_unifier:19.12:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:weblogic_server:14.1.1.0.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:primavera_unifier:20.12:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:communications_interactive_session_recorder:6.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:communications_interactive_session_recorder:6.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:primavera_gateway:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "17.12.11",
"versionStartIncluding": "17.12.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:primavera_gateway:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "20.12.7",
"versionStartIncluding": "20.12.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:retail_assortment_planning:16.0.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:primavera_unifier:21.12:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:primavera_p6_enterprise_project_portfolio_management:21.12.0.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:primavera_p6_enterprise_project_portfolio_management:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "20.12.12.0",
"versionStartIncluding": "20.12.0.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:primavera_gateway:21.12.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:primavera_gateway:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "19.12.12",
"versionStartIncluding": "19.12.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:primavera_gateway:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "18.8.13",
"versionStartIncluding": "18.8.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:retail_fiscal_management:14.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:primavera_p6_enterprise_project_portfolio_management:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "19.12.18.0",
"versionStartIncluding": "19.12.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:siebel_ui_framework:21.12:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:communications_diameter_signaling_router:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "8.5.1.0",
"versionStartIncluding": "8.0.0.0",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:cisco:cloudcenter:4.10.0.16:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:oracle:flexcube_private_banking:12.1.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:weblogic_server:12.2.1.3.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:primavera_unifier:18.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:weblogic_server:12.2.1.4.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:primavera_unifier:19.12:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:weblogic_server:14.1.1.0.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:primavera_unifier:20.12:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:retail_order_broker:18.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:communications_interactive_session_recorder:6.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:communications_interactive_session_recorder:6.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:retail_xstore_point_of_service:17.0.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:retail_xstore_point_of_service:18.0.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:retail_xstore_point_of_service:19.0.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:retail_xstore_point_of_service:20.0.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:primavera_gateway:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "17.12.11",
"versionStartIncluding": "17.12.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:retail_order_broker:19.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:primavera_gateway:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "20.12.7",
"versionStartIncluding": "20.12.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:primavera_unifier:21.12:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:siebel_ui_framework:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "21.12",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:primavera_p6_enterprise_project_portfolio_management:21.12.0.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:primavera_p6_enterprise_project_portfolio_management:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "20.12.12.0",
"versionStartIncluding": "20.12.0.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:primavera_p6_enterprise_project_portfolio_management:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "19.12.18.0",
"versionStartIncluding": "19.12.0.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:primavera_gateway:21.12.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:primavera_gateway:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "19.12.12",
"versionStartIncluding": "19.12.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:primavera_gateway:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "18.8.13",
"versionStartIncluding": "18.8.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:communications_diameter_signaling_router:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "8.5.1.0",
"versionStartIncluding": "8.3.0.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:policy_automation:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "12.2.24",
"versionStartIncluding": "12.2.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:product_lifecycle_analytics:3.6.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:health_sciences_data_management_workbench:2.5.2.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:communications_brm_-_elastic_charging_engine:12.0.0.5.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:communications_brm_-_elastic_charging_engine:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "12.0.0.4.6",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:retail_xstore_point_of_service:21.0.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:policy_automation_for_mobile_devices:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "12.2.24",
"versionStartIncluding": "12.2.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:health_sciences_data_management_workbench:3.0.0.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:health_sciences_data_management_workbench:3.1.0.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:communications_offline_mediation_controller:12.0.0.5.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:communications_offline_mediation_controller:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "12.0.0.4.4",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2021-44832"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Red Hat",
"sources": [
{
"db": "PACKETSTORM",
"id": "165632"
},
{
"db": "PACKETSTORM",
"id": "165636"
},
{
"db": "PACKETSTORM",
"id": "165637"
},
{
"db": "PACKETSTORM",
"id": "166676"
},
{
"db": "PACKETSTORM",
"id": "165652"
},
{
"db": "PACKETSTORM",
"id": "165651"
},
{
"db": "PACKETSTORM",
"id": "166022"
},
{
"db": "PACKETSTORM",
"id": "166020"
}
],
"trust": 0.8
},
"cve": "CVE-2021-44832",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 8.5,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 6.8,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:M/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 8.5,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 6.8,
"id": "VHN-408213",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:S/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "VULMON",
"availabilityImpact": "COMPLETE",
"baseScore": 8.5,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 6.8,
"id": "CVE-2021-44832",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "HIGH",
"trust": 0.1,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:S/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 0.7,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2021-44832",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-408213",
"trust": 0.1,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2021-44832",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-408213"
},
{
"db": "VULMON",
"id": "CVE-2021-44832"
},
{
"db": "NVD",
"id": "CVE-2021-44832"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Apache Log4j2 versions 2.0-beta7 through 2.17.0 (excluding security fix releases 2.3.2 and 2.12.4) are vulnerable to a remote code execution (RCE) attack when a configuration uses a JDBC Appender with a JNDI LDAP data source URI when an attacker has control of the target LDAP server. This issue is fixed by limiting JNDI data source names to the java protocol in Log4j2 versions 2.17.1, 2.12.4, and 2.3.2. Apache Log4j is a Java-based open source logging tool of the Apache Foundation. Apache Log4j2 2.0-beta7 to 2.17.0 versions have a security vulnerability, which stems from the lack of effective protection and filtering for JDBC Appender and JNDI in the software. The purpose of this\ntext-only errata is to inform you about the security issues fixed in this\nrelease. \n\nInstallation instructions are available from the Fuse product documentation\npages:\n\nFuse 7.8:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.8/html/installing_on_apache_karaf/apply-hotfix-patch\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.8/html/deploying_into_spring_boot/patch-red-hat-fuse-applications\n\nFuse 7.9:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.9/html/installing_on_apache_karaf/apply-hotfix-patch\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.9/html/deploying_into_spring_boot/patch-red-hat-fuse-applications\n\nFuse 7.10:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.10/html/installing_on_apache_karaf/apply-hotfix-patch\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.10/html/deploying_into_spring_boot/patch-red-hat-fuse-applications\n\n4. \n\nThe References section of this erratum contains a download link for the\nupdate. You must be logged in to download the update. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA256\n\n=====================================================================\n Red Hat Security Advisory\n\nSynopsis: Low: Red Hat JBoss Enterprise Application Platform 7.4.4 security update\nAdvisory ID: RHSA-2022:1297-01\nProduct: Red Hat JBoss Enterprise Application Platform\nAdvisory URL: https://access.redhat.com/errata/RHSA-2022:1297\nIssue date: 2022-04-11\nCVE Names: CVE-2021-4104 CVE-2021-44832 CVE-2021-45046 \n CVE-2021-45105 CVE-2022-23302 CVE-2022-23305 \n CVE-2022-23307 \n=====================================================================\n\n1. Summary:\n\nA security update is now available for Red Hat JBoss Enterprise Application\nPlatform 7.4 for Red Hat Enterprise Linux 8. \n\nRed Hat Product Security has rated this update as having a security impact\nof Low. A Common Vulnerability Scoring System (CVSS) base score, which\ngives a detailed severity rating, is available for each vulnerability from\nthe CVE link(s) in the References section. \n\n2. Relevant releases/architectures:\n\nRed Hat JBoss EAP 7.4 for RHEL 8 - noarch, x86_64\n\n3. Description:\n\nRed Hat JBoss Enterprise Application Platform 7 is a platform for Java\napplications based on the WildFly application runtime. \n\nThis release of Red Hat JBoss Enterprise Application Platform 7.4.4 serves\nas a replacement for Red Hat JBoss Enterprise Application Platform 7.4.3\nand includes bug fixes and enhancements. See the Red Hat JBoss Enterprise\nApplication Platform 7.4.4 Release Notes for information about the most\nsignificant bug fixes and enhancements included in this release. \n\nSecurity Fix(es):\n\n* log4j: SQL injection in Log4j 1.x when application is configured to use\nJDBCAppender (CVE-2022-23305)\n\n* log4j: Unsafe deserialization flaw in Chainsaw log viewer\n(CVE-2022-23307)\n\n* log4j: Remote code execution in Log4j 1.x when application is configured\nto use JMSAppender (CVE-2021-4104)\n\n* log4j-core: remote code execution via JDBC Appender (CVE-2021-44832)\n\n* log4j-core: DoS in log4j 2.x with thread context message pattern and\ncontext lookup pattern (incomplete fix for CVE-2021-44228) (CVE-2021-45046)\n\n* log4j-core: DoS in log4j 2.x with Thread Context Map (MDC) input data\ncontains a recursive lookup and context lookup pattern (CVE-2021-45105)\n\n* log4j: Remote code execution in Log4j 1.x when application is configured\nto use JMSSink (CVE-2022-23302)\n\nFor more details about the security issue(s), including the impact, a CVSS\nscore, acknowledgments, and other related information, refer to the CVE\npage(s) listed in the References section. \n\n4. Solution:\n\nBefore applying this update, back up your existing Red Hat JBoss Enterprise\nApplication Platform installation and deployed applications. \n\nFor details on how to apply this update, which includes the changes\ndescribed in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\n5. Bugs fixed (https://bugzilla.redhat.com/):\n\n2031667 - CVE-2021-4104 log4j: Remote code execution in Log4j 1.x when application is configured to use JMSAppender\n2032580 - CVE-2021-45046 log4j-core: DoS in log4j 2.x with thread context message pattern and context lookup pattern (incomplete fix for CVE-2021-44228)\n2034067 - CVE-2021-45105 log4j-core: DoS in log4j 2.x with Thread Context Map (MDC) input data contains a recursive lookup and context lookup pattern\n2035951 - CVE-2021-44832 log4j-core: remote code execution via JDBC Appender\n2041949 - CVE-2022-23302 log4j: Remote code execution in Log4j 1.x when application is configured to use JMSSink\n2041959 - CVE-2022-23305 log4j: SQL injection in Log4j 1.x when application is configured to use JDBCAppender\n2041967 - CVE-2022-23307 log4j: Unsafe deserialization flaw in Chainsaw log viewer\n\n6. JIRA issues fixed (https://issues.jboss.org/):\n\nJBEAP-22105 - (7.4.z) Upgrade from com.io7m.xom:xom 1.2.10 to xom:xom 1.3.7\nJBEAP-22385 - (7.4.z) Upgrade ASM from 7.1 to 9.1\nJBEAP-22731 - (7.4.z) Upgrade Artemis from 2.16.0.redhat-00032 to 2.16.0.redhat-00034\nJBEAP-22738 - (7.4.z) Upgrade jbossws-cxf from 5.4.2.Final to 5.4.4.Final(Fix UsernameTokenElytronTestCase on SE 17)\nJBEAP-22819 - [GSS] (7.4.z) HAL-1762 - Aliases are removed from the credential store when passwords are updated from the admin console\nJBEAP-22839 - [GSS](7.4.z) Upgrade yasson from 1.0.9.redhat-00001 to 1.0.10.redhat-00001\nJBEAP-22864 - (7.4.z) Upgrade HAL from 3.3.8.Final-redhat-00001 to 3.3.9.Final-redhat-00001\nJBEAP-22900 - Tracker bug for the EAP 7.4.4 release for RHEL-8\nJBEAP-22904 - (7.4.z) Upgrade Hibernate ORM from 5.3.24.Final-redhat-00001 to 5.3.25.Final-redhat-00002\nJBEAP-22911 - (7.4.z) Upgrade OpenSSL from 2.1.3.Final-redhat-00001 to 2.2.0.Final-redhat-00001\nJBEAP-22912 - (7.4.z) Upgrade OpenSSL Natives from 2.1.0.SP01-redhat-00001 to 2.2.0.Final-redhat-00001\nJBEAP-22913 - (7.4.z) Upgrade WildFly Core from 15.0.6.Final-redhat-00003 to 15.0.7.Final-redhat-00001\nJBEAP-22935 - (7.4.z) Upgrade jboss-vfs from 3.2.15.Final-redhat-00001 to 3.2.16.Final-redhat-00001\nJBEAP-22945 - (7.4.z) Upgrade org.apache.logging.log4j from 2.14.0.redhat-00002 to 2.17.1.redhat-00001\nJBEAP-22973 - (7.4.z) Upgrade Elytron from 1.15.9.Final-redhat-00001 to 1.15.11.Final-redhat-00002\nJBEAP-23038 - (7.4.z) Upgrade galleon-plugins from 5.1.4.Final to 5.2.6.Final\nJBEAP-23040 - (7.4.z) Upgrade galleon-plugins in wildfly-core-eap from 5.1.4.Final to 5.2.6.Final\nJBEAP-23045 - (7.4.z) Upgrade Undertow from 2.2.13.SP2-redhat-00001 to 2.2.16.Final-redhat-0001\nJBEAP-23101 - (7.4.z) Upgrade Infinispan from 11.0.12.Final to 11.0.15.Final\nJBEAP-23105 - (7.4.z) Upgrade Narayana from 5.11.3.Final-redhat-00001 to 5.11.4.Final-redhat-00001\nJBEAP-23143 - (7.4.z) Upgrade from org.eclipse.jdt.core.compiler:ecj:4.6.1 to org.eclipse.jdt:ecj:3.26\nJBEAP-23177 - (7.4.z) Upgrade XNIO from 3.8.5.SP1-redhat-00001 to 3.8.6.Final-redhat-00001\nJBEAP-23323 - [GSS](7.4.z) WFLY-16112 - Batch JobOperatorService should look for only active job names to stop during suspend\nJBEAP-23373 - (7.4.z) Upgrade OpenSSL from 2.2.0.Final-redhat-00001 to 2.2.0.Final-redhat-00002\nJBEAP-23374 - (7.4.z) Upgrade WildFly Core from 15.0.7.Final-redhat-00001 to 15.0.8.Final-redhat-00001\nJBEAP-23375 - (7.4.z) Upgrade OpenSSL Natives from 2.2.0.Final-redhat-00001 to 2.2.0.Final-redhat-00002\n\n7. Package List:\n\nRed Hat JBoss EAP 7.4 for RHEL 8:\n\nSource:\neap7-activemq-artemis-2.16.0-7.redhat_00034.1.el8eap.src.rpm\neap7-ecj-3.26.0-1.redhat_00002.1.el8eap.src.rpm\neap7-hal-console-3.3.9-1.Final_redhat_00001.1.el8eap.src.rpm\neap7-hibernate-5.3.25-1.Final_redhat_00002.1.el8eap.src.rpm\neap7-infinispan-11.0.15-1.Final_redhat_00001.1.el8eap.src.rpm\neap7-jboss-server-migration-1.10.0-15.Final_redhat_00014.1.el8eap.src.rpm\neap7-jboss-vfs-3.2.16-1.Final_redhat_00001.1.el8eap.src.rpm\neap7-jboss-xnio-base-3.8.6-1.Final_redhat_00001.1.el8eap.src.rpm\neap7-jbossws-cxf-5.4.4-1.Final_redhat_00001.1.el8eap.src.rpm\neap7-log4j-2.17.1-1.redhat_00001.1.el8eap.src.rpm\neap7-narayana-5.11.4-1.Final_redhat_00001.1.el8eap.src.rpm\neap7-objectweb-asm-9.1.0-1.redhat_00002.1.el8eap.src.rpm\neap7-undertow-2.2.16-1.Final_redhat_00001.1.el8eap.src.rpm\neap7-wildfly-7.4.4-3.GA_redhat_00011.1.el8eap.src.rpm\neap7-wildfly-elytron-1.15.11-1.Final_redhat_00002.1.el8eap.src.rpm\neap7-wildfly-openssl-2.2.0-3.Final_redhat_00002.1.el8eap.src.rpm\neap7-wildfly-openssl-el8-x86_64-2.2.0-2.Final_redhat_00002.1.el8eap.src.rpm\neap7-xom-1.3.7-1.redhat_00001.1.el8eap.src.rpm\neap7-yasson-1.0.10-1.redhat_00001.1.el8eap.src.rpm\n\nnoarch:\neap7-activemq-artemis-2.16.0-7.redhat_00034.1.el8eap.noarch.rpm\neap7-activemq-artemis-cli-2.16.0-7.redhat_00034.1.el8eap.noarch.rpm\neap7-activemq-artemis-commons-2.16.0-7.redhat_00034.1.el8eap.noarch.rpm\neap7-activemq-artemis-core-client-2.16.0-7.redhat_00034.1.el8eap.noarch.rpm\neap7-activemq-artemis-dto-2.16.0-7.redhat_00034.1.el8eap.noarch.rpm\neap7-activemq-artemis-hornetq-protocol-2.16.0-7.redhat_00034.1.el8eap.noarch.rpm\neap7-activemq-artemis-hqclient-protocol-2.16.0-7.redhat_00034.1.el8eap.noarch.rpm\neap7-activemq-artemis-jdbc-store-2.16.0-7.redhat_00034.1.el8eap.noarch.rpm\neap7-activemq-artemis-jms-client-2.16.0-7.redhat_00034.1.el8eap.noarch.rpm\neap7-activemq-artemis-jms-server-2.16.0-7.redhat_00034.1.el8eap.noarch.rpm\neap7-activemq-artemis-journal-2.16.0-7.redhat_00034.1.el8eap.noarch.rpm\neap7-activemq-artemis-ra-2.16.0-7.redhat_00034.1.el8eap.noarch.rpm\neap7-activemq-artemis-selector-2.16.0-7.redhat_00034.1.el8eap.noarch.rpm\neap7-activemq-artemis-server-2.16.0-7.redhat_00034.1.el8eap.noarch.rpm\neap7-activemq-artemis-service-extensions-2.16.0-7.redhat_00034.1.el8eap.noarch.rpm\neap7-activemq-artemis-tools-2.16.0-7.redhat_00034.1.el8eap.noarch.rpm\neap7-ecj-3.26.0-1.redhat_00002.1.el8eap.noarch.rpm\neap7-hal-console-3.3.9-1.Final_redhat_00001.1.el8eap.noarch.rpm\neap7-hibernate-5.3.25-1.Final_redhat_00002.1.el8eap.noarch.rpm\neap7-hibernate-core-5.3.25-1.Final_redhat_00002.1.el8eap.noarch.rpm\neap7-hibernate-entitymanager-5.3.25-1.Final_redhat_00002.1.el8eap.noarch.rpm\neap7-hibernate-envers-5.3.25-1.Final_redhat_00002.1.el8eap.noarch.rpm\neap7-hibernate-java8-5.3.25-1.Final_redhat_00002.1.el8eap.noarch.rpm\neap7-infinispan-11.0.15-1.Final_redhat_00001.1.el8eap.noarch.rpm\neap7-infinispan-cachestore-jdbc-11.0.15-1.Final_redhat_00001.1.el8eap.noarch.rpm\neap7-infinispan-cachestore-remote-11.0.15-1.Final_redhat_00001.1.el8eap.noarch.rpm\neap7-infinispan-client-hotrod-11.0.15-1.Final_redhat_00001.1.el8eap.noarch.rpm\neap7-infinispan-commons-11.0.15-1.Final_redhat_00001.1.el8eap.noarch.rpm\neap7-infinispan-component-annotations-11.0.15-1.Final_redhat_00001.1.el8eap.noarch.rpm\neap7-infinispan-core-11.0.15-1.Final_redhat_00001.1.el8eap.noarch.rpm\neap7-infinispan-hibernate-cache-commons-11.0.15-1.Final_redhat_00001.1.el8eap.noarch.rpm\neap7-infinispan-hibernate-cache-spi-11.0.15-1.Final_redhat_00001.1.el8eap.noarch.rpm\neap7-infinispan-hibernate-cache-v53-11.0.15-1.Final_redhat_00001.1.el8eap.noarch.rpm\neap7-jboss-server-migration-1.10.0-15.Final_redhat_00014.1.el8eap.noarch.rpm\neap7-jboss-server-migration-cli-1.10.0-15.Final_redhat_00014.1.el8eap.noarch.rpm\neap7-jboss-server-migration-core-1.10.0-15.Final_redhat_00014.1.el8eap.noarch.rpm\neap7-jboss-vfs-3.2.16-1.Final_redhat_00001.1.el8eap.noarch.rpm\neap7-jboss-xnio-base-3.8.6-1.Final_redhat_00001.1.el8eap.noarch.rpm\neap7-jbossws-cxf-5.4.4-1.Final_redhat_00001.1.el8eap.noarch.rpm\neap7-log4j-2.17.1-1.redhat_00001.1.el8eap.noarch.rpm\neap7-narayana-5.11.4-1.Final_redhat_00001.1.el8eap.noarch.rpm\neap7-narayana-compensations-5.11.4-1.Final_redhat_00001.1.el8eap.noarch.rpm\neap7-narayana-jbosstxbridge-5.11.4-1.Final_redhat_00001.1.el8eap.noarch.rpm\neap7-narayana-jbossxts-5.11.4-1.Final_redhat_00001.1.el8eap.noarch.rpm\neap7-narayana-jts-idlj-5.11.4-1.Final_redhat_00001.1.el8eap.noarch.rpm\neap7-narayana-jts-integration-5.11.4-1.Final_redhat_00001.1.el8eap.noarch.rpm\neap7-narayana-restat-api-5.11.4-1.Final_redhat_00001.1.el8eap.noarch.rpm\neap7-narayana-restat-bridge-5.11.4-1.Final_redhat_00001.1.el8eap.noarch.rpm\neap7-narayana-restat-integration-5.11.4-1.Final_redhat_00001.1.el8eap.noarch.rpm\neap7-narayana-restat-util-5.11.4-1.Final_redhat_00001.1.el8eap.noarch.rpm\neap7-narayana-txframework-5.11.4-1.Final_redhat_00001.1.el8eap.noarch.rpm\neap7-objectweb-asm-9.1.0-1.redhat_00002.1.el8eap.noarch.rpm\neap7-undertow-2.2.16-1.Final_redhat_00001.1.el8eap.noarch.rpm\neap7-wildfly-7.4.4-3.GA_redhat_00011.1.el8eap.noarch.rpm\neap7-wildfly-elytron-1.15.11-1.Final_redhat_00002.1.el8eap.noarch.rpm\neap7-wildfly-elytron-tool-1.15.11-1.Final_redhat_00002.1.el8eap.noarch.rpm\neap7-wildfly-javadocs-7.4.4-3.GA_redhat_00011.1.el8eap.noarch.rpm\neap7-wildfly-modules-7.4.4-3.GA_redhat_00011.1.el8eap.noarch.rpm\neap7-wildfly-openssl-2.2.0-3.Final_redhat_00002.1.el8eap.noarch.rpm\neap7-wildfly-openssl-java-2.2.0-3.Final_redhat_00002.1.el8eap.noarch.rpm\neap7-xom-1.3.7-1.redhat_00001.1.el8eap.noarch.rpm\neap7-yasson-1.0.10-1.redhat_00001.1.el8eap.noarch.rpm\n\nx86_64:\neap7-wildfly-openssl-el8-x86_64-2.2.0-2.Final_redhat_00002.1.el8eap.x86_64.rpm\neap7-wildfly-openssl-el8-x86_64-debuginfo-2.2.0-2.Final_redhat_00002.1.el8eap.x86_64.rpm\n\nThese packages are GPG signed by Red Hat for security. Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/\n\n8. References:\n\nhttps://access.redhat.com/security/cve/CVE-2021-4104\nhttps://access.redhat.com/security/cve/CVE-2021-44832\nhttps://access.redhat.com/security/cve/CVE-2021-45046\nhttps://access.redhat.com/security/cve/CVE-2021-45105\nhttps://access.redhat.com/security/cve/CVE-2022-23302\nhttps://access.redhat.com/security/cve/CVE-2022-23305\nhttps://access.redhat.com/security/cve/CVE-2022-23307\nhttps://access.redhat.com/security/updates/classification/#low\nhttps://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.4/\nhttps://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.4/html-single/installation_guide/\n\n9. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2022 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1\n\niQIVAwUBYlRUqtzjgjWX9erEAQhXfxAApQ6HkBUo8Tg+GWEosSpAx0AEsVPMojWK\nHU3uJRF8jp0KXqchc+KVlalBJAWHPBUDr4xBpsISqwr7T/9iYonKlo4ijA/68b2K\nkhbFyt6o6i2dXrYygT5fcMtukSjN2T/hfCc2ZE2yiHTO3Ou4AALyZ2xCyYtfSpuZ\nrZLVvgCWrnak2msgkoNl0/sZxnjw6b+ZJczKkq3QqPVWOYlV/Qdl5NGy16i0rbEo\nP1rWXJrOUlEBctJEs756cqeIJesYKHZqqPx/kHaNyzdxDh99hKGZx7oturscAN6e\nsPfSSdyd5jsOcWD7UlHV9ukoPQxf1ouVBa0qkpL0wCoR3GFF6Pls1bMEFzUoz3/R\nIwagVxsr38duK3isv34l6IQ+RP0oSWN0rgPUu69tAlEV+YwLgA5JUOpz1i7FTmXt\nl3i5+wMlo9Xc/Hy+j7unW8Do7s/i0YuFVTuM6H9KEITuFjgFA2tB9CpzoAFzWLk0\nU8zCL80Rwy1wiMydSrLjtg3YUPB6ibh2NJ02O7R+bNhJ8bN4yuDuWkDqy4VdPXGp\nzhed3dZmYAXD9/x+mnfghcbJZwigzGT9Qv78zYafB3f8K7cEVEDJK3aZMOkkh9ca\ndcaLs5WRv8ZTytFPv+KGKRJ/cc/UHAvh8zumMZdVMp1oty/k/OYWhgaEJMWGQDCe\nUnHI/WwB37w=\n=eCh2\n-----END PGP SIGNATURE-----\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://listman.redhat.com/mailman/listinfo/rhsa-announce\n. JIRA issues fixed (https://issues.jboss.org/):\n\nLOG-2089 - resourceVersion is overflowing type Integer causing ES rejection [openshift-logging 5.0]\n\n6. \n\nAll OpenShift Container Platform 4.7 users are advised to upgrade to these\nupdated packages and images when they are available in the appropriate\nrelease channel. To check for available updates, use the OpenShift Console\nor the CLI oc command. Instructions for upgrading a cluster are available\nat\nhttps://docs.openshift.com/container-platform/4.7/updating/updating-cluster-cli.html\n\n3. Solution:\n\nFor OpenShift Container Platform 4.7 see the following documentation, which\nwill be updated shortly for this release, for important instructions on how\nto upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.7/release_notes/ocp-4-7-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.7/updating/updating-cluster-cli.html\n\n4. Bugs fixed (https://bugzilla.redhat.com/):\n\n2035951 - CVE-2021-44832 log4j-core: remote code execution via JDBC Appender\n\n5",
"sources": [
{
"db": "NVD",
"id": "CVE-2021-44832"
},
{
"db": "VULHUB",
"id": "VHN-408213"
},
{
"db": "VULMON",
"id": "CVE-2021-44832"
},
{
"db": "PACKETSTORM",
"id": "165632"
},
{
"db": "PACKETSTORM",
"id": "165636"
},
{
"db": "PACKETSTORM",
"id": "165637"
},
{
"db": "PACKETSTORM",
"id": "166676"
},
{
"db": "PACKETSTORM",
"id": "165652"
},
{
"db": "PACKETSTORM",
"id": "165651"
},
{
"db": "PACKETSTORM",
"id": "166022"
},
{
"db": "PACKETSTORM",
"id": "166020"
}
],
"trust": 1.8
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2021-44832",
"trust": 2.0
},
{
"db": "SIEMENS",
"id": "SSA-784507",
"trust": 1.1
},
{
"db": "OPENWALL",
"id": "OSS-SECURITY/2021/12/28/1",
"trust": 1.1
},
{
"db": "PACKETSTORM",
"id": "166020",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "165637",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "165652",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "165651",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "166022",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "165636",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "165632",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "165516",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "165653",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "165750",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "165927",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "165649",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "165659",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "165564",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "165650",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "165645",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "165711",
"trust": 0.1
},
{
"db": "CNNVD",
"id": "CNNVD-202112-2743",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-408213",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2021-44832",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "166676",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-408213"
},
{
"db": "VULMON",
"id": "CVE-2021-44832"
},
{
"db": "PACKETSTORM",
"id": "165632"
},
{
"db": "PACKETSTORM",
"id": "165636"
},
{
"db": "PACKETSTORM",
"id": "165637"
},
{
"db": "PACKETSTORM",
"id": "166676"
},
{
"db": "PACKETSTORM",
"id": "165652"
},
{
"db": "PACKETSTORM",
"id": "165651"
},
{
"db": "PACKETSTORM",
"id": "166022"
},
{
"db": "PACKETSTORM",
"id": "166020"
},
{
"db": "NVD",
"id": "CVE-2021-44832"
}
]
},
"id": "VAR-202112-2011",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-408213"
}
],
"trust": 0.01
},
"last_update_date": "2024-07-23T21:55:35.394000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Debian CVElist Bug Report Logs: apache-log4j2: CVE-2021-44832: remote code execution via JDBC Appender",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs\u0026qid=5e48a524651ae46e6ca9ac28bf933dcd"
},
{
"title": "Red Hat: Moderate: OpenShift Container Platform 4.6.54 extras and security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20220181 - security advisory"
},
{
"title": "Red Hat: Important: Red Hat AMQ Streams 1.6.7 release and security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20220467 - security advisory"
},
{
"title": "Red Hat: Low: Red Hat JBoss Enterprise Application Platform 7.4.4 security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20221297 - security advisory"
},
{
"title": "Amazon Linux 2: ALAS2-2022-1734",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=amazon_linux2\u0026qid=alas2-2022-1734"
},
{
"title": "Red Hat: Low: Red Hat JBoss Enterprise Application Platform 7.4.4 security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20221296 - security advisory"
},
{
"title": "Red Hat: CVE-2021-44832",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_cve_database\u0026qid=cve-2021-44832"
},
{
"title": "IBM: Security Bulletin: IBM Operations Analytics Predictive Insights impacted by Apache Log4j vulnerabilities (CVE-2021-44832)",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog\u0026qid=fcd7c03d55043b4b7009ca8b920eb0ba"
},
{
"title": "Red Hat: Low: Red Hat JBoss Enterprise Application Platform 7.4.4 security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20221299 - security advisory"
},
{
"title": "IBM: Security Bulletin: Vulnerabilities from log4j-core-2.16.0.jar affect IBM Operations Analytics \u00e2\u20ac\u201c Log Analysis (CVE-2021-44832, CVE-2021-45105)",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog\u0026qid=56eb883672063a8cb42fae9e94dc10a9"
},
{
"title": "Red Hat: Moderate: OpenShift Container Platform 4.7.43 security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20220493 - security advisory"
},
{
"title": "Red Hat: Moderate: OpenShift Container Platform 4.8.31 security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20220485 - security advisory"
},
{
"title": "Amazon Linux 2022: ALAS2022-2022-011",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=amazon_linux2022\u0026qid=alas2022-2022-011"
},
{
"title": "IBM: Security Bulletin: A vulnerability in Apache Log4j affects some features of IBM\u00c2\u00ae Db2\u00c2\u00ae (CVE-2021-44832)",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog\u0026qid=e5bceef16eb57f063a2b356f344b5f60"
},
{
"title": "IBM: Security Bulletin: Due to use of Apache Log4j, IBM QRadar SIEM is vulnerable to arbitrary code execution (CVE-2019-17571, CVE-2021-44832, CVE-2021-4104)",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog\u0026qid=a0cbd5f5df3a9f322684d99eeb2b9429"
},
{
"title": "IBM: Security Bulletin: Multiple vulnerabilities in Apache Log4j affects some features of IBM\u00c2\u00ae Db2\u00c2\u00ae (CVE-2021-45046, CVE-2021-45105)",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog\u0026qid=073d7506d5d6ad6fb03dbf8d511bb92e"
},
{
"title": "IBM: Security Bulletin: Vulnerability in Apache Log4j affects some features of IBM\u00c2\u00ae Db2\u00c2\u00ae (CVE-2021-44228)",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog\u0026qid=7be059b2ea8ddccc8012a9cd63f3f993"
},
{
"title": "Siemens Security Advisories: Siemens Security Advisory",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=siemens_security_advisories\u0026qid=aff264acb8f6c42a7eec74ebc9aac61e"
},
{
"title": "Cisco: Vulnerabilities in Apache Log4j Library Affecting Cisco Products: December 2021",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts\u0026qid=cisco-sa-apache-log4j-qruknebd"
},
{
"title": "Citrix Security Bulletins: Citrix Security Advisory for CVE-2021-44228, CVE-2021-45046, CVE-2021-45105 and CVE-2021-44832.",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=citrix_security_bulletins\u0026qid=f1a2b6f4f4568786daf1fc5e893e9283"
},
{
"title": "Siemens Security Advisories: Siemens Security Advisory",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=siemens_security_advisories\u0026qid=42e3d15623cd7650d7ccb17534ee39a8"
},
{
"title": "Amazon Linux 2022: ALAS-2022-225",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=amazon_linux2022\u0026qid=alas-2022-225"
},
{
"title": "aws-msk-iam-auth",
"trust": 0.1,
"url": "https://github.com/aws/aws-msk-iam-auth "
},
{
"title": "FuelSDK-Java",
"trust": 0.1,
"url": "https://github.com/salesforce-marketingcloud/fuelsdk-java "
},
{
"title": "mule-3.x-log4j-update-script",
"trust": 0.1,
"url": "https://github.com/yhorndt/mule-3.x-log4j-update-script "
},
{
"title": "fix_log4j2",
"trust": 0.1,
"url": "https://github.com/yundinglab/fix_log4j2 "
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2021-44832"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-20",
"trust": 1.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-408213"
},
{
"db": "NVD",
"id": "CVE-2021-44832"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.1,
"url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-apache-log4j-qruknebd"
},
{
"trust": 1.1,
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-784507.pdf"
},
{
"trust": 1.1,
"url": "https://security.netapp.com/advisory/ntap-20220104-0001/"
},
{
"trust": 1.1,
"url": "https://issues.apache.org/jira/browse/log4j2-3293"
},
{
"trust": 1.1,
"url": "https://lists.apache.org/thread/s1o5vlo78ypqxnzn6p8zf6t9shtq5143"
},
{
"trust": 1.1,
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
},
{
"trust": 1.1,
"url": "https://www.oracle.com/security-alerts/cpujan2022.html"
},
{
"trust": 1.1,
"url": "https://www.oracle.com/security-alerts/cpujul2022.html"
},
{
"trust": 1.1,
"url": "https://lists.debian.org/debian-lts-announce/2021/12/msg00036.html"
},
{
"trust": 1.1,
"url": "http://www.openwall.com/lists/oss-security/2021/12/28/1"
},
{
"trust": 1.0,
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/evv25fxl4fu5x6x5bsl7rlq7t6f65mra/"
},
{
"trust": 1.0,
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/t57mpjuw3ma6qgwzrtmchhmmpqnvkgfc/"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-44832"
},
{
"trust": 0.8,
"url": "https://listman.redhat.com/mailman/listinfo/rhsa-announce"
},
{
"trust": 0.8,
"url": "https://access.redhat.com/security/team/contact/"
},
{
"trust": 0.8,
"url": "https://access.redhat.com/security/cve/cve-2021-44832"
},
{
"trust": 0.8,
"url": "https://bugzilla.redhat.com/):"
},
{
"trust": 0.5,
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-45046"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-45105"
},
{
"trust": 0.4,
"url": "https://access.redhat.com/security/cve/cve-2021-45105"
},
{
"trust": 0.4,
"url": "https://access.redhat.com/security/cve/cve-2021-45046"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/vulnerabilities/rhsb-2021-009"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.4/"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/updates/classification/#low"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.4/html-single/installation_guide/"
},
{
"trust": 0.2,
"url": "https://issues.jboss.org/):"
},
{
"trust": 0.2,
"url": "https://docs.openshift.com/container-platform/4.7/release_notes/ocp-4-7-release-notes.html"
},
{
"trust": 0.2,
"url": "https://docs.openshift.com/container-platform/4.8/release_notes/ocp-4-8-release-notes.html"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2022-21248"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-3521"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2022-21296"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2022-21299"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-21283"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2022-21341"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-21360"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-21299"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-21282"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-21294"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2022-21360"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-21305"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-21293"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-21341"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2022-21293"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2022-21282"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-21248"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2022-21294"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2022-21283"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-21296"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2022-21365"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2022-21305"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2022-21340"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-21340"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-21365"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2021-3521"
},
{
"trust": 0.1,
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/t57mpjuw3ma6qgwzrtmchhmmpqnvkgfc/"
},
{
"trust": 0.1,
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/evv25fxl4fu5x6x5bsl7rlq7t6f65mra/"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/documentation/en-us/red_hat_fuse/7.10/html/deploying_into_spring_boot/patch-red-hat-fuse-applications"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/documentation/en-us/red_hat_fuse/7.8/html/installing_on_apache_karaf/apply-hotfix-patch"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/jbossnetwork/restricted/listsoftware.html?downloadtype=securitypatches\u0026product=jboss.fuse\u0026version=7.09.0"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/documentation/en-us/red_hat_fuse/7.10/html/installing_on_apache_karaf/apply-hotfix-patch"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/jbossnetwork/restricted/listsoftware.html?downloadtype=securitypatches\u0026product=jboss.fuse\u0026version=7.10.0"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/documentation/en-us/red_hat_fuse/7.9/html/installing_on_apache_karaf/apply-hotfix-patch"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/documentation/en-us/red_hat_fuse/7.9/html/deploying_into_spring_boot/patch-red-hat-fuse-applications"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-44228"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/updates/classification/#critical"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-44228"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2022:0203"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/jbossnetwork/restricted/listsoftware.html?downloadtype=securitypatches\u0026product=jboss.fuse\u0026version=7.08.0"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/documentation/en-us/red_hat_fuse/7.8/html/deploying_into_spring_boot/patch-red-hat-fuse-applications"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/jbossnetwork/restricted/listsoftware.html?downloadtype=securitypatches\u0026product=appplatform\u0026version=7.4"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2022:0216"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/solutions/6577421"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2022:0083"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/jbossnetwork/restricted/listsoftware.html?downloadtype=distributions\u0026product\\xcatrhoar.eclipse.vertx\u0026version=4.1.8"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/documentation/en-us/red_hat_build_of_eclipse_vert.x/4.1/html/release_notes_for_eclipse_vert.x_4.1/index"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/articles/11258"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-23307"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-23302"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2022:1297"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-23305"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-4104"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-23302"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/team/key/"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-23305"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-23307"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-4104"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2022:0225"
},
{
"trust": 0.1,
"url": "https://docs.openshift.com/container-platform/4.7/logging/cluster-logging-upgrading.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-27292"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2022:0226"
},
{
"trust": 0.1,
"url": "https://docs.openshift.com/container-platform/4.8/logging/cluster-logging-upgrading.html"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-27292"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhba-2022:0484"
},
{
"trust": 0.1,
"url": "https://docs.openshift.com/container-platform/4.8/updating/updating-cluster-cli.html"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2022:0485"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2022:0493"
},
{
"trust": 0.1,
"url": "https://docs.openshift.com/container-platform/4.7/updating/updating-cluster-cli.html"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2022:0492"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-408213"
},
{
"db": "PACKETSTORM",
"id": "165632"
},
{
"db": "PACKETSTORM",
"id": "165636"
},
{
"db": "PACKETSTORM",
"id": "165637"
},
{
"db": "PACKETSTORM",
"id": "166676"
},
{
"db": "PACKETSTORM",
"id": "165652"
},
{
"db": "PACKETSTORM",
"id": "165651"
},
{
"db": "PACKETSTORM",
"id": "166022"
},
{
"db": "PACKETSTORM",
"id": "166020"
},
{
"db": "NVD",
"id": "CVE-2021-44832"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-408213"
},
{
"db": "VULMON",
"id": "CVE-2021-44832"
},
{
"db": "PACKETSTORM",
"id": "165632"
},
{
"db": "PACKETSTORM",
"id": "165636"
},
{
"db": "PACKETSTORM",
"id": "165637"
},
{
"db": "PACKETSTORM",
"id": "166676"
},
{
"db": "PACKETSTORM",
"id": "165652"
},
{
"db": "PACKETSTORM",
"id": "165651"
},
{
"db": "PACKETSTORM",
"id": "166022"
},
{
"db": "PACKETSTORM",
"id": "166020"
},
{
"db": "NVD",
"id": "CVE-2021-44832"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2021-12-28T00:00:00",
"db": "VULHUB",
"id": "VHN-408213"
},
{
"date": "2021-12-28T00:00:00",
"db": "VULMON",
"id": "CVE-2021-44832"
},
{
"date": "2022-01-20T17:49:05",
"db": "PACKETSTORM",
"id": "165632"
},
{
"date": "2022-01-20T17:49:52",
"db": "PACKETSTORM",
"id": "165636"
},
{
"date": "2022-01-20T17:50:03",
"db": "PACKETSTORM",
"id": "165637"
},
{
"date": "2022-04-11T17:14:49",
"db": "PACKETSTORM",
"id": "166676"
},
{
"date": "2022-01-21T15:31:01",
"db": "PACKETSTORM",
"id": "165652"
},
{
"date": "2022-01-21T15:30:48",
"db": "PACKETSTORM",
"id": "165651"
},
{
"date": "2022-02-17T16:56:10",
"db": "PACKETSTORM",
"id": "166022"
},
{
"date": "2022-02-17T16:54:19",
"db": "PACKETSTORM",
"id": "166020"
},
{
"date": "2021-12-28T20:15:08.400000",
"db": "NVD",
"id": "CVE-2021-44832"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2022-08-09T00:00:00",
"db": "VULHUB",
"id": "VHN-408213"
},
{
"date": "2023-11-07T00:00:00",
"db": "VULMON",
"id": "CVE-2021-44832"
},
{
"date": "2023-11-07T03:39:43.957000",
"db": "NVD",
"id": "CVE-2021-44832"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "166676"
}
],
"trust": 0.1
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Red Hat Security Advisory 2022-0203-03",
"sources": [
{
"db": "PACKETSTORM",
"id": "165632"
}
],
"trust": 0.1
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "code execution",
"sources": [
{
"db": "PACKETSTORM",
"id": "165632"
},
{
"db": "PACKETSTORM",
"id": "165636"
},
{
"db": "PACKETSTORM",
"id": "165637"
},
{
"db": "PACKETSTORM",
"id": "165652"
},
{
"db": "PACKETSTORM",
"id": "165651"
},
{
"db": "PACKETSTORM",
"id": "166022"
},
{
"db": "PACKETSTORM",
"id": "166020"
}
],
"trust": 0.7
}
}
FKIE_CVE-2021-44832
Vulnerability from fkie_nvd - Published: 2021-12-28 20:15 - Updated: 2024-11-21 06:31
Severity ?
Summary
Apache Log4j2 versions 2.0-beta7 through 2.17.0 (excluding security fix releases 2.3.2 and 2.12.4) are vulnerable to a remote code execution (RCE) attack when a configuration uses a JDBC Appender with a JNDI LDAP data source URI when an attacker has control of the target LDAP server. This issue is fixed by limiting JNDI data source names to the java protocol in Log4j2 versions 2.17.1, 2.12.4, and 2.3.2.
References
| URL | Tags | ||
|---|---|---|---|
| security@apache.org | http://www.openwall.com/lists/oss-security/2021/12/28/1 | Mailing List, Third Party Advisory | |
| security@apache.org | https://cert-portal.siemens.com/productcert/pdf/ssa-784507.pdf | Third Party Advisory | |
| security@apache.org | https://issues.apache.org/jira/browse/LOG4J2-3293 | Issue Tracking, Patch, Vendor Advisory | |
| security@apache.org | https://lists.apache.org/thread/s1o5vlo78ypqxnzn6p8zf6t9shtq5143 | Mailing List, Vendor Advisory | |
| security@apache.org | https://lists.debian.org/debian-lts-announce/2021/12/msg00036.html | Mailing List, Third Party Advisory | |
| security@apache.org | https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EVV25FXL4FU5X6X5BSL7RLQ7T6F65MRA/ | ||
| security@apache.org | https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/T57MPJUW3MA6QGWZRTMCHHMMPQNVKGFC/ | ||
| security@apache.org | https://security.netapp.com/advisory/ntap-20220104-0001/ | Third Party Advisory | |
| security@apache.org | https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd | Third Party Advisory | |
| security@apache.org | https://www.oracle.com/security-alerts/cpuapr2022.html | Patch, Third Party Advisory | |
| security@apache.org | https://www.oracle.com/security-alerts/cpujan2022.html | Patch, Third Party Advisory | |
| security@apache.org | https://www.oracle.com/security-alerts/cpujul2022.html | Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2021/12/28/1 | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://cert-portal.siemens.com/productcert/pdf/ssa-784507.pdf | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://issues.apache.org/jira/browse/LOG4J2-3293 | Issue Tracking, Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.apache.org/thread/s1o5vlo78ypqxnzn6p8zf6t9shtq5143 | Mailing List, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.debian.org/debian-lts-announce/2021/12/msg00036.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EVV25FXL4FU5X6X5BSL7RLQ7T6F65MRA/ | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/T57MPJUW3MA6QGWZRTMCHHMMPQNVKGFC/ | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://security.netapp.com/advisory/ntap-20220104-0001/ | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.oracle.com/security-alerts/cpuapr2022.html | Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.oracle.com/security-alerts/cpujan2022.html | Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.oracle.com/security-alerts/cpujul2022.html | Patch, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| apache | log4j | * | |
| apache | log4j | * | |
| apache | log4j | * | |
| apache | log4j | 2.0 | |
| apache | log4j | 2.0 | |
| apache | log4j | 2.0 | |
| apache | log4j | 2.0 | |
| apache | log4j | 2.0 | |
| apache | log4j | 2.0 | |
| oracle | communications_diameter_signaling_router | * | |
| oracle | communications_interactive_session_recorder | 6.3 | |
| oracle | communications_interactive_session_recorder | 6.4 | |
| oracle | primavera_gateway | * | |
| oracle | primavera_gateway | * | |
| oracle | primavera_gateway | * | |
| oracle | primavera_gateway | * | |
| oracle | primavera_gateway | 21.12.0 | |
| oracle | primavera_p6_enterprise_project_portfolio_management | * | |
| oracle | primavera_p6_enterprise_project_portfolio_management | * | |
| oracle | primavera_p6_enterprise_project_portfolio_management | 21.12.0.0 | |
| oracle | primavera_unifier | 18.8 | |
| oracle | primavera_unifier | 19.12 | |
| oracle | primavera_unifier | 20.12 | |
| oracle | primavera_unifier | 21.12 | |
| oracle | retail_assortment_planning | 16.0.3 | |
| oracle | retail_fiscal_management | 14.2 | |
| oracle | siebel_ui_framework | 21.12 | |
| oracle | weblogic_server | 12.2.1.3.0 | |
| oracle | weblogic_server | 12.2.1.4.0 | |
| oracle | weblogic_server | 14.1.1.0.0 | |
| cisco | cloudcenter | 4.10.0.16 | |
| fedoraproject | fedora | 34 | |
| fedoraproject | fedora | 35 | |
| debian | debian_linux | 9.0 | |
| oracle | communications_brm_-_elastic_charging_engine | * | |
| oracle | communications_brm_-_elastic_charging_engine | 12.0.0.5.0 | |
| oracle | communications_diameter_signaling_router | * | |
| oracle | communications_interactive_session_recorder | 6.3 | |
| oracle | communications_interactive_session_recorder | 6.4 | |
| oracle | communications_offline_mediation_controller | * | |
| oracle | communications_offline_mediation_controller | 12.0.0.5.0 | |
| oracle | flexcube_private_banking | 12.1.0 | |
| oracle | health_sciences_data_management_workbench | 2.5.2.1 | |
| oracle | health_sciences_data_management_workbench | 3.0.0.0 | |
| oracle | health_sciences_data_management_workbench | 3.1.0.3 | |
| oracle | policy_automation | * | |
| oracle | policy_automation_for_mobile_devices | * | |
| oracle | primavera_gateway | * | |
| oracle | primavera_gateway | * | |
| oracle | primavera_gateway | * | |
| oracle | primavera_gateway | * | |
| oracle | primavera_gateway | 21.12.0 | |
| oracle | primavera_p6_enterprise_project_portfolio_management | * | |
| oracle | primavera_p6_enterprise_project_portfolio_management | * | |
| oracle | primavera_p6_enterprise_project_portfolio_management | 21.12.0.0 | |
| oracle | primavera_unifier | 18.8 | |
| oracle | primavera_unifier | 19.12 | |
| oracle | primavera_unifier | 20.12 | |
| oracle | primavera_unifier | 21.12 | |
| oracle | product_lifecycle_analytics | 3.6.1 | |
| oracle | retail_order_broker | 18.0 | |
| oracle | retail_order_broker | 19.1 | |
| oracle | retail_xstore_point_of_service | 17.0.4 | |
| oracle | retail_xstore_point_of_service | 18.0.3 | |
| oracle | retail_xstore_point_of_service | 19.0.2 | |
| oracle | retail_xstore_point_of_service | 20.0.1 | |
| oracle | retail_xstore_point_of_service | 21.0.1 | |
| oracle | siebel_ui_framework | * | |
| oracle | weblogic_server | 12.2.1.3.0 | |
| oracle | weblogic_server | 12.2.1.4.0 | |
| oracle | weblogic_server | 14.1.1.0.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:apache:log4j:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E5737813-009A-4FDD-AC84-42E871EA1676",
"versionEndExcluding": "2.3.2",
"versionStartIncluding": "2.0.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:log4j:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0D1858C4-53AC-4528-B86F-0AB83777B4F4",
"versionEndExcluding": "2.12.4",
"versionStartIncluding": "2.4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:log4j:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D127EBB0-E86F-4349-96E5-19BD198E0CCA",
"versionEndExcluding": "2.17.1",
"versionStartIncluding": "2.13.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:log4j:2.0:-:*:*:*:*:*:*",
"matchCriteriaId": "17854E42-7063-4A55-BF2A-4C7074CC2D60",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:log4j:2.0:beta7:*:*:*:*:*:*",
"matchCriteriaId": "F9D58C21-34AE-4782-8580-816B2F6A8F9D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:log4j:2.0:beta8:*:*:*:*:*:*",
"matchCriteriaId": "DCFCBA59-E0DF-46FD-8431-C1043E7AB4EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:log4j:2.0:beta9:*:*:*:*:*:*",
"matchCriteriaId": "53F32FB2-6970-4975-8BD0-EAE12E9AD03A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:log4j:2.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "B773ED91-1D39-42E6-9C52-D02210DE1A94",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:log4j:2.0:rc2:*:*:*:*:*:*",
"matchCriteriaId": "EF24312D-1A62-482E-8078-7EC24758B710",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:communications_diameter_signaling_router:*:*:*:*:*:*:*:*",
"matchCriteriaId": "83F42D52-1E43-44E0-8B53-A2A918BDDEC3",
"versionEndIncluding": "8.5.1.0",
"versionStartIncluding": "8.0.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:communications_interactive_session_recorder:6.3:*:*:*:*:*:*:*",
"matchCriteriaId": "46E23F2E-6733-45AF-9BD9-1A600BD278C8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:communications_interactive_session_recorder:6.4:*:*:*:*:*:*:*",
"matchCriteriaId": "E812639B-EE28-4C68-9F6F-70C8BF981C86",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:primavera_gateway:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8B1C88FD-C2EC-4C96-AC7E-6F95C8763B48",
"versionEndIncluding": "17.12.11",
"versionStartIncluding": "17.12.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:primavera_gateway:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A621A5AE-6974-4BA5-B1AC-7130A46F68F5",
"versionEndIncluding": "18.8.13",
"versionStartIncluding": "18.8.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:primavera_gateway:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4096281D-2EBA-490D-8180-3C9D05EB890A",
"versionEndIncluding": "19.12.12",
"versionStartIncluding": "19.12.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:primavera_gateway:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E6B70E72-B9FC-4E49-8EDD-29C7E14F5792",
"versionEndIncluding": "20.12.7",
"versionStartIncluding": "20.12.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:primavera_gateway:21.12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "15F45363-236B-4040-8AE4-C6C0E204EDBA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:primavera_p6_enterprise_project_portfolio_management:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A66F0C7C-4310-489F-8E91-4171D17DB32F",
"versionEndIncluding": "19.12.18.0",
"versionStartIncluding": "19.12.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:primavera_p6_enterprise_project_portfolio_management:*:*:*:*:*:*:*:*",
"matchCriteriaId": "651104CE-0569-4E6D-ACAB-AD2AC85084DD",
"versionEndIncluding": "20.12.12.0",
"versionStartIncluding": "20.12.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:primavera_p6_enterprise_project_portfolio_management:21.12.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "45D89239-9142-46BD-846D-76A5A74A67B1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:primavera_unifier:18.8:*:*:*:*:*:*:*",
"matchCriteriaId": "202AD518-2E9B-4062-B063-9858AE1F9CE2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:primavera_unifier:19.12:*:*:*:*:*:*:*",
"matchCriteriaId": "10864586-270E-4ACF-BDCC-ECFCD299305F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:primavera_unifier:20.12:*:*:*:*:*:*:*",
"matchCriteriaId": "38340E3C-C452-4370-86D4-355B6B4E0A06",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:primavera_unifier:21.12:*:*:*:*:*:*:*",
"matchCriteriaId": "E9C55C69-E22E-4B80-9371-5CD821D79FE2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:retail_assortment_planning:16.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "48C9BD8E-7214-4B44-B549-6F11B3EA8A04",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:retail_fiscal_management:14.2:*:*:*:*:*:*:*",
"matchCriteriaId": "A5F6FD19-A314-4A1F-96CB-6DB1CED79430",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:siebel_ui_framework:21.12:*:*:*:*:*:*:*",
"matchCriteriaId": "8D62731F-3290-4383-A4F6-5274B4D63B1D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:weblogic_server:12.2.1.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F14A818F-AA16-4438-A3E4-E64C9287AC66",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:weblogic_server:12.2.1.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4A5BB153-68E0-4DDA-87D1-0D9AB7F0A418",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:weblogic_server:14.1.1.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "04BCDC24-4A21-473C-8733-0D9CFB38A752",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:cloudcenter:4.10.0.16:*:*:*:*:*:*:*",
"matchCriteriaId": "66AB39B2-0CE1-4C7E-9E7B-B288A080D584",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*",
"matchCriteriaId": "A930E247-0B43-43CB-98FF-6CE7B8189835",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*",
"matchCriteriaId": "80E516C0-98A4-4ADE-B69F-66A772E2BAAA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DEECE5FC-CACF-4496-A3E7-164736409252",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:communications_brm_-_elastic_charging_engine:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6894D860-000E-439D-8AB7-07E9B2ACC31B",
"versionEndExcluding": "12.0.0.4.6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:communications_brm_-_elastic_charging_engine:12.0.0.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FD66C717-85E0-40E7-A51F-549C8196D557",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:communications_diameter_signaling_router:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F9550113-7423-48D8-A1C7-95D6AEE9B33C",
"versionEndIncluding": "8.5.1.0",
"versionStartIncluding": "8.3.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:communications_interactive_session_recorder:6.3:*:*:*:*:*:*:*",
"matchCriteriaId": "46E23F2E-6733-45AF-9BD9-1A600BD278C8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:communications_interactive_session_recorder:6.4:*:*:*:*:*:*:*",
"matchCriteriaId": "E812639B-EE28-4C68-9F6F-70C8BF981C86",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:communications_offline_mediation_controller:*:*:*:*:*:*:*:*",
"matchCriteriaId": "61A2E42A-4EF2-437D-A0EC-4A6A4F1EBD11",
"versionEndExcluding": "12.0.0.4.4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:communications_offline_mediation_controller:12.0.0.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5933FEA2-B79E-4EE7-B821-54D676B45734",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:flexcube_private_banking:12.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1B74B912-152D-4F38-9FC1-741D6D0B27FC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:health_sciences_data_management_workbench:2.5.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E6C9A32B-B776-4704-818D-977B4B20D677",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:health_sciences_data_management_workbench:3.0.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6989178B-A3D5-4441-A56C-6C639D4759DF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:health_sciences_data_management_workbench:3.1.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "F5049591-AA1B-4D64-A925-40D0724074D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:policy_automation:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F47057A9-2DDE-4178-B140-F7D70EAED8F6",
"versionEndIncluding": "12.2.24",
"versionStartIncluding": "12.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:policy_automation_for_mobile_devices:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9132D7F2-43B3-4595-B8BF-C9DE897087F6",
"versionEndIncluding": "12.2.24",
"versionStartIncluding": "12.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:primavera_gateway:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8B1C88FD-C2EC-4C96-AC7E-6F95C8763B48",
"versionEndIncluding": "17.12.11",
"versionStartIncluding": "17.12.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:primavera_gateway:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A621A5AE-6974-4BA5-B1AC-7130A46F68F5",
"versionEndIncluding": "18.8.13",
"versionStartIncluding": "18.8.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:primavera_gateway:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4096281D-2EBA-490D-8180-3C9D05EB890A",
"versionEndIncluding": "19.12.12",
"versionStartIncluding": "19.12.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:primavera_gateway:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E6B70E72-B9FC-4E49-8EDD-29C7E14F5792",
"versionEndIncluding": "20.12.7",
"versionStartIncluding": "20.12.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:primavera_gateway:21.12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "15F45363-236B-4040-8AE4-C6C0E204EDBA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:primavera_p6_enterprise_project_portfolio_management:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AD0DEC50-F4CD-4ACA-A118-D4F0D4F4C981",
"versionEndIncluding": "19.12.18.0",
"versionStartIncluding": "19.12.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:primavera_p6_enterprise_project_portfolio_management:*:*:*:*:*:*:*:*",
"matchCriteriaId": "651104CE-0569-4E6D-ACAB-AD2AC85084DD",
"versionEndIncluding": "20.12.12.0",
"versionStartIncluding": "20.12.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:primavera_p6_enterprise_project_portfolio_management:21.12.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "45D89239-9142-46BD-846D-76A5A74A67B1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:primavera_unifier:18.8:*:*:*:*:*:*:*",
"matchCriteriaId": "202AD518-2E9B-4062-B063-9858AE1F9CE2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:primavera_unifier:19.12:*:*:*:*:*:*:*",
"matchCriteriaId": "10864586-270E-4ACF-BDCC-ECFCD299305F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:primavera_unifier:20.12:*:*:*:*:*:*:*",
"matchCriteriaId": "38340E3C-C452-4370-86D4-355B6B4E0A06",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:primavera_unifier:21.12:*:*:*:*:*:*:*",
"matchCriteriaId": "E9C55C69-E22E-4B80-9371-5CD821D79FE2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:product_lifecycle_analytics:3.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7F978162-CB2C-4166-947A-9048C6E878BC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:retail_order_broker:18.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0783F0D1-8FAC-4BCA-A6F5-C5C60E86D56D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:retail_order_broker:19.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C7BD0D41-1BED-4C4F-95C8-8987C98908DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:retail_xstore_point_of_service:17.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "DEC41EB8-73B4-4BDF-9321-F34EC0BAF9E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:retail_xstore_point_of_service:18.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "48EFC111-B01B-4C34-87E4-D6B2C40C0122",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:retail_xstore_point_of_service:19.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "073FEA23-E46A-4C73-9D29-95CFF4F5A59D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:retail_xstore_point_of_service:20.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A69FB468-EAF3-4E67-95E7-DF92C281C1F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:retail_xstore_point_of_service:21.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0ABA57AC-4BBF-4E4F-9F7E-D42472C36EEB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:siebel_ui_framework:*:*:*:*:*:*:*:*",
"matchCriteriaId": "889916ED-5EB2-49D6-8400-E6DBBD6C287F",
"versionEndIncluding": "21.12",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:weblogic_server:12.2.1.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F14A818F-AA16-4438-A3E4-E64C9287AC66",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:weblogic_server:12.2.1.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4A5BB153-68E0-4DDA-87D1-0D9AB7F0A418",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:weblogic_server:14.1.1.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "04BCDC24-4A21-473C-8733-0D9CFB38A752",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Apache Log4j2 versions 2.0-beta7 through 2.17.0 (excluding security fix releases 2.3.2 and 2.12.4) are vulnerable to a remote code execution (RCE) attack when a configuration uses a JDBC Appender with a JNDI LDAP data source URI when an attacker has control of the target LDAP server. This issue is fixed by limiting JNDI data source names to the java protocol in Log4j2 versions 2.17.1, 2.12.4, and 2.3.2."
},
{
"lang": "es",
"value": "Las versiones de Apache Log4j2 de la 2.0-beta7 a la 2.17.0 (excluyendo las versiones de correcci\u00f3n de seguridad 2.3.2 y 2.12.4) son vulnerables a un ataque de ejecuci\u00f3n remota de c\u00f3digo (RCE) cuando una configuraci\u00f3n utiliza un JDBC Appender con un URI de origen de datos JNDI LDAP cuando un atacante tiene el control del servidor LDAP de destino. Este problema se soluciona limitando los nombres de fuentes de datos JNDI al protocolo java en las versiones 2.17.1, 2.12.4 y 2.3.2 de Log4j2"
}
],
"id": "CVE-2021-44832",
"lastModified": "2024-11-21T06:31:34.783",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "COMPLETE",
"baseScore": 8.5,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 6.8,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.7,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-12-28T20:15:08.400",
"references": [
{
"source": "security@apache.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2021/12/28/1"
},
{
"source": "security@apache.org",
"tags": [
"Third Party Advisory"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-784507.pdf"
},
{
"source": "security@apache.org",
"tags": [
"Issue Tracking",
"Patch",
"Vendor Advisory"
],
"url": "https://issues.apache.org/jira/browse/LOG4J2-3293"
},
{
"source": "security@apache.org",
"tags": [
"Mailing List",
"Vendor Advisory"
],
"url": "https://lists.apache.org/thread/s1o5vlo78ypqxnzn6p8zf6t9shtq5143"
},
{
"source": "security@apache.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2021/12/msg00036.html"
},
{
"source": "security@apache.org",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EVV25FXL4FU5X6X5BSL7RLQ7T6F65MRA/"
},
{
"source": "security@apache.org",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/T57MPJUW3MA6QGWZRTMCHHMMPQNVKGFC/"
},
{
"source": "security@apache.org",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20220104-0001/"
},
{
"source": "security@apache.org",
"tags": [
"Third Party Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd"
},
{
"source": "security@apache.org",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
},
{
"source": "security@apache.org",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://www.oracle.com/security-alerts/cpujan2022.html"
},
{
"source": "security@apache.org",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://www.oracle.com/security-alerts/cpujul2022.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2021/12/28/1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-784507.pdf"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Patch",
"Vendor Advisory"
],
"url": "https://issues.apache.org/jira/browse/LOG4J2-3293"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Vendor Advisory"
],
"url": "https://lists.apache.org/thread/s1o5vlo78ypqxnzn6p8zf6t9shtq5143"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2021/12/msg00036.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EVV25FXL4FU5X6X5BSL7RLQ7T6F65MRA/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/T57MPJUW3MA6QGWZRTMCHHMMPQNVKGFC/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20220104-0001/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://www.oracle.com/security-alerts/cpujan2022.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://www.oracle.com/security-alerts/cpujul2022.html"
}
],
"sourceIdentifier": "security@apache.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
},
{
"lang": "en",
"value": "CWE-74"
}
],
"source": "security@apache.org",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
SSA-784507
Vulnerability from csaf_siemens - Published: 2021-12-28 00:00 - Updated: 2021-12-28 00:00Summary
SSA-784507: Apache Log4j Vulnerability (CVE-2021-44832) via JDBC Appender - Impact to Siemens Products
Notes
Summary
Apache Log4j2 versions 2.0-beta7 through 2.17.0 (excluding security fix releases 2.3.2 and 2.12.4) contain a vulnerability (CVE-2021-44832) that could allow an attacker with permission to modify the logging configuration file to execute arbitrary code, when the JDBC Appender is used [1].
This advisory informs about the impact of CVE-2021-44832 to Siemens products and the corresponding remediation and mitigation measures. The vulnerability is different from other JNDI lookup vulnerabilities, the impact of which is documented in SSA-661247 [2].
Currently, no products vulnerable to CVE-2021-44832 have been identified.
Siemens is investigating to determine which products are affected and is continuously updating this advisory as more information becomes available. See section Additional Information for more details regarding the investigation status.
[1] https://logging.apache.org/log4j/2.x/security.html
[2] https://cert-portal.siemens.com/productcert/pdf/ssa-661247.pdf
General Recommendations
As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens' operational guidelines for Industrial Security (Download: https://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.
Additional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity
Additional Resources
For further inquiries on security vulnerabilities in Siemens products and solutions, please contact the Siemens ProductCERT: https://www.siemens.com/cert/advisories
Terms of Use
Siemens Security Advisories are subject to the terms and conditions contained in Siemens' underlying license terms or other applicable agreements previously agreed to with Siemens (hereinafter "License Terms"). To the extent applicable to information, software or documentation made available in or through a Siemens Security Advisory, the Terms of Use of Siemens' Global Website (https://www.siemens.com/terms_of_use, hereinafter "Terms of Use"), in particular Sections 8-10 of the Terms of Use, shall apply additionally. In case of conflicts, the License Terms shall prevail over the Terms of Use.
{
"document": {
"category": "Siemens Security Advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Disclosure is not limited.",
"tlp": {
"label": "WHITE"
}
},
"notes": [
{
"category": "summary",
"text": "Apache Log4j2 versions 2.0-beta7 through 2.17.0 (excluding security fix releases 2.3.2 and 2.12.4) contain a vulnerability (CVE-2021-44832) that could allow an attacker with permission to modify the logging configuration file to execute arbitrary code, when the JDBC Appender is used [1].\n\nThis advisory informs about the impact of CVE-2021-44832 to Siemens products and the corresponding remediation and mitigation measures. The vulnerability is different from other JNDI lookup vulnerabilities, the impact of which is documented in SSA-661247 [2].\n\nCurrently, no products vulnerable to CVE-2021-44832 have been identified.\n\nSiemens is investigating to determine which products are affected and is continuously updating this advisory as more information becomes available. See section Additional Information for more details regarding the investigation status.\n\n[1] https://logging.apache.org/log4j/2.x/security.html\n\n[2] https://cert-portal.siemens.com/productcert/pdf/ssa-661247.pdf",
"title": "Summary"
},
{
"category": "general",
"text": "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens\u0027 operational guidelines for Industrial Security (Download: https://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\n\nAdditional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity",
"title": "General Recommendations"
},
{
"category": "general",
"text": "For further inquiries on security vulnerabilities in Siemens products and solutions, please contact the Siemens ProductCERT: https://www.siemens.com/cert/advisories",
"title": "Additional Resources"
},
{
"category": "legal_disclaimer",
"text": "Siemens Security Advisories are subject to the terms and conditions contained in Siemens\u0027 underlying license terms or other applicable agreements previously agreed to with Siemens (hereinafter \"License Terms\"). To the extent applicable to information, software or documentation made available in or through a Siemens Security Advisory, the Terms of Use of Siemens\u0027 Global Website (https://www.siemens.com/terms_of_use, hereinafter \"Terms of Use\"), in particular Sections 8-10 of the Terms of Use, shall apply additionally. In case of conflicts, the License Terms shall prevail over the Terms of Use.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "productcert@siemens.com",
"name": "Siemens ProductCERT",
"namespace": "https://www.siemens.com"
},
"references": [
{
"category": "self",
"summary": "SSA-784507: Apache Log4j Vulnerability (CVE-2021-44832) via JDBC Appender - Impact to Siemens Products - PDF Version",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-784507.pdf"
},
{
"category": "self",
"summary": "SSA-784507: Apache Log4j Vulnerability (CVE-2021-44832) via JDBC Appender - Impact to Siemens Products - TXT Version",
"url": "https://cert-portal.siemens.com/productcert/txt/ssa-784507.txt"
},
{
"category": "self",
"summary": "SSA-784507: Apache Log4j Vulnerability (CVE-2021-44832) via JDBC Appender - Impact to Siemens Products - CSAF Version",
"url": "https://cert-portal.siemens.com/productcert/csaf/ssa-784507.json"
}
],
"title": "SSA-784507: Apache Log4j Vulnerability (CVE-2021-44832) via JDBC Appender - Impact to Siemens Products",
"tracking": {
"current_release_date": "2021-12-28T00:00:00Z",
"generator": {
"engine": {
"name": "Siemens ProductCERT CSAF Generator",
"version": "1"
}
},
"id": "SSA-784507",
"initial_release_date": "2021-12-28T00:00:00Z",
"revision_history": [
{
"date": "2021-12-28T00:00:00Z",
"legacy_version": "1.0",
"number": "1",
"summary": "Publication Date"
}
],
"status": "interim",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "No versions",
"product": {
"name": "No product currently identified as affected",
"product_id": "1"
}
}
],
"category": "product_name",
"name": "No product currently identified as affected"
}
],
"category": "vendor",
"name": "Siemens"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-44832",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "Apache Log4j2 versions 2.0-beta7 through 2.17.0 (excluding security fix releases 2.3.2 and 2.12.4) are vulnerable to code execution attacks if the JDBC Appender is being used and configured to allow the use of protocols other than Java.\n\nThis could allow attackers with permission to modify the logging configuration file to execute code via a data source referencing a JNDI URI. This issue is fixed by limiting JNDI data source names to the java protocol in Log4j2 versions 2.17.1, 2.12.4, and 2.3.2.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"references": [
{
"summary": "CVE-2021-44832 Mitre 5.0 json",
"url": "https://cert-portal.siemens.com/productcert/mitre/CVE-2021-44832.json"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "The table will be updated in case vulnerable products become known.",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2021-44832"
}
]
}
GSD-2021-44832
Vulnerability from gsd - Updated: 2023-12-13 01:23Details
Apache Log4j2 versions 2.0-beta7 through 2.17.0 (excluding security fix releases 2.3.2 and 2.12.4) are vulnerable to a remote code execution (RCE) attack when a configuration uses a JDBC Appender with a JNDI LDAP data source URI when an attacker has control of the target LDAP server. This issue is fixed by limiting JNDI data source names to the java protocol in Log4j2 versions 2.17.1, 2.12.4, and 2.3.2.
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2021-44832",
"description": "Apache Log4j2 versions 2.0-beta7 through 2.17.0 (excluding security fix releases 2.3.2 and 2.12.4) are vulnerable to a remote code execution (RCE) attack when a configuration uses a JDBC Appender with a JNDI LDAP data source URI when an attacker has control of the target LDAP server. This issue is fixed by limiting JNDI data source names to the java protocol in Log4j2 versions 2.17.1, 2.12.4, and 2.3.2.",
"id": "GSD-2021-44832",
"references": [
"https://www.suse.com/security/cve/CVE-2021-44832.html",
"https://access.redhat.com/errata/RHSA-2022:0493",
"https://access.redhat.com/errata/RHSA-2022:0485",
"https://access.redhat.com/errata/RHSA-2022:0467",
"https://access.redhat.com/errata/RHSA-2022:0236",
"https://access.redhat.com/errata/RHSA-2022:0230",
"https://access.redhat.com/errata/RHSA-2022:0227",
"https://access.redhat.com/errata/RHSA-2022:0226",
"https://access.redhat.com/errata/RHSA-2022:0225",
"https://access.redhat.com/errata/RHSA-2022:0223",
"https://access.redhat.com/errata/RHSA-2022:0222",
"https://access.redhat.com/errata/RHSA-2022:0216",
"https://access.redhat.com/errata/RHSA-2022:0205",
"https://access.redhat.com/errata/RHSA-2022:0203",
"https://access.redhat.com/errata/RHSA-2022:0181",
"https://access.redhat.com/errata/RHSA-2022:0138",
"https://access.redhat.com/errata/RHSA-2022:0083",
"https://ubuntu.com/security/CVE-2021-44832",
"https://advisories.mageia.org/CVE-2021-44832.html",
"https://access.redhat.com/errata/RHSA-2022:1296",
"https://access.redhat.com/errata/RHSA-2022:1297",
"https://access.redhat.com/errata/RHSA-2022:1299"
]
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2021-44832"
],
"details": "Apache Log4j2 versions 2.0-beta7 through 2.17.0 (excluding security fix releases 2.3.2 and 2.12.4) are vulnerable to a remote code execution (RCE) attack when a configuration uses a JDBC Appender with a JNDI LDAP data source URI when an attacker has control of the target LDAP server. This issue is fixed by limiting JNDI data source names to the java protocol in Log4j2 versions 2.17.1, 2.12.4, and 2.3.2.",
"id": "GSD-2021-44832",
"modified": "2023-12-13T01:23:20.780934Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "security@apache.org",
"ID": "CVE-2021-44832",
"STATE": "PUBLIC",
"TITLE": "Apache Log4j2 vulnerable to RCE via JDBC Appender when attacker controls configuration"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Apache Log4j2",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "log4j-core",
"version_value": "2.17.1"
},
{
"version_affected": "\u003e=",
"version_name": "log4j-core",
"version_value": "2.13.0"
},
{
"version_affected": "\u003c",
"version_name": "log4j-core",
"version_value": "2.12.4"
},
{
"version_affected": "\u003e=",
"version_name": "log4j-core",
"version_value": "2.4"
},
{
"version_affected": "\u003c",
"version_name": "log4j-core",
"version_value": "2.3.2"
},
{
"version_affected": "\u003e=",
"version_name": "log4j-core",
"version_value": "2.0-beta7"
}
]
}
}
]
},
"vendor_name": "Apache Software Foundation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Apache Log4j2 versions 2.0-beta7 through 2.17.0 (excluding security fix releases 2.3.2 and 2.12.4) are vulnerable to a remote code execution (RCE) attack when a configuration uses a JDBC Appender with a JNDI LDAP data source URI when an attacker has control of the target LDAP server. This issue is fixed by limiting JNDI data source names to the java protocol in Log4j2 versions 2.17.1, 2.12.4, and 2.3.2."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": [
{
"other": "moderate"
}
],
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-20 Improper Input Validation"
}
]
},
{
"description": [
{
"lang": "eng",
"value": "CWE-74 Improper Neutralization of Special Elements in Output Used by a Downstream Component (\u0027Injection\u0027)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20211210 Vulnerabilities in Apache Log4j Library Affecting Cisco Products: December 2021",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd"
},
{
"name": "https://lists.apache.org/thread/s1o5vlo78ypqxnzn6p8zf6t9shtq5143",
"refsource": "MISC",
"url": "https://lists.apache.org/thread/s1o5vlo78ypqxnzn6p8zf6t9shtq5143"
},
{
"name": "https://issues.apache.org/jira/browse/LOG4J2-3293",
"refsource": "MISC",
"url": "https://issues.apache.org/jira/browse/LOG4J2-3293"
},
{
"name": "[oss-security] 20211228 CVE-2021-44832: Apache Log4j2 vulnerable to RCE via JDBC Appender when attacker controls configuration",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2021/12/28/1"
},
{
"name": "[debian-lts-announce] 20211229 [SECURITY] [DLA 2870-1] apache-log4j2 security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2021/12/msg00036.html"
},
{
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-784507.pdf",
"refsource": "CONFIRM",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-784507.pdf"
},
{
"name": "FEDORA-2021-c6f471ce0f",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EVV25FXL4FU5X6X5BSL7RLQ7T6F65MRA/"
},
{
"name": "FEDORA-2021-1bd9151bab",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T57MPJUW3MA6QGWZRTMCHHMMPQNVKGFC/"
},
{
"name": "https://www.oracle.com/security-alerts/cpujan2022.html",
"refsource": "MISC",
"url": "https://www.oracle.com/security-alerts/cpujan2022.html"
},
{
"name": "https://security.netapp.com/advisory/ntap-20220104-0001/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20220104-0001/"
},
{
"name": "https://www.oracle.com/security-alerts/cpuapr2022.html",
"refsource": "MISC",
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
},
{
"name": "https://www.oracle.com/security-alerts/cpujul2022.html",
"refsource": "MISC",
"url": "https://www.oracle.com/security-alerts/cpujul2022.html"
}
]
},
"source": {
"defect": [
"LOG4J2-3293",
""
],
"discovery": "UNKNOWN"
},
"timeline": [
{
"lang": "eng",
"time": "2021-12-27",
"value": "reported"
},
{
"lang": "eng",
"time": "2021-12-27",
"value": "patch proposed, 2.17.1-rc1"
},
{
"lang": "eng",
"time": "2021-12-28",
"value": "fixed"
},
{
"lang": "eng",
"time": "2021-12-28",
"value": "public"
}
]
},
"gitlab.com": {
"advisories": [
{
"affected_range": "(,0)",
"affected_versions": "All versions starting from 2.0 before before 2.17.1",
"cvss_v2": "AV:N/AC:M/Au:S/C:P/I:P/A:P",
"cvss_v3": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"cwe_ids": [
"CWE-1035",
"CWE-20",
"CWE-74",
"CWE-78",
"CWE-937"
],
"date": "2022-02-08",
"description": "This advisory has been marked as a false positive.",
"fixed_versions": [],
"identifier": "CVE-2021-44832",
"identifiers": [
"GHSA-8489-44mv-ggj8",
"CVE-2021-44832"
],
"not_impacted": "All versions before 2.0, all versions starting from 2.17.1",
"package_slug": "maven/org.apache.logging.log4j/log4j-api",
"pubdate": "2022-01-04",
"solution": "Upgrade to versions 2.3.2, 2.12.4, 2.17.1 or above.",
"title": "Improper Neutralization of Special Elements in Output Used by a Downstream Component (\u0027Injection\u0027)",
"urls": [
"https://nvd.nist.gov/vuln/detail/CVE-2021-44832",
"https://issues.apache.org/jira/browse/LOG4J2-3293",
"https://lists.apache.org/thread/s1o5vlo78ypqxnzn6p8zf6t9shtq5143",
"https://cert-portal.siemens.com/productcert/pdf/ssa-784507.pdf",
"https://lists.debian.org/debian-lts-announce/2021/12/msg00036.html",
"http://www.openwall.com/lists/oss-security/2021/12/28/1",
"https://www.oracle.com/security-alerts/cpujan2022.html",
"https://github.com/advisories/GHSA-8489-44mv-ggj8"
],
"uuid": "aac29170-dbdc-489f-925a-5bfc54bb0191"
},
{
"affected_range": "[2.0,2.3.2],[2.4,2.12.4),[2.13.0,2.17.1)",
"affected_versions": "All versions starting from 2.0 up to 2.3.2, all versions starting from 2.4 before 2.12.4, all versions starting from 2.13.0 before 2.17.1",
"cvss_v2": "AV:N/AC:M/Au:S/C:C/I:C/A:C",
"cvss_v3": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"cwe_ids": [
"CWE-1035",
"CWE-20",
"CWE-937"
],
"date": "2022-08-09",
"description": "Apache Log4j2 ",
"fixed_versions": [
"2.12.4",
"2.17.1"
],
"identifier": "CVE-2021-44832",
"identifiers": [
"CVE-2021-44832"
],
"not_impacted": "All versions before 2.0, all versions after 2.3.2 before 2.4, all versions starting from 2.12.4 before 2.13.0, all versions starting from 2.17.1",
"package_slug": "maven/org.apache.logging.log4j/log4j-core",
"pubdate": "2021-12-28",
"solution": "Upgrade to versions 2.12.4, 2.17.1 or above.",
"title": "Improper Input Validation",
"urls": [
"https://nvd.nist.gov/vuln/detail/CVE-2021-44832",
"https://lists.apache.org/thread/s1o5vlo78ypqxnzn6p8zf6t9shtq5143",
"https://issues.apache.org/jira/browse/LOG4J2-3293",
"http://www.openwall.com/lists/oss-security/2021/12/28/1",
"https://cert-portal.siemens.com/productcert/pdf/ssa-784507.pdf",
"https://lists.debian.org/debian-lts-announce/2021/12/msg00036.html"
],
"uuid": "be579f59-acaa-442b-ad7b-cf1ddea99b15"
}
]
},
"nvd.nist.gov": {
"configurations": {
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:apache:log4j:2.0:rc1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:log4j:2.0:beta9:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:log4j:2.0:rc2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:log4j:2.0:beta8:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:log4j:2.0:beta7:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:log4j:2.0:-:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:log4j:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "2.17.1",
"versionStartIncluding": "2.13.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:log4j:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "2.12.4",
"versionStartIncluding": "2.4",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:log4j:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "2.3.2",
"versionStartIncluding": "2.0.1",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:oracle:weblogic_server:12.2.1.3.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:primavera_unifier:18.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:weblogic_server:12.2.1.4.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:primavera_unifier:19.12:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:weblogic_server:14.1.1.0.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:primavera_unifier:20.12:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:communications_interactive_session_recorder:6.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:communications_interactive_session_recorder:6.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:primavera_gateway:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "17.12.11",
"versionStartIncluding": "17.12.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:primavera_gateway:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "20.12.7",
"versionStartIncluding": "20.12.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:retail_assortment_planning:16.0.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:primavera_unifier:21.12:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:primavera_p6_enterprise_project_portfolio_management:21.12.0.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:primavera_p6_enterprise_project_portfolio_management:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "20.12.12.0",
"versionStartIncluding": "20.12.0.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:primavera_gateway:21.12.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:primavera_gateway:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "19.12.12",
"versionStartIncluding": "19.12.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:primavera_gateway:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "18.8.13",
"versionStartIncluding": "18.8.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:retail_fiscal_management:14.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:primavera_p6_enterprise_project_portfolio_management:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "19.12.18.0",
"versionStartIncluding": "19.12.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:siebel_ui_framework:21.12:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:communications_diameter_signaling_router:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "8.5.1.0",
"versionStartIncluding": "8.0.0.0",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:cisco:cloudcenter:4.10.0.16:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:oracle:flexcube_private_banking:12.1.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:weblogic_server:12.2.1.3.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:primavera_unifier:18.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:weblogic_server:12.2.1.4.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:primavera_unifier:19.12:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:weblogic_server:14.1.1.0.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:primavera_unifier:20.12:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:retail_order_broker:18.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:communications_interactive_session_recorder:6.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:communications_interactive_session_recorder:6.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:primavera_gateway:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "17.12.11",
"versionStartIncluding": "17.12.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:primavera_gateway:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "20.12.7",
"versionStartIncluding": "20.12.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:primavera_unifier:21.12:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:siebel_ui_framework:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "21.12",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:primavera_p6_enterprise_project_portfolio_management:21.12.0.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:primavera_p6_enterprise_project_portfolio_management:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "20.12.12.0",
"versionStartIncluding": "20.12.0.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:primavera_p6_enterprise_project_portfolio_management:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "19.12.18.0",
"versionStartIncluding": "19.12.0.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:primavera_gateway:21.12.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:primavera_gateway:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "19.12.12",
"versionStartIncluding": "19.12.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:primavera_gateway:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "18.8.13",
"versionStartIncluding": "18.8.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:communications_diameter_signaling_router:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "8.5.1.0",
"versionStartIncluding": "8.3.0.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:retail_xstore_point_of_service:17.0.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:retail_xstore_point_of_service:18.0.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:retail_xstore_point_of_service:19.0.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:retail_xstore_point_of_service:20.0.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:retail_order_broker:19.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:policy_automation:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "12.2.24",
"versionStartIncluding": "12.2.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:product_lifecycle_analytics:3.6.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:retail_xstore_point_of_service:21.0.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:policy_automation_for_mobile_devices:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "12.2.24",
"versionStartIncluding": "12.2.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:health_sciences_data_management_workbench:3.0.0.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:health_sciences_data_management_workbench:3.1.0.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:health_sciences_data_management_workbench:2.5.2.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:communications_brm_-_elastic_charging_engine:12.0.0.5.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:communications_offline_mediation_controller:12.0.0.5.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:communications_offline_mediation_controller:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "12.0.0.4.4",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:communications_brm_-_elastic_charging_engine:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "12.0.0.4.6",
"vulnerable": true
}
],
"operator": "OR"
}
]
},
"cve": {
"CVE_data_meta": {
"ASSIGNER": "security@apache.org",
"ID": "CVE-2021-44832"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "en",
"value": "Apache Log4j2 versions 2.0-beta7 through 2.17.0 (excluding security fix releases 2.3.2 and 2.12.4) are vulnerable to a remote code execution (RCE) attack when a configuration uses a JDBC Appender with a JNDI LDAP data source URI when an attacker has control of the target LDAP server. This issue is fixed by limiting JNDI data source names to the java protocol in Log4j2 versions 2.17.1, 2.12.4, and 2.3.2."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://lists.apache.org/thread/s1o5vlo78ypqxnzn6p8zf6t9shtq5143",
"refsource": "MISC",
"tags": [
"Mailing List",
"Vendor Advisory"
],
"url": "https://lists.apache.org/thread/s1o5vlo78ypqxnzn6p8zf6t9shtq5143"
},
{
"name": "https://issues.apache.org/jira/browse/LOG4J2-3293",
"refsource": "MISC",
"tags": [
"Issue Tracking",
"Patch",
"Vendor Advisory"
],
"url": "https://issues.apache.org/jira/browse/LOG4J2-3293"
},
{
"name": "[oss-security] 20211228 CVE-2021-44832: Apache Log4j2 vulnerable to RCE via JDBC Appender when attacker controls configuration",
"refsource": "MLIST",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2021/12/28/1"
},
{
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-784507.pdf",
"refsource": "CONFIRM",
"tags": [
"Third Party Advisory"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-784507.pdf"
},
{
"name": "[debian-lts-announce] 20211229 [SECURITY] [DLA 2870-1] apache-log4j2 security update",
"refsource": "MLIST",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2021/12/msg00036.html"
},
{
"name": "https://security.netapp.com/advisory/ntap-20220104-0001/",
"refsource": "CONFIRM",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20220104-0001/"
},
{
"name": "FEDORA-2021-1bd9151bab",
"refsource": "FEDORA",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T57MPJUW3MA6QGWZRTMCHHMMPQNVKGFC/"
},
{
"name": "FEDORA-2021-c6f471ce0f",
"refsource": "FEDORA",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EVV25FXL4FU5X6X5BSL7RLQ7T6F65MRA/"
},
{
"name": "20211210 Vulnerabilities in Apache Log4j Library Affecting Cisco Products: December 2021",
"refsource": "CISCO",
"tags": [
"Third Party Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd"
},
{
"name": "https://www.oracle.com/security-alerts/cpujan2022.html",
"refsource": "MISC",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://www.oracle.com/security-alerts/cpujan2022.html"
},
{
"name": "https://www.oracle.com/security-alerts/cpuapr2022.html",
"refsource": "MISC",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
},
{
"name": "N/A",
"refsource": "N/A",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://www.oracle.com/security-alerts/cpujul2022.html"
}
]
}
},
"impact": {
"baseMetricV2": {
"acInsufInfo": false,
"cvssV2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "COMPLETE",
"baseScore": 8.5,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 6.8,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"userInteractionRequired": false
},
"baseMetricV3": {
"cvssV3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.7,
"impactScore": 5.9
}
},
"lastModifiedDate": "2022-08-09T01:24Z",
"publishedDate": "2021-12-28T20:15Z"
}
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…