Action not permitted
Modal body text goes here.
Modal Title
Modal Body
cve-2022-23539
Vulnerability from cvelistv5
Vendor | Product | Version | |
---|---|---|---|
▼ | auth0 | node-jsonwebtoken |
Version: <= 8.5.1 |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T03:43:46.551Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "https://github.com/auth0/node-jsonwebtoken/security/advisories/GHSA-8cf7-32gw-wr33", "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://github.com/auth0/node-jsonwebtoken/security/advisories/GHSA-8cf7-32gw-wr33" }, { "name": "https://github.com/auth0/node-jsonwebtoken/commit/e1fa9dcc12054a8681db4e6373da1b30cf7016e3", "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://github.com/auth0/node-jsonwebtoken/commit/e1fa9dcc12054a8681db4e6373da1b30cf7016e3" }, { "tags": [ "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20240621-0007/" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "node-jsonwebtoken", "vendor": "auth0", "versions": [ { "status": "affected", "version": "\u003c= 8.5.1" } ] } ], "descriptions": [ { "lang": "en", "value": "Versions `\u003c=8.5.1` of `jsonwebtoken` library could be misconfigured so that legacy, insecure key types are used for signature verification. For example, DSA keys could be used with the RS256 algorithm. You are affected if you are using an algorithm and a key type other than a combination listed in the GitHub Security Advisory as unaffected. This issue has been fixed, please update to version 9.0.0. This version validates for asymmetric key type and algorithm combinations. Please refer to the above mentioned algorithm / key type combinations for the valid secure configuration. After updating to version 9.0.0, if you still intend to continue with signing or verifying tokens using invalid key type/algorithm value combinations, you\u2019ll need to set the `allowInvalidAsymmetricKeyTypes` option to `true` in the `sign()` and/or `verify()` functions." } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.9, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:H/A:N", "version": "3.1" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-327", "description": "CWE-327: Use of a Broken or Risky Cryptographic Algorithm", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2022-12-22T23:20:47.855Z", "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M" }, "references": [ { "name": "https://github.com/auth0/node-jsonwebtoken/security/advisories/GHSA-8cf7-32gw-wr33", "tags": [ "x_refsource_CONFIRM" ], "url": "https://github.com/auth0/node-jsonwebtoken/security/advisories/GHSA-8cf7-32gw-wr33" }, { "name": "https://github.com/auth0/node-jsonwebtoken/commit/e1fa9dcc12054a8681db4e6373da1b30cf7016e3", "tags": [ "x_refsource_MISC" ], "url": "https://github.com/auth0/node-jsonwebtoken/commit/e1fa9dcc12054a8681db4e6373da1b30cf7016e3" }, { "url": "https://security.netapp.com/advisory/ntap-20240621-0007/" } ], "source": { "advisory": "GHSA-8cf7-32gw-wr33", "discovery": "UNKNOWN" }, "title": "jsonwebtoken unrestricted key type could lead to legacy keys usage " } }, "cveMetadata": { "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "assignerShortName": "GitHub_M", "cveId": "CVE-2022-23539", "datePublished": "2022-12-22T23:20:47.855Z", "dateReserved": "2022-01-19T21:23:53.795Z", "dateUpdated": "2024-08-03T03:43:46.551Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1", "vulnerability-lookup:meta": { "nvd": "{\"cve\":{\"id\":\"CVE-2022-23539\",\"sourceIdentifier\":\"security-advisories@github.com\",\"published\":\"2022-12-23T00:15:12.347\",\"lastModified\":\"2024-11-21T06:48:46.303\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Versions `\u003c=8.5.1` of `jsonwebtoken` library could be misconfigured so that legacy, insecure key types are used for signature verification. For example, DSA keys could be used with the RS256 algorithm. You are affected if you are using an algorithm and a key type other than a combination listed in the GitHub Security Advisory as unaffected. This issue has been fixed, please update to version 9.0.0. This version validates for asymmetric key type and algorithm combinations. Please refer to the above mentioned algorithm / key type combinations for the valid secure configuration. After updating to version 9.0.0, if you still intend to continue with signing or verifying tokens using invalid key type/algorithm value combinations, you\u2019ll need to set the `allowInvalidAsymmetricKeyTypes` option to `true` in the `sign()` and/or `verify()` functions.\"},{\"lang\":\"es\",\"value\":\"Las versiones `\u0026lt;=8.5.1` de la librer\u00eda `jsonwebtoken` podr\u00edan estar mal configuradas para que se utilicen tipos de claves heredadas e inseguras para la verificaci\u00f3n de firmas. Por ejemplo, las claves DSA podr\u00edan usarse con el algoritmo RS256. Usted se ver\u00e1 afectado si utiliza un algoritmo y un tipo de clave que no sea una combinaci\u00f3n que figura en GitHub Security Advisory como no afectada. Este problema se ha solucionado; actualice a la versi\u00f3n 9.0.0. Esta versi\u00f3n valida para combinaciones de algoritmos y tipos de claves asim\u00e9tricas. Consulte las combinaciones de algorithm / key type mencionadas anteriormente para conocer la configuraci\u00f3n segura v\u00e1lida. Despu\u00e9s de actualizar a la versi\u00f3n 9.0.0, si a\u00fan tiene la intenci\u00f3n de continuar firmando o verificando tokens utilizando combinaciones de key type/algorithm no v\u00e1lidas, deber\u00e1 configurar la opci\u00f3n `allowInvalidAmetricKeyTypes` en `true` en `sign()`. y/o funciones `verify()`.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"security-advisories@github.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:H/A:N\",\"baseScore\":5.9,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"HIGH\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"LOW\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":1.6,\"impactScore\":4.2},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N\",\"baseScore\":8.1,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":2.8,\"impactScore\":5.2}]},\"weaknesses\":[{\"source\":\"security-advisories@github.com\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-327\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:auth0:jsonwebtoken:*:*:*:*:*:node.js:*:*\",\"versionEndIncluding\":\"8.5.1\",\"matchCriteriaId\":\"7E5DD3C1-F5DD-4BFD-BCA3-561BC167CB35\"}]}]}],\"references\":[{\"url\":\"https://github.com/auth0/node-jsonwebtoken/commit/e1fa9dcc12054a8681db4e6373da1b30cf7016e3\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/auth0/node-jsonwebtoken/security/advisories/GHSA-8cf7-32gw-wr33\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://security.netapp.com/advisory/ntap-20240621-0007/\",\"source\":\"security-advisories@github.com\"},{\"url\":\"https://github.com/auth0/node-jsonwebtoken/commit/e1fa9dcc12054a8681db4e6373da1b30cf7016e3\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/auth0/node-jsonwebtoken/security/advisories/GHSA-8cf7-32gw-wr33\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://security.netapp.com/advisory/ntap-20240621-0007/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}" } }
WID-SEC-W-2023-0218
Vulnerability from csaf_certbund
Notes
{ "document": { "aggregate_severity": { "text": "mittel" }, "category": "csaf_base", "csaf_version": "2.0", "distribution": { "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "de-DE", "notes": [ { "category": "legal_disclaimer", "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen." }, { "category": "description", "text": "IBM Integration Bus ist ein \"lightweight\" ESB, welche die Integration von SOAP oder non-SOAP Datenquellen von verschiedenen Plattformen erm\u00f6glicht.", "title": "Produktbeschreibung" }, { "category": "summary", "text": "Ein entfernter, authentisierter Angreifer kann mehrere Schwachstellen in IBM Integration Bus ausnutzen, um beliebigen Programmcode auszuf\u00fchren oder Sicherheitsvorkehrungen zu umgehen.", "title": "Angriff" }, { "category": "general", "text": "- UNIX\n- Linux\n- Windows\n- Sonstiges", "title": "Betroffene Betriebssysteme" } ], "publisher": { "category": "other", "contact_details": "csaf-provider@cert-bund.de", "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik", "namespace": "https://www.bsi.bund.de" }, "references": [ { "category": "self", "summary": "WID-SEC-W-2023-0218 - CSAF Version", "url": "https://wid.cert-bund.de/.well-known/csaf/white/2023/wid-sec-w-2023-0218.json" }, { "category": "self", "summary": "WID-SEC-2023-0218 - Portal Version", "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-0218" }, { "category": "external", "summary": "IBM Security Bulletin vom 2023-01-29", "url": "https://www.ibm.com/support/pages/node/6890605" } ], "source_lang": "en-US", "title": "IBM Integration Bus: Mehrere Schwachstellen", "tracking": { "current_release_date": "2023-01-29T23:00:00.000+00:00", "generator": { "date": "2024-02-15T17:12:06.600+00:00", "engine": { "name": "BSI-WID", "version": "1.3.0" } }, "id": "WID-SEC-W-2023-0218", "initial_release_date": "2023-01-29T23:00:00.000+00:00", "revision_history": [ { "date": "2023-01-29T23:00:00.000+00:00", "number": "1", "summary": "Initiale Fassung" } ], "status": "final", "version": "1" } }, "product_tree": { "branches": [ { "branches": [ { "category": "product_name", "name": "IBM Integration Bus \t10.0.0.0 - 10.0.0.26", "product": { "name": "IBM Integration Bus \t10.0.0.0 - 10.0.0.26", "product_id": "T023793", "product_identification_helper": { "cpe": "cpe:/a:ibm:integration_bus:10.0.0.0_-_10.0.0.26" } } } ], "category": "vendor", "name": "IBM" } ] }, "vulnerabilities": [ { "cve": "CVE-2022-23541", "notes": [ { "category": "description", "text": "Es existiert eine Schwachstelle in IBM Integration Bus. Diese besteht in \"Auth0 jsonwebtoken\" aufgrund einer unsicheren Implementierung der Schl\u00fcsselabfragefunktion. Ein authentisierter Angreifer kann diese Schwachstelle ausnutzen, um Sicherheitsvorkehrungen zu umgehen." } ], "product_status": { "known_affected": [ "T023793" ] }, "release_date": "2023-01-29T23:00:00Z", "title": "CVE-2022-23541" }, { "cve": "CVE-2022-23540", "notes": [ { "category": "description", "text": "Es existiert eine Schwachstelle in IBM Integration Bus, aufgund eines unsicheren Standardalgorithmus in der Funktion \"jwt.verify()\" in \"Auth0 jsonwebtoken\". Ein authentisierter Angreifer kann das ausnutzen, um Sicherheitsvorkehrungen zu umgehen." } ], "product_status": { "known_affected": [ "T023793" ] }, "release_date": "2023-01-29T23:00:00Z", "title": "CVE-2022-23540" }, { "cve": "CVE-2022-23539", "notes": [ { "category": "description", "text": "Es existiert eine Schwachstelle in IBM Integration Bus. Durch einen nicht sachgem\u00e4\u00df eingeschr\u00e4nkten Schl\u00fcsseltyp in \"Auth0 jsonwebtoken\" kann die Verwendung von Legacy-Schl\u00fcsseln zu erm\u00f6glicht werden. Ein authentisierter Angreifer kann diese Schwachstelle ausnutzen, um Sicherheitsvorkehrungen zu umgehen." } ], "product_status": { "known_affected": [ "T023793" ] }, "release_date": "2023-01-29T23:00:00Z", "title": "CVE-2022-23539" }, { "cve": "CVE-2022-23529", "notes": [ { "category": "description", "text": "Es existiert eine Schwachstelle in IBM Integration Bus. Durch die \"jwt.verify\" Funktion in \"Auth0 jsonwebtoken\" werden Eingaben nur ungen\u00fcgend \u00fcberpr\u00fcft. Ein authentisierter Angreifer kann diese Schwachstelle ausnutzen, um beliebigen Code auf dem System auszuf\u00fchren." } ], "product_status": { "known_affected": [ "T023793" ] }, "release_date": "2023-01-29T23:00:00Z", "title": "CVE-2022-23529" } ] }
wid-sec-w-2023-1208
Vulnerability from csaf_certbund
Notes
{ "document": { "aggregate_severity": { "text": "mittel" }, "category": "csaf_base", "csaf_version": "2.0", "distribution": { "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "de-DE", "notes": [ { "category": "legal_disclaimer", "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen." }, { "category": "description", "text": "BigFix ist eine L\u00f6sung zum Erkennen und Verwalten von physischen und virtuellen Endpunkten.", "title": "Produktbeschreibung" }, { "category": "summary", "text": "Ein entfernter, anonymer oder authentisierter Angreifer kann mehrere Schwachstellen in HCL BigFix ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren oder Sicherheitsvorkehrungen zu umgehen.", "title": "Angriff" }, { "category": "general", "text": "- UNIX\n- Linux\n- Windows", "title": "Betroffene Betriebssysteme" } ], "publisher": { "category": "other", "contact_details": "csaf-provider@cert-bund.de", "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik", "namespace": "https://www.bsi.bund.de" }, "references": [ { "category": "self", "summary": "WID-SEC-W-2023-1208 - CSAF Version", "url": "https://wid.cert-bund.de/.well-known/csaf/white/2023/wid-sec-w-2023-1208.json" }, { "category": "self", "summary": "WID-SEC-2023-1208 - Portal Version", "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-1208" }, { "category": "external", "summary": "Fedora Security Advisory FEDORA-2023-035866B576 vom 2023-10-05", "url": "https://bodhi.fedoraproject.org/updates/FEDORA-2023-035866b576" }, { "category": "external", "summary": "IBM Security Bulletin 7030667 vom 2023-09-05", "url": "https://www.ibm.com/support/pages/node/7030667" }, { "category": "external", "summary": "IBM Security Bulletin 7023212 vom 2023-08-09", "url": "https://www.ibm.com/support/pages/node/7023212" }, { "category": "external", "summary": "HCL Security Advisory vom 2023-05-14", "url": "https://support.hcltechsw.com/csm?id=kb_article\u0026sysparm_article=KB0104732" } ], "source_lang": "en-US", "title": "HCL BigFix: Mehrere Schwachstellen", "tracking": { "current_release_date": "2023-10-05T22:00:00.000+00:00", "generator": { "date": "2024-02-15T17:27:34.189+00:00", "engine": { "name": "BSI-WID", "version": "1.3.0" } }, "id": "WID-SEC-W-2023-1208", "initial_release_date": "2023-05-14T22:00:00.000+00:00", "revision_history": [ { "date": "2023-05-14T22:00:00.000+00:00", "number": "1", "summary": "Initiale Fassung" }, { "date": "2023-08-09T22:00:00.000+00:00", "number": "2", "summary": "Neue Updates von IBM aufgenommen" }, { "date": "2023-09-05T22:00:00.000+00:00", "number": "3", "summary": "Neue Updates von IBM aufgenommen" }, { "date": "2023-10-05T22:00:00.000+00:00", "number": "4", "summary": "Neue Updates von Fedora aufgenommen" } ], "status": "final", "version": "4" } }, "product_tree": { "branches": [ { "branches": [ { "category": "product_name", "name": "Fedora Linux", "product": { "name": "Fedora Linux", "product_id": "74185", "product_identification_helper": { "cpe": "cpe:/o:fedoraproject:fedora:-" } } } ], "category": "vendor", "name": "Fedora" }, { "branches": [ { "category": "product_name", "name": "HCL BigFix", "product": { "name": "HCL BigFix", "product_id": "T027730", "product_identification_helper": { "cpe": "cpe:/a:hcltech:bigfix:-" } } } ], "category": "vendor", "name": "HCL" }, { "branches": [ { "branches": [ { "category": "product_name", "name": "IBM MQ 9.1", "product": { "name": "IBM MQ 9.1", "product_id": "T014765", "product_identification_helper": { "cpe": "cpe:/a:ibm:mq:9.1" } } }, { "category": "product_name", "name": "IBM MQ 9.0", "product": { "name": "IBM MQ 9.0", "product_id": "T014766", "product_identification_helper": { "cpe": "cpe:/a:ibm:mq:9.0" } } }, { "category": "product_name", "name": "IBM MQ 9.2", "product": { "name": "IBM MQ 9.2", "product_id": "T016984", "product_identification_helper": { "cpe": "cpe:/a:ibm:mq:9.2" } } } ], "category": "product_name", "name": "MQ" }, { "category": "product_name", "name": "IBM Tivoli Business Service Manager 6.2.0", "product": { "name": "IBM Tivoli Business Service Manager 6.2.0", "product_id": "T014092", "product_identification_helper": { "cpe": "cpe:/a:ibm:tivoli_business_service_manager:6.2.0" } } } ], "category": "vendor", "name": "IBM" } ] }, "vulnerabilities": [ { "cve": "CVE-2023-26118", "notes": [ { "category": "description", "text": "In HCL BigFix existieren mehrere Schwachstellen. Diese sind auf Fehler in den Komponenten \"angular\" sowie \"jsonwebtoken\" zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer oder authentisierter Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren oder Sicherheitsvorkehrungen zu umgehen." } ], "product_status": { "known_affected": [ "T014092", "T014766", "T014765", "T016984", "T027730", "74185" ] }, "release_date": "2023-05-14T22:00:00Z", "title": "CVE-2023-26118" }, { "cve": "CVE-2023-26117", "notes": [ { "category": "description", "text": "In HCL BigFix existieren mehrere Schwachstellen. Diese sind auf Fehler in den Komponenten \"angular\" sowie \"jsonwebtoken\" zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer oder authentisierter Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren oder Sicherheitsvorkehrungen zu umgehen." } ], "product_status": { "known_affected": [ "T014092", "T014766", "T014765", "T016984", "T027730", "74185" ] }, "release_date": "2023-05-14T22:00:00Z", "title": "CVE-2023-26117" }, { "cve": "CVE-2023-26116", "notes": [ { "category": "description", "text": "In HCL BigFix existieren mehrere Schwachstellen. Diese sind auf Fehler in den Komponenten \"angular\" sowie \"jsonwebtoken\" zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer oder authentisierter Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren oder Sicherheitsvorkehrungen zu umgehen." } ], "product_status": { "known_affected": [ "T014092", "T014766", "T014765", "T016984", "T027730", "74185" ] }, "release_date": "2023-05-14T22:00:00Z", "title": "CVE-2023-26116" }, { "cve": "CVE-2022-23541", "notes": [ { "category": "description", "text": "In HCL BigFix existieren mehrere Schwachstellen. Diese sind auf Fehler in den Komponenten \"angular\" sowie \"jsonwebtoken\" zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer oder authentisierter Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren oder Sicherheitsvorkehrungen zu umgehen." } ], "product_status": { "known_affected": [ "T014092", "T014766", "T014765", "T016984", "T027730", "74185" ] }, "release_date": "2023-05-14T22:00:00Z", "title": "CVE-2022-23541" }, { "cve": "CVE-2022-23540", "notes": [ { "category": "description", "text": "In HCL BigFix existieren mehrere Schwachstellen. Diese sind auf Fehler in den Komponenten \"angular\" sowie \"jsonwebtoken\" zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer oder authentisierter Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren oder Sicherheitsvorkehrungen zu umgehen." } ], "product_status": { "known_affected": [ "T014092", "T014766", "T014765", "T016984", "T027730", "74185" ] }, "release_date": "2023-05-14T22:00:00Z", "title": "CVE-2022-23540" }, { "cve": "CVE-2022-23539", "notes": [ { "category": "description", "text": "In HCL BigFix existieren mehrere Schwachstellen. Diese sind auf Fehler in den Komponenten \"angular\" sowie \"jsonwebtoken\" zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer oder authentisierter Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren oder Sicherheitsvorkehrungen zu umgehen." } ], "product_status": { "known_affected": [ "T014092", "T014766", "T014765", "T016984", "T027730", "74185" ] }, "release_date": "2023-05-14T22:00:00Z", "title": "CVE-2022-23539" } ] }
wid-sec-w-2023-1295
Vulnerability from csaf_certbund
Notes
{ "document": { "aggregate_severity": { "text": "hoch" }, "category": "csaf_base", "csaf_version": "2.0", "distribution": { "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "de-DE", "notes": [ { "category": "legal_disclaimer", "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen." }, { "category": "description", "text": "Red Hat OpenShift ist eine \"Platform as a Service\" (PaaS) L\u00f6sung zur Bereitstellung von Applikationen in der Cloud.", "title": "Produktbeschreibung" }, { "category": "summary", "text": "Ein entfernter, authentisierter Angreifer kann mehrere Schwachstellen in Red Hat OpenShift ausnutzen, um Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service zu verursachen.", "title": "Angriff" }, { "category": "general", "text": "- Linux", "title": "Betroffene Betriebssysteme" } ], "publisher": { "category": "other", "contact_details": "csaf-provider@cert-bund.de", "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik", "namespace": "https://www.bsi.bund.de" }, "references": [ { "category": "self", "summary": "WID-SEC-W-2023-1295 - CSAF Version", "url": "https://wid.cert-bund.de/.well-known/csaf/white/2023/wid-sec-w-2023-1295.json" }, { "category": "self", "summary": "WID-SEC-2023-1295 - Portal Version", "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-1295" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2023:3645 vom 2023-06-16", "url": "https://access.redhat.com/errata/RHSA-2023:3645" }, { "category": "external", "summary": "RedHat Security Advisory vom 2023-05-23", "url": "https://access.redhat.com/errata/RHSA-2023:3265" } ], "source_lang": "en-US", "title": "Red Hat OpenShift: Mehrere Schwachstellen", "tracking": { "current_release_date": "2023-06-15T22:00:00.000+00:00", "generator": { "date": "2024-02-15T17:28:50.292+00:00", "engine": { "name": "BSI-WID", "version": "1.3.0" } }, "id": "WID-SEC-W-2023-1295", "initial_release_date": "2023-05-23T22:00:00.000+00:00", "revision_history": [ { "date": "2023-05-23T22:00:00.000+00:00", "number": "1", "summary": "Initiale Fassung" }, { "date": "2023-06-15T22:00:00.000+00:00", "number": "2", "summary": "Neue Updates von Red Hat aufgenommen" } ], "status": "final", "version": "2" } }, "product_tree": { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat Enterprise Linux", "product": { "name": "Red Hat Enterprise Linux", "product_id": "67646", "product_identification_helper": { "cpe": "cpe:/o:redhat:enterprise_linux:-" } } }, { "category": "product_name", "name": "Red Hat OpenShift Data Foundation 4", "product": { "name": "Red Hat OpenShift Data Foundation 4", "product_id": "T022509", "product_identification_helper": { "cpe": "cpe:/a:redhat:openshift:container_platform_4" } } } ], "category": "vendor", "name": "Red Hat" } ] }, "vulnerabilities": [ { "cve": "CVE-2022-24999", "notes": [ { "category": "description", "text": "Es existiert eine Schwachstelle in Red Hat OpenShift. Im express.js npm-Paket von nodejs:14 module stream besteht ein Prototyp-Pollution-Problem. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um einen Denial of Service zu verursachen." } ], "product_status": { "known_affected": [ "67646", "T022509" ] }, "release_date": "2023-05-23T22:00:00Z", "title": "CVE-2022-24999" }, { "cve": "CVE-2022-23539", "notes": [ { "category": "description", "text": "Es existiert eine Schwachstelle in Red Hat OpenShift. Bestimmte Versionen der jsonwebtoken-Bibliothek k\u00f6nnen falsch konfiguriert werden, so dass veraltete, unsichere Schl\u00fcsseltypen f\u00fcr die Signaturpr\u00fcfung verwendet werden. Ein authentisierter Angreifer kann diese Schwachstelle ausnutzen, um Sicherheitsvorkehrungen zu umgehen." } ], "product_status": { "known_affected": [ "67646", "T022509" ] }, "release_date": "2023-05-23T22:00:00Z", "title": "CVE-2022-23539" } ] }
WID-SEC-W-2023-1295
Vulnerability from csaf_certbund
Notes
{ "document": { "aggregate_severity": { "text": "hoch" }, "category": "csaf_base", "csaf_version": "2.0", "distribution": { "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "de-DE", "notes": [ { "category": "legal_disclaimer", "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen." }, { "category": "description", "text": "Red Hat OpenShift ist eine \"Platform as a Service\" (PaaS) L\u00f6sung zur Bereitstellung von Applikationen in der Cloud.", "title": "Produktbeschreibung" }, { "category": "summary", "text": "Ein entfernter, authentisierter Angreifer kann mehrere Schwachstellen in Red Hat OpenShift ausnutzen, um Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service zu verursachen.", "title": "Angriff" }, { "category": "general", "text": "- Linux", "title": "Betroffene Betriebssysteme" } ], "publisher": { "category": "other", "contact_details": "csaf-provider@cert-bund.de", "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik", "namespace": "https://www.bsi.bund.de" }, "references": [ { "category": "self", "summary": "WID-SEC-W-2023-1295 - CSAF Version", "url": "https://wid.cert-bund.de/.well-known/csaf/white/2023/wid-sec-w-2023-1295.json" }, { "category": "self", "summary": "WID-SEC-2023-1295 - Portal Version", "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-1295" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2023:3645 vom 2023-06-16", "url": "https://access.redhat.com/errata/RHSA-2023:3645" }, { "category": "external", "summary": "RedHat Security Advisory vom 2023-05-23", "url": "https://access.redhat.com/errata/RHSA-2023:3265" } ], "source_lang": "en-US", "title": "Red Hat OpenShift: Mehrere Schwachstellen", "tracking": { "current_release_date": "2023-06-15T22:00:00.000+00:00", "generator": { "date": "2024-02-15T17:28:50.292+00:00", "engine": { "name": "BSI-WID", "version": "1.3.0" } }, "id": "WID-SEC-W-2023-1295", "initial_release_date": "2023-05-23T22:00:00.000+00:00", "revision_history": [ { "date": "2023-05-23T22:00:00.000+00:00", "number": "1", "summary": "Initiale Fassung" }, { "date": "2023-06-15T22:00:00.000+00:00", "number": "2", "summary": "Neue Updates von Red Hat aufgenommen" } ], "status": "final", "version": "2" } }, "product_tree": { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat Enterprise Linux", "product": { "name": "Red Hat Enterprise Linux", "product_id": "67646", "product_identification_helper": { "cpe": "cpe:/o:redhat:enterprise_linux:-" } } }, { "category": "product_name", "name": "Red Hat OpenShift Data Foundation 4", "product": { "name": "Red Hat OpenShift Data Foundation 4", "product_id": "T022509", "product_identification_helper": { "cpe": "cpe:/a:redhat:openshift:container_platform_4" } } } ], "category": "vendor", "name": "Red Hat" } ] }, "vulnerabilities": [ { "cve": "CVE-2022-24999", "notes": [ { "category": "description", "text": "Es existiert eine Schwachstelle in Red Hat OpenShift. Im express.js npm-Paket von nodejs:14 module stream besteht ein Prototyp-Pollution-Problem. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um einen Denial of Service zu verursachen." } ], "product_status": { "known_affected": [ "67646", "T022509" ] }, "release_date": "2023-05-23T22:00:00Z", "title": "CVE-2022-24999" }, { "cve": "CVE-2022-23539", "notes": [ { "category": "description", "text": "Es existiert eine Schwachstelle in Red Hat OpenShift. Bestimmte Versionen der jsonwebtoken-Bibliothek k\u00f6nnen falsch konfiguriert werden, so dass veraltete, unsichere Schl\u00fcsseltypen f\u00fcr die Signaturpr\u00fcfung verwendet werden. Ein authentisierter Angreifer kann diese Schwachstelle ausnutzen, um Sicherheitsvorkehrungen zu umgehen." } ], "product_status": { "known_affected": [ "67646", "T022509" ] }, "release_date": "2023-05-23T22:00:00Z", "title": "CVE-2022-23539" } ] }
WID-SEC-W-2023-1208
Vulnerability from csaf_certbund
Notes
{ "document": { "aggregate_severity": { "text": "mittel" }, "category": "csaf_base", "csaf_version": "2.0", "distribution": { "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "de-DE", "notes": [ { "category": "legal_disclaimer", "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen." }, { "category": "description", "text": "BigFix ist eine L\u00f6sung zum Erkennen und Verwalten von physischen und virtuellen Endpunkten.", "title": "Produktbeschreibung" }, { "category": "summary", "text": "Ein entfernter, anonymer oder authentisierter Angreifer kann mehrere Schwachstellen in HCL BigFix ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren oder Sicherheitsvorkehrungen zu umgehen.", "title": "Angriff" }, { "category": "general", "text": "- UNIX\n- Linux\n- Windows", "title": "Betroffene Betriebssysteme" } ], "publisher": { "category": "other", "contact_details": "csaf-provider@cert-bund.de", "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik", "namespace": "https://www.bsi.bund.de" }, "references": [ { "category": "self", "summary": "WID-SEC-W-2023-1208 - CSAF Version", "url": "https://wid.cert-bund.de/.well-known/csaf/white/2023/wid-sec-w-2023-1208.json" }, { "category": "self", "summary": "WID-SEC-2023-1208 - Portal Version", "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-1208" }, { "category": "external", "summary": "Fedora Security Advisory FEDORA-2023-035866B576 vom 2023-10-05", "url": "https://bodhi.fedoraproject.org/updates/FEDORA-2023-035866b576" }, { "category": "external", "summary": "IBM Security Bulletin 7030667 vom 2023-09-05", "url": "https://www.ibm.com/support/pages/node/7030667" }, { "category": "external", "summary": "IBM Security Bulletin 7023212 vom 2023-08-09", "url": "https://www.ibm.com/support/pages/node/7023212" }, { "category": "external", "summary": "HCL Security Advisory vom 2023-05-14", "url": "https://support.hcltechsw.com/csm?id=kb_article\u0026sysparm_article=KB0104732" } ], "source_lang": "en-US", "title": "HCL BigFix: Mehrere Schwachstellen", "tracking": { "current_release_date": "2023-10-05T22:00:00.000+00:00", "generator": { "date": "2024-02-15T17:27:34.189+00:00", "engine": { "name": "BSI-WID", "version": "1.3.0" } }, "id": "WID-SEC-W-2023-1208", "initial_release_date": "2023-05-14T22:00:00.000+00:00", "revision_history": [ { "date": "2023-05-14T22:00:00.000+00:00", "number": "1", "summary": "Initiale Fassung" }, { "date": "2023-08-09T22:00:00.000+00:00", "number": "2", "summary": "Neue Updates von IBM aufgenommen" }, { "date": "2023-09-05T22:00:00.000+00:00", "number": "3", "summary": "Neue Updates von IBM aufgenommen" }, { "date": "2023-10-05T22:00:00.000+00:00", "number": "4", "summary": "Neue Updates von Fedora aufgenommen" } ], "status": "final", "version": "4" } }, "product_tree": { "branches": [ { "branches": [ { "category": "product_name", "name": "Fedora Linux", "product": { "name": "Fedora Linux", "product_id": "74185", "product_identification_helper": { "cpe": "cpe:/o:fedoraproject:fedora:-" } } } ], "category": "vendor", "name": "Fedora" }, { "branches": [ { "category": "product_name", "name": "HCL BigFix", "product": { "name": "HCL BigFix", "product_id": "T027730", "product_identification_helper": { "cpe": "cpe:/a:hcltech:bigfix:-" } } } ], "category": "vendor", "name": "HCL" }, { "branches": [ { "branches": [ { "category": "product_name", "name": "IBM MQ 9.1", "product": { "name": "IBM MQ 9.1", "product_id": "T014765", "product_identification_helper": { "cpe": "cpe:/a:ibm:mq:9.1" } } }, { "category": "product_name", "name": "IBM MQ 9.0", "product": { "name": "IBM MQ 9.0", "product_id": "T014766", "product_identification_helper": { "cpe": "cpe:/a:ibm:mq:9.0" } } }, { "category": "product_name", "name": "IBM MQ 9.2", "product": { "name": "IBM MQ 9.2", "product_id": "T016984", "product_identification_helper": { "cpe": "cpe:/a:ibm:mq:9.2" } } } ], "category": "product_name", "name": "MQ" }, { "category": "product_name", "name": "IBM Tivoli Business Service Manager 6.2.0", "product": { "name": "IBM Tivoli Business Service Manager 6.2.0", "product_id": "T014092", "product_identification_helper": { "cpe": "cpe:/a:ibm:tivoli_business_service_manager:6.2.0" } } } ], "category": "vendor", "name": "IBM" } ] }, "vulnerabilities": [ { "cve": "CVE-2023-26118", "notes": [ { "category": "description", "text": "In HCL BigFix existieren mehrere Schwachstellen. Diese sind auf Fehler in den Komponenten \"angular\" sowie \"jsonwebtoken\" zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer oder authentisierter Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren oder Sicherheitsvorkehrungen zu umgehen." } ], "product_status": { "known_affected": [ "T014092", "T014766", "T014765", "T016984", "T027730", "74185" ] }, "release_date": "2023-05-14T22:00:00Z", "title": "CVE-2023-26118" }, { "cve": "CVE-2023-26117", "notes": [ { "category": "description", "text": "In HCL BigFix existieren mehrere Schwachstellen. Diese sind auf Fehler in den Komponenten \"angular\" sowie \"jsonwebtoken\" zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer oder authentisierter Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren oder Sicherheitsvorkehrungen zu umgehen." } ], "product_status": { "known_affected": [ "T014092", "T014766", "T014765", "T016984", "T027730", "74185" ] }, "release_date": "2023-05-14T22:00:00Z", "title": "CVE-2023-26117" }, { "cve": "CVE-2023-26116", "notes": [ { "category": "description", "text": "In HCL BigFix existieren mehrere Schwachstellen. Diese sind auf Fehler in den Komponenten \"angular\" sowie \"jsonwebtoken\" zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer oder authentisierter Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren oder Sicherheitsvorkehrungen zu umgehen." } ], "product_status": { "known_affected": [ "T014092", "T014766", "T014765", "T016984", "T027730", "74185" ] }, "release_date": "2023-05-14T22:00:00Z", "title": "CVE-2023-26116" }, { "cve": "CVE-2022-23541", "notes": [ { "category": "description", "text": "In HCL BigFix existieren mehrere Schwachstellen. Diese sind auf Fehler in den Komponenten \"angular\" sowie \"jsonwebtoken\" zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer oder authentisierter Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren oder Sicherheitsvorkehrungen zu umgehen." } ], "product_status": { "known_affected": [ "T014092", "T014766", "T014765", "T016984", "T027730", "74185" ] }, "release_date": "2023-05-14T22:00:00Z", "title": "CVE-2022-23541" }, { "cve": "CVE-2022-23540", "notes": [ { "category": "description", "text": "In HCL BigFix existieren mehrere Schwachstellen. Diese sind auf Fehler in den Komponenten \"angular\" sowie \"jsonwebtoken\" zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer oder authentisierter Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren oder Sicherheitsvorkehrungen zu umgehen." } ], "product_status": { "known_affected": [ "T014092", "T014766", "T014765", "T016984", "T027730", "74185" ] }, "release_date": "2023-05-14T22:00:00Z", "title": "CVE-2022-23540" }, { "cve": "CVE-2022-23539", "notes": [ { "category": "description", "text": "In HCL BigFix existieren mehrere Schwachstellen. Diese sind auf Fehler in den Komponenten \"angular\" sowie \"jsonwebtoken\" zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer oder authentisierter Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren oder Sicherheitsvorkehrungen zu umgehen." } ], "product_status": { "known_affected": [ "T014092", "T014766", "T014765", "T016984", "T027730", "74185" ] }, "release_date": "2023-05-14T22:00:00Z", "title": "CVE-2022-23539" } ] }
wid-sec-w-2023-0218
Vulnerability from csaf_certbund
Notes
{ "document": { "aggregate_severity": { "text": "mittel" }, "category": "csaf_base", "csaf_version": "2.0", "distribution": { "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "de-DE", "notes": [ { "category": "legal_disclaimer", "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen." }, { "category": "description", "text": "IBM Integration Bus ist ein \"lightweight\" ESB, welche die Integration von SOAP oder non-SOAP Datenquellen von verschiedenen Plattformen erm\u00f6glicht.", "title": "Produktbeschreibung" }, { "category": "summary", "text": "Ein entfernter, authentisierter Angreifer kann mehrere Schwachstellen in IBM Integration Bus ausnutzen, um beliebigen Programmcode auszuf\u00fchren oder Sicherheitsvorkehrungen zu umgehen.", "title": "Angriff" }, { "category": "general", "text": "- UNIX\n- Linux\n- Windows\n- Sonstiges", "title": "Betroffene Betriebssysteme" } ], "publisher": { "category": "other", "contact_details": "csaf-provider@cert-bund.de", "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik", "namespace": "https://www.bsi.bund.de" }, "references": [ { "category": "self", "summary": "WID-SEC-W-2023-0218 - CSAF Version", "url": "https://wid.cert-bund.de/.well-known/csaf/white/2023/wid-sec-w-2023-0218.json" }, { "category": "self", "summary": "WID-SEC-2023-0218 - Portal Version", "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-0218" }, { "category": "external", "summary": "IBM Security Bulletin vom 2023-01-29", "url": "https://www.ibm.com/support/pages/node/6890605" } ], "source_lang": "en-US", "title": "IBM Integration Bus: Mehrere Schwachstellen", "tracking": { "current_release_date": "2023-01-29T23:00:00.000+00:00", "generator": { "date": "2024-02-15T17:12:06.600+00:00", "engine": { "name": "BSI-WID", "version": "1.3.0" } }, "id": "WID-SEC-W-2023-0218", "initial_release_date": "2023-01-29T23:00:00.000+00:00", "revision_history": [ { "date": "2023-01-29T23:00:00.000+00:00", "number": "1", "summary": "Initiale Fassung" } ], "status": "final", "version": "1" } }, "product_tree": { "branches": [ { "branches": [ { "category": "product_name", "name": "IBM Integration Bus \t10.0.0.0 - 10.0.0.26", "product": { "name": "IBM Integration Bus \t10.0.0.0 - 10.0.0.26", "product_id": "T023793", "product_identification_helper": { "cpe": "cpe:/a:ibm:integration_bus:10.0.0.0_-_10.0.0.26" } } } ], "category": "vendor", "name": "IBM" } ] }, "vulnerabilities": [ { "cve": "CVE-2022-23541", "notes": [ { "category": "description", "text": "Es existiert eine Schwachstelle in IBM Integration Bus. Diese besteht in \"Auth0 jsonwebtoken\" aufgrund einer unsicheren Implementierung der Schl\u00fcsselabfragefunktion. Ein authentisierter Angreifer kann diese Schwachstelle ausnutzen, um Sicherheitsvorkehrungen zu umgehen." } ], "product_status": { "known_affected": [ "T023793" ] }, "release_date": "2023-01-29T23:00:00Z", "title": "CVE-2022-23541" }, { "cve": "CVE-2022-23540", "notes": [ { "category": "description", "text": "Es existiert eine Schwachstelle in IBM Integration Bus, aufgund eines unsicheren Standardalgorithmus in der Funktion \"jwt.verify()\" in \"Auth0 jsonwebtoken\". Ein authentisierter Angreifer kann das ausnutzen, um Sicherheitsvorkehrungen zu umgehen." } ], "product_status": { "known_affected": [ "T023793" ] }, "release_date": "2023-01-29T23:00:00Z", "title": "CVE-2022-23540" }, { "cve": "CVE-2022-23539", "notes": [ { "category": "description", "text": "Es existiert eine Schwachstelle in IBM Integration Bus. Durch einen nicht sachgem\u00e4\u00df eingeschr\u00e4nkten Schl\u00fcsseltyp in \"Auth0 jsonwebtoken\" kann die Verwendung von Legacy-Schl\u00fcsseln zu erm\u00f6glicht werden. Ein authentisierter Angreifer kann diese Schwachstelle ausnutzen, um Sicherheitsvorkehrungen zu umgehen." } ], "product_status": { "known_affected": [ "T023793" ] }, "release_date": "2023-01-29T23:00:00Z", "title": "CVE-2022-23539" }, { "cve": "CVE-2022-23529", "notes": [ { "category": "description", "text": "Es existiert eine Schwachstelle in IBM Integration Bus. Durch die \"jwt.verify\" Funktion in \"Auth0 jsonwebtoken\" werden Eingaben nur ungen\u00fcgend \u00fcberpr\u00fcft. Ein authentisierter Angreifer kann diese Schwachstelle ausnutzen, um beliebigen Code auf dem System auszuf\u00fchren." } ], "product_status": { "known_affected": [ "T023793" ] }, "release_date": "2023-01-29T23:00:00Z", "title": "CVE-2022-23529" } ] }
rhsa-2023_3265
Vulnerability from csaf_redhat
Notes
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Moderate" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "Updated images that fix several bugs are now available for Red Hat OpenShift Data Foundation 4.12.3 on Red Hat Enterprise Linux 8 from Red Hat Container Registry.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", "title": "Topic" }, { "category": "general", "text": "Red Hat OpenShift Data Foundation is software-defined storage integrated with and optimized for the Red Hat OpenShift Data Foundation. Red Hat OpenShift Data Foundation is a highly scalable, production-grade persistent storage for stateful applications running in the Red Hat OpenShift Container Platform. In addition to persistent storage, Red Hat OpenShift Data Foundation provisions a multi-cloud data management service with an S3-compatible API.\n\nSecurity Fix(es):\n\n* jsonwebtoken: Unrestricted key type could lead to legacy keys usagen (CVE-2022-23539)\n\n* express: \"qs\" prototype poisoning causes the hang of the node process (CVE-2022-24999)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nBug Fix(es):\n\n* Previously, odf-csi-addons-operator had low memory resource limit and as a result the odf-csi-addons-operator pod was OOMKilled (out of memory). With this fix, the default memory and the CPU resource limit has been increased and odf-csi-addons-operator OOMKills are not observed. (BZ#2177184)\n\n* Previously, non optimized database related flows on deletions caused Multicloud Object Gateway to spike in CPU usage and perform slowly on mass delete scenarios. For example, reclaiming a deleted object bucket claim (OBC). With this fix, indexes for the bucket reclaimer process are optimized, a new index is added to the database to speed up the database cleaner flows, and bucket reclaimer changes are introduced to work on batches of objects. (BZ#2186482)\n\n* Previously, the list of regions for creating the default Multicloud Object Gateway backing store on AWS did not have the new regions that were added recently to AWS. With this fix, the new regions are included to the list of regions and it is possible to deploy default backing store on the new regions. (BZ#2187637)\n\n* Previously, creating a storage system in OpenShift Data Foundation using an external Ceph cluster would fail if the RADOS block device (RBD) pool name contained an underscore (_) or a period(.). With this fix, the Python script (`ceph-external-cluster-details-exporter.py`) is enhanced to contain underscore (_) and period (.) so that an alias for the RBD pool names can be passed in. This alias allows the OpenShift Data Foundation to adopt an external Ceph cluster with RBD pool names containing an underscore(_) or a period(.). (BZ#2188379)\n\nAll users of Red Hat OpenShift Data Foundation are advised to upgrade to these updated images, which provide these bug fixes.", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2023:3265", "url": "https://access.redhat.com/errata/RHSA-2023:3265" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#moderate", "url": "https://access.redhat.com/security/updates/classification/#moderate" }, { "category": "external", "summary": "2150323", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2150323" }, { "category": "external", "summary": "2155978", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2155978" }, { "category": "external", "summary": "2167304", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2167304" }, { "category": "external", "summary": "2174336", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2174336" }, { "category": "external", "summary": "2177184", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2177184" }, { "category": "external", "summary": "2179235", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2179235" }, { "category": "external", "summary": "2180685", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2180685" }, { "category": "external", "summary": "2180724", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2180724" }, { "category": "external", "summary": "2183687", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2183687" }, { "category": "external", "summary": "2185190", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2185190" }, { "category": "external", "summary": "2185725", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2185725" }, { "category": "external", "summary": "2186443", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2186443" }, { "category": "external", "summary": "2186482", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2186482" }, { "category": "external", "summary": "2187765", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2187765" }, { "category": "external", "summary": "2187796", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2187796" }, { "category": "external", "summary": "2187799", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2187799" }, { "category": "external", "summary": "2188228", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2188228" }, { "category": "external", "summary": "2188327", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2188327" }, { "category": "external", "summary": "2188667", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2188667" }, { "category": "external", "summary": "2190005", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2190005" }, { "category": "external", "summary": "2190140", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2190140" }, { "category": "external", "summary": "2190393", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2190393" }, { "category": "external", "summary": "2192821", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2192821" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2023/rhsa-2023_3265.json" } ], "title": "Red Hat Security Advisory: Red Hat OpenShift Data Foundation 4.12.3 Security and Bug fix update", "tracking": { "current_release_date": "2024-12-17T23:03:20+00:00", "generator": { "date": "2024-12-17T23:03:20+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.2.3" } }, "id": "RHSA-2023:3265", "initial_release_date": "2023-05-23T09:17:22+00:00", "revision_history": [ { "date": "2023-05-23T09:17:22+00:00", "number": "1", "summary": "Initial version" }, { "date": "2023-05-23T09:17:22+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-12-17T23:03:20+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "RHODF 4.12 for RHEL 8", "product": { "name": "RHODF 4.12 for RHEL 8", "product_id": "8Base-RHODF-4.12", "product_identification_helper": { "cpe": "cpe:/a:redhat:openshift_data_foundation:4.12::el8" } } } ], "category": "product_family", "name": "Red Hat OpenShift Data Foundation" }, { "branches": [ { "category": "product_version", "name": "odf4/cephcsi-rhel8@sha256:db90c6bf02b4e7b40538ed52ee4e3d27733c24bf434610277b26b2ee5ae32f53_amd64", "product": { "name": "odf4/cephcsi-rhel8@sha256:db90c6bf02b4e7b40538ed52ee4e3d27733c24bf434610277b26b2ee5ae32f53_amd64", "product_id": "odf4/cephcsi-rhel8@sha256:db90c6bf02b4e7b40538ed52ee4e3d27733c24bf434610277b26b2ee5ae32f53_amd64", "product_identification_helper": { "purl": "pkg:oci/cephcsi-rhel8@sha256:db90c6bf02b4e7b40538ed52ee4e3d27733c24bf434610277b26b2ee5ae32f53?arch=amd64\u0026repository_url=registry.redhat.io/odf4/cephcsi-rhel8\u0026tag=v4.12.3-3" } } }, { "category": "product_version", "name": "odf4/mcg-core-rhel8@sha256:e0c221ae29034b17db88998d4703a1d515778d17a8ce40737fa711fad2726c5c_amd64", "product": { "name": "odf4/mcg-core-rhel8@sha256:e0c221ae29034b17db88998d4703a1d515778d17a8ce40737fa711fad2726c5c_amd64", "product_id": "odf4/mcg-core-rhel8@sha256:e0c221ae29034b17db88998d4703a1d515778d17a8ce40737fa711fad2726c5c_amd64", "product_identification_helper": { "purl": "pkg:oci/mcg-core-rhel8@sha256:e0c221ae29034b17db88998d4703a1d515778d17a8ce40737fa711fad2726c5c?arch=amd64\u0026repository_url=registry.redhat.io/odf4/mcg-core-rhel8\u0026tag=v4.12.3-4" } } }, { "category": "product_version", "name": "odf4/mcg-operator-bundle@sha256:0d03a74a889701f101ec0b3d454a8ad133a58a020b05e84addbd0c0393c62b45_amd64", "product": { "name": "odf4/mcg-operator-bundle@sha256:0d03a74a889701f101ec0b3d454a8ad133a58a020b05e84addbd0c0393c62b45_amd64", "product_id": "odf4/mcg-operator-bundle@sha256:0d03a74a889701f101ec0b3d454a8ad133a58a020b05e84addbd0c0393c62b45_amd64", "product_identification_helper": { "purl": "pkg:oci/mcg-operator-bundle@sha256:0d03a74a889701f101ec0b3d454a8ad133a58a020b05e84addbd0c0393c62b45?arch=amd64\u0026repository_url=registry.redhat.io/odf4/mcg-operator-bundle\u0026tag=v4.12.3-17" } } }, { "category": "product_version", "name": "odf4/mcg-rhel8-operator@sha256:cd09a1ccd0b8795385d965ccf2910c231ee5f08c7d62ef4725a59b553192595a_amd64", "product": { "name": "odf4/mcg-rhel8-operator@sha256:cd09a1ccd0b8795385d965ccf2910c231ee5f08c7d62ef4725a59b553192595a_amd64", "product_id": "odf4/mcg-rhel8-operator@sha256:cd09a1ccd0b8795385d965ccf2910c231ee5f08c7d62ef4725a59b553192595a_amd64", "product_identification_helper": { "purl": "pkg:oci/mcg-rhel8-operator@sha256:cd09a1ccd0b8795385d965ccf2910c231ee5f08c7d62ef4725a59b553192595a?arch=amd64\u0026repository_url=registry.redhat.io/odf4/mcg-rhel8-operator\u0026tag=v4.12.3-3" } } }, { "category": "product_version", "name": "odf4/ocs-client-operator-bundle@sha256:572921e5851d187787f22b25f349dee75d0383e959440372a159acc8dd7c17a1_amd64", "product": { "name": "odf4/ocs-client-operator-bundle@sha256:572921e5851d187787f22b25f349dee75d0383e959440372a159acc8dd7c17a1_amd64", "product_id": "odf4/ocs-client-operator-bundle@sha256:572921e5851d187787f22b25f349dee75d0383e959440372a159acc8dd7c17a1_amd64", "product_identification_helper": { "purl": "pkg:oci/ocs-client-operator-bundle@sha256:572921e5851d187787f22b25f349dee75d0383e959440372a159acc8dd7c17a1?arch=amd64\u0026repository_url=registry.redhat.io/odf4/ocs-client-operator-bundle\u0026tag=v4.12.3-17" } } }, { "category": "product_version", "name": "odf4/ocs-client-rhel8-operator@sha256:0f05a9eb9f6528447456ffab6f86a354990745c7d994095b4c9fa8a9748159ea_amd64", "product": { "name": "odf4/ocs-client-rhel8-operator@sha256:0f05a9eb9f6528447456ffab6f86a354990745c7d994095b4c9fa8a9748159ea_amd64", "product_id": "odf4/ocs-client-rhel8-operator@sha256:0f05a9eb9f6528447456ffab6f86a354990745c7d994095b4c9fa8a9748159ea_amd64", "product_identification_helper": { "purl": "pkg:oci/ocs-client-rhel8-operator@sha256:0f05a9eb9f6528447456ffab6f86a354990745c7d994095b4c9fa8a9748159ea?arch=amd64\u0026repository_url=registry.redhat.io/odf4/ocs-client-rhel8-operator\u0026tag=v4.12.3-2" } } }, { "category": "product_version", "name": "odf4/ocs-metrics-exporter-rhel8@sha256:39c37b2a5cb55ca71c823b74f0b4c75ac61ef88d7f22c7abadc9b1ef5d077b20_amd64", "product": { "name": "odf4/ocs-metrics-exporter-rhel8@sha256:39c37b2a5cb55ca71c823b74f0b4c75ac61ef88d7f22c7abadc9b1ef5d077b20_amd64", "product_id": "odf4/ocs-metrics-exporter-rhel8@sha256:39c37b2a5cb55ca71c823b74f0b4c75ac61ef88d7f22c7abadc9b1ef5d077b20_amd64", "product_identification_helper": { "purl": "pkg:oci/ocs-metrics-exporter-rhel8@sha256:39c37b2a5cb55ca71c823b74f0b4c75ac61ef88d7f22c7abadc9b1ef5d077b20?arch=amd64\u0026repository_url=registry.redhat.io/odf4/ocs-metrics-exporter-rhel8\u0026tag=v4.12.3-5" } } }, { "category": "product_version", "name": "odf4/ocs-must-gather-rhel8@sha256:fa7d06a3c4204ee865eb284393faefacdd2113fa5bdb7412c3b7b6473852832b_amd64", "product": { "name": "odf4/ocs-must-gather-rhel8@sha256:fa7d06a3c4204ee865eb284393faefacdd2113fa5bdb7412c3b7b6473852832b_amd64", "product_id": "odf4/ocs-must-gather-rhel8@sha256:fa7d06a3c4204ee865eb284393faefacdd2113fa5bdb7412c3b7b6473852832b_amd64", "product_identification_helper": { "purl": "pkg:oci/ocs-must-gather-rhel8@sha256:fa7d06a3c4204ee865eb284393faefacdd2113fa5bdb7412c3b7b6473852832b?arch=amd64\u0026repository_url=registry.redhat.io/odf4/ocs-must-gather-rhel8\u0026tag=v4.12.3-5" } } }, { "category": "product_version", "name": "odf4/ocs-operator-bundle@sha256:ace10d33f03530bad02e5f5aade65ebdb78e42e664a62595e510d4edabd64f60_amd64", "product": { "name": "odf4/ocs-operator-bundle@sha256:ace10d33f03530bad02e5f5aade65ebdb78e42e664a62595e510d4edabd64f60_amd64", "product_id": "odf4/ocs-operator-bundle@sha256:ace10d33f03530bad02e5f5aade65ebdb78e42e664a62595e510d4edabd64f60_amd64", "product_identification_helper": { "purl": "pkg:oci/ocs-operator-bundle@sha256:ace10d33f03530bad02e5f5aade65ebdb78e42e664a62595e510d4edabd64f60?arch=amd64\u0026repository_url=registry.redhat.io/odf4/ocs-operator-bundle\u0026tag=v4.12.3-17" } } }, { "category": "product_version", "name": "odf4/ocs-rhel8-operator@sha256:b9d941ef97de91ce2c67405c956f308ac39a966f88901cb7299c7d32f15fc1f6_amd64", "product": { "name": "odf4/ocs-rhel8-operator@sha256:b9d941ef97de91ce2c67405c956f308ac39a966f88901cb7299c7d32f15fc1f6_amd64", "product_id": "odf4/ocs-rhel8-operator@sha256:b9d941ef97de91ce2c67405c956f308ac39a966f88901cb7299c7d32f15fc1f6_amd64", "product_identification_helper": { "purl": "pkg:oci/ocs-rhel8-operator@sha256:b9d941ef97de91ce2c67405c956f308ac39a966f88901cb7299c7d32f15fc1f6?arch=amd64\u0026repository_url=registry.redhat.io/odf4/ocs-rhel8-operator\u0026tag=v4.12.3-5" } } }, { "category": "product_version", "name": "odf4/odf-console-rhel8@sha256:7918fcabebe3d881e2a6bbcb424ac6b99bd96f13775eb3f9c455b7890c728873_amd64", "product": { "name": "odf4/odf-console-rhel8@sha256:7918fcabebe3d881e2a6bbcb424ac6b99bd96f13775eb3f9c455b7890c728873_amd64", "product_id": "odf4/odf-console-rhel8@sha256:7918fcabebe3d881e2a6bbcb424ac6b99bd96f13775eb3f9c455b7890c728873_amd64", "product_identification_helper": { "purl": "pkg:oci/odf-console-rhel8@sha256:7918fcabebe3d881e2a6bbcb424ac6b99bd96f13775eb3f9c455b7890c728873?arch=amd64\u0026repository_url=registry.redhat.io/odf4/odf-console-rhel8\u0026tag=v4.12.3-2" } } }, { "category": "product_version", "name": "odf4/odf-csi-addons-operator-bundle@sha256:5c7ff483da2eb34694a59d2826d0e18309aff8f254650008ecfb5c03629d9442_amd64", "product": { "name": "odf4/odf-csi-addons-operator-bundle@sha256:5c7ff483da2eb34694a59d2826d0e18309aff8f254650008ecfb5c03629d9442_amd64", "product_id": "odf4/odf-csi-addons-operator-bundle@sha256:5c7ff483da2eb34694a59d2826d0e18309aff8f254650008ecfb5c03629d9442_amd64", "product_identification_helper": { "purl": "pkg:oci/odf-csi-addons-operator-bundle@sha256:5c7ff483da2eb34694a59d2826d0e18309aff8f254650008ecfb5c03629d9442?arch=amd64\u0026repository_url=registry.redhat.io/odf4/odf-csi-addons-operator-bundle\u0026tag=v4.12.3-17" } } }, { "category": "product_version", "name": "odf4/odf-csi-addons-rhel8-operator@sha256:40c893b1ee61cb6f174da357578299bf21e26fd1dca73fc4d0664da564df84f1_amd64", "product": { "name": "odf4/odf-csi-addons-rhel8-operator@sha256:40c893b1ee61cb6f174da357578299bf21e26fd1dca73fc4d0664da564df84f1_amd64", "product_id": "odf4/odf-csi-addons-rhel8-operator@sha256:40c893b1ee61cb6f174da357578299bf21e26fd1dca73fc4d0664da564df84f1_amd64", "product_identification_helper": { "purl": "pkg:oci/odf-csi-addons-rhel8-operator@sha256:40c893b1ee61cb6f174da357578299bf21e26fd1dca73fc4d0664da564df84f1?arch=amd64\u0026repository_url=registry.redhat.io/odf4/odf-csi-addons-rhel8-operator\u0026tag=v4.12.3-3" } } }, { "category": "product_version", "name": "odf4/odf-csi-addons-sidecar-rhel8@sha256:ceaafe96af89589eb486ba74733e34ee3e202c346aad2773ed70d707ad7e2d42_amd64", "product": { "name": "odf4/odf-csi-addons-sidecar-rhel8@sha256:ceaafe96af89589eb486ba74733e34ee3e202c346aad2773ed70d707ad7e2d42_amd64", "product_id": "odf4/odf-csi-addons-sidecar-rhel8@sha256:ceaafe96af89589eb486ba74733e34ee3e202c346aad2773ed70d707ad7e2d42_amd64", "product_identification_helper": { "purl": "pkg:oci/odf-csi-addons-sidecar-rhel8@sha256:ceaafe96af89589eb486ba74733e34ee3e202c346aad2773ed70d707ad7e2d42?arch=amd64\u0026repository_url=registry.redhat.io/odf4/odf-csi-addons-sidecar-rhel8\u0026tag=v4.12.3-3" } } }, { "category": "product_version", "name": "odf4/odf-multicluster-console-rhel8@sha256:c6984aabd7dae84be1a3b114ca36d4cdc655b271000540709ce978ad4e3e7159_amd64", "product": { "name": "odf4/odf-multicluster-console-rhel8@sha256:c6984aabd7dae84be1a3b114ca36d4cdc655b271000540709ce978ad4e3e7159_amd64", "product_id": "odf4/odf-multicluster-console-rhel8@sha256:c6984aabd7dae84be1a3b114ca36d4cdc655b271000540709ce978ad4e3e7159_amd64", "product_identification_helper": { "purl": "pkg:oci/odf-multicluster-console-rhel8@sha256:c6984aabd7dae84be1a3b114ca36d4cdc655b271000540709ce978ad4e3e7159?arch=amd64\u0026repository_url=registry.redhat.io/odf4/odf-multicluster-console-rhel8\u0026tag=v4.12.3-2" } } }, { "category": "product_version", "name": "odf4/odf-multicluster-operator-bundle@sha256:b4aaf641c7117bea99bcf3bb2f58409935b22e72039105c5aa3f086f04775f7b_amd64", "product": { "name": "odf4/odf-multicluster-operator-bundle@sha256:b4aaf641c7117bea99bcf3bb2f58409935b22e72039105c5aa3f086f04775f7b_amd64", "product_id": "odf4/odf-multicluster-operator-bundle@sha256:b4aaf641c7117bea99bcf3bb2f58409935b22e72039105c5aa3f086f04775f7b_amd64", "product_identification_helper": { "purl": "pkg:oci/odf-multicluster-operator-bundle@sha256:b4aaf641c7117bea99bcf3bb2f58409935b22e72039105c5aa3f086f04775f7b?arch=amd64\u0026repository_url=registry.redhat.io/odf4/odf-multicluster-operator-bundle\u0026tag=v4.12.3-17" } } }, { "category": "product_version", "name": "odf4/odf-multicluster-rhel8-operator@sha256:d3e3b0788e28b8c82b770b2db622f2d9dfa83ac2b3f7a4e37742565089dc8fd8_amd64", "product": { "name": "odf4/odf-multicluster-rhel8-operator@sha256:d3e3b0788e28b8c82b770b2db622f2d9dfa83ac2b3f7a4e37742565089dc8fd8_amd64", "product_id": "odf4/odf-multicluster-rhel8-operator@sha256:d3e3b0788e28b8c82b770b2db622f2d9dfa83ac2b3f7a4e37742565089dc8fd8_amd64", "product_identification_helper": { "purl": "pkg:oci/odf-multicluster-rhel8-operator@sha256:d3e3b0788e28b8c82b770b2db622f2d9dfa83ac2b3f7a4e37742565089dc8fd8?arch=amd64\u0026repository_url=registry.redhat.io/odf4/odf-multicluster-rhel8-operator\u0026tag=v4.12.3-3" } } }, { "category": "product_version", "name": "odf4/odf-operator-bundle@sha256:f6182960abfce0ccb509a25ab8fb8780a8e2d73852d589e8295c16d992bb2ff6_amd64", "product": { "name": "odf4/odf-operator-bundle@sha256:f6182960abfce0ccb509a25ab8fb8780a8e2d73852d589e8295c16d992bb2ff6_amd64", "product_id": "odf4/odf-operator-bundle@sha256:f6182960abfce0ccb509a25ab8fb8780a8e2d73852d589e8295c16d992bb2ff6_amd64", "product_identification_helper": { "purl": "pkg:oci/odf-operator-bundle@sha256:f6182960abfce0ccb509a25ab8fb8780a8e2d73852d589e8295c16d992bb2ff6?arch=amd64\u0026repository_url=registry.redhat.io/odf4/odf-operator-bundle\u0026tag=v4.12.3-17" } } }, { "category": "product_version", "name": "odf4/odf-rhel8-operator@sha256:cd5ed37c3bd5ad385a3a88dc290456dbde3ba6af2501750a3d1ce25d40e82401_amd64", "product": { "name": "odf4/odf-rhel8-operator@sha256:cd5ed37c3bd5ad385a3a88dc290456dbde3ba6af2501750a3d1ce25d40e82401_amd64", "product_id": "odf4/odf-rhel8-operator@sha256:cd5ed37c3bd5ad385a3a88dc290456dbde3ba6af2501750a3d1ce25d40e82401_amd64", "product_identification_helper": { "purl": "pkg:oci/odf-rhel8-operator@sha256:cd5ed37c3bd5ad385a3a88dc290456dbde3ba6af2501750a3d1ce25d40e82401?arch=amd64\u0026repository_url=registry.redhat.io/odf4/odf-rhel8-operator\u0026tag=v4.12.3-3" } } }, { "category": "product_version", "name": "odf4/odr-cluster-operator-bundle@sha256:8e0d79006984c3501ea066054cca610b92c109183ae13969c0e81ee03acedc84_amd64", "product": { "name": "odf4/odr-cluster-operator-bundle@sha256:8e0d79006984c3501ea066054cca610b92c109183ae13969c0e81ee03acedc84_amd64", "product_id": "odf4/odr-cluster-operator-bundle@sha256:8e0d79006984c3501ea066054cca610b92c109183ae13969c0e81ee03acedc84_amd64", "product_identification_helper": { "purl": "pkg:oci/odr-cluster-operator-bundle@sha256:8e0d79006984c3501ea066054cca610b92c109183ae13969c0e81ee03acedc84?arch=amd64\u0026repository_url=registry.redhat.io/odf4/odr-cluster-operator-bundle\u0026tag=v4.12.3-17" } } }, { "category": "product_version", "name": "odf4/odr-hub-operator-bundle@sha256:666c7cec9f2fd6d91b1839fd85576d84d0856a03b27e341e12f9c28ad301f594_amd64", "product": { "name": "odf4/odr-hub-operator-bundle@sha256:666c7cec9f2fd6d91b1839fd85576d84d0856a03b27e341e12f9c28ad301f594_amd64", "product_id": "odf4/odr-hub-operator-bundle@sha256:666c7cec9f2fd6d91b1839fd85576d84d0856a03b27e341e12f9c28ad301f594_amd64", "product_identification_helper": { "purl": "pkg:oci/odr-hub-operator-bundle@sha256:666c7cec9f2fd6d91b1839fd85576d84d0856a03b27e341e12f9c28ad301f594?arch=amd64\u0026repository_url=registry.redhat.io/odf4/odr-hub-operator-bundle\u0026tag=v4.12.3-17" } } }, { "category": "product_version", "name": "odf4/odr-rhel8-operator@sha256:79b66652c0aea87822f578c55963ca948b2e1697caad5ea460e6555a78136039_amd64", "product": { "name": "odf4/odr-rhel8-operator@sha256:79b66652c0aea87822f578c55963ca948b2e1697caad5ea460e6555a78136039_amd64", "product_id": "odf4/odr-rhel8-operator@sha256:79b66652c0aea87822f578c55963ca948b2e1697caad5ea460e6555a78136039_amd64", "product_identification_helper": { "purl": "pkg:oci/odr-rhel8-operator@sha256:79b66652c0aea87822f578c55963ca948b2e1697caad5ea460e6555a78136039?arch=amd64\u0026repository_url=registry.redhat.io/odf4/odr-rhel8-operator\u0026tag=v4.12.3-2" } } }, { "category": "product_version", "name": "odf4/rook-ceph-rhel8-operator@sha256:460433c554ff60bbac0b3dd267c6a0ab65c4837df3b2e5052e86f6e9145833ee_amd64", "product": { "name": "odf4/rook-ceph-rhel8-operator@sha256:460433c554ff60bbac0b3dd267c6a0ab65c4837df3b2e5052e86f6e9145833ee_amd64", "product_id": "odf4/rook-ceph-rhel8-operator@sha256:460433c554ff60bbac0b3dd267c6a0ab65c4837df3b2e5052e86f6e9145833ee_amd64", "product_identification_helper": { "purl": "pkg:oci/rook-ceph-rhel8-operator@sha256:460433c554ff60bbac0b3dd267c6a0ab65c4837df3b2e5052e86f6e9145833ee?arch=amd64\u0026repository_url=registry.redhat.io/odf4/rook-ceph-rhel8-operator\u0026tag=v4.12.3-7" } } } ], "category": "architecture", "name": "amd64" }, { "branches": [ { "category": "product_version", "name": "odf4/cephcsi-rhel8@sha256:55c1cdf2a7c32c5e32eb2ff3372bbb3b46e3b2da39cca535db32a7aefbbb73a6_ppc64le", "product": { "name": "odf4/cephcsi-rhel8@sha256:55c1cdf2a7c32c5e32eb2ff3372bbb3b46e3b2da39cca535db32a7aefbbb73a6_ppc64le", "product_id": "odf4/cephcsi-rhel8@sha256:55c1cdf2a7c32c5e32eb2ff3372bbb3b46e3b2da39cca535db32a7aefbbb73a6_ppc64le", "product_identification_helper": { "purl": "pkg:oci/cephcsi-rhel8@sha256:55c1cdf2a7c32c5e32eb2ff3372bbb3b46e3b2da39cca535db32a7aefbbb73a6?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/cephcsi-rhel8\u0026tag=v4.12.3-3" } } }, { "category": "product_version", "name": "odf4/mcg-core-rhel8@sha256:22cd2909e1b21b9ab56dc491fefb309a8a9088d85c928901b293267bb4efa6c7_ppc64le", "product": { "name": "odf4/mcg-core-rhel8@sha256:22cd2909e1b21b9ab56dc491fefb309a8a9088d85c928901b293267bb4efa6c7_ppc64le", "product_id": "odf4/mcg-core-rhel8@sha256:22cd2909e1b21b9ab56dc491fefb309a8a9088d85c928901b293267bb4efa6c7_ppc64le", "product_identification_helper": { "purl": "pkg:oci/mcg-core-rhel8@sha256:22cd2909e1b21b9ab56dc491fefb309a8a9088d85c928901b293267bb4efa6c7?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/mcg-core-rhel8\u0026tag=v4.12.3-4" } } }, { "category": "product_version", "name": "odf4/mcg-operator-bundle@sha256:bf058dd17e1f5b3c5b2ac4ea900eaf5fdd383564430aa6d0eaf0a7ae43f4feb7_ppc64le", "product": { "name": "odf4/mcg-operator-bundle@sha256:bf058dd17e1f5b3c5b2ac4ea900eaf5fdd383564430aa6d0eaf0a7ae43f4feb7_ppc64le", "product_id": "odf4/mcg-operator-bundle@sha256:bf058dd17e1f5b3c5b2ac4ea900eaf5fdd383564430aa6d0eaf0a7ae43f4feb7_ppc64le", "product_identification_helper": { "purl": "pkg:oci/mcg-operator-bundle@sha256:bf058dd17e1f5b3c5b2ac4ea900eaf5fdd383564430aa6d0eaf0a7ae43f4feb7?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/mcg-operator-bundle\u0026tag=v4.12.3-17" } } }, { "category": "product_version", "name": "odf4/mcg-rhel8-operator@sha256:2a393d0fe0de3da3358b578b123283f21b2433c6d50f1c512a48732409d11fce_ppc64le", "product": { "name": "odf4/mcg-rhel8-operator@sha256:2a393d0fe0de3da3358b578b123283f21b2433c6d50f1c512a48732409d11fce_ppc64le", "product_id": "odf4/mcg-rhel8-operator@sha256:2a393d0fe0de3da3358b578b123283f21b2433c6d50f1c512a48732409d11fce_ppc64le", "product_identification_helper": { "purl": "pkg:oci/mcg-rhel8-operator@sha256:2a393d0fe0de3da3358b578b123283f21b2433c6d50f1c512a48732409d11fce?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/mcg-rhel8-operator\u0026tag=v4.12.3-3" } } }, { "category": "product_version", "name": "odf4/ocs-client-operator-bundle@sha256:25252d3fabe165984b424b74437c428dc4f635aba06e245b3a1cc5e309bdf9df_ppc64le", "product": { "name": "odf4/ocs-client-operator-bundle@sha256:25252d3fabe165984b424b74437c428dc4f635aba06e245b3a1cc5e309bdf9df_ppc64le", "product_id": "odf4/ocs-client-operator-bundle@sha256:25252d3fabe165984b424b74437c428dc4f635aba06e245b3a1cc5e309bdf9df_ppc64le", "product_identification_helper": { "purl": "pkg:oci/ocs-client-operator-bundle@sha256:25252d3fabe165984b424b74437c428dc4f635aba06e245b3a1cc5e309bdf9df?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/ocs-client-operator-bundle\u0026tag=v4.12.3-17" } } }, { "category": "product_version", "name": "odf4/ocs-client-rhel8-operator@sha256:7d55b8c8f830ef6e54078ad66c79b69e356d2e4cd391f60db6be473033f299a5_ppc64le", "product": { "name": "odf4/ocs-client-rhel8-operator@sha256:7d55b8c8f830ef6e54078ad66c79b69e356d2e4cd391f60db6be473033f299a5_ppc64le", "product_id": "odf4/ocs-client-rhel8-operator@sha256:7d55b8c8f830ef6e54078ad66c79b69e356d2e4cd391f60db6be473033f299a5_ppc64le", "product_identification_helper": { "purl": "pkg:oci/ocs-client-rhel8-operator@sha256:7d55b8c8f830ef6e54078ad66c79b69e356d2e4cd391f60db6be473033f299a5?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/ocs-client-rhel8-operator\u0026tag=v4.12.3-2" } } }, { "category": "product_version", "name": "odf4/ocs-metrics-exporter-rhel8@sha256:6d4dbcdd641b71ef7e6c6269a8a706fddaa2d137ca5e2d07c29766e620de205f_ppc64le", "product": { "name": "odf4/ocs-metrics-exporter-rhel8@sha256:6d4dbcdd641b71ef7e6c6269a8a706fddaa2d137ca5e2d07c29766e620de205f_ppc64le", "product_id": "odf4/ocs-metrics-exporter-rhel8@sha256:6d4dbcdd641b71ef7e6c6269a8a706fddaa2d137ca5e2d07c29766e620de205f_ppc64le", "product_identification_helper": { "purl": "pkg:oci/ocs-metrics-exporter-rhel8@sha256:6d4dbcdd641b71ef7e6c6269a8a706fddaa2d137ca5e2d07c29766e620de205f?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/ocs-metrics-exporter-rhel8\u0026tag=v4.12.3-5" } } }, { "category": "product_version", "name": "odf4/ocs-must-gather-rhel8@sha256:89a3457444d77fcc15546138ad259e2ccb29bfd7007dcb3dc3639c5a47c799c3_ppc64le", "product": { "name": "odf4/ocs-must-gather-rhel8@sha256:89a3457444d77fcc15546138ad259e2ccb29bfd7007dcb3dc3639c5a47c799c3_ppc64le", "product_id": "odf4/ocs-must-gather-rhel8@sha256:89a3457444d77fcc15546138ad259e2ccb29bfd7007dcb3dc3639c5a47c799c3_ppc64le", "product_identification_helper": { "purl": "pkg:oci/ocs-must-gather-rhel8@sha256:89a3457444d77fcc15546138ad259e2ccb29bfd7007dcb3dc3639c5a47c799c3?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/ocs-must-gather-rhel8\u0026tag=v4.12.3-5" } } }, { "category": "product_version", "name": "odf4/ocs-operator-bundle@sha256:d4bec711f42d23753357d1e73be1e35d6781424d22b295371d9622dccc0b33aa_ppc64le", "product": { "name": "odf4/ocs-operator-bundle@sha256:d4bec711f42d23753357d1e73be1e35d6781424d22b295371d9622dccc0b33aa_ppc64le", "product_id": "odf4/ocs-operator-bundle@sha256:d4bec711f42d23753357d1e73be1e35d6781424d22b295371d9622dccc0b33aa_ppc64le", "product_identification_helper": { "purl": "pkg:oci/ocs-operator-bundle@sha256:d4bec711f42d23753357d1e73be1e35d6781424d22b295371d9622dccc0b33aa?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/ocs-operator-bundle\u0026tag=v4.12.3-17" } } }, { "category": "product_version", "name": "odf4/ocs-rhel8-operator@sha256:e5ca033f2b87a40dc028df91b14c5fd92342f6599ff07b08b0c5a7f06b9e3257_ppc64le", "product": { "name": "odf4/ocs-rhel8-operator@sha256:e5ca033f2b87a40dc028df91b14c5fd92342f6599ff07b08b0c5a7f06b9e3257_ppc64le", "product_id": "odf4/ocs-rhel8-operator@sha256:e5ca033f2b87a40dc028df91b14c5fd92342f6599ff07b08b0c5a7f06b9e3257_ppc64le", "product_identification_helper": { "purl": "pkg:oci/ocs-rhel8-operator@sha256:e5ca033f2b87a40dc028df91b14c5fd92342f6599ff07b08b0c5a7f06b9e3257?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/ocs-rhel8-operator\u0026tag=v4.12.3-5" } } }, { "category": "product_version", "name": "odf4/odf-console-rhel8@sha256:6f1fc5945bafbf023825d576e2994f484eff88c7c34fcbd8a2234a7b144b42c1_ppc64le", "product": { "name": "odf4/odf-console-rhel8@sha256:6f1fc5945bafbf023825d576e2994f484eff88c7c34fcbd8a2234a7b144b42c1_ppc64le", "product_id": "odf4/odf-console-rhel8@sha256:6f1fc5945bafbf023825d576e2994f484eff88c7c34fcbd8a2234a7b144b42c1_ppc64le", "product_identification_helper": { "purl": "pkg:oci/odf-console-rhel8@sha256:6f1fc5945bafbf023825d576e2994f484eff88c7c34fcbd8a2234a7b144b42c1?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/odf-console-rhel8\u0026tag=v4.12.3-2" } } }, { "category": "product_version", "name": "odf4/odf-csi-addons-operator-bundle@sha256:b1fad19bb8ed92f5340ba5cfaa2c6f435831712d384e0c222bb997cbb811c4be_ppc64le", "product": { "name": "odf4/odf-csi-addons-operator-bundle@sha256:b1fad19bb8ed92f5340ba5cfaa2c6f435831712d384e0c222bb997cbb811c4be_ppc64le", "product_id": "odf4/odf-csi-addons-operator-bundle@sha256:b1fad19bb8ed92f5340ba5cfaa2c6f435831712d384e0c222bb997cbb811c4be_ppc64le", "product_identification_helper": { "purl": "pkg:oci/odf-csi-addons-operator-bundle@sha256:b1fad19bb8ed92f5340ba5cfaa2c6f435831712d384e0c222bb997cbb811c4be?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/odf-csi-addons-operator-bundle\u0026tag=v4.12.3-17" } } }, { "category": "product_version", "name": "odf4/odf-csi-addons-rhel8-operator@sha256:3245c50b363c3cadf2758934e273ffe8fcac489a303d2c39afea79abac1b52fb_ppc64le", "product": { "name": "odf4/odf-csi-addons-rhel8-operator@sha256:3245c50b363c3cadf2758934e273ffe8fcac489a303d2c39afea79abac1b52fb_ppc64le", "product_id": "odf4/odf-csi-addons-rhel8-operator@sha256:3245c50b363c3cadf2758934e273ffe8fcac489a303d2c39afea79abac1b52fb_ppc64le", "product_identification_helper": { "purl": "pkg:oci/odf-csi-addons-rhel8-operator@sha256:3245c50b363c3cadf2758934e273ffe8fcac489a303d2c39afea79abac1b52fb?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/odf-csi-addons-rhel8-operator\u0026tag=v4.12.3-3" } } }, { "category": "product_version", "name": "odf4/odf-csi-addons-sidecar-rhel8@sha256:06b915bf990e0a8b3679ad5fab4a98c155b02a88110d47429fc26c4b7fc54ca0_ppc64le", "product": { "name": "odf4/odf-csi-addons-sidecar-rhel8@sha256:06b915bf990e0a8b3679ad5fab4a98c155b02a88110d47429fc26c4b7fc54ca0_ppc64le", "product_id": "odf4/odf-csi-addons-sidecar-rhel8@sha256:06b915bf990e0a8b3679ad5fab4a98c155b02a88110d47429fc26c4b7fc54ca0_ppc64le", "product_identification_helper": { "purl": "pkg:oci/odf-csi-addons-sidecar-rhel8@sha256:06b915bf990e0a8b3679ad5fab4a98c155b02a88110d47429fc26c4b7fc54ca0?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/odf-csi-addons-sidecar-rhel8\u0026tag=v4.12.3-3" } } }, { "category": "product_version", "name": "odf4/odf-multicluster-console-rhel8@sha256:9eafc473d37d35fe5a84b36b8d3bf9876f529efd8b37ef4ff738cecb8b0f5389_ppc64le", "product": { "name": "odf4/odf-multicluster-console-rhel8@sha256:9eafc473d37d35fe5a84b36b8d3bf9876f529efd8b37ef4ff738cecb8b0f5389_ppc64le", "product_id": "odf4/odf-multicluster-console-rhel8@sha256:9eafc473d37d35fe5a84b36b8d3bf9876f529efd8b37ef4ff738cecb8b0f5389_ppc64le", "product_identification_helper": { "purl": "pkg:oci/odf-multicluster-console-rhel8@sha256:9eafc473d37d35fe5a84b36b8d3bf9876f529efd8b37ef4ff738cecb8b0f5389?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/odf-multicluster-console-rhel8\u0026tag=v4.12.3-2" } } }, { "category": "product_version", "name": "odf4/odf-multicluster-operator-bundle@sha256:4e36ce74a62b99f65ff1ce1a6b228ea34b5f6a18a5aad490ac2316ae141f4f2a_ppc64le", "product": { "name": "odf4/odf-multicluster-operator-bundle@sha256:4e36ce74a62b99f65ff1ce1a6b228ea34b5f6a18a5aad490ac2316ae141f4f2a_ppc64le", "product_id": "odf4/odf-multicluster-operator-bundle@sha256:4e36ce74a62b99f65ff1ce1a6b228ea34b5f6a18a5aad490ac2316ae141f4f2a_ppc64le", "product_identification_helper": { "purl": "pkg:oci/odf-multicluster-operator-bundle@sha256:4e36ce74a62b99f65ff1ce1a6b228ea34b5f6a18a5aad490ac2316ae141f4f2a?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/odf-multicluster-operator-bundle\u0026tag=v4.12.3-17" } } }, { "category": "product_version", "name": "odf4/odf-multicluster-rhel8-operator@sha256:2d18752f56076d91b6fcbdad4e934cada87ba270532c522e7da2239f5b6f6d7d_ppc64le", "product": { "name": "odf4/odf-multicluster-rhel8-operator@sha256:2d18752f56076d91b6fcbdad4e934cada87ba270532c522e7da2239f5b6f6d7d_ppc64le", "product_id": "odf4/odf-multicluster-rhel8-operator@sha256:2d18752f56076d91b6fcbdad4e934cada87ba270532c522e7da2239f5b6f6d7d_ppc64le", "product_identification_helper": { "purl": "pkg:oci/odf-multicluster-rhel8-operator@sha256:2d18752f56076d91b6fcbdad4e934cada87ba270532c522e7da2239f5b6f6d7d?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/odf-multicluster-rhel8-operator\u0026tag=v4.12.3-3" } } }, { "category": "product_version", "name": "odf4/odf-operator-bundle@sha256:75bab2b59593c31c4ae170b02f45ab193f8b5fb37eae53998bd2069662fc0efc_ppc64le", "product": { "name": "odf4/odf-operator-bundle@sha256:75bab2b59593c31c4ae170b02f45ab193f8b5fb37eae53998bd2069662fc0efc_ppc64le", "product_id": "odf4/odf-operator-bundle@sha256:75bab2b59593c31c4ae170b02f45ab193f8b5fb37eae53998bd2069662fc0efc_ppc64le", "product_identification_helper": { "purl": "pkg:oci/odf-operator-bundle@sha256:75bab2b59593c31c4ae170b02f45ab193f8b5fb37eae53998bd2069662fc0efc?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/odf-operator-bundle\u0026tag=v4.12.3-17" } } }, { "category": "product_version", "name": "odf4/odf-rhel8-operator@sha256:f53714b582b603bc851349cc4804f27235940fd577ed5b86ccad836a31ddc3fb_ppc64le", "product": { "name": "odf4/odf-rhel8-operator@sha256:f53714b582b603bc851349cc4804f27235940fd577ed5b86ccad836a31ddc3fb_ppc64le", "product_id": "odf4/odf-rhel8-operator@sha256:f53714b582b603bc851349cc4804f27235940fd577ed5b86ccad836a31ddc3fb_ppc64le", "product_identification_helper": { "purl": "pkg:oci/odf-rhel8-operator@sha256:f53714b582b603bc851349cc4804f27235940fd577ed5b86ccad836a31ddc3fb?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/odf-rhel8-operator\u0026tag=v4.12.3-3" } } }, { "category": "product_version", "name": "odf4/odr-cluster-operator-bundle@sha256:7c89ebe7245e3514f6e63d1eca3247b0922e88d232b41c43245d2594e29b27d7_ppc64le", "product": { "name": "odf4/odr-cluster-operator-bundle@sha256:7c89ebe7245e3514f6e63d1eca3247b0922e88d232b41c43245d2594e29b27d7_ppc64le", "product_id": "odf4/odr-cluster-operator-bundle@sha256:7c89ebe7245e3514f6e63d1eca3247b0922e88d232b41c43245d2594e29b27d7_ppc64le", "product_identification_helper": { "purl": "pkg:oci/odr-cluster-operator-bundle@sha256:7c89ebe7245e3514f6e63d1eca3247b0922e88d232b41c43245d2594e29b27d7?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/odr-cluster-operator-bundle\u0026tag=v4.12.3-17" } } }, { "category": "product_version", "name": "odf4/odr-hub-operator-bundle@sha256:2d884bb224a503deb344ac6a4895d6a6d0fe5ab364651eecf923204507c9c92b_ppc64le", "product": { "name": "odf4/odr-hub-operator-bundle@sha256:2d884bb224a503deb344ac6a4895d6a6d0fe5ab364651eecf923204507c9c92b_ppc64le", "product_id": "odf4/odr-hub-operator-bundle@sha256:2d884bb224a503deb344ac6a4895d6a6d0fe5ab364651eecf923204507c9c92b_ppc64le", "product_identification_helper": { "purl": "pkg:oci/odr-hub-operator-bundle@sha256:2d884bb224a503deb344ac6a4895d6a6d0fe5ab364651eecf923204507c9c92b?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/odr-hub-operator-bundle\u0026tag=v4.12.3-17" } } }, { "category": "product_version", "name": "odf4/odr-rhel8-operator@sha256:aa26f97020ed13ab7092b7a0aa05458a8775e4b4e936e4b9df9a96297df1f5b8_ppc64le", "product": { "name": "odf4/odr-rhel8-operator@sha256:aa26f97020ed13ab7092b7a0aa05458a8775e4b4e936e4b9df9a96297df1f5b8_ppc64le", "product_id": "odf4/odr-rhel8-operator@sha256:aa26f97020ed13ab7092b7a0aa05458a8775e4b4e936e4b9df9a96297df1f5b8_ppc64le", "product_identification_helper": { "purl": "pkg:oci/odr-rhel8-operator@sha256:aa26f97020ed13ab7092b7a0aa05458a8775e4b4e936e4b9df9a96297df1f5b8?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/odr-rhel8-operator\u0026tag=v4.12.3-2" } } }, { "category": "product_version", "name": "odf4/rook-ceph-rhel8-operator@sha256:198645ebf6a69810821c2d7644347b8abf918d89bbc2fcfc880ec28e924598f2_ppc64le", "product": { "name": "odf4/rook-ceph-rhel8-operator@sha256:198645ebf6a69810821c2d7644347b8abf918d89bbc2fcfc880ec28e924598f2_ppc64le", "product_id": "odf4/rook-ceph-rhel8-operator@sha256:198645ebf6a69810821c2d7644347b8abf918d89bbc2fcfc880ec28e924598f2_ppc64le", "product_identification_helper": { "purl": "pkg:oci/rook-ceph-rhel8-operator@sha256:198645ebf6a69810821c2d7644347b8abf918d89bbc2fcfc880ec28e924598f2?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/rook-ceph-rhel8-operator\u0026tag=v4.12.3-7" } } } ], "category": "architecture", "name": "ppc64le" }, { "branches": [ { "category": "product_version", "name": "odf4/cephcsi-rhel8@sha256:659ceb51c00824013f07d159bd689433ce41068f010b006047b750f75f134cb2_s390x", "product": { "name": "odf4/cephcsi-rhel8@sha256:659ceb51c00824013f07d159bd689433ce41068f010b006047b750f75f134cb2_s390x", "product_id": "odf4/cephcsi-rhel8@sha256:659ceb51c00824013f07d159bd689433ce41068f010b006047b750f75f134cb2_s390x", "product_identification_helper": { "purl": "pkg:oci/cephcsi-rhel8@sha256:659ceb51c00824013f07d159bd689433ce41068f010b006047b750f75f134cb2?arch=s390x\u0026repository_url=registry.redhat.io/odf4/cephcsi-rhel8\u0026tag=v4.12.3-3" } } }, { "category": "product_version", "name": "odf4/mcg-core-rhel8@sha256:5e7b40a8f03ee5a607eb911b2fe731c9fe65bfa8a54067c0987d94f02ff8bef9_s390x", "product": { "name": "odf4/mcg-core-rhel8@sha256:5e7b40a8f03ee5a607eb911b2fe731c9fe65bfa8a54067c0987d94f02ff8bef9_s390x", "product_id": "odf4/mcg-core-rhel8@sha256:5e7b40a8f03ee5a607eb911b2fe731c9fe65bfa8a54067c0987d94f02ff8bef9_s390x", "product_identification_helper": { "purl": "pkg:oci/mcg-core-rhel8@sha256:5e7b40a8f03ee5a607eb911b2fe731c9fe65bfa8a54067c0987d94f02ff8bef9?arch=s390x\u0026repository_url=registry.redhat.io/odf4/mcg-core-rhel8\u0026tag=v4.12.3-4" } } }, { "category": "product_version", "name": "odf4/mcg-operator-bundle@sha256:b20a7b4b7e31cbb0edac695572c6ea28075e260a8c68b6135a9dd25af2dc3460_s390x", "product": { "name": "odf4/mcg-operator-bundle@sha256:b20a7b4b7e31cbb0edac695572c6ea28075e260a8c68b6135a9dd25af2dc3460_s390x", "product_id": "odf4/mcg-operator-bundle@sha256:b20a7b4b7e31cbb0edac695572c6ea28075e260a8c68b6135a9dd25af2dc3460_s390x", "product_identification_helper": { "purl": "pkg:oci/mcg-operator-bundle@sha256:b20a7b4b7e31cbb0edac695572c6ea28075e260a8c68b6135a9dd25af2dc3460?arch=s390x\u0026repository_url=registry.redhat.io/odf4/mcg-operator-bundle\u0026tag=v4.12.3-17" } } }, { "category": "product_version", "name": "odf4/mcg-rhel8-operator@sha256:7c84f6197194047448c2d39d7d880555baf521d9c462e23b5342652eebcee3ec_s390x", "product": { "name": "odf4/mcg-rhel8-operator@sha256:7c84f6197194047448c2d39d7d880555baf521d9c462e23b5342652eebcee3ec_s390x", "product_id": "odf4/mcg-rhel8-operator@sha256:7c84f6197194047448c2d39d7d880555baf521d9c462e23b5342652eebcee3ec_s390x", "product_identification_helper": { "purl": "pkg:oci/mcg-rhel8-operator@sha256:7c84f6197194047448c2d39d7d880555baf521d9c462e23b5342652eebcee3ec?arch=s390x\u0026repository_url=registry.redhat.io/odf4/mcg-rhel8-operator\u0026tag=v4.12.3-3" } } }, { "category": "product_version", "name": "odf4/ocs-client-operator-bundle@sha256:0d4efd40efb2fbac2fd4b31e08ec36ddc2a5c7a558f83a1a1b41ab27be8c71c6_s390x", "product": { "name": "odf4/ocs-client-operator-bundle@sha256:0d4efd40efb2fbac2fd4b31e08ec36ddc2a5c7a558f83a1a1b41ab27be8c71c6_s390x", "product_id": "odf4/ocs-client-operator-bundle@sha256:0d4efd40efb2fbac2fd4b31e08ec36ddc2a5c7a558f83a1a1b41ab27be8c71c6_s390x", "product_identification_helper": { "purl": "pkg:oci/ocs-client-operator-bundle@sha256:0d4efd40efb2fbac2fd4b31e08ec36ddc2a5c7a558f83a1a1b41ab27be8c71c6?arch=s390x\u0026repository_url=registry.redhat.io/odf4/ocs-client-operator-bundle\u0026tag=v4.12.3-17" } } }, { "category": "product_version", "name": "odf4/ocs-client-rhel8-operator@sha256:ed6b5f49ec14f96b5be3b1e858648a613278713ca3e413b4172e6f57c5922d2f_s390x", "product": { "name": "odf4/ocs-client-rhel8-operator@sha256:ed6b5f49ec14f96b5be3b1e858648a613278713ca3e413b4172e6f57c5922d2f_s390x", "product_id": "odf4/ocs-client-rhel8-operator@sha256:ed6b5f49ec14f96b5be3b1e858648a613278713ca3e413b4172e6f57c5922d2f_s390x", "product_identification_helper": { "purl": "pkg:oci/ocs-client-rhel8-operator@sha256:ed6b5f49ec14f96b5be3b1e858648a613278713ca3e413b4172e6f57c5922d2f?arch=s390x\u0026repository_url=registry.redhat.io/odf4/ocs-client-rhel8-operator\u0026tag=v4.12.3-2" } } }, { "category": "product_version", "name": "odf4/ocs-metrics-exporter-rhel8@sha256:7c4ab2dca6e1ebc5b89014e4ec253e19473d6ae44f0d150dd8e7d22458056300_s390x", "product": { "name": "odf4/ocs-metrics-exporter-rhel8@sha256:7c4ab2dca6e1ebc5b89014e4ec253e19473d6ae44f0d150dd8e7d22458056300_s390x", "product_id": "odf4/ocs-metrics-exporter-rhel8@sha256:7c4ab2dca6e1ebc5b89014e4ec253e19473d6ae44f0d150dd8e7d22458056300_s390x", "product_identification_helper": { "purl": "pkg:oci/ocs-metrics-exporter-rhel8@sha256:7c4ab2dca6e1ebc5b89014e4ec253e19473d6ae44f0d150dd8e7d22458056300?arch=s390x\u0026repository_url=registry.redhat.io/odf4/ocs-metrics-exporter-rhel8\u0026tag=v4.12.3-5" } } }, { "category": "product_version", "name": "odf4/ocs-must-gather-rhel8@sha256:68992b4619ea57b8ab612278c1a02782b855b57bd436ae2c2395b6c55211d816_s390x", "product": { "name": "odf4/ocs-must-gather-rhel8@sha256:68992b4619ea57b8ab612278c1a02782b855b57bd436ae2c2395b6c55211d816_s390x", "product_id": "odf4/ocs-must-gather-rhel8@sha256:68992b4619ea57b8ab612278c1a02782b855b57bd436ae2c2395b6c55211d816_s390x", "product_identification_helper": { "purl": "pkg:oci/ocs-must-gather-rhel8@sha256:68992b4619ea57b8ab612278c1a02782b855b57bd436ae2c2395b6c55211d816?arch=s390x\u0026repository_url=registry.redhat.io/odf4/ocs-must-gather-rhel8\u0026tag=v4.12.3-5" } } }, { "category": "product_version", "name": "odf4/ocs-operator-bundle@sha256:5a7bc8abfd378a1314ebea571ba0483abaca80867fe7fdc1d0cb99772981a503_s390x", "product": { "name": "odf4/ocs-operator-bundle@sha256:5a7bc8abfd378a1314ebea571ba0483abaca80867fe7fdc1d0cb99772981a503_s390x", "product_id": "odf4/ocs-operator-bundle@sha256:5a7bc8abfd378a1314ebea571ba0483abaca80867fe7fdc1d0cb99772981a503_s390x", "product_identification_helper": { "purl": "pkg:oci/ocs-operator-bundle@sha256:5a7bc8abfd378a1314ebea571ba0483abaca80867fe7fdc1d0cb99772981a503?arch=s390x\u0026repository_url=registry.redhat.io/odf4/ocs-operator-bundle\u0026tag=v4.12.3-17" } } }, { "category": "product_version", "name": "odf4/ocs-rhel8-operator@sha256:c5bb36336e3280dbc6fe2f969c73f40f31fbdfecf89e55b0bb8d2b83fa579644_s390x", "product": { "name": "odf4/ocs-rhel8-operator@sha256:c5bb36336e3280dbc6fe2f969c73f40f31fbdfecf89e55b0bb8d2b83fa579644_s390x", "product_id": "odf4/ocs-rhel8-operator@sha256:c5bb36336e3280dbc6fe2f969c73f40f31fbdfecf89e55b0bb8d2b83fa579644_s390x", "product_identification_helper": { "purl": "pkg:oci/ocs-rhel8-operator@sha256:c5bb36336e3280dbc6fe2f969c73f40f31fbdfecf89e55b0bb8d2b83fa579644?arch=s390x\u0026repository_url=registry.redhat.io/odf4/ocs-rhel8-operator\u0026tag=v4.12.3-5" } } }, { "category": "product_version", "name": "odf4/odf-console-rhel8@sha256:b3d6539df6ca21e8bfb772991cf1c0103ad20388159996e83f6f400a64d93a89_s390x", "product": { "name": "odf4/odf-console-rhel8@sha256:b3d6539df6ca21e8bfb772991cf1c0103ad20388159996e83f6f400a64d93a89_s390x", "product_id": "odf4/odf-console-rhel8@sha256:b3d6539df6ca21e8bfb772991cf1c0103ad20388159996e83f6f400a64d93a89_s390x", "product_identification_helper": { "purl": "pkg:oci/odf-console-rhel8@sha256:b3d6539df6ca21e8bfb772991cf1c0103ad20388159996e83f6f400a64d93a89?arch=s390x\u0026repository_url=registry.redhat.io/odf4/odf-console-rhel8\u0026tag=v4.12.3-2" } } }, { "category": "product_version", "name": "odf4/odf-csi-addons-operator-bundle@sha256:c58240dff0db8328d56d36fd2bcdcdfdb43ebaebbe445628150e6e6079439ae6_s390x", "product": { "name": "odf4/odf-csi-addons-operator-bundle@sha256:c58240dff0db8328d56d36fd2bcdcdfdb43ebaebbe445628150e6e6079439ae6_s390x", "product_id": "odf4/odf-csi-addons-operator-bundle@sha256:c58240dff0db8328d56d36fd2bcdcdfdb43ebaebbe445628150e6e6079439ae6_s390x", "product_identification_helper": { "purl": "pkg:oci/odf-csi-addons-operator-bundle@sha256:c58240dff0db8328d56d36fd2bcdcdfdb43ebaebbe445628150e6e6079439ae6?arch=s390x\u0026repository_url=registry.redhat.io/odf4/odf-csi-addons-operator-bundle\u0026tag=v4.12.3-17" } } }, { "category": "product_version", "name": "odf4/odf-csi-addons-rhel8-operator@sha256:f6a9c322c4dff132bbf01d1fc088a5988b5174ca953054c7d722bbd837b7d23b_s390x", "product": { "name": "odf4/odf-csi-addons-rhel8-operator@sha256:f6a9c322c4dff132bbf01d1fc088a5988b5174ca953054c7d722bbd837b7d23b_s390x", "product_id": "odf4/odf-csi-addons-rhel8-operator@sha256:f6a9c322c4dff132bbf01d1fc088a5988b5174ca953054c7d722bbd837b7d23b_s390x", "product_identification_helper": { "purl": "pkg:oci/odf-csi-addons-rhel8-operator@sha256:f6a9c322c4dff132bbf01d1fc088a5988b5174ca953054c7d722bbd837b7d23b?arch=s390x\u0026repository_url=registry.redhat.io/odf4/odf-csi-addons-rhel8-operator\u0026tag=v4.12.3-3" } } }, { "category": "product_version", "name": "odf4/odf-csi-addons-sidecar-rhel8@sha256:8f812808ce2767198968eb49004d1d0a6b70cb5ad19f306e78c84c1aa7b3775c_s390x", "product": { "name": "odf4/odf-csi-addons-sidecar-rhel8@sha256:8f812808ce2767198968eb49004d1d0a6b70cb5ad19f306e78c84c1aa7b3775c_s390x", "product_id": "odf4/odf-csi-addons-sidecar-rhel8@sha256:8f812808ce2767198968eb49004d1d0a6b70cb5ad19f306e78c84c1aa7b3775c_s390x", "product_identification_helper": { "purl": "pkg:oci/odf-csi-addons-sidecar-rhel8@sha256:8f812808ce2767198968eb49004d1d0a6b70cb5ad19f306e78c84c1aa7b3775c?arch=s390x\u0026repository_url=registry.redhat.io/odf4/odf-csi-addons-sidecar-rhel8\u0026tag=v4.12.3-3" } } }, { "category": "product_version", "name": "odf4/odf-multicluster-console-rhel8@sha256:390481a9f0f0769056df89f5ce3cb2fbbeadf0e2f8d44469f68a9291e2d9fa48_s390x", "product": { "name": "odf4/odf-multicluster-console-rhel8@sha256:390481a9f0f0769056df89f5ce3cb2fbbeadf0e2f8d44469f68a9291e2d9fa48_s390x", "product_id": "odf4/odf-multicluster-console-rhel8@sha256:390481a9f0f0769056df89f5ce3cb2fbbeadf0e2f8d44469f68a9291e2d9fa48_s390x", "product_identification_helper": { "purl": "pkg:oci/odf-multicluster-console-rhel8@sha256:390481a9f0f0769056df89f5ce3cb2fbbeadf0e2f8d44469f68a9291e2d9fa48?arch=s390x\u0026repository_url=registry.redhat.io/odf4/odf-multicluster-console-rhel8\u0026tag=v4.12.3-2" } } }, { "category": "product_version", "name": "odf4/odf-multicluster-operator-bundle@sha256:2afd8dc3f15a7eadad49f3c18d00ef9136dbf59f26e5b8345b16f92233dbd352_s390x", "product": { "name": "odf4/odf-multicluster-operator-bundle@sha256:2afd8dc3f15a7eadad49f3c18d00ef9136dbf59f26e5b8345b16f92233dbd352_s390x", "product_id": "odf4/odf-multicluster-operator-bundle@sha256:2afd8dc3f15a7eadad49f3c18d00ef9136dbf59f26e5b8345b16f92233dbd352_s390x", "product_identification_helper": { "purl": "pkg:oci/odf-multicluster-operator-bundle@sha256:2afd8dc3f15a7eadad49f3c18d00ef9136dbf59f26e5b8345b16f92233dbd352?arch=s390x\u0026repository_url=registry.redhat.io/odf4/odf-multicluster-operator-bundle\u0026tag=v4.12.3-17" } } }, { "category": "product_version", "name": "odf4/odf-multicluster-rhel8-operator@sha256:ce78718d4271a615f37066af652439409f7e7dcf2c5734185a3961c8e83ac4b4_s390x", "product": { "name": "odf4/odf-multicluster-rhel8-operator@sha256:ce78718d4271a615f37066af652439409f7e7dcf2c5734185a3961c8e83ac4b4_s390x", "product_id": "odf4/odf-multicluster-rhel8-operator@sha256:ce78718d4271a615f37066af652439409f7e7dcf2c5734185a3961c8e83ac4b4_s390x", "product_identification_helper": { "purl": "pkg:oci/odf-multicluster-rhel8-operator@sha256:ce78718d4271a615f37066af652439409f7e7dcf2c5734185a3961c8e83ac4b4?arch=s390x\u0026repository_url=registry.redhat.io/odf4/odf-multicluster-rhel8-operator\u0026tag=v4.12.3-3" } } }, { "category": "product_version", "name": "odf4/odf-operator-bundle@sha256:a912aa614bfd273fb6e6da47c32d00ca5aa4a45af3edfeb5f9f870ba4797a5ec_s390x", "product": { "name": "odf4/odf-operator-bundle@sha256:a912aa614bfd273fb6e6da47c32d00ca5aa4a45af3edfeb5f9f870ba4797a5ec_s390x", "product_id": "odf4/odf-operator-bundle@sha256:a912aa614bfd273fb6e6da47c32d00ca5aa4a45af3edfeb5f9f870ba4797a5ec_s390x", "product_identification_helper": { "purl": "pkg:oci/odf-operator-bundle@sha256:a912aa614bfd273fb6e6da47c32d00ca5aa4a45af3edfeb5f9f870ba4797a5ec?arch=s390x\u0026repository_url=registry.redhat.io/odf4/odf-operator-bundle\u0026tag=v4.12.3-17" } } }, { "category": "product_version", "name": "odf4/odf-rhel8-operator@sha256:1e3deb6461dae99c94b20f70e4c155551e8579287c1696f752a89c8098953f8d_s390x", "product": { "name": "odf4/odf-rhel8-operator@sha256:1e3deb6461dae99c94b20f70e4c155551e8579287c1696f752a89c8098953f8d_s390x", "product_id": "odf4/odf-rhel8-operator@sha256:1e3deb6461dae99c94b20f70e4c155551e8579287c1696f752a89c8098953f8d_s390x", "product_identification_helper": { "purl": "pkg:oci/odf-rhel8-operator@sha256:1e3deb6461dae99c94b20f70e4c155551e8579287c1696f752a89c8098953f8d?arch=s390x\u0026repository_url=registry.redhat.io/odf4/odf-rhel8-operator\u0026tag=v4.12.3-3" } } }, { "category": "product_version", "name": "odf4/odr-cluster-operator-bundle@sha256:78a8b463c8d4161b556c821210eae69243fc73ceb90db49f4ca055a38acde6e0_s390x", "product": { "name": "odf4/odr-cluster-operator-bundle@sha256:78a8b463c8d4161b556c821210eae69243fc73ceb90db49f4ca055a38acde6e0_s390x", "product_id": "odf4/odr-cluster-operator-bundle@sha256:78a8b463c8d4161b556c821210eae69243fc73ceb90db49f4ca055a38acde6e0_s390x", "product_identification_helper": { "purl": "pkg:oci/odr-cluster-operator-bundle@sha256:78a8b463c8d4161b556c821210eae69243fc73ceb90db49f4ca055a38acde6e0?arch=s390x\u0026repository_url=registry.redhat.io/odf4/odr-cluster-operator-bundle\u0026tag=v4.12.3-17" } } }, { "category": "product_version", "name": "odf4/odr-hub-operator-bundle@sha256:c143b2cb9690b850b28d2f5c5394d5e4abefd5404fb41a17c5106058ff241286_s390x", "product": { "name": "odf4/odr-hub-operator-bundle@sha256:c143b2cb9690b850b28d2f5c5394d5e4abefd5404fb41a17c5106058ff241286_s390x", "product_id": "odf4/odr-hub-operator-bundle@sha256:c143b2cb9690b850b28d2f5c5394d5e4abefd5404fb41a17c5106058ff241286_s390x", "product_identification_helper": { "purl": "pkg:oci/odr-hub-operator-bundle@sha256:c143b2cb9690b850b28d2f5c5394d5e4abefd5404fb41a17c5106058ff241286?arch=s390x\u0026repository_url=registry.redhat.io/odf4/odr-hub-operator-bundle\u0026tag=v4.12.3-17" } } }, { "category": "product_version", "name": "odf4/odr-rhel8-operator@sha256:eafa31da6f87efcf476ab63d3b11ed8c7a42e67ef42a2494e70a5fe085e40438_s390x", "product": { "name": "odf4/odr-rhel8-operator@sha256:eafa31da6f87efcf476ab63d3b11ed8c7a42e67ef42a2494e70a5fe085e40438_s390x", "product_id": "odf4/odr-rhel8-operator@sha256:eafa31da6f87efcf476ab63d3b11ed8c7a42e67ef42a2494e70a5fe085e40438_s390x", "product_identification_helper": { "purl": "pkg:oci/odr-rhel8-operator@sha256:eafa31da6f87efcf476ab63d3b11ed8c7a42e67ef42a2494e70a5fe085e40438?arch=s390x\u0026repository_url=registry.redhat.io/odf4/odr-rhel8-operator\u0026tag=v4.12.3-2" } } }, { "category": "product_version", "name": "odf4/rook-ceph-rhel8-operator@sha256:72c63ded186464f185d399145e25ed21ea1a07c52ab842eebdaff224cc2e7998_s390x", "product": { "name": "odf4/rook-ceph-rhel8-operator@sha256:72c63ded186464f185d399145e25ed21ea1a07c52ab842eebdaff224cc2e7998_s390x", "product_id": "odf4/rook-ceph-rhel8-operator@sha256:72c63ded186464f185d399145e25ed21ea1a07c52ab842eebdaff224cc2e7998_s390x", "product_identification_helper": { "purl": "pkg:oci/rook-ceph-rhel8-operator@sha256:72c63ded186464f185d399145e25ed21ea1a07c52ab842eebdaff224cc2e7998?arch=s390x\u0026repository_url=registry.redhat.io/odf4/rook-ceph-rhel8-operator\u0026tag=v4.12.3-7" } } } ], "category": "architecture", "name": "s390x" } ], "category": "vendor", "name": "Red Hat" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "odf4/cephcsi-rhel8@sha256:55c1cdf2a7c32c5e32eb2ff3372bbb3b46e3b2da39cca535db32a7aefbbb73a6_ppc64le as a component of RHODF 4.12 for RHEL 8", "product_id": "8Base-RHODF-4.12:odf4/cephcsi-rhel8@sha256:55c1cdf2a7c32c5e32eb2ff3372bbb3b46e3b2da39cca535db32a7aefbbb73a6_ppc64le" }, "product_reference": "odf4/cephcsi-rhel8@sha256:55c1cdf2a7c32c5e32eb2ff3372bbb3b46e3b2da39cca535db32a7aefbbb73a6_ppc64le", "relates_to_product_reference": "8Base-RHODF-4.12" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/cephcsi-rhel8@sha256:659ceb51c00824013f07d159bd689433ce41068f010b006047b750f75f134cb2_s390x as a component of RHODF 4.12 for RHEL 8", "product_id": "8Base-RHODF-4.12:odf4/cephcsi-rhel8@sha256:659ceb51c00824013f07d159bd689433ce41068f010b006047b750f75f134cb2_s390x" }, "product_reference": "odf4/cephcsi-rhel8@sha256:659ceb51c00824013f07d159bd689433ce41068f010b006047b750f75f134cb2_s390x", "relates_to_product_reference": "8Base-RHODF-4.12" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/cephcsi-rhel8@sha256:db90c6bf02b4e7b40538ed52ee4e3d27733c24bf434610277b26b2ee5ae32f53_amd64 as a component of RHODF 4.12 for RHEL 8", "product_id": "8Base-RHODF-4.12:odf4/cephcsi-rhel8@sha256:db90c6bf02b4e7b40538ed52ee4e3d27733c24bf434610277b26b2ee5ae32f53_amd64" }, "product_reference": "odf4/cephcsi-rhel8@sha256:db90c6bf02b4e7b40538ed52ee4e3d27733c24bf434610277b26b2ee5ae32f53_amd64", "relates_to_product_reference": "8Base-RHODF-4.12" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/mcg-core-rhel8@sha256:22cd2909e1b21b9ab56dc491fefb309a8a9088d85c928901b293267bb4efa6c7_ppc64le as a component of RHODF 4.12 for RHEL 8", "product_id": "8Base-RHODF-4.12:odf4/mcg-core-rhel8@sha256:22cd2909e1b21b9ab56dc491fefb309a8a9088d85c928901b293267bb4efa6c7_ppc64le" }, "product_reference": "odf4/mcg-core-rhel8@sha256:22cd2909e1b21b9ab56dc491fefb309a8a9088d85c928901b293267bb4efa6c7_ppc64le", "relates_to_product_reference": "8Base-RHODF-4.12" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/mcg-core-rhel8@sha256:5e7b40a8f03ee5a607eb911b2fe731c9fe65bfa8a54067c0987d94f02ff8bef9_s390x as a component of RHODF 4.12 for RHEL 8", "product_id": "8Base-RHODF-4.12:odf4/mcg-core-rhel8@sha256:5e7b40a8f03ee5a607eb911b2fe731c9fe65bfa8a54067c0987d94f02ff8bef9_s390x" }, "product_reference": "odf4/mcg-core-rhel8@sha256:5e7b40a8f03ee5a607eb911b2fe731c9fe65bfa8a54067c0987d94f02ff8bef9_s390x", "relates_to_product_reference": "8Base-RHODF-4.12" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/mcg-core-rhel8@sha256:e0c221ae29034b17db88998d4703a1d515778d17a8ce40737fa711fad2726c5c_amd64 as a component of RHODF 4.12 for RHEL 8", "product_id": "8Base-RHODF-4.12:odf4/mcg-core-rhel8@sha256:e0c221ae29034b17db88998d4703a1d515778d17a8ce40737fa711fad2726c5c_amd64" }, "product_reference": "odf4/mcg-core-rhel8@sha256:e0c221ae29034b17db88998d4703a1d515778d17a8ce40737fa711fad2726c5c_amd64", "relates_to_product_reference": "8Base-RHODF-4.12" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/mcg-operator-bundle@sha256:0d03a74a889701f101ec0b3d454a8ad133a58a020b05e84addbd0c0393c62b45_amd64 as a component of RHODF 4.12 for RHEL 8", "product_id": "8Base-RHODF-4.12:odf4/mcg-operator-bundle@sha256:0d03a74a889701f101ec0b3d454a8ad133a58a020b05e84addbd0c0393c62b45_amd64" }, "product_reference": "odf4/mcg-operator-bundle@sha256:0d03a74a889701f101ec0b3d454a8ad133a58a020b05e84addbd0c0393c62b45_amd64", "relates_to_product_reference": "8Base-RHODF-4.12" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/mcg-operator-bundle@sha256:b20a7b4b7e31cbb0edac695572c6ea28075e260a8c68b6135a9dd25af2dc3460_s390x as a component of RHODF 4.12 for RHEL 8", "product_id": "8Base-RHODF-4.12:odf4/mcg-operator-bundle@sha256:b20a7b4b7e31cbb0edac695572c6ea28075e260a8c68b6135a9dd25af2dc3460_s390x" }, "product_reference": "odf4/mcg-operator-bundle@sha256:b20a7b4b7e31cbb0edac695572c6ea28075e260a8c68b6135a9dd25af2dc3460_s390x", "relates_to_product_reference": "8Base-RHODF-4.12" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/mcg-operator-bundle@sha256:bf058dd17e1f5b3c5b2ac4ea900eaf5fdd383564430aa6d0eaf0a7ae43f4feb7_ppc64le as a component of RHODF 4.12 for RHEL 8", "product_id": "8Base-RHODF-4.12:odf4/mcg-operator-bundle@sha256:bf058dd17e1f5b3c5b2ac4ea900eaf5fdd383564430aa6d0eaf0a7ae43f4feb7_ppc64le" }, "product_reference": "odf4/mcg-operator-bundle@sha256:bf058dd17e1f5b3c5b2ac4ea900eaf5fdd383564430aa6d0eaf0a7ae43f4feb7_ppc64le", "relates_to_product_reference": "8Base-RHODF-4.12" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/mcg-rhel8-operator@sha256:2a393d0fe0de3da3358b578b123283f21b2433c6d50f1c512a48732409d11fce_ppc64le as a component of RHODF 4.12 for RHEL 8", "product_id": "8Base-RHODF-4.12:odf4/mcg-rhel8-operator@sha256:2a393d0fe0de3da3358b578b123283f21b2433c6d50f1c512a48732409d11fce_ppc64le" }, "product_reference": "odf4/mcg-rhel8-operator@sha256:2a393d0fe0de3da3358b578b123283f21b2433c6d50f1c512a48732409d11fce_ppc64le", "relates_to_product_reference": "8Base-RHODF-4.12" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/mcg-rhel8-operator@sha256:7c84f6197194047448c2d39d7d880555baf521d9c462e23b5342652eebcee3ec_s390x as a component of RHODF 4.12 for RHEL 8", "product_id": "8Base-RHODF-4.12:odf4/mcg-rhel8-operator@sha256:7c84f6197194047448c2d39d7d880555baf521d9c462e23b5342652eebcee3ec_s390x" }, "product_reference": "odf4/mcg-rhel8-operator@sha256:7c84f6197194047448c2d39d7d880555baf521d9c462e23b5342652eebcee3ec_s390x", "relates_to_product_reference": "8Base-RHODF-4.12" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/mcg-rhel8-operator@sha256:cd09a1ccd0b8795385d965ccf2910c231ee5f08c7d62ef4725a59b553192595a_amd64 as a component of RHODF 4.12 for RHEL 8", "product_id": "8Base-RHODF-4.12:odf4/mcg-rhel8-operator@sha256:cd09a1ccd0b8795385d965ccf2910c231ee5f08c7d62ef4725a59b553192595a_amd64" }, "product_reference": "odf4/mcg-rhel8-operator@sha256:cd09a1ccd0b8795385d965ccf2910c231ee5f08c7d62ef4725a59b553192595a_amd64", "relates_to_product_reference": "8Base-RHODF-4.12" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/ocs-client-operator-bundle@sha256:0d4efd40efb2fbac2fd4b31e08ec36ddc2a5c7a558f83a1a1b41ab27be8c71c6_s390x as a component of RHODF 4.12 for RHEL 8", "product_id": "8Base-RHODF-4.12:odf4/ocs-client-operator-bundle@sha256:0d4efd40efb2fbac2fd4b31e08ec36ddc2a5c7a558f83a1a1b41ab27be8c71c6_s390x" }, "product_reference": "odf4/ocs-client-operator-bundle@sha256:0d4efd40efb2fbac2fd4b31e08ec36ddc2a5c7a558f83a1a1b41ab27be8c71c6_s390x", "relates_to_product_reference": "8Base-RHODF-4.12" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/ocs-client-operator-bundle@sha256:25252d3fabe165984b424b74437c428dc4f635aba06e245b3a1cc5e309bdf9df_ppc64le as a component of RHODF 4.12 for RHEL 8", "product_id": "8Base-RHODF-4.12:odf4/ocs-client-operator-bundle@sha256:25252d3fabe165984b424b74437c428dc4f635aba06e245b3a1cc5e309bdf9df_ppc64le" }, "product_reference": "odf4/ocs-client-operator-bundle@sha256:25252d3fabe165984b424b74437c428dc4f635aba06e245b3a1cc5e309bdf9df_ppc64le", "relates_to_product_reference": "8Base-RHODF-4.12" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/ocs-client-operator-bundle@sha256:572921e5851d187787f22b25f349dee75d0383e959440372a159acc8dd7c17a1_amd64 as a component of RHODF 4.12 for RHEL 8", "product_id": "8Base-RHODF-4.12:odf4/ocs-client-operator-bundle@sha256:572921e5851d187787f22b25f349dee75d0383e959440372a159acc8dd7c17a1_amd64" }, "product_reference": "odf4/ocs-client-operator-bundle@sha256:572921e5851d187787f22b25f349dee75d0383e959440372a159acc8dd7c17a1_amd64", "relates_to_product_reference": "8Base-RHODF-4.12" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/ocs-client-rhel8-operator@sha256:0f05a9eb9f6528447456ffab6f86a354990745c7d994095b4c9fa8a9748159ea_amd64 as a component of RHODF 4.12 for RHEL 8", "product_id": "8Base-RHODF-4.12:odf4/ocs-client-rhel8-operator@sha256:0f05a9eb9f6528447456ffab6f86a354990745c7d994095b4c9fa8a9748159ea_amd64" }, "product_reference": "odf4/ocs-client-rhel8-operator@sha256:0f05a9eb9f6528447456ffab6f86a354990745c7d994095b4c9fa8a9748159ea_amd64", "relates_to_product_reference": "8Base-RHODF-4.12" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/ocs-client-rhel8-operator@sha256:7d55b8c8f830ef6e54078ad66c79b69e356d2e4cd391f60db6be473033f299a5_ppc64le as a component of RHODF 4.12 for RHEL 8", "product_id": "8Base-RHODF-4.12:odf4/ocs-client-rhel8-operator@sha256:7d55b8c8f830ef6e54078ad66c79b69e356d2e4cd391f60db6be473033f299a5_ppc64le" }, "product_reference": "odf4/ocs-client-rhel8-operator@sha256:7d55b8c8f830ef6e54078ad66c79b69e356d2e4cd391f60db6be473033f299a5_ppc64le", "relates_to_product_reference": "8Base-RHODF-4.12" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/ocs-client-rhel8-operator@sha256:ed6b5f49ec14f96b5be3b1e858648a613278713ca3e413b4172e6f57c5922d2f_s390x as a component of RHODF 4.12 for RHEL 8", "product_id": "8Base-RHODF-4.12:odf4/ocs-client-rhel8-operator@sha256:ed6b5f49ec14f96b5be3b1e858648a613278713ca3e413b4172e6f57c5922d2f_s390x" }, "product_reference": "odf4/ocs-client-rhel8-operator@sha256:ed6b5f49ec14f96b5be3b1e858648a613278713ca3e413b4172e6f57c5922d2f_s390x", "relates_to_product_reference": "8Base-RHODF-4.12" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/ocs-metrics-exporter-rhel8@sha256:39c37b2a5cb55ca71c823b74f0b4c75ac61ef88d7f22c7abadc9b1ef5d077b20_amd64 as a component of RHODF 4.12 for RHEL 8", "product_id": "8Base-RHODF-4.12:odf4/ocs-metrics-exporter-rhel8@sha256:39c37b2a5cb55ca71c823b74f0b4c75ac61ef88d7f22c7abadc9b1ef5d077b20_amd64" }, "product_reference": "odf4/ocs-metrics-exporter-rhel8@sha256:39c37b2a5cb55ca71c823b74f0b4c75ac61ef88d7f22c7abadc9b1ef5d077b20_amd64", "relates_to_product_reference": "8Base-RHODF-4.12" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/ocs-metrics-exporter-rhel8@sha256:6d4dbcdd641b71ef7e6c6269a8a706fddaa2d137ca5e2d07c29766e620de205f_ppc64le as a component of RHODF 4.12 for RHEL 8", "product_id": "8Base-RHODF-4.12:odf4/ocs-metrics-exporter-rhel8@sha256:6d4dbcdd641b71ef7e6c6269a8a706fddaa2d137ca5e2d07c29766e620de205f_ppc64le" }, "product_reference": "odf4/ocs-metrics-exporter-rhel8@sha256:6d4dbcdd641b71ef7e6c6269a8a706fddaa2d137ca5e2d07c29766e620de205f_ppc64le", "relates_to_product_reference": "8Base-RHODF-4.12" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/ocs-metrics-exporter-rhel8@sha256:7c4ab2dca6e1ebc5b89014e4ec253e19473d6ae44f0d150dd8e7d22458056300_s390x as a component of RHODF 4.12 for RHEL 8", "product_id": "8Base-RHODF-4.12:odf4/ocs-metrics-exporter-rhel8@sha256:7c4ab2dca6e1ebc5b89014e4ec253e19473d6ae44f0d150dd8e7d22458056300_s390x" }, "product_reference": "odf4/ocs-metrics-exporter-rhel8@sha256:7c4ab2dca6e1ebc5b89014e4ec253e19473d6ae44f0d150dd8e7d22458056300_s390x", "relates_to_product_reference": "8Base-RHODF-4.12" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/ocs-must-gather-rhel8@sha256:68992b4619ea57b8ab612278c1a02782b855b57bd436ae2c2395b6c55211d816_s390x as a component of RHODF 4.12 for RHEL 8", "product_id": "8Base-RHODF-4.12:odf4/ocs-must-gather-rhel8@sha256:68992b4619ea57b8ab612278c1a02782b855b57bd436ae2c2395b6c55211d816_s390x" }, "product_reference": "odf4/ocs-must-gather-rhel8@sha256:68992b4619ea57b8ab612278c1a02782b855b57bd436ae2c2395b6c55211d816_s390x", "relates_to_product_reference": "8Base-RHODF-4.12" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/ocs-must-gather-rhel8@sha256:89a3457444d77fcc15546138ad259e2ccb29bfd7007dcb3dc3639c5a47c799c3_ppc64le as a component of RHODF 4.12 for RHEL 8", "product_id": "8Base-RHODF-4.12:odf4/ocs-must-gather-rhel8@sha256:89a3457444d77fcc15546138ad259e2ccb29bfd7007dcb3dc3639c5a47c799c3_ppc64le" }, "product_reference": "odf4/ocs-must-gather-rhel8@sha256:89a3457444d77fcc15546138ad259e2ccb29bfd7007dcb3dc3639c5a47c799c3_ppc64le", "relates_to_product_reference": "8Base-RHODF-4.12" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/ocs-must-gather-rhel8@sha256:fa7d06a3c4204ee865eb284393faefacdd2113fa5bdb7412c3b7b6473852832b_amd64 as a component of RHODF 4.12 for RHEL 8", "product_id": "8Base-RHODF-4.12:odf4/ocs-must-gather-rhel8@sha256:fa7d06a3c4204ee865eb284393faefacdd2113fa5bdb7412c3b7b6473852832b_amd64" }, "product_reference": "odf4/ocs-must-gather-rhel8@sha256:fa7d06a3c4204ee865eb284393faefacdd2113fa5bdb7412c3b7b6473852832b_amd64", "relates_to_product_reference": "8Base-RHODF-4.12" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/ocs-operator-bundle@sha256:5a7bc8abfd378a1314ebea571ba0483abaca80867fe7fdc1d0cb99772981a503_s390x as a component of RHODF 4.12 for RHEL 8", "product_id": "8Base-RHODF-4.12:odf4/ocs-operator-bundle@sha256:5a7bc8abfd378a1314ebea571ba0483abaca80867fe7fdc1d0cb99772981a503_s390x" }, "product_reference": "odf4/ocs-operator-bundle@sha256:5a7bc8abfd378a1314ebea571ba0483abaca80867fe7fdc1d0cb99772981a503_s390x", "relates_to_product_reference": "8Base-RHODF-4.12" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/ocs-operator-bundle@sha256:ace10d33f03530bad02e5f5aade65ebdb78e42e664a62595e510d4edabd64f60_amd64 as a component of RHODF 4.12 for RHEL 8", "product_id": "8Base-RHODF-4.12:odf4/ocs-operator-bundle@sha256:ace10d33f03530bad02e5f5aade65ebdb78e42e664a62595e510d4edabd64f60_amd64" }, "product_reference": "odf4/ocs-operator-bundle@sha256:ace10d33f03530bad02e5f5aade65ebdb78e42e664a62595e510d4edabd64f60_amd64", "relates_to_product_reference": "8Base-RHODF-4.12" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/ocs-operator-bundle@sha256:d4bec711f42d23753357d1e73be1e35d6781424d22b295371d9622dccc0b33aa_ppc64le as a component of RHODF 4.12 for RHEL 8", "product_id": "8Base-RHODF-4.12:odf4/ocs-operator-bundle@sha256:d4bec711f42d23753357d1e73be1e35d6781424d22b295371d9622dccc0b33aa_ppc64le" }, "product_reference": "odf4/ocs-operator-bundle@sha256:d4bec711f42d23753357d1e73be1e35d6781424d22b295371d9622dccc0b33aa_ppc64le", "relates_to_product_reference": "8Base-RHODF-4.12" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/ocs-rhel8-operator@sha256:b9d941ef97de91ce2c67405c956f308ac39a966f88901cb7299c7d32f15fc1f6_amd64 as a component of RHODF 4.12 for RHEL 8", "product_id": "8Base-RHODF-4.12:odf4/ocs-rhel8-operator@sha256:b9d941ef97de91ce2c67405c956f308ac39a966f88901cb7299c7d32f15fc1f6_amd64" }, "product_reference": "odf4/ocs-rhel8-operator@sha256:b9d941ef97de91ce2c67405c956f308ac39a966f88901cb7299c7d32f15fc1f6_amd64", "relates_to_product_reference": "8Base-RHODF-4.12" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/ocs-rhel8-operator@sha256:c5bb36336e3280dbc6fe2f969c73f40f31fbdfecf89e55b0bb8d2b83fa579644_s390x as a component of RHODF 4.12 for RHEL 8", "product_id": "8Base-RHODF-4.12:odf4/ocs-rhel8-operator@sha256:c5bb36336e3280dbc6fe2f969c73f40f31fbdfecf89e55b0bb8d2b83fa579644_s390x" }, "product_reference": "odf4/ocs-rhel8-operator@sha256:c5bb36336e3280dbc6fe2f969c73f40f31fbdfecf89e55b0bb8d2b83fa579644_s390x", "relates_to_product_reference": "8Base-RHODF-4.12" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/ocs-rhel8-operator@sha256:e5ca033f2b87a40dc028df91b14c5fd92342f6599ff07b08b0c5a7f06b9e3257_ppc64le as a component of RHODF 4.12 for RHEL 8", "product_id": "8Base-RHODF-4.12:odf4/ocs-rhel8-operator@sha256:e5ca033f2b87a40dc028df91b14c5fd92342f6599ff07b08b0c5a7f06b9e3257_ppc64le" }, "product_reference": "odf4/ocs-rhel8-operator@sha256:e5ca033f2b87a40dc028df91b14c5fd92342f6599ff07b08b0c5a7f06b9e3257_ppc64le", "relates_to_product_reference": "8Base-RHODF-4.12" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/odf-console-rhel8@sha256:6f1fc5945bafbf023825d576e2994f484eff88c7c34fcbd8a2234a7b144b42c1_ppc64le as a component of RHODF 4.12 for RHEL 8", "product_id": "8Base-RHODF-4.12:odf4/odf-console-rhel8@sha256:6f1fc5945bafbf023825d576e2994f484eff88c7c34fcbd8a2234a7b144b42c1_ppc64le" }, "product_reference": "odf4/odf-console-rhel8@sha256:6f1fc5945bafbf023825d576e2994f484eff88c7c34fcbd8a2234a7b144b42c1_ppc64le", "relates_to_product_reference": "8Base-RHODF-4.12" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/odf-console-rhel8@sha256:7918fcabebe3d881e2a6bbcb424ac6b99bd96f13775eb3f9c455b7890c728873_amd64 as a component of RHODF 4.12 for RHEL 8", "product_id": "8Base-RHODF-4.12:odf4/odf-console-rhel8@sha256:7918fcabebe3d881e2a6bbcb424ac6b99bd96f13775eb3f9c455b7890c728873_amd64" }, "product_reference": "odf4/odf-console-rhel8@sha256:7918fcabebe3d881e2a6bbcb424ac6b99bd96f13775eb3f9c455b7890c728873_amd64", "relates_to_product_reference": "8Base-RHODF-4.12" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/odf-console-rhel8@sha256:b3d6539df6ca21e8bfb772991cf1c0103ad20388159996e83f6f400a64d93a89_s390x as a component of RHODF 4.12 for RHEL 8", "product_id": "8Base-RHODF-4.12:odf4/odf-console-rhel8@sha256:b3d6539df6ca21e8bfb772991cf1c0103ad20388159996e83f6f400a64d93a89_s390x" }, "product_reference": "odf4/odf-console-rhel8@sha256:b3d6539df6ca21e8bfb772991cf1c0103ad20388159996e83f6f400a64d93a89_s390x", "relates_to_product_reference": "8Base-RHODF-4.12" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/odf-csi-addons-operator-bundle@sha256:5c7ff483da2eb34694a59d2826d0e18309aff8f254650008ecfb5c03629d9442_amd64 as a component of RHODF 4.12 for RHEL 8", "product_id": "8Base-RHODF-4.12:odf4/odf-csi-addons-operator-bundle@sha256:5c7ff483da2eb34694a59d2826d0e18309aff8f254650008ecfb5c03629d9442_amd64" }, "product_reference": "odf4/odf-csi-addons-operator-bundle@sha256:5c7ff483da2eb34694a59d2826d0e18309aff8f254650008ecfb5c03629d9442_amd64", "relates_to_product_reference": "8Base-RHODF-4.12" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/odf-csi-addons-operator-bundle@sha256:b1fad19bb8ed92f5340ba5cfaa2c6f435831712d384e0c222bb997cbb811c4be_ppc64le as a component of RHODF 4.12 for RHEL 8", "product_id": "8Base-RHODF-4.12:odf4/odf-csi-addons-operator-bundle@sha256:b1fad19bb8ed92f5340ba5cfaa2c6f435831712d384e0c222bb997cbb811c4be_ppc64le" }, "product_reference": "odf4/odf-csi-addons-operator-bundle@sha256:b1fad19bb8ed92f5340ba5cfaa2c6f435831712d384e0c222bb997cbb811c4be_ppc64le", "relates_to_product_reference": "8Base-RHODF-4.12" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/odf-csi-addons-operator-bundle@sha256:c58240dff0db8328d56d36fd2bcdcdfdb43ebaebbe445628150e6e6079439ae6_s390x as a component of RHODF 4.12 for RHEL 8", "product_id": "8Base-RHODF-4.12:odf4/odf-csi-addons-operator-bundle@sha256:c58240dff0db8328d56d36fd2bcdcdfdb43ebaebbe445628150e6e6079439ae6_s390x" }, "product_reference": "odf4/odf-csi-addons-operator-bundle@sha256:c58240dff0db8328d56d36fd2bcdcdfdb43ebaebbe445628150e6e6079439ae6_s390x", "relates_to_product_reference": "8Base-RHODF-4.12" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/odf-csi-addons-rhel8-operator@sha256:3245c50b363c3cadf2758934e273ffe8fcac489a303d2c39afea79abac1b52fb_ppc64le as a component of RHODF 4.12 for RHEL 8", "product_id": "8Base-RHODF-4.12:odf4/odf-csi-addons-rhel8-operator@sha256:3245c50b363c3cadf2758934e273ffe8fcac489a303d2c39afea79abac1b52fb_ppc64le" }, "product_reference": "odf4/odf-csi-addons-rhel8-operator@sha256:3245c50b363c3cadf2758934e273ffe8fcac489a303d2c39afea79abac1b52fb_ppc64le", "relates_to_product_reference": "8Base-RHODF-4.12" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/odf-csi-addons-rhel8-operator@sha256:40c893b1ee61cb6f174da357578299bf21e26fd1dca73fc4d0664da564df84f1_amd64 as a component of RHODF 4.12 for RHEL 8", "product_id": "8Base-RHODF-4.12:odf4/odf-csi-addons-rhel8-operator@sha256:40c893b1ee61cb6f174da357578299bf21e26fd1dca73fc4d0664da564df84f1_amd64" }, "product_reference": "odf4/odf-csi-addons-rhel8-operator@sha256:40c893b1ee61cb6f174da357578299bf21e26fd1dca73fc4d0664da564df84f1_amd64", "relates_to_product_reference": "8Base-RHODF-4.12" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/odf-csi-addons-rhel8-operator@sha256:f6a9c322c4dff132bbf01d1fc088a5988b5174ca953054c7d722bbd837b7d23b_s390x as a component of RHODF 4.12 for RHEL 8", "product_id": "8Base-RHODF-4.12:odf4/odf-csi-addons-rhel8-operator@sha256:f6a9c322c4dff132bbf01d1fc088a5988b5174ca953054c7d722bbd837b7d23b_s390x" }, "product_reference": "odf4/odf-csi-addons-rhel8-operator@sha256:f6a9c322c4dff132bbf01d1fc088a5988b5174ca953054c7d722bbd837b7d23b_s390x", "relates_to_product_reference": "8Base-RHODF-4.12" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/odf-csi-addons-sidecar-rhel8@sha256:06b915bf990e0a8b3679ad5fab4a98c155b02a88110d47429fc26c4b7fc54ca0_ppc64le as a component of RHODF 4.12 for RHEL 8", "product_id": "8Base-RHODF-4.12:odf4/odf-csi-addons-sidecar-rhel8@sha256:06b915bf990e0a8b3679ad5fab4a98c155b02a88110d47429fc26c4b7fc54ca0_ppc64le" }, "product_reference": "odf4/odf-csi-addons-sidecar-rhel8@sha256:06b915bf990e0a8b3679ad5fab4a98c155b02a88110d47429fc26c4b7fc54ca0_ppc64le", "relates_to_product_reference": "8Base-RHODF-4.12" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/odf-csi-addons-sidecar-rhel8@sha256:8f812808ce2767198968eb49004d1d0a6b70cb5ad19f306e78c84c1aa7b3775c_s390x as a component of RHODF 4.12 for RHEL 8", "product_id": "8Base-RHODF-4.12:odf4/odf-csi-addons-sidecar-rhel8@sha256:8f812808ce2767198968eb49004d1d0a6b70cb5ad19f306e78c84c1aa7b3775c_s390x" }, "product_reference": "odf4/odf-csi-addons-sidecar-rhel8@sha256:8f812808ce2767198968eb49004d1d0a6b70cb5ad19f306e78c84c1aa7b3775c_s390x", "relates_to_product_reference": "8Base-RHODF-4.12" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/odf-csi-addons-sidecar-rhel8@sha256:ceaafe96af89589eb486ba74733e34ee3e202c346aad2773ed70d707ad7e2d42_amd64 as a component of RHODF 4.12 for RHEL 8", "product_id": "8Base-RHODF-4.12:odf4/odf-csi-addons-sidecar-rhel8@sha256:ceaafe96af89589eb486ba74733e34ee3e202c346aad2773ed70d707ad7e2d42_amd64" }, "product_reference": "odf4/odf-csi-addons-sidecar-rhel8@sha256:ceaafe96af89589eb486ba74733e34ee3e202c346aad2773ed70d707ad7e2d42_amd64", "relates_to_product_reference": "8Base-RHODF-4.12" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/odf-multicluster-console-rhel8@sha256:390481a9f0f0769056df89f5ce3cb2fbbeadf0e2f8d44469f68a9291e2d9fa48_s390x as a component of RHODF 4.12 for RHEL 8", "product_id": "8Base-RHODF-4.12:odf4/odf-multicluster-console-rhel8@sha256:390481a9f0f0769056df89f5ce3cb2fbbeadf0e2f8d44469f68a9291e2d9fa48_s390x" }, "product_reference": "odf4/odf-multicluster-console-rhel8@sha256:390481a9f0f0769056df89f5ce3cb2fbbeadf0e2f8d44469f68a9291e2d9fa48_s390x", "relates_to_product_reference": "8Base-RHODF-4.12" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/odf-multicluster-console-rhel8@sha256:9eafc473d37d35fe5a84b36b8d3bf9876f529efd8b37ef4ff738cecb8b0f5389_ppc64le as a component of RHODF 4.12 for RHEL 8", "product_id": "8Base-RHODF-4.12:odf4/odf-multicluster-console-rhel8@sha256:9eafc473d37d35fe5a84b36b8d3bf9876f529efd8b37ef4ff738cecb8b0f5389_ppc64le" }, "product_reference": "odf4/odf-multicluster-console-rhel8@sha256:9eafc473d37d35fe5a84b36b8d3bf9876f529efd8b37ef4ff738cecb8b0f5389_ppc64le", "relates_to_product_reference": "8Base-RHODF-4.12" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/odf-multicluster-console-rhel8@sha256:c6984aabd7dae84be1a3b114ca36d4cdc655b271000540709ce978ad4e3e7159_amd64 as a component of RHODF 4.12 for RHEL 8", "product_id": "8Base-RHODF-4.12:odf4/odf-multicluster-console-rhel8@sha256:c6984aabd7dae84be1a3b114ca36d4cdc655b271000540709ce978ad4e3e7159_amd64" }, "product_reference": "odf4/odf-multicluster-console-rhel8@sha256:c6984aabd7dae84be1a3b114ca36d4cdc655b271000540709ce978ad4e3e7159_amd64", "relates_to_product_reference": "8Base-RHODF-4.12" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/odf-multicluster-operator-bundle@sha256:2afd8dc3f15a7eadad49f3c18d00ef9136dbf59f26e5b8345b16f92233dbd352_s390x as a component of RHODF 4.12 for RHEL 8", "product_id": "8Base-RHODF-4.12:odf4/odf-multicluster-operator-bundle@sha256:2afd8dc3f15a7eadad49f3c18d00ef9136dbf59f26e5b8345b16f92233dbd352_s390x" }, "product_reference": "odf4/odf-multicluster-operator-bundle@sha256:2afd8dc3f15a7eadad49f3c18d00ef9136dbf59f26e5b8345b16f92233dbd352_s390x", "relates_to_product_reference": "8Base-RHODF-4.12" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/odf-multicluster-operator-bundle@sha256:4e36ce74a62b99f65ff1ce1a6b228ea34b5f6a18a5aad490ac2316ae141f4f2a_ppc64le as a component of RHODF 4.12 for RHEL 8", "product_id": "8Base-RHODF-4.12:odf4/odf-multicluster-operator-bundle@sha256:4e36ce74a62b99f65ff1ce1a6b228ea34b5f6a18a5aad490ac2316ae141f4f2a_ppc64le" }, "product_reference": "odf4/odf-multicluster-operator-bundle@sha256:4e36ce74a62b99f65ff1ce1a6b228ea34b5f6a18a5aad490ac2316ae141f4f2a_ppc64le", "relates_to_product_reference": "8Base-RHODF-4.12" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/odf-multicluster-operator-bundle@sha256:b4aaf641c7117bea99bcf3bb2f58409935b22e72039105c5aa3f086f04775f7b_amd64 as a component of RHODF 4.12 for RHEL 8", "product_id": "8Base-RHODF-4.12:odf4/odf-multicluster-operator-bundle@sha256:b4aaf641c7117bea99bcf3bb2f58409935b22e72039105c5aa3f086f04775f7b_amd64" }, "product_reference": "odf4/odf-multicluster-operator-bundle@sha256:b4aaf641c7117bea99bcf3bb2f58409935b22e72039105c5aa3f086f04775f7b_amd64", "relates_to_product_reference": "8Base-RHODF-4.12" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/odf-multicluster-rhel8-operator@sha256:2d18752f56076d91b6fcbdad4e934cada87ba270532c522e7da2239f5b6f6d7d_ppc64le as a component of RHODF 4.12 for RHEL 8", "product_id": "8Base-RHODF-4.12:odf4/odf-multicluster-rhel8-operator@sha256:2d18752f56076d91b6fcbdad4e934cada87ba270532c522e7da2239f5b6f6d7d_ppc64le" }, "product_reference": "odf4/odf-multicluster-rhel8-operator@sha256:2d18752f56076d91b6fcbdad4e934cada87ba270532c522e7da2239f5b6f6d7d_ppc64le", "relates_to_product_reference": "8Base-RHODF-4.12" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/odf-multicluster-rhel8-operator@sha256:ce78718d4271a615f37066af652439409f7e7dcf2c5734185a3961c8e83ac4b4_s390x as a component of RHODF 4.12 for RHEL 8", "product_id": "8Base-RHODF-4.12:odf4/odf-multicluster-rhel8-operator@sha256:ce78718d4271a615f37066af652439409f7e7dcf2c5734185a3961c8e83ac4b4_s390x" }, "product_reference": "odf4/odf-multicluster-rhel8-operator@sha256:ce78718d4271a615f37066af652439409f7e7dcf2c5734185a3961c8e83ac4b4_s390x", "relates_to_product_reference": "8Base-RHODF-4.12" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/odf-multicluster-rhel8-operator@sha256:d3e3b0788e28b8c82b770b2db622f2d9dfa83ac2b3f7a4e37742565089dc8fd8_amd64 as a component of RHODF 4.12 for RHEL 8", "product_id": "8Base-RHODF-4.12:odf4/odf-multicluster-rhel8-operator@sha256:d3e3b0788e28b8c82b770b2db622f2d9dfa83ac2b3f7a4e37742565089dc8fd8_amd64" }, "product_reference": "odf4/odf-multicluster-rhel8-operator@sha256:d3e3b0788e28b8c82b770b2db622f2d9dfa83ac2b3f7a4e37742565089dc8fd8_amd64", "relates_to_product_reference": "8Base-RHODF-4.12" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/odf-operator-bundle@sha256:75bab2b59593c31c4ae170b02f45ab193f8b5fb37eae53998bd2069662fc0efc_ppc64le as a component of RHODF 4.12 for RHEL 8", "product_id": "8Base-RHODF-4.12:odf4/odf-operator-bundle@sha256:75bab2b59593c31c4ae170b02f45ab193f8b5fb37eae53998bd2069662fc0efc_ppc64le" }, "product_reference": "odf4/odf-operator-bundle@sha256:75bab2b59593c31c4ae170b02f45ab193f8b5fb37eae53998bd2069662fc0efc_ppc64le", "relates_to_product_reference": "8Base-RHODF-4.12" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/odf-operator-bundle@sha256:a912aa614bfd273fb6e6da47c32d00ca5aa4a45af3edfeb5f9f870ba4797a5ec_s390x as a component of RHODF 4.12 for RHEL 8", "product_id": "8Base-RHODF-4.12:odf4/odf-operator-bundle@sha256:a912aa614bfd273fb6e6da47c32d00ca5aa4a45af3edfeb5f9f870ba4797a5ec_s390x" }, "product_reference": "odf4/odf-operator-bundle@sha256:a912aa614bfd273fb6e6da47c32d00ca5aa4a45af3edfeb5f9f870ba4797a5ec_s390x", "relates_to_product_reference": "8Base-RHODF-4.12" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/odf-operator-bundle@sha256:f6182960abfce0ccb509a25ab8fb8780a8e2d73852d589e8295c16d992bb2ff6_amd64 as a component of RHODF 4.12 for RHEL 8", "product_id": "8Base-RHODF-4.12:odf4/odf-operator-bundle@sha256:f6182960abfce0ccb509a25ab8fb8780a8e2d73852d589e8295c16d992bb2ff6_amd64" }, "product_reference": "odf4/odf-operator-bundle@sha256:f6182960abfce0ccb509a25ab8fb8780a8e2d73852d589e8295c16d992bb2ff6_amd64", "relates_to_product_reference": "8Base-RHODF-4.12" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/odf-rhel8-operator@sha256:1e3deb6461dae99c94b20f70e4c155551e8579287c1696f752a89c8098953f8d_s390x as a component of RHODF 4.12 for RHEL 8", "product_id": "8Base-RHODF-4.12:odf4/odf-rhel8-operator@sha256:1e3deb6461dae99c94b20f70e4c155551e8579287c1696f752a89c8098953f8d_s390x" }, "product_reference": "odf4/odf-rhel8-operator@sha256:1e3deb6461dae99c94b20f70e4c155551e8579287c1696f752a89c8098953f8d_s390x", "relates_to_product_reference": "8Base-RHODF-4.12" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/odf-rhel8-operator@sha256:cd5ed37c3bd5ad385a3a88dc290456dbde3ba6af2501750a3d1ce25d40e82401_amd64 as a component of RHODF 4.12 for RHEL 8", "product_id": "8Base-RHODF-4.12:odf4/odf-rhel8-operator@sha256:cd5ed37c3bd5ad385a3a88dc290456dbde3ba6af2501750a3d1ce25d40e82401_amd64" }, "product_reference": "odf4/odf-rhel8-operator@sha256:cd5ed37c3bd5ad385a3a88dc290456dbde3ba6af2501750a3d1ce25d40e82401_amd64", "relates_to_product_reference": "8Base-RHODF-4.12" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/odf-rhel8-operator@sha256:f53714b582b603bc851349cc4804f27235940fd577ed5b86ccad836a31ddc3fb_ppc64le as a component of RHODF 4.12 for RHEL 8", "product_id": "8Base-RHODF-4.12:odf4/odf-rhel8-operator@sha256:f53714b582b603bc851349cc4804f27235940fd577ed5b86ccad836a31ddc3fb_ppc64le" }, "product_reference": "odf4/odf-rhel8-operator@sha256:f53714b582b603bc851349cc4804f27235940fd577ed5b86ccad836a31ddc3fb_ppc64le", "relates_to_product_reference": "8Base-RHODF-4.12" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/odr-cluster-operator-bundle@sha256:78a8b463c8d4161b556c821210eae69243fc73ceb90db49f4ca055a38acde6e0_s390x as a component of RHODF 4.12 for RHEL 8", "product_id": "8Base-RHODF-4.12:odf4/odr-cluster-operator-bundle@sha256:78a8b463c8d4161b556c821210eae69243fc73ceb90db49f4ca055a38acde6e0_s390x" }, "product_reference": "odf4/odr-cluster-operator-bundle@sha256:78a8b463c8d4161b556c821210eae69243fc73ceb90db49f4ca055a38acde6e0_s390x", "relates_to_product_reference": "8Base-RHODF-4.12" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/odr-cluster-operator-bundle@sha256:7c89ebe7245e3514f6e63d1eca3247b0922e88d232b41c43245d2594e29b27d7_ppc64le as a component of RHODF 4.12 for RHEL 8", "product_id": "8Base-RHODF-4.12:odf4/odr-cluster-operator-bundle@sha256:7c89ebe7245e3514f6e63d1eca3247b0922e88d232b41c43245d2594e29b27d7_ppc64le" }, "product_reference": "odf4/odr-cluster-operator-bundle@sha256:7c89ebe7245e3514f6e63d1eca3247b0922e88d232b41c43245d2594e29b27d7_ppc64le", "relates_to_product_reference": "8Base-RHODF-4.12" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/odr-cluster-operator-bundle@sha256:8e0d79006984c3501ea066054cca610b92c109183ae13969c0e81ee03acedc84_amd64 as a component of RHODF 4.12 for RHEL 8", "product_id": "8Base-RHODF-4.12:odf4/odr-cluster-operator-bundle@sha256:8e0d79006984c3501ea066054cca610b92c109183ae13969c0e81ee03acedc84_amd64" }, "product_reference": "odf4/odr-cluster-operator-bundle@sha256:8e0d79006984c3501ea066054cca610b92c109183ae13969c0e81ee03acedc84_amd64", "relates_to_product_reference": "8Base-RHODF-4.12" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/odr-hub-operator-bundle@sha256:2d884bb224a503deb344ac6a4895d6a6d0fe5ab364651eecf923204507c9c92b_ppc64le as a component of RHODF 4.12 for RHEL 8", "product_id": "8Base-RHODF-4.12:odf4/odr-hub-operator-bundle@sha256:2d884bb224a503deb344ac6a4895d6a6d0fe5ab364651eecf923204507c9c92b_ppc64le" }, "product_reference": "odf4/odr-hub-operator-bundle@sha256:2d884bb224a503deb344ac6a4895d6a6d0fe5ab364651eecf923204507c9c92b_ppc64le", "relates_to_product_reference": "8Base-RHODF-4.12" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/odr-hub-operator-bundle@sha256:666c7cec9f2fd6d91b1839fd85576d84d0856a03b27e341e12f9c28ad301f594_amd64 as a component of RHODF 4.12 for RHEL 8", "product_id": "8Base-RHODF-4.12:odf4/odr-hub-operator-bundle@sha256:666c7cec9f2fd6d91b1839fd85576d84d0856a03b27e341e12f9c28ad301f594_amd64" }, "product_reference": "odf4/odr-hub-operator-bundle@sha256:666c7cec9f2fd6d91b1839fd85576d84d0856a03b27e341e12f9c28ad301f594_amd64", "relates_to_product_reference": "8Base-RHODF-4.12" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/odr-hub-operator-bundle@sha256:c143b2cb9690b850b28d2f5c5394d5e4abefd5404fb41a17c5106058ff241286_s390x as a component of RHODF 4.12 for RHEL 8", "product_id": "8Base-RHODF-4.12:odf4/odr-hub-operator-bundle@sha256:c143b2cb9690b850b28d2f5c5394d5e4abefd5404fb41a17c5106058ff241286_s390x" }, "product_reference": "odf4/odr-hub-operator-bundle@sha256:c143b2cb9690b850b28d2f5c5394d5e4abefd5404fb41a17c5106058ff241286_s390x", "relates_to_product_reference": "8Base-RHODF-4.12" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/odr-rhel8-operator@sha256:79b66652c0aea87822f578c55963ca948b2e1697caad5ea460e6555a78136039_amd64 as a component of RHODF 4.12 for RHEL 8", "product_id": "8Base-RHODF-4.12:odf4/odr-rhel8-operator@sha256:79b66652c0aea87822f578c55963ca948b2e1697caad5ea460e6555a78136039_amd64" }, "product_reference": "odf4/odr-rhel8-operator@sha256:79b66652c0aea87822f578c55963ca948b2e1697caad5ea460e6555a78136039_amd64", "relates_to_product_reference": "8Base-RHODF-4.12" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/odr-rhel8-operator@sha256:aa26f97020ed13ab7092b7a0aa05458a8775e4b4e936e4b9df9a96297df1f5b8_ppc64le as a component of RHODF 4.12 for RHEL 8", "product_id": "8Base-RHODF-4.12:odf4/odr-rhel8-operator@sha256:aa26f97020ed13ab7092b7a0aa05458a8775e4b4e936e4b9df9a96297df1f5b8_ppc64le" }, "product_reference": "odf4/odr-rhel8-operator@sha256:aa26f97020ed13ab7092b7a0aa05458a8775e4b4e936e4b9df9a96297df1f5b8_ppc64le", "relates_to_product_reference": "8Base-RHODF-4.12" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/odr-rhel8-operator@sha256:eafa31da6f87efcf476ab63d3b11ed8c7a42e67ef42a2494e70a5fe085e40438_s390x as a component of RHODF 4.12 for RHEL 8", "product_id": "8Base-RHODF-4.12:odf4/odr-rhel8-operator@sha256:eafa31da6f87efcf476ab63d3b11ed8c7a42e67ef42a2494e70a5fe085e40438_s390x" }, "product_reference": "odf4/odr-rhel8-operator@sha256:eafa31da6f87efcf476ab63d3b11ed8c7a42e67ef42a2494e70a5fe085e40438_s390x", "relates_to_product_reference": "8Base-RHODF-4.12" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/rook-ceph-rhel8-operator@sha256:198645ebf6a69810821c2d7644347b8abf918d89bbc2fcfc880ec28e924598f2_ppc64le as a component of RHODF 4.12 for RHEL 8", "product_id": "8Base-RHODF-4.12:odf4/rook-ceph-rhel8-operator@sha256:198645ebf6a69810821c2d7644347b8abf918d89bbc2fcfc880ec28e924598f2_ppc64le" }, "product_reference": "odf4/rook-ceph-rhel8-operator@sha256:198645ebf6a69810821c2d7644347b8abf918d89bbc2fcfc880ec28e924598f2_ppc64le", "relates_to_product_reference": "8Base-RHODF-4.12" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/rook-ceph-rhel8-operator@sha256:460433c554ff60bbac0b3dd267c6a0ab65c4837df3b2e5052e86f6e9145833ee_amd64 as a component of RHODF 4.12 for RHEL 8", "product_id": "8Base-RHODF-4.12:odf4/rook-ceph-rhel8-operator@sha256:460433c554ff60bbac0b3dd267c6a0ab65c4837df3b2e5052e86f6e9145833ee_amd64" }, "product_reference": "odf4/rook-ceph-rhel8-operator@sha256:460433c554ff60bbac0b3dd267c6a0ab65c4837df3b2e5052e86f6e9145833ee_amd64", "relates_to_product_reference": "8Base-RHODF-4.12" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/rook-ceph-rhel8-operator@sha256:72c63ded186464f185d399145e25ed21ea1a07c52ab842eebdaff224cc2e7998_s390x as a component of RHODF 4.12 for RHEL 8", "product_id": "8Base-RHODF-4.12:odf4/rook-ceph-rhel8-operator@sha256:72c63ded186464f185d399145e25ed21ea1a07c52ab842eebdaff224cc2e7998_s390x" }, "product_reference": "odf4/rook-ceph-rhel8-operator@sha256:72c63ded186464f185d399145e25ed21ea1a07c52ab842eebdaff224cc2e7998_s390x", "relates_to_product_reference": "8Base-RHODF-4.12" } ] }, "vulnerabilities": [ { "cve": "CVE-2022-23539", "cwe": { "id": "CWE-327", "name": "Use of a Broken or Risky Cryptographic Algorithm" }, "discovery_date": "2022-12-23T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "8Base-RHODF-4.12:odf4/cephcsi-rhel8@sha256:55c1cdf2a7c32c5e32eb2ff3372bbb3b46e3b2da39cca535db32a7aefbbb73a6_ppc64le", "8Base-RHODF-4.12:odf4/cephcsi-rhel8@sha256:659ceb51c00824013f07d159bd689433ce41068f010b006047b750f75f134cb2_s390x", "8Base-RHODF-4.12:odf4/cephcsi-rhel8@sha256:db90c6bf02b4e7b40538ed52ee4e3d27733c24bf434610277b26b2ee5ae32f53_amd64", "8Base-RHODF-4.12:odf4/mcg-operator-bundle@sha256:0d03a74a889701f101ec0b3d454a8ad133a58a020b05e84addbd0c0393c62b45_amd64", "8Base-RHODF-4.12:odf4/mcg-operator-bundle@sha256:b20a7b4b7e31cbb0edac695572c6ea28075e260a8c68b6135a9dd25af2dc3460_s390x", "8Base-RHODF-4.12:odf4/mcg-operator-bundle@sha256:bf058dd17e1f5b3c5b2ac4ea900eaf5fdd383564430aa6d0eaf0a7ae43f4feb7_ppc64le", "8Base-RHODF-4.12:odf4/mcg-rhel8-operator@sha256:2a393d0fe0de3da3358b578b123283f21b2433c6d50f1c512a48732409d11fce_ppc64le", "8Base-RHODF-4.12:odf4/mcg-rhel8-operator@sha256:7c84f6197194047448c2d39d7d880555baf521d9c462e23b5342652eebcee3ec_s390x", "8Base-RHODF-4.12:odf4/mcg-rhel8-operator@sha256:cd09a1ccd0b8795385d965ccf2910c231ee5f08c7d62ef4725a59b553192595a_amd64", "8Base-RHODF-4.12:odf4/ocs-client-operator-bundle@sha256:0d4efd40efb2fbac2fd4b31e08ec36ddc2a5c7a558f83a1a1b41ab27be8c71c6_s390x", "8Base-RHODF-4.12:odf4/ocs-client-operator-bundle@sha256:25252d3fabe165984b424b74437c428dc4f635aba06e245b3a1cc5e309bdf9df_ppc64le", "8Base-RHODF-4.12:odf4/ocs-client-operator-bundle@sha256:572921e5851d187787f22b25f349dee75d0383e959440372a159acc8dd7c17a1_amd64", "8Base-RHODF-4.12:odf4/ocs-client-rhel8-operator@sha256:0f05a9eb9f6528447456ffab6f86a354990745c7d994095b4c9fa8a9748159ea_amd64", "8Base-RHODF-4.12:odf4/ocs-client-rhel8-operator@sha256:7d55b8c8f830ef6e54078ad66c79b69e356d2e4cd391f60db6be473033f299a5_ppc64le", "8Base-RHODF-4.12:odf4/ocs-client-rhel8-operator@sha256:ed6b5f49ec14f96b5be3b1e858648a613278713ca3e413b4172e6f57c5922d2f_s390x", "8Base-RHODF-4.12:odf4/ocs-metrics-exporter-rhel8@sha256:39c37b2a5cb55ca71c823b74f0b4c75ac61ef88d7f22c7abadc9b1ef5d077b20_amd64", "8Base-RHODF-4.12:odf4/ocs-metrics-exporter-rhel8@sha256:6d4dbcdd641b71ef7e6c6269a8a706fddaa2d137ca5e2d07c29766e620de205f_ppc64le", "8Base-RHODF-4.12:odf4/ocs-metrics-exporter-rhel8@sha256:7c4ab2dca6e1ebc5b89014e4ec253e19473d6ae44f0d150dd8e7d22458056300_s390x", "8Base-RHODF-4.12:odf4/ocs-must-gather-rhel8@sha256:68992b4619ea57b8ab612278c1a02782b855b57bd436ae2c2395b6c55211d816_s390x", "8Base-RHODF-4.12:odf4/ocs-must-gather-rhel8@sha256:89a3457444d77fcc15546138ad259e2ccb29bfd7007dcb3dc3639c5a47c799c3_ppc64le", "8Base-RHODF-4.12:odf4/ocs-must-gather-rhel8@sha256:fa7d06a3c4204ee865eb284393faefacdd2113fa5bdb7412c3b7b6473852832b_amd64", "8Base-RHODF-4.12:odf4/ocs-operator-bundle@sha256:5a7bc8abfd378a1314ebea571ba0483abaca80867fe7fdc1d0cb99772981a503_s390x", "8Base-RHODF-4.12:odf4/ocs-operator-bundle@sha256:ace10d33f03530bad02e5f5aade65ebdb78e42e664a62595e510d4edabd64f60_amd64", "8Base-RHODF-4.12:odf4/ocs-operator-bundle@sha256:d4bec711f42d23753357d1e73be1e35d6781424d22b295371d9622dccc0b33aa_ppc64le", "8Base-RHODF-4.12:odf4/ocs-rhel8-operator@sha256:b9d941ef97de91ce2c67405c956f308ac39a966f88901cb7299c7d32f15fc1f6_amd64", "8Base-RHODF-4.12:odf4/ocs-rhel8-operator@sha256:c5bb36336e3280dbc6fe2f969c73f40f31fbdfecf89e55b0bb8d2b83fa579644_s390x", "8Base-RHODF-4.12:odf4/ocs-rhel8-operator@sha256:e5ca033f2b87a40dc028df91b14c5fd92342f6599ff07b08b0c5a7f06b9e3257_ppc64le", "8Base-RHODF-4.12:odf4/odf-console-rhel8@sha256:6f1fc5945bafbf023825d576e2994f484eff88c7c34fcbd8a2234a7b144b42c1_ppc64le", "8Base-RHODF-4.12:odf4/odf-console-rhel8@sha256:7918fcabebe3d881e2a6bbcb424ac6b99bd96f13775eb3f9c455b7890c728873_amd64", "8Base-RHODF-4.12:odf4/odf-console-rhel8@sha256:b3d6539df6ca21e8bfb772991cf1c0103ad20388159996e83f6f400a64d93a89_s390x", "8Base-RHODF-4.12:odf4/odf-csi-addons-operator-bundle@sha256:5c7ff483da2eb34694a59d2826d0e18309aff8f254650008ecfb5c03629d9442_amd64", "8Base-RHODF-4.12:odf4/odf-csi-addons-operator-bundle@sha256:b1fad19bb8ed92f5340ba5cfaa2c6f435831712d384e0c222bb997cbb811c4be_ppc64le", "8Base-RHODF-4.12:odf4/odf-csi-addons-operator-bundle@sha256:c58240dff0db8328d56d36fd2bcdcdfdb43ebaebbe445628150e6e6079439ae6_s390x", "8Base-RHODF-4.12:odf4/odf-csi-addons-rhel8-operator@sha256:3245c50b363c3cadf2758934e273ffe8fcac489a303d2c39afea79abac1b52fb_ppc64le", "8Base-RHODF-4.12:odf4/odf-csi-addons-rhel8-operator@sha256:40c893b1ee61cb6f174da357578299bf21e26fd1dca73fc4d0664da564df84f1_amd64", "8Base-RHODF-4.12:odf4/odf-csi-addons-rhel8-operator@sha256:f6a9c322c4dff132bbf01d1fc088a5988b5174ca953054c7d722bbd837b7d23b_s390x", "8Base-RHODF-4.12:odf4/odf-csi-addons-sidecar-rhel8@sha256:06b915bf990e0a8b3679ad5fab4a98c155b02a88110d47429fc26c4b7fc54ca0_ppc64le", "8Base-RHODF-4.12:odf4/odf-csi-addons-sidecar-rhel8@sha256:8f812808ce2767198968eb49004d1d0a6b70cb5ad19f306e78c84c1aa7b3775c_s390x", "8Base-RHODF-4.12:odf4/odf-csi-addons-sidecar-rhel8@sha256:ceaafe96af89589eb486ba74733e34ee3e202c346aad2773ed70d707ad7e2d42_amd64", "8Base-RHODF-4.12:odf4/odf-multicluster-console-rhel8@sha256:390481a9f0f0769056df89f5ce3cb2fbbeadf0e2f8d44469f68a9291e2d9fa48_s390x", "8Base-RHODF-4.12:odf4/odf-multicluster-console-rhel8@sha256:9eafc473d37d35fe5a84b36b8d3bf9876f529efd8b37ef4ff738cecb8b0f5389_ppc64le", "8Base-RHODF-4.12:odf4/odf-multicluster-console-rhel8@sha256:c6984aabd7dae84be1a3b114ca36d4cdc655b271000540709ce978ad4e3e7159_amd64", "8Base-RHODF-4.12:odf4/odf-multicluster-operator-bundle@sha256:2afd8dc3f15a7eadad49f3c18d00ef9136dbf59f26e5b8345b16f92233dbd352_s390x", "8Base-RHODF-4.12:odf4/odf-multicluster-operator-bundle@sha256:4e36ce74a62b99f65ff1ce1a6b228ea34b5f6a18a5aad490ac2316ae141f4f2a_ppc64le", "8Base-RHODF-4.12:odf4/odf-multicluster-operator-bundle@sha256:b4aaf641c7117bea99bcf3bb2f58409935b22e72039105c5aa3f086f04775f7b_amd64", "8Base-RHODF-4.12:odf4/odf-multicluster-rhel8-operator@sha256:2d18752f56076d91b6fcbdad4e934cada87ba270532c522e7da2239f5b6f6d7d_ppc64le", "8Base-RHODF-4.12:odf4/odf-multicluster-rhel8-operator@sha256:ce78718d4271a615f37066af652439409f7e7dcf2c5734185a3961c8e83ac4b4_s390x", "8Base-RHODF-4.12:odf4/odf-multicluster-rhel8-operator@sha256:d3e3b0788e28b8c82b770b2db622f2d9dfa83ac2b3f7a4e37742565089dc8fd8_amd64", "8Base-RHODF-4.12:odf4/odf-operator-bundle@sha256:75bab2b59593c31c4ae170b02f45ab193f8b5fb37eae53998bd2069662fc0efc_ppc64le", "8Base-RHODF-4.12:odf4/odf-operator-bundle@sha256:a912aa614bfd273fb6e6da47c32d00ca5aa4a45af3edfeb5f9f870ba4797a5ec_s390x", "8Base-RHODF-4.12:odf4/odf-operator-bundle@sha256:f6182960abfce0ccb509a25ab8fb8780a8e2d73852d589e8295c16d992bb2ff6_amd64", "8Base-RHODF-4.12:odf4/odf-rhel8-operator@sha256:1e3deb6461dae99c94b20f70e4c155551e8579287c1696f752a89c8098953f8d_s390x", "8Base-RHODF-4.12:odf4/odf-rhel8-operator@sha256:cd5ed37c3bd5ad385a3a88dc290456dbde3ba6af2501750a3d1ce25d40e82401_amd64", "8Base-RHODF-4.12:odf4/odf-rhel8-operator@sha256:f53714b582b603bc851349cc4804f27235940fd577ed5b86ccad836a31ddc3fb_ppc64le", "8Base-RHODF-4.12:odf4/odr-cluster-operator-bundle@sha256:78a8b463c8d4161b556c821210eae69243fc73ceb90db49f4ca055a38acde6e0_s390x", "8Base-RHODF-4.12:odf4/odr-cluster-operator-bundle@sha256:7c89ebe7245e3514f6e63d1eca3247b0922e88d232b41c43245d2594e29b27d7_ppc64le", "8Base-RHODF-4.12:odf4/odr-cluster-operator-bundle@sha256:8e0d79006984c3501ea066054cca610b92c109183ae13969c0e81ee03acedc84_amd64", "8Base-RHODF-4.12:odf4/odr-hub-operator-bundle@sha256:2d884bb224a503deb344ac6a4895d6a6d0fe5ab364651eecf923204507c9c92b_ppc64le", "8Base-RHODF-4.12:odf4/odr-hub-operator-bundle@sha256:666c7cec9f2fd6d91b1839fd85576d84d0856a03b27e341e12f9c28ad301f594_amd64", "8Base-RHODF-4.12:odf4/odr-hub-operator-bundle@sha256:c143b2cb9690b850b28d2f5c5394d5e4abefd5404fb41a17c5106058ff241286_s390x", "8Base-RHODF-4.12:odf4/odr-rhel8-operator@sha256:79b66652c0aea87822f578c55963ca948b2e1697caad5ea460e6555a78136039_amd64", "8Base-RHODF-4.12:odf4/odr-rhel8-operator@sha256:aa26f97020ed13ab7092b7a0aa05458a8775e4b4e936e4b9df9a96297df1f5b8_ppc64le", "8Base-RHODF-4.12:odf4/odr-rhel8-operator@sha256:eafa31da6f87efcf476ab63d3b11ed8c7a42e67ef42a2494e70a5fe085e40438_s390x", "8Base-RHODF-4.12:odf4/rook-ceph-rhel8-operator@sha256:198645ebf6a69810821c2d7644347b8abf918d89bbc2fcfc880ec28e924598f2_ppc64le", "8Base-RHODF-4.12:odf4/rook-ceph-rhel8-operator@sha256:460433c554ff60bbac0b3dd267c6a0ab65c4837df3b2e5052e86f6e9145833ee_amd64", "8Base-RHODF-4.12:odf4/rook-ceph-rhel8-operator@sha256:72c63ded186464f185d399145e25ed21ea1a07c52ab842eebdaff224cc2e7998_s390x" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2155978" } ], "notes": [ { "category": "description", "text": "A flaw was found in the jsonwebtoken package. The affected versions of the `jsonwebtoken` library could be misconfigured so that legacy, insecure key types are used for signature verification. For example, DSA keys could be used with the RS256 algorithm.", "title": "Vulnerability description" }, { "category": "summary", "text": "jsonwebtoken: Unrestricted key type could lead to legacy keys usagen", "title": "Vulnerability summary" }, { "category": "other", "text": "The jsonwebtoken package is a transitive dependency and is not used directly in any of the Red Hat products. Hence, the impact is set to Moderate.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-RHODF-4.12:odf4/mcg-core-rhel8@sha256:22cd2909e1b21b9ab56dc491fefb309a8a9088d85c928901b293267bb4efa6c7_ppc64le", "8Base-RHODF-4.12:odf4/mcg-core-rhel8@sha256:5e7b40a8f03ee5a607eb911b2fe731c9fe65bfa8a54067c0987d94f02ff8bef9_s390x", "8Base-RHODF-4.12:odf4/mcg-core-rhel8@sha256:e0c221ae29034b17db88998d4703a1d515778d17a8ce40737fa711fad2726c5c_amd64" ], "known_not_affected": [ "8Base-RHODF-4.12:odf4/cephcsi-rhel8@sha256:55c1cdf2a7c32c5e32eb2ff3372bbb3b46e3b2da39cca535db32a7aefbbb73a6_ppc64le", "8Base-RHODF-4.12:odf4/cephcsi-rhel8@sha256:659ceb51c00824013f07d159bd689433ce41068f010b006047b750f75f134cb2_s390x", "8Base-RHODF-4.12:odf4/cephcsi-rhel8@sha256:db90c6bf02b4e7b40538ed52ee4e3d27733c24bf434610277b26b2ee5ae32f53_amd64", "8Base-RHODF-4.12:odf4/mcg-operator-bundle@sha256:0d03a74a889701f101ec0b3d454a8ad133a58a020b05e84addbd0c0393c62b45_amd64", "8Base-RHODF-4.12:odf4/mcg-operator-bundle@sha256:b20a7b4b7e31cbb0edac695572c6ea28075e260a8c68b6135a9dd25af2dc3460_s390x", "8Base-RHODF-4.12:odf4/mcg-operator-bundle@sha256:bf058dd17e1f5b3c5b2ac4ea900eaf5fdd383564430aa6d0eaf0a7ae43f4feb7_ppc64le", "8Base-RHODF-4.12:odf4/mcg-rhel8-operator@sha256:2a393d0fe0de3da3358b578b123283f21b2433c6d50f1c512a48732409d11fce_ppc64le", "8Base-RHODF-4.12:odf4/mcg-rhel8-operator@sha256:7c84f6197194047448c2d39d7d880555baf521d9c462e23b5342652eebcee3ec_s390x", "8Base-RHODF-4.12:odf4/mcg-rhel8-operator@sha256:cd09a1ccd0b8795385d965ccf2910c231ee5f08c7d62ef4725a59b553192595a_amd64", "8Base-RHODF-4.12:odf4/ocs-client-operator-bundle@sha256:0d4efd40efb2fbac2fd4b31e08ec36ddc2a5c7a558f83a1a1b41ab27be8c71c6_s390x", "8Base-RHODF-4.12:odf4/ocs-client-operator-bundle@sha256:25252d3fabe165984b424b74437c428dc4f635aba06e245b3a1cc5e309bdf9df_ppc64le", "8Base-RHODF-4.12:odf4/ocs-client-operator-bundle@sha256:572921e5851d187787f22b25f349dee75d0383e959440372a159acc8dd7c17a1_amd64", "8Base-RHODF-4.12:odf4/ocs-client-rhel8-operator@sha256:0f05a9eb9f6528447456ffab6f86a354990745c7d994095b4c9fa8a9748159ea_amd64", "8Base-RHODF-4.12:odf4/ocs-client-rhel8-operator@sha256:7d55b8c8f830ef6e54078ad66c79b69e356d2e4cd391f60db6be473033f299a5_ppc64le", "8Base-RHODF-4.12:odf4/ocs-client-rhel8-operator@sha256:ed6b5f49ec14f96b5be3b1e858648a613278713ca3e413b4172e6f57c5922d2f_s390x", "8Base-RHODF-4.12:odf4/ocs-metrics-exporter-rhel8@sha256:39c37b2a5cb55ca71c823b74f0b4c75ac61ef88d7f22c7abadc9b1ef5d077b20_amd64", "8Base-RHODF-4.12:odf4/ocs-metrics-exporter-rhel8@sha256:6d4dbcdd641b71ef7e6c6269a8a706fddaa2d137ca5e2d07c29766e620de205f_ppc64le", "8Base-RHODF-4.12:odf4/ocs-metrics-exporter-rhel8@sha256:7c4ab2dca6e1ebc5b89014e4ec253e19473d6ae44f0d150dd8e7d22458056300_s390x", "8Base-RHODF-4.12:odf4/ocs-must-gather-rhel8@sha256:68992b4619ea57b8ab612278c1a02782b855b57bd436ae2c2395b6c55211d816_s390x", "8Base-RHODF-4.12:odf4/ocs-must-gather-rhel8@sha256:89a3457444d77fcc15546138ad259e2ccb29bfd7007dcb3dc3639c5a47c799c3_ppc64le", "8Base-RHODF-4.12:odf4/ocs-must-gather-rhel8@sha256:fa7d06a3c4204ee865eb284393faefacdd2113fa5bdb7412c3b7b6473852832b_amd64", "8Base-RHODF-4.12:odf4/ocs-operator-bundle@sha256:5a7bc8abfd378a1314ebea571ba0483abaca80867fe7fdc1d0cb99772981a503_s390x", "8Base-RHODF-4.12:odf4/ocs-operator-bundle@sha256:ace10d33f03530bad02e5f5aade65ebdb78e42e664a62595e510d4edabd64f60_amd64", "8Base-RHODF-4.12:odf4/ocs-operator-bundle@sha256:d4bec711f42d23753357d1e73be1e35d6781424d22b295371d9622dccc0b33aa_ppc64le", "8Base-RHODF-4.12:odf4/ocs-rhel8-operator@sha256:b9d941ef97de91ce2c67405c956f308ac39a966f88901cb7299c7d32f15fc1f6_amd64", "8Base-RHODF-4.12:odf4/ocs-rhel8-operator@sha256:c5bb36336e3280dbc6fe2f969c73f40f31fbdfecf89e55b0bb8d2b83fa579644_s390x", "8Base-RHODF-4.12:odf4/ocs-rhel8-operator@sha256:e5ca033f2b87a40dc028df91b14c5fd92342f6599ff07b08b0c5a7f06b9e3257_ppc64le", "8Base-RHODF-4.12:odf4/odf-console-rhel8@sha256:6f1fc5945bafbf023825d576e2994f484eff88c7c34fcbd8a2234a7b144b42c1_ppc64le", "8Base-RHODF-4.12:odf4/odf-console-rhel8@sha256:7918fcabebe3d881e2a6bbcb424ac6b99bd96f13775eb3f9c455b7890c728873_amd64", "8Base-RHODF-4.12:odf4/odf-console-rhel8@sha256:b3d6539df6ca21e8bfb772991cf1c0103ad20388159996e83f6f400a64d93a89_s390x", "8Base-RHODF-4.12:odf4/odf-csi-addons-operator-bundle@sha256:5c7ff483da2eb34694a59d2826d0e18309aff8f254650008ecfb5c03629d9442_amd64", "8Base-RHODF-4.12:odf4/odf-csi-addons-operator-bundle@sha256:b1fad19bb8ed92f5340ba5cfaa2c6f435831712d384e0c222bb997cbb811c4be_ppc64le", "8Base-RHODF-4.12:odf4/odf-csi-addons-operator-bundle@sha256:c58240dff0db8328d56d36fd2bcdcdfdb43ebaebbe445628150e6e6079439ae6_s390x", "8Base-RHODF-4.12:odf4/odf-csi-addons-rhel8-operator@sha256:3245c50b363c3cadf2758934e273ffe8fcac489a303d2c39afea79abac1b52fb_ppc64le", "8Base-RHODF-4.12:odf4/odf-csi-addons-rhel8-operator@sha256:40c893b1ee61cb6f174da357578299bf21e26fd1dca73fc4d0664da564df84f1_amd64", "8Base-RHODF-4.12:odf4/odf-csi-addons-rhel8-operator@sha256:f6a9c322c4dff132bbf01d1fc088a5988b5174ca953054c7d722bbd837b7d23b_s390x", "8Base-RHODF-4.12:odf4/odf-csi-addons-sidecar-rhel8@sha256:06b915bf990e0a8b3679ad5fab4a98c155b02a88110d47429fc26c4b7fc54ca0_ppc64le", "8Base-RHODF-4.12:odf4/odf-csi-addons-sidecar-rhel8@sha256:8f812808ce2767198968eb49004d1d0a6b70cb5ad19f306e78c84c1aa7b3775c_s390x", "8Base-RHODF-4.12:odf4/odf-csi-addons-sidecar-rhel8@sha256:ceaafe96af89589eb486ba74733e34ee3e202c346aad2773ed70d707ad7e2d42_amd64", "8Base-RHODF-4.12:odf4/odf-multicluster-console-rhel8@sha256:390481a9f0f0769056df89f5ce3cb2fbbeadf0e2f8d44469f68a9291e2d9fa48_s390x", "8Base-RHODF-4.12:odf4/odf-multicluster-console-rhel8@sha256:9eafc473d37d35fe5a84b36b8d3bf9876f529efd8b37ef4ff738cecb8b0f5389_ppc64le", "8Base-RHODF-4.12:odf4/odf-multicluster-console-rhel8@sha256:c6984aabd7dae84be1a3b114ca36d4cdc655b271000540709ce978ad4e3e7159_amd64", "8Base-RHODF-4.12:odf4/odf-multicluster-operator-bundle@sha256:2afd8dc3f15a7eadad49f3c18d00ef9136dbf59f26e5b8345b16f92233dbd352_s390x", "8Base-RHODF-4.12:odf4/odf-multicluster-operator-bundle@sha256:4e36ce74a62b99f65ff1ce1a6b228ea34b5f6a18a5aad490ac2316ae141f4f2a_ppc64le", "8Base-RHODF-4.12:odf4/odf-multicluster-operator-bundle@sha256:b4aaf641c7117bea99bcf3bb2f58409935b22e72039105c5aa3f086f04775f7b_amd64", "8Base-RHODF-4.12:odf4/odf-multicluster-rhel8-operator@sha256:2d18752f56076d91b6fcbdad4e934cada87ba270532c522e7da2239f5b6f6d7d_ppc64le", "8Base-RHODF-4.12:odf4/odf-multicluster-rhel8-operator@sha256:ce78718d4271a615f37066af652439409f7e7dcf2c5734185a3961c8e83ac4b4_s390x", "8Base-RHODF-4.12:odf4/odf-multicluster-rhel8-operator@sha256:d3e3b0788e28b8c82b770b2db622f2d9dfa83ac2b3f7a4e37742565089dc8fd8_amd64", "8Base-RHODF-4.12:odf4/odf-operator-bundle@sha256:75bab2b59593c31c4ae170b02f45ab193f8b5fb37eae53998bd2069662fc0efc_ppc64le", "8Base-RHODF-4.12:odf4/odf-operator-bundle@sha256:a912aa614bfd273fb6e6da47c32d00ca5aa4a45af3edfeb5f9f870ba4797a5ec_s390x", "8Base-RHODF-4.12:odf4/odf-operator-bundle@sha256:f6182960abfce0ccb509a25ab8fb8780a8e2d73852d589e8295c16d992bb2ff6_amd64", "8Base-RHODF-4.12:odf4/odf-rhel8-operator@sha256:1e3deb6461dae99c94b20f70e4c155551e8579287c1696f752a89c8098953f8d_s390x", "8Base-RHODF-4.12:odf4/odf-rhel8-operator@sha256:cd5ed37c3bd5ad385a3a88dc290456dbde3ba6af2501750a3d1ce25d40e82401_amd64", "8Base-RHODF-4.12:odf4/odf-rhel8-operator@sha256:f53714b582b603bc851349cc4804f27235940fd577ed5b86ccad836a31ddc3fb_ppc64le", "8Base-RHODF-4.12:odf4/odr-cluster-operator-bundle@sha256:78a8b463c8d4161b556c821210eae69243fc73ceb90db49f4ca055a38acde6e0_s390x", "8Base-RHODF-4.12:odf4/odr-cluster-operator-bundle@sha256:7c89ebe7245e3514f6e63d1eca3247b0922e88d232b41c43245d2594e29b27d7_ppc64le", "8Base-RHODF-4.12:odf4/odr-cluster-operator-bundle@sha256:8e0d79006984c3501ea066054cca610b92c109183ae13969c0e81ee03acedc84_amd64", "8Base-RHODF-4.12:odf4/odr-hub-operator-bundle@sha256:2d884bb224a503deb344ac6a4895d6a6d0fe5ab364651eecf923204507c9c92b_ppc64le", "8Base-RHODF-4.12:odf4/odr-hub-operator-bundle@sha256:666c7cec9f2fd6d91b1839fd85576d84d0856a03b27e341e12f9c28ad301f594_amd64", "8Base-RHODF-4.12:odf4/odr-hub-operator-bundle@sha256:c143b2cb9690b850b28d2f5c5394d5e4abefd5404fb41a17c5106058ff241286_s390x", "8Base-RHODF-4.12:odf4/odr-rhel8-operator@sha256:79b66652c0aea87822f578c55963ca948b2e1697caad5ea460e6555a78136039_amd64", "8Base-RHODF-4.12:odf4/odr-rhel8-operator@sha256:aa26f97020ed13ab7092b7a0aa05458a8775e4b4e936e4b9df9a96297df1f5b8_ppc64le", "8Base-RHODF-4.12:odf4/odr-rhel8-operator@sha256:eafa31da6f87efcf476ab63d3b11ed8c7a42e67ef42a2494e70a5fe085e40438_s390x", "8Base-RHODF-4.12:odf4/rook-ceph-rhel8-operator@sha256:198645ebf6a69810821c2d7644347b8abf918d89bbc2fcfc880ec28e924598f2_ppc64le", "8Base-RHODF-4.12:odf4/rook-ceph-rhel8-operator@sha256:460433c554ff60bbac0b3dd267c6a0ab65c4837df3b2e5052e86f6e9145833ee_amd64", "8Base-RHODF-4.12:odf4/rook-ceph-rhel8-operator@sha256:72c63ded186464f185d399145e25ed21ea1a07c52ab842eebdaff224cc2e7998_s390x" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-23539" }, { "category": "external", "summary": "RHBZ#2155978", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2155978" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-23539", "url": "https://www.cve.org/CVERecord?id=CVE-2022-23539" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-23539", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-23539" }, { "category": "external", "summary": "https://github.com/auth0/node-jsonwebtoken/security/advisories/GHSA-8cf7-32gw-wr33", "url": "https://github.com/auth0/node-jsonwebtoken/security/advisories/GHSA-8cf7-32gw-wr33" } ], "release_date": "2022-12-23T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-05-23T09:17:22+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "8Base-RHODF-4.12:odf4/mcg-core-rhel8@sha256:22cd2909e1b21b9ab56dc491fefb309a8a9088d85c928901b293267bb4efa6c7_ppc64le", "8Base-RHODF-4.12:odf4/mcg-core-rhel8@sha256:5e7b40a8f03ee5a607eb911b2fe731c9fe65bfa8a54067c0987d94f02ff8bef9_s390x", "8Base-RHODF-4.12:odf4/mcg-core-rhel8@sha256:e0c221ae29034b17db88998d4703a1d515778d17a8ce40737fa711fad2726c5c_amd64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:3265" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 8.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N", "version": "3.1" }, "products": [ "8Base-RHODF-4.12:odf4/cephcsi-rhel8@sha256:55c1cdf2a7c32c5e32eb2ff3372bbb3b46e3b2da39cca535db32a7aefbbb73a6_ppc64le", "8Base-RHODF-4.12:odf4/cephcsi-rhel8@sha256:659ceb51c00824013f07d159bd689433ce41068f010b006047b750f75f134cb2_s390x", "8Base-RHODF-4.12:odf4/cephcsi-rhel8@sha256:db90c6bf02b4e7b40538ed52ee4e3d27733c24bf434610277b26b2ee5ae32f53_amd64", "8Base-RHODF-4.12:odf4/mcg-core-rhel8@sha256:22cd2909e1b21b9ab56dc491fefb309a8a9088d85c928901b293267bb4efa6c7_ppc64le", "8Base-RHODF-4.12:odf4/mcg-core-rhel8@sha256:5e7b40a8f03ee5a607eb911b2fe731c9fe65bfa8a54067c0987d94f02ff8bef9_s390x", "8Base-RHODF-4.12:odf4/mcg-core-rhel8@sha256:e0c221ae29034b17db88998d4703a1d515778d17a8ce40737fa711fad2726c5c_amd64", "8Base-RHODF-4.12:odf4/mcg-operator-bundle@sha256:0d03a74a889701f101ec0b3d454a8ad133a58a020b05e84addbd0c0393c62b45_amd64", "8Base-RHODF-4.12:odf4/mcg-operator-bundle@sha256:b20a7b4b7e31cbb0edac695572c6ea28075e260a8c68b6135a9dd25af2dc3460_s390x", "8Base-RHODF-4.12:odf4/mcg-operator-bundle@sha256:bf058dd17e1f5b3c5b2ac4ea900eaf5fdd383564430aa6d0eaf0a7ae43f4feb7_ppc64le", "8Base-RHODF-4.12:odf4/mcg-rhel8-operator@sha256:2a393d0fe0de3da3358b578b123283f21b2433c6d50f1c512a48732409d11fce_ppc64le", "8Base-RHODF-4.12:odf4/mcg-rhel8-operator@sha256:7c84f6197194047448c2d39d7d880555baf521d9c462e23b5342652eebcee3ec_s390x", "8Base-RHODF-4.12:odf4/mcg-rhel8-operator@sha256:cd09a1ccd0b8795385d965ccf2910c231ee5f08c7d62ef4725a59b553192595a_amd64", "8Base-RHODF-4.12:odf4/ocs-client-operator-bundle@sha256:0d4efd40efb2fbac2fd4b31e08ec36ddc2a5c7a558f83a1a1b41ab27be8c71c6_s390x", "8Base-RHODF-4.12:odf4/ocs-client-operator-bundle@sha256:25252d3fabe165984b424b74437c428dc4f635aba06e245b3a1cc5e309bdf9df_ppc64le", "8Base-RHODF-4.12:odf4/ocs-client-operator-bundle@sha256:572921e5851d187787f22b25f349dee75d0383e959440372a159acc8dd7c17a1_amd64", "8Base-RHODF-4.12:odf4/ocs-client-rhel8-operator@sha256:0f05a9eb9f6528447456ffab6f86a354990745c7d994095b4c9fa8a9748159ea_amd64", "8Base-RHODF-4.12:odf4/ocs-client-rhel8-operator@sha256:7d55b8c8f830ef6e54078ad66c79b69e356d2e4cd391f60db6be473033f299a5_ppc64le", "8Base-RHODF-4.12:odf4/ocs-client-rhel8-operator@sha256:ed6b5f49ec14f96b5be3b1e858648a613278713ca3e413b4172e6f57c5922d2f_s390x", "8Base-RHODF-4.12:odf4/ocs-metrics-exporter-rhel8@sha256:39c37b2a5cb55ca71c823b74f0b4c75ac61ef88d7f22c7abadc9b1ef5d077b20_amd64", "8Base-RHODF-4.12:odf4/ocs-metrics-exporter-rhel8@sha256:6d4dbcdd641b71ef7e6c6269a8a706fddaa2d137ca5e2d07c29766e620de205f_ppc64le", "8Base-RHODF-4.12:odf4/ocs-metrics-exporter-rhel8@sha256:7c4ab2dca6e1ebc5b89014e4ec253e19473d6ae44f0d150dd8e7d22458056300_s390x", "8Base-RHODF-4.12:odf4/ocs-must-gather-rhel8@sha256:68992b4619ea57b8ab612278c1a02782b855b57bd436ae2c2395b6c55211d816_s390x", "8Base-RHODF-4.12:odf4/ocs-must-gather-rhel8@sha256:89a3457444d77fcc15546138ad259e2ccb29bfd7007dcb3dc3639c5a47c799c3_ppc64le", "8Base-RHODF-4.12:odf4/ocs-must-gather-rhel8@sha256:fa7d06a3c4204ee865eb284393faefacdd2113fa5bdb7412c3b7b6473852832b_amd64", "8Base-RHODF-4.12:odf4/ocs-operator-bundle@sha256:5a7bc8abfd378a1314ebea571ba0483abaca80867fe7fdc1d0cb99772981a503_s390x", "8Base-RHODF-4.12:odf4/ocs-operator-bundle@sha256:ace10d33f03530bad02e5f5aade65ebdb78e42e664a62595e510d4edabd64f60_amd64", "8Base-RHODF-4.12:odf4/ocs-operator-bundle@sha256:d4bec711f42d23753357d1e73be1e35d6781424d22b295371d9622dccc0b33aa_ppc64le", "8Base-RHODF-4.12:odf4/ocs-rhel8-operator@sha256:b9d941ef97de91ce2c67405c956f308ac39a966f88901cb7299c7d32f15fc1f6_amd64", "8Base-RHODF-4.12:odf4/ocs-rhel8-operator@sha256:c5bb36336e3280dbc6fe2f969c73f40f31fbdfecf89e55b0bb8d2b83fa579644_s390x", "8Base-RHODF-4.12:odf4/ocs-rhel8-operator@sha256:e5ca033f2b87a40dc028df91b14c5fd92342f6599ff07b08b0c5a7f06b9e3257_ppc64le", "8Base-RHODF-4.12:odf4/odf-console-rhel8@sha256:6f1fc5945bafbf023825d576e2994f484eff88c7c34fcbd8a2234a7b144b42c1_ppc64le", "8Base-RHODF-4.12:odf4/odf-console-rhel8@sha256:7918fcabebe3d881e2a6bbcb424ac6b99bd96f13775eb3f9c455b7890c728873_amd64", "8Base-RHODF-4.12:odf4/odf-console-rhel8@sha256:b3d6539df6ca21e8bfb772991cf1c0103ad20388159996e83f6f400a64d93a89_s390x", "8Base-RHODF-4.12:odf4/odf-csi-addons-operator-bundle@sha256:5c7ff483da2eb34694a59d2826d0e18309aff8f254650008ecfb5c03629d9442_amd64", "8Base-RHODF-4.12:odf4/odf-csi-addons-operator-bundle@sha256:b1fad19bb8ed92f5340ba5cfaa2c6f435831712d384e0c222bb997cbb811c4be_ppc64le", "8Base-RHODF-4.12:odf4/odf-csi-addons-operator-bundle@sha256:c58240dff0db8328d56d36fd2bcdcdfdb43ebaebbe445628150e6e6079439ae6_s390x", "8Base-RHODF-4.12:odf4/odf-csi-addons-rhel8-operator@sha256:3245c50b363c3cadf2758934e273ffe8fcac489a303d2c39afea79abac1b52fb_ppc64le", "8Base-RHODF-4.12:odf4/odf-csi-addons-rhel8-operator@sha256:40c893b1ee61cb6f174da357578299bf21e26fd1dca73fc4d0664da564df84f1_amd64", "8Base-RHODF-4.12:odf4/odf-csi-addons-rhel8-operator@sha256:f6a9c322c4dff132bbf01d1fc088a5988b5174ca953054c7d722bbd837b7d23b_s390x", "8Base-RHODF-4.12:odf4/odf-csi-addons-sidecar-rhel8@sha256:06b915bf990e0a8b3679ad5fab4a98c155b02a88110d47429fc26c4b7fc54ca0_ppc64le", "8Base-RHODF-4.12:odf4/odf-csi-addons-sidecar-rhel8@sha256:8f812808ce2767198968eb49004d1d0a6b70cb5ad19f306e78c84c1aa7b3775c_s390x", "8Base-RHODF-4.12:odf4/odf-csi-addons-sidecar-rhel8@sha256:ceaafe96af89589eb486ba74733e34ee3e202c346aad2773ed70d707ad7e2d42_amd64", "8Base-RHODF-4.12:odf4/odf-multicluster-console-rhel8@sha256:390481a9f0f0769056df89f5ce3cb2fbbeadf0e2f8d44469f68a9291e2d9fa48_s390x", "8Base-RHODF-4.12:odf4/odf-multicluster-console-rhel8@sha256:9eafc473d37d35fe5a84b36b8d3bf9876f529efd8b37ef4ff738cecb8b0f5389_ppc64le", "8Base-RHODF-4.12:odf4/odf-multicluster-console-rhel8@sha256:c6984aabd7dae84be1a3b114ca36d4cdc655b271000540709ce978ad4e3e7159_amd64", "8Base-RHODF-4.12:odf4/odf-multicluster-operator-bundle@sha256:2afd8dc3f15a7eadad49f3c18d00ef9136dbf59f26e5b8345b16f92233dbd352_s390x", "8Base-RHODF-4.12:odf4/odf-multicluster-operator-bundle@sha256:4e36ce74a62b99f65ff1ce1a6b228ea34b5f6a18a5aad490ac2316ae141f4f2a_ppc64le", "8Base-RHODF-4.12:odf4/odf-multicluster-operator-bundle@sha256:b4aaf641c7117bea99bcf3bb2f58409935b22e72039105c5aa3f086f04775f7b_amd64", "8Base-RHODF-4.12:odf4/odf-multicluster-rhel8-operator@sha256:2d18752f56076d91b6fcbdad4e934cada87ba270532c522e7da2239f5b6f6d7d_ppc64le", "8Base-RHODF-4.12:odf4/odf-multicluster-rhel8-operator@sha256:ce78718d4271a615f37066af652439409f7e7dcf2c5734185a3961c8e83ac4b4_s390x", "8Base-RHODF-4.12:odf4/odf-multicluster-rhel8-operator@sha256:d3e3b0788e28b8c82b770b2db622f2d9dfa83ac2b3f7a4e37742565089dc8fd8_amd64", "8Base-RHODF-4.12:odf4/odf-operator-bundle@sha256:75bab2b59593c31c4ae170b02f45ab193f8b5fb37eae53998bd2069662fc0efc_ppc64le", "8Base-RHODF-4.12:odf4/odf-operator-bundle@sha256:a912aa614bfd273fb6e6da47c32d00ca5aa4a45af3edfeb5f9f870ba4797a5ec_s390x", "8Base-RHODF-4.12:odf4/odf-operator-bundle@sha256:f6182960abfce0ccb509a25ab8fb8780a8e2d73852d589e8295c16d992bb2ff6_amd64", "8Base-RHODF-4.12:odf4/odf-rhel8-operator@sha256:1e3deb6461dae99c94b20f70e4c155551e8579287c1696f752a89c8098953f8d_s390x", "8Base-RHODF-4.12:odf4/odf-rhel8-operator@sha256:cd5ed37c3bd5ad385a3a88dc290456dbde3ba6af2501750a3d1ce25d40e82401_amd64", "8Base-RHODF-4.12:odf4/odf-rhel8-operator@sha256:f53714b582b603bc851349cc4804f27235940fd577ed5b86ccad836a31ddc3fb_ppc64le", "8Base-RHODF-4.12:odf4/odr-cluster-operator-bundle@sha256:78a8b463c8d4161b556c821210eae69243fc73ceb90db49f4ca055a38acde6e0_s390x", "8Base-RHODF-4.12:odf4/odr-cluster-operator-bundle@sha256:7c89ebe7245e3514f6e63d1eca3247b0922e88d232b41c43245d2594e29b27d7_ppc64le", "8Base-RHODF-4.12:odf4/odr-cluster-operator-bundle@sha256:8e0d79006984c3501ea066054cca610b92c109183ae13969c0e81ee03acedc84_amd64", "8Base-RHODF-4.12:odf4/odr-hub-operator-bundle@sha256:2d884bb224a503deb344ac6a4895d6a6d0fe5ab364651eecf923204507c9c92b_ppc64le", "8Base-RHODF-4.12:odf4/odr-hub-operator-bundle@sha256:666c7cec9f2fd6d91b1839fd85576d84d0856a03b27e341e12f9c28ad301f594_amd64", "8Base-RHODF-4.12:odf4/odr-hub-operator-bundle@sha256:c143b2cb9690b850b28d2f5c5394d5e4abefd5404fb41a17c5106058ff241286_s390x", "8Base-RHODF-4.12:odf4/odr-rhel8-operator@sha256:79b66652c0aea87822f578c55963ca948b2e1697caad5ea460e6555a78136039_amd64", "8Base-RHODF-4.12:odf4/odr-rhel8-operator@sha256:aa26f97020ed13ab7092b7a0aa05458a8775e4b4e936e4b9df9a96297df1f5b8_ppc64le", "8Base-RHODF-4.12:odf4/odr-rhel8-operator@sha256:eafa31da6f87efcf476ab63d3b11ed8c7a42e67ef42a2494e70a5fe085e40438_s390x", "8Base-RHODF-4.12:odf4/rook-ceph-rhel8-operator@sha256:198645ebf6a69810821c2d7644347b8abf918d89bbc2fcfc880ec28e924598f2_ppc64le", "8Base-RHODF-4.12:odf4/rook-ceph-rhel8-operator@sha256:460433c554ff60bbac0b3dd267c6a0ab65c4837df3b2e5052e86f6e9145833ee_amd64", "8Base-RHODF-4.12:odf4/rook-ceph-rhel8-operator@sha256:72c63ded186464f185d399145e25ed21ea1a07c52ab842eebdaff224cc2e7998_s390x" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "jsonwebtoken: Unrestricted key type could lead to legacy keys usagen" }, { "cve": "CVE-2022-24999", "cwe": { "id": "CWE-1321", "name": "Improperly Controlled Modification of Object Prototype Attributes (\u0027Prototype Pollution\u0027)" }, "discovery_date": "2022-12-02T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "8Base-RHODF-4.12:odf4/cephcsi-rhel8@sha256:55c1cdf2a7c32c5e32eb2ff3372bbb3b46e3b2da39cca535db32a7aefbbb73a6_ppc64le", "8Base-RHODF-4.12:odf4/cephcsi-rhel8@sha256:659ceb51c00824013f07d159bd689433ce41068f010b006047b750f75f134cb2_s390x", "8Base-RHODF-4.12:odf4/cephcsi-rhel8@sha256:db90c6bf02b4e7b40538ed52ee4e3d27733c24bf434610277b26b2ee5ae32f53_amd64", "8Base-RHODF-4.12:odf4/mcg-operator-bundle@sha256:0d03a74a889701f101ec0b3d454a8ad133a58a020b05e84addbd0c0393c62b45_amd64", "8Base-RHODF-4.12:odf4/mcg-operator-bundle@sha256:b20a7b4b7e31cbb0edac695572c6ea28075e260a8c68b6135a9dd25af2dc3460_s390x", "8Base-RHODF-4.12:odf4/mcg-operator-bundle@sha256:bf058dd17e1f5b3c5b2ac4ea900eaf5fdd383564430aa6d0eaf0a7ae43f4feb7_ppc64le", "8Base-RHODF-4.12:odf4/mcg-rhel8-operator@sha256:2a393d0fe0de3da3358b578b123283f21b2433c6d50f1c512a48732409d11fce_ppc64le", "8Base-RHODF-4.12:odf4/mcg-rhel8-operator@sha256:7c84f6197194047448c2d39d7d880555baf521d9c462e23b5342652eebcee3ec_s390x", "8Base-RHODF-4.12:odf4/mcg-rhel8-operator@sha256:cd09a1ccd0b8795385d965ccf2910c231ee5f08c7d62ef4725a59b553192595a_amd64", "8Base-RHODF-4.12:odf4/ocs-client-operator-bundle@sha256:0d4efd40efb2fbac2fd4b31e08ec36ddc2a5c7a558f83a1a1b41ab27be8c71c6_s390x", "8Base-RHODF-4.12:odf4/ocs-client-operator-bundle@sha256:25252d3fabe165984b424b74437c428dc4f635aba06e245b3a1cc5e309bdf9df_ppc64le", "8Base-RHODF-4.12:odf4/ocs-client-operator-bundle@sha256:572921e5851d187787f22b25f349dee75d0383e959440372a159acc8dd7c17a1_amd64", "8Base-RHODF-4.12:odf4/ocs-client-rhel8-operator@sha256:0f05a9eb9f6528447456ffab6f86a354990745c7d994095b4c9fa8a9748159ea_amd64", "8Base-RHODF-4.12:odf4/ocs-client-rhel8-operator@sha256:7d55b8c8f830ef6e54078ad66c79b69e356d2e4cd391f60db6be473033f299a5_ppc64le", "8Base-RHODF-4.12:odf4/ocs-client-rhel8-operator@sha256:ed6b5f49ec14f96b5be3b1e858648a613278713ca3e413b4172e6f57c5922d2f_s390x", "8Base-RHODF-4.12:odf4/ocs-metrics-exporter-rhel8@sha256:39c37b2a5cb55ca71c823b74f0b4c75ac61ef88d7f22c7abadc9b1ef5d077b20_amd64", "8Base-RHODF-4.12:odf4/ocs-metrics-exporter-rhel8@sha256:6d4dbcdd641b71ef7e6c6269a8a706fddaa2d137ca5e2d07c29766e620de205f_ppc64le", "8Base-RHODF-4.12:odf4/ocs-metrics-exporter-rhel8@sha256:7c4ab2dca6e1ebc5b89014e4ec253e19473d6ae44f0d150dd8e7d22458056300_s390x", "8Base-RHODF-4.12:odf4/ocs-must-gather-rhel8@sha256:68992b4619ea57b8ab612278c1a02782b855b57bd436ae2c2395b6c55211d816_s390x", "8Base-RHODF-4.12:odf4/ocs-must-gather-rhel8@sha256:89a3457444d77fcc15546138ad259e2ccb29bfd7007dcb3dc3639c5a47c799c3_ppc64le", "8Base-RHODF-4.12:odf4/ocs-must-gather-rhel8@sha256:fa7d06a3c4204ee865eb284393faefacdd2113fa5bdb7412c3b7b6473852832b_amd64", "8Base-RHODF-4.12:odf4/ocs-operator-bundle@sha256:5a7bc8abfd378a1314ebea571ba0483abaca80867fe7fdc1d0cb99772981a503_s390x", "8Base-RHODF-4.12:odf4/ocs-operator-bundle@sha256:ace10d33f03530bad02e5f5aade65ebdb78e42e664a62595e510d4edabd64f60_amd64", "8Base-RHODF-4.12:odf4/ocs-operator-bundle@sha256:d4bec711f42d23753357d1e73be1e35d6781424d22b295371d9622dccc0b33aa_ppc64le", "8Base-RHODF-4.12:odf4/ocs-rhel8-operator@sha256:b9d941ef97de91ce2c67405c956f308ac39a966f88901cb7299c7d32f15fc1f6_amd64", "8Base-RHODF-4.12:odf4/ocs-rhel8-operator@sha256:c5bb36336e3280dbc6fe2f969c73f40f31fbdfecf89e55b0bb8d2b83fa579644_s390x", "8Base-RHODF-4.12:odf4/ocs-rhel8-operator@sha256:e5ca033f2b87a40dc028df91b14c5fd92342f6599ff07b08b0c5a7f06b9e3257_ppc64le", "8Base-RHODF-4.12:odf4/odf-console-rhel8@sha256:6f1fc5945bafbf023825d576e2994f484eff88c7c34fcbd8a2234a7b144b42c1_ppc64le", "8Base-RHODF-4.12:odf4/odf-console-rhel8@sha256:7918fcabebe3d881e2a6bbcb424ac6b99bd96f13775eb3f9c455b7890c728873_amd64", "8Base-RHODF-4.12:odf4/odf-console-rhel8@sha256:b3d6539df6ca21e8bfb772991cf1c0103ad20388159996e83f6f400a64d93a89_s390x", "8Base-RHODF-4.12:odf4/odf-csi-addons-operator-bundle@sha256:5c7ff483da2eb34694a59d2826d0e18309aff8f254650008ecfb5c03629d9442_amd64", "8Base-RHODF-4.12:odf4/odf-csi-addons-operator-bundle@sha256:b1fad19bb8ed92f5340ba5cfaa2c6f435831712d384e0c222bb997cbb811c4be_ppc64le", "8Base-RHODF-4.12:odf4/odf-csi-addons-operator-bundle@sha256:c58240dff0db8328d56d36fd2bcdcdfdb43ebaebbe445628150e6e6079439ae6_s390x", "8Base-RHODF-4.12:odf4/odf-csi-addons-rhel8-operator@sha256:3245c50b363c3cadf2758934e273ffe8fcac489a303d2c39afea79abac1b52fb_ppc64le", "8Base-RHODF-4.12:odf4/odf-csi-addons-rhel8-operator@sha256:40c893b1ee61cb6f174da357578299bf21e26fd1dca73fc4d0664da564df84f1_amd64", "8Base-RHODF-4.12:odf4/odf-csi-addons-rhel8-operator@sha256:f6a9c322c4dff132bbf01d1fc088a5988b5174ca953054c7d722bbd837b7d23b_s390x", "8Base-RHODF-4.12:odf4/odf-csi-addons-sidecar-rhel8@sha256:06b915bf990e0a8b3679ad5fab4a98c155b02a88110d47429fc26c4b7fc54ca0_ppc64le", "8Base-RHODF-4.12:odf4/odf-csi-addons-sidecar-rhel8@sha256:8f812808ce2767198968eb49004d1d0a6b70cb5ad19f306e78c84c1aa7b3775c_s390x", "8Base-RHODF-4.12:odf4/odf-csi-addons-sidecar-rhel8@sha256:ceaafe96af89589eb486ba74733e34ee3e202c346aad2773ed70d707ad7e2d42_amd64", "8Base-RHODF-4.12:odf4/odf-multicluster-console-rhel8@sha256:390481a9f0f0769056df89f5ce3cb2fbbeadf0e2f8d44469f68a9291e2d9fa48_s390x", "8Base-RHODF-4.12:odf4/odf-multicluster-console-rhel8@sha256:9eafc473d37d35fe5a84b36b8d3bf9876f529efd8b37ef4ff738cecb8b0f5389_ppc64le", "8Base-RHODF-4.12:odf4/odf-multicluster-console-rhel8@sha256:c6984aabd7dae84be1a3b114ca36d4cdc655b271000540709ce978ad4e3e7159_amd64", "8Base-RHODF-4.12:odf4/odf-multicluster-operator-bundle@sha256:2afd8dc3f15a7eadad49f3c18d00ef9136dbf59f26e5b8345b16f92233dbd352_s390x", "8Base-RHODF-4.12:odf4/odf-multicluster-operator-bundle@sha256:4e36ce74a62b99f65ff1ce1a6b228ea34b5f6a18a5aad490ac2316ae141f4f2a_ppc64le", "8Base-RHODF-4.12:odf4/odf-multicluster-operator-bundle@sha256:b4aaf641c7117bea99bcf3bb2f58409935b22e72039105c5aa3f086f04775f7b_amd64", "8Base-RHODF-4.12:odf4/odf-multicluster-rhel8-operator@sha256:2d18752f56076d91b6fcbdad4e934cada87ba270532c522e7da2239f5b6f6d7d_ppc64le", "8Base-RHODF-4.12:odf4/odf-multicluster-rhel8-operator@sha256:ce78718d4271a615f37066af652439409f7e7dcf2c5734185a3961c8e83ac4b4_s390x", "8Base-RHODF-4.12:odf4/odf-multicluster-rhel8-operator@sha256:d3e3b0788e28b8c82b770b2db622f2d9dfa83ac2b3f7a4e37742565089dc8fd8_amd64", "8Base-RHODF-4.12:odf4/odf-operator-bundle@sha256:75bab2b59593c31c4ae170b02f45ab193f8b5fb37eae53998bd2069662fc0efc_ppc64le", "8Base-RHODF-4.12:odf4/odf-operator-bundle@sha256:a912aa614bfd273fb6e6da47c32d00ca5aa4a45af3edfeb5f9f870ba4797a5ec_s390x", "8Base-RHODF-4.12:odf4/odf-operator-bundle@sha256:f6182960abfce0ccb509a25ab8fb8780a8e2d73852d589e8295c16d992bb2ff6_amd64", "8Base-RHODF-4.12:odf4/odf-rhel8-operator@sha256:1e3deb6461dae99c94b20f70e4c155551e8579287c1696f752a89c8098953f8d_s390x", "8Base-RHODF-4.12:odf4/odf-rhel8-operator@sha256:cd5ed37c3bd5ad385a3a88dc290456dbde3ba6af2501750a3d1ce25d40e82401_amd64", "8Base-RHODF-4.12:odf4/odf-rhel8-operator@sha256:f53714b582b603bc851349cc4804f27235940fd577ed5b86ccad836a31ddc3fb_ppc64le", "8Base-RHODF-4.12:odf4/odr-cluster-operator-bundle@sha256:78a8b463c8d4161b556c821210eae69243fc73ceb90db49f4ca055a38acde6e0_s390x", "8Base-RHODF-4.12:odf4/odr-cluster-operator-bundle@sha256:7c89ebe7245e3514f6e63d1eca3247b0922e88d232b41c43245d2594e29b27d7_ppc64le", "8Base-RHODF-4.12:odf4/odr-cluster-operator-bundle@sha256:8e0d79006984c3501ea066054cca610b92c109183ae13969c0e81ee03acedc84_amd64", "8Base-RHODF-4.12:odf4/odr-hub-operator-bundle@sha256:2d884bb224a503deb344ac6a4895d6a6d0fe5ab364651eecf923204507c9c92b_ppc64le", "8Base-RHODF-4.12:odf4/odr-hub-operator-bundle@sha256:666c7cec9f2fd6d91b1839fd85576d84d0856a03b27e341e12f9c28ad301f594_amd64", "8Base-RHODF-4.12:odf4/odr-hub-operator-bundle@sha256:c143b2cb9690b850b28d2f5c5394d5e4abefd5404fb41a17c5106058ff241286_s390x", "8Base-RHODF-4.12:odf4/odr-rhel8-operator@sha256:79b66652c0aea87822f578c55963ca948b2e1697caad5ea460e6555a78136039_amd64", "8Base-RHODF-4.12:odf4/odr-rhel8-operator@sha256:aa26f97020ed13ab7092b7a0aa05458a8775e4b4e936e4b9df9a96297df1f5b8_ppc64le", "8Base-RHODF-4.12:odf4/odr-rhel8-operator@sha256:eafa31da6f87efcf476ab63d3b11ed8c7a42e67ef42a2494e70a5fe085e40438_s390x", "8Base-RHODF-4.12:odf4/rook-ceph-rhel8-operator@sha256:198645ebf6a69810821c2d7644347b8abf918d89bbc2fcfc880ec28e924598f2_ppc64le", "8Base-RHODF-4.12:odf4/rook-ceph-rhel8-operator@sha256:460433c554ff60bbac0b3dd267c6a0ab65c4837df3b2e5052e86f6e9145833ee_amd64", "8Base-RHODF-4.12:odf4/rook-ceph-rhel8-operator@sha256:72c63ded186464f185d399145e25ed21ea1a07c52ab842eebdaff224cc2e7998_s390x" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2150323" } ], "notes": [ { "category": "description", "text": "A flaw was found in the express.js npm package of nodejs:14 module stream. Express.js Express is vulnerable to a denial of service caused by a prototype pollution flaw in qs. By adding or modifying properties of Object.prototype using a __proto__ or constructor payload, a remote attacker can cause a denial of service.", "title": "Vulnerability description" }, { "category": "summary", "text": "express: \"qs\" prototype poisoning causes the hang of the node process", "title": "Vulnerability summary" }, { "category": "other", "text": "- The qs and express Package is not used by the OpenShift Container Platform console directly and is only a third-party package dependency. Hence, it is marked as wontfix. \nAs a result, any services that depend on Openshift for their use of qs and express are marked won\u0027t fix. \n- In OpenShift Service Mesh, \u0027qs\u0027 is hoisted from storybook and node-sass, both are dev dependencies, and the vulnerability is not exposed to end users. Hence marked as wontfix.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-RHODF-4.12:odf4/mcg-core-rhel8@sha256:22cd2909e1b21b9ab56dc491fefb309a8a9088d85c928901b293267bb4efa6c7_ppc64le", "8Base-RHODF-4.12:odf4/mcg-core-rhel8@sha256:5e7b40a8f03ee5a607eb911b2fe731c9fe65bfa8a54067c0987d94f02ff8bef9_s390x", "8Base-RHODF-4.12:odf4/mcg-core-rhel8@sha256:e0c221ae29034b17db88998d4703a1d515778d17a8ce40737fa711fad2726c5c_amd64" ], "known_not_affected": [ "8Base-RHODF-4.12:odf4/cephcsi-rhel8@sha256:55c1cdf2a7c32c5e32eb2ff3372bbb3b46e3b2da39cca535db32a7aefbbb73a6_ppc64le", "8Base-RHODF-4.12:odf4/cephcsi-rhel8@sha256:659ceb51c00824013f07d159bd689433ce41068f010b006047b750f75f134cb2_s390x", "8Base-RHODF-4.12:odf4/cephcsi-rhel8@sha256:db90c6bf02b4e7b40538ed52ee4e3d27733c24bf434610277b26b2ee5ae32f53_amd64", "8Base-RHODF-4.12:odf4/mcg-operator-bundle@sha256:0d03a74a889701f101ec0b3d454a8ad133a58a020b05e84addbd0c0393c62b45_amd64", "8Base-RHODF-4.12:odf4/mcg-operator-bundle@sha256:b20a7b4b7e31cbb0edac695572c6ea28075e260a8c68b6135a9dd25af2dc3460_s390x", "8Base-RHODF-4.12:odf4/mcg-operator-bundle@sha256:bf058dd17e1f5b3c5b2ac4ea900eaf5fdd383564430aa6d0eaf0a7ae43f4feb7_ppc64le", "8Base-RHODF-4.12:odf4/mcg-rhel8-operator@sha256:2a393d0fe0de3da3358b578b123283f21b2433c6d50f1c512a48732409d11fce_ppc64le", "8Base-RHODF-4.12:odf4/mcg-rhel8-operator@sha256:7c84f6197194047448c2d39d7d880555baf521d9c462e23b5342652eebcee3ec_s390x", "8Base-RHODF-4.12:odf4/mcg-rhel8-operator@sha256:cd09a1ccd0b8795385d965ccf2910c231ee5f08c7d62ef4725a59b553192595a_amd64", "8Base-RHODF-4.12:odf4/ocs-client-operator-bundle@sha256:0d4efd40efb2fbac2fd4b31e08ec36ddc2a5c7a558f83a1a1b41ab27be8c71c6_s390x", "8Base-RHODF-4.12:odf4/ocs-client-operator-bundle@sha256:25252d3fabe165984b424b74437c428dc4f635aba06e245b3a1cc5e309bdf9df_ppc64le", "8Base-RHODF-4.12:odf4/ocs-client-operator-bundle@sha256:572921e5851d187787f22b25f349dee75d0383e959440372a159acc8dd7c17a1_amd64", "8Base-RHODF-4.12:odf4/ocs-client-rhel8-operator@sha256:0f05a9eb9f6528447456ffab6f86a354990745c7d994095b4c9fa8a9748159ea_amd64", "8Base-RHODF-4.12:odf4/ocs-client-rhel8-operator@sha256:7d55b8c8f830ef6e54078ad66c79b69e356d2e4cd391f60db6be473033f299a5_ppc64le", "8Base-RHODF-4.12:odf4/ocs-client-rhel8-operator@sha256:ed6b5f49ec14f96b5be3b1e858648a613278713ca3e413b4172e6f57c5922d2f_s390x", "8Base-RHODF-4.12:odf4/ocs-metrics-exporter-rhel8@sha256:39c37b2a5cb55ca71c823b74f0b4c75ac61ef88d7f22c7abadc9b1ef5d077b20_amd64", "8Base-RHODF-4.12:odf4/ocs-metrics-exporter-rhel8@sha256:6d4dbcdd641b71ef7e6c6269a8a706fddaa2d137ca5e2d07c29766e620de205f_ppc64le", "8Base-RHODF-4.12:odf4/ocs-metrics-exporter-rhel8@sha256:7c4ab2dca6e1ebc5b89014e4ec253e19473d6ae44f0d150dd8e7d22458056300_s390x", "8Base-RHODF-4.12:odf4/ocs-must-gather-rhel8@sha256:68992b4619ea57b8ab612278c1a02782b855b57bd436ae2c2395b6c55211d816_s390x", "8Base-RHODF-4.12:odf4/ocs-must-gather-rhel8@sha256:89a3457444d77fcc15546138ad259e2ccb29bfd7007dcb3dc3639c5a47c799c3_ppc64le", "8Base-RHODF-4.12:odf4/ocs-must-gather-rhel8@sha256:fa7d06a3c4204ee865eb284393faefacdd2113fa5bdb7412c3b7b6473852832b_amd64", "8Base-RHODF-4.12:odf4/ocs-operator-bundle@sha256:5a7bc8abfd378a1314ebea571ba0483abaca80867fe7fdc1d0cb99772981a503_s390x", "8Base-RHODF-4.12:odf4/ocs-operator-bundle@sha256:ace10d33f03530bad02e5f5aade65ebdb78e42e664a62595e510d4edabd64f60_amd64", "8Base-RHODF-4.12:odf4/ocs-operator-bundle@sha256:d4bec711f42d23753357d1e73be1e35d6781424d22b295371d9622dccc0b33aa_ppc64le", "8Base-RHODF-4.12:odf4/ocs-rhel8-operator@sha256:b9d941ef97de91ce2c67405c956f308ac39a966f88901cb7299c7d32f15fc1f6_amd64", "8Base-RHODF-4.12:odf4/ocs-rhel8-operator@sha256:c5bb36336e3280dbc6fe2f969c73f40f31fbdfecf89e55b0bb8d2b83fa579644_s390x", "8Base-RHODF-4.12:odf4/ocs-rhel8-operator@sha256:e5ca033f2b87a40dc028df91b14c5fd92342f6599ff07b08b0c5a7f06b9e3257_ppc64le", "8Base-RHODF-4.12:odf4/odf-console-rhel8@sha256:6f1fc5945bafbf023825d576e2994f484eff88c7c34fcbd8a2234a7b144b42c1_ppc64le", "8Base-RHODF-4.12:odf4/odf-console-rhel8@sha256:7918fcabebe3d881e2a6bbcb424ac6b99bd96f13775eb3f9c455b7890c728873_amd64", "8Base-RHODF-4.12:odf4/odf-console-rhel8@sha256:b3d6539df6ca21e8bfb772991cf1c0103ad20388159996e83f6f400a64d93a89_s390x", "8Base-RHODF-4.12:odf4/odf-csi-addons-operator-bundle@sha256:5c7ff483da2eb34694a59d2826d0e18309aff8f254650008ecfb5c03629d9442_amd64", "8Base-RHODF-4.12:odf4/odf-csi-addons-operator-bundle@sha256:b1fad19bb8ed92f5340ba5cfaa2c6f435831712d384e0c222bb997cbb811c4be_ppc64le", "8Base-RHODF-4.12:odf4/odf-csi-addons-operator-bundle@sha256:c58240dff0db8328d56d36fd2bcdcdfdb43ebaebbe445628150e6e6079439ae6_s390x", "8Base-RHODF-4.12:odf4/odf-csi-addons-rhel8-operator@sha256:3245c50b363c3cadf2758934e273ffe8fcac489a303d2c39afea79abac1b52fb_ppc64le", "8Base-RHODF-4.12:odf4/odf-csi-addons-rhel8-operator@sha256:40c893b1ee61cb6f174da357578299bf21e26fd1dca73fc4d0664da564df84f1_amd64", "8Base-RHODF-4.12:odf4/odf-csi-addons-rhel8-operator@sha256:f6a9c322c4dff132bbf01d1fc088a5988b5174ca953054c7d722bbd837b7d23b_s390x", "8Base-RHODF-4.12:odf4/odf-csi-addons-sidecar-rhel8@sha256:06b915bf990e0a8b3679ad5fab4a98c155b02a88110d47429fc26c4b7fc54ca0_ppc64le", "8Base-RHODF-4.12:odf4/odf-csi-addons-sidecar-rhel8@sha256:8f812808ce2767198968eb49004d1d0a6b70cb5ad19f306e78c84c1aa7b3775c_s390x", "8Base-RHODF-4.12:odf4/odf-csi-addons-sidecar-rhel8@sha256:ceaafe96af89589eb486ba74733e34ee3e202c346aad2773ed70d707ad7e2d42_amd64", "8Base-RHODF-4.12:odf4/odf-multicluster-console-rhel8@sha256:390481a9f0f0769056df89f5ce3cb2fbbeadf0e2f8d44469f68a9291e2d9fa48_s390x", "8Base-RHODF-4.12:odf4/odf-multicluster-console-rhel8@sha256:9eafc473d37d35fe5a84b36b8d3bf9876f529efd8b37ef4ff738cecb8b0f5389_ppc64le", "8Base-RHODF-4.12:odf4/odf-multicluster-console-rhel8@sha256:c6984aabd7dae84be1a3b114ca36d4cdc655b271000540709ce978ad4e3e7159_amd64", "8Base-RHODF-4.12:odf4/odf-multicluster-operator-bundle@sha256:2afd8dc3f15a7eadad49f3c18d00ef9136dbf59f26e5b8345b16f92233dbd352_s390x", "8Base-RHODF-4.12:odf4/odf-multicluster-operator-bundle@sha256:4e36ce74a62b99f65ff1ce1a6b228ea34b5f6a18a5aad490ac2316ae141f4f2a_ppc64le", "8Base-RHODF-4.12:odf4/odf-multicluster-operator-bundle@sha256:b4aaf641c7117bea99bcf3bb2f58409935b22e72039105c5aa3f086f04775f7b_amd64", "8Base-RHODF-4.12:odf4/odf-multicluster-rhel8-operator@sha256:2d18752f56076d91b6fcbdad4e934cada87ba270532c522e7da2239f5b6f6d7d_ppc64le", "8Base-RHODF-4.12:odf4/odf-multicluster-rhel8-operator@sha256:ce78718d4271a615f37066af652439409f7e7dcf2c5734185a3961c8e83ac4b4_s390x", "8Base-RHODF-4.12:odf4/odf-multicluster-rhel8-operator@sha256:d3e3b0788e28b8c82b770b2db622f2d9dfa83ac2b3f7a4e37742565089dc8fd8_amd64", "8Base-RHODF-4.12:odf4/odf-operator-bundle@sha256:75bab2b59593c31c4ae170b02f45ab193f8b5fb37eae53998bd2069662fc0efc_ppc64le", "8Base-RHODF-4.12:odf4/odf-operator-bundle@sha256:a912aa614bfd273fb6e6da47c32d00ca5aa4a45af3edfeb5f9f870ba4797a5ec_s390x", "8Base-RHODF-4.12:odf4/odf-operator-bundle@sha256:f6182960abfce0ccb509a25ab8fb8780a8e2d73852d589e8295c16d992bb2ff6_amd64", "8Base-RHODF-4.12:odf4/odf-rhel8-operator@sha256:1e3deb6461dae99c94b20f70e4c155551e8579287c1696f752a89c8098953f8d_s390x", "8Base-RHODF-4.12:odf4/odf-rhel8-operator@sha256:cd5ed37c3bd5ad385a3a88dc290456dbde3ba6af2501750a3d1ce25d40e82401_amd64", "8Base-RHODF-4.12:odf4/odf-rhel8-operator@sha256:f53714b582b603bc851349cc4804f27235940fd577ed5b86ccad836a31ddc3fb_ppc64le", "8Base-RHODF-4.12:odf4/odr-cluster-operator-bundle@sha256:78a8b463c8d4161b556c821210eae69243fc73ceb90db49f4ca055a38acde6e0_s390x", "8Base-RHODF-4.12:odf4/odr-cluster-operator-bundle@sha256:7c89ebe7245e3514f6e63d1eca3247b0922e88d232b41c43245d2594e29b27d7_ppc64le", "8Base-RHODF-4.12:odf4/odr-cluster-operator-bundle@sha256:8e0d79006984c3501ea066054cca610b92c109183ae13969c0e81ee03acedc84_amd64", "8Base-RHODF-4.12:odf4/odr-hub-operator-bundle@sha256:2d884bb224a503deb344ac6a4895d6a6d0fe5ab364651eecf923204507c9c92b_ppc64le", "8Base-RHODF-4.12:odf4/odr-hub-operator-bundle@sha256:666c7cec9f2fd6d91b1839fd85576d84d0856a03b27e341e12f9c28ad301f594_amd64", "8Base-RHODF-4.12:odf4/odr-hub-operator-bundle@sha256:c143b2cb9690b850b28d2f5c5394d5e4abefd5404fb41a17c5106058ff241286_s390x", "8Base-RHODF-4.12:odf4/odr-rhel8-operator@sha256:79b66652c0aea87822f578c55963ca948b2e1697caad5ea460e6555a78136039_amd64", "8Base-RHODF-4.12:odf4/odr-rhel8-operator@sha256:aa26f97020ed13ab7092b7a0aa05458a8775e4b4e936e4b9df9a96297df1f5b8_ppc64le", "8Base-RHODF-4.12:odf4/odr-rhel8-operator@sha256:eafa31da6f87efcf476ab63d3b11ed8c7a42e67ef42a2494e70a5fe085e40438_s390x", "8Base-RHODF-4.12:odf4/rook-ceph-rhel8-operator@sha256:198645ebf6a69810821c2d7644347b8abf918d89bbc2fcfc880ec28e924598f2_ppc64le", "8Base-RHODF-4.12:odf4/rook-ceph-rhel8-operator@sha256:460433c554ff60bbac0b3dd267c6a0ab65c4837df3b2e5052e86f6e9145833ee_amd64", "8Base-RHODF-4.12:odf4/rook-ceph-rhel8-operator@sha256:72c63ded186464f185d399145e25ed21ea1a07c52ab842eebdaff224cc2e7998_s390x" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-24999" }, { "category": "external", "summary": "RHBZ#2150323", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2150323" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-24999", "url": "https://www.cve.org/CVERecord?id=CVE-2022-24999" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-24999", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-24999" }, { "category": "external", "summary": "https://github.com/expressjs/express/releases/tag/4.17.3", "url": "https://github.com/expressjs/express/releases/tag/4.17.3" }, { "category": "external", "summary": "https://github.com/ljharb/qs/pull/428", "url": "https://github.com/ljharb/qs/pull/428" }, { "category": "external", "summary": "https://github.com/n8tz/CVE-2022-24999", "url": "https://github.com/n8tz/CVE-2022-24999" } ], "release_date": "2022-11-26T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-05-23T09:17:22+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "8Base-RHODF-4.12:odf4/mcg-core-rhel8@sha256:22cd2909e1b21b9ab56dc491fefb309a8a9088d85c928901b293267bb4efa6c7_ppc64le", "8Base-RHODF-4.12:odf4/mcg-core-rhel8@sha256:5e7b40a8f03ee5a607eb911b2fe731c9fe65bfa8a54067c0987d94f02ff8bef9_s390x", "8Base-RHODF-4.12:odf4/mcg-core-rhel8@sha256:e0c221ae29034b17db88998d4703a1d515778d17a8ce40737fa711fad2726c5c_amd64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:3265" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "8Base-RHODF-4.12:odf4/cephcsi-rhel8@sha256:55c1cdf2a7c32c5e32eb2ff3372bbb3b46e3b2da39cca535db32a7aefbbb73a6_ppc64le", "8Base-RHODF-4.12:odf4/cephcsi-rhel8@sha256:659ceb51c00824013f07d159bd689433ce41068f010b006047b750f75f134cb2_s390x", "8Base-RHODF-4.12:odf4/cephcsi-rhel8@sha256:db90c6bf02b4e7b40538ed52ee4e3d27733c24bf434610277b26b2ee5ae32f53_amd64", "8Base-RHODF-4.12:odf4/mcg-core-rhel8@sha256:22cd2909e1b21b9ab56dc491fefb309a8a9088d85c928901b293267bb4efa6c7_ppc64le", "8Base-RHODF-4.12:odf4/mcg-core-rhel8@sha256:5e7b40a8f03ee5a607eb911b2fe731c9fe65bfa8a54067c0987d94f02ff8bef9_s390x", "8Base-RHODF-4.12:odf4/mcg-core-rhel8@sha256:e0c221ae29034b17db88998d4703a1d515778d17a8ce40737fa711fad2726c5c_amd64", "8Base-RHODF-4.12:odf4/mcg-operator-bundle@sha256:0d03a74a889701f101ec0b3d454a8ad133a58a020b05e84addbd0c0393c62b45_amd64", "8Base-RHODF-4.12:odf4/mcg-operator-bundle@sha256:b20a7b4b7e31cbb0edac695572c6ea28075e260a8c68b6135a9dd25af2dc3460_s390x", "8Base-RHODF-4.12:odf4/mcg-operator-bundle@sha256:bf058dd17e1f5b3c5b2ac4ea900eaf5fdd383564430aa6d0eaf0a7ae43f4feb7_ppc64le", "8Base-RHODF-4.12:odf4/mcg-rhel8-operator@sha256:2a393d0fe0de3da3358b578b123283f21b2433c6d50f1c512a48732409d11fce_ppc64le", "8Base-RHODF-4.12:odf4/mcg-rhel8-operator@sha256:7c84f6197194047448c2d39d7d880555baf521d9c462e23b5342652eebcee3ec_s390x", "8Base-RHODF-4.12:odf4/mcg-rhel8-operator@sha256:cd09a1ccd0b8795385d965ccf2910c231ee5f08c7d62ef4725a59b553192595a_amd64", "8Base-RHODF-4.12:odf4/ocs-client-operator-bundle@sha256:0d4efd40efb2fbac2fd4b31e08ec36ddc2a5c7a558f83a1a1b41ab27be8c71c6_s390x", "8Base-RHODF-4.12:odf4/ocs-client-operator-bundle@sha256:25252d3fabe165984b424b74437c428dc4f635aba06e245b3a1cc5e309bdf9df_ppc64le", "8Base-RHODF-4.12:odf4/ocs-client-operator-bundle@sha256:572921e5851d187787f22b25f349dee75d0383e959440372a159acc8dd7c17a1_amd64", "8Base-RHODF-4.12:odf4/ocs-client-rhel8-operator@sha256:0f05a9eb9f6528447456ffab6f86a354990745c7d994095b4c9fa8a9748159ea_amd64", "8Base-RHODF-4.12:odf4/ocs-client-rhel8-operator@sha256:7d55b8c8f830ef6e54078ad66c79b69e356d2e4cd391f60db6be473033f299a5_ppc64le", "8Base-RHODF-4.12:odf4/ocs-client-rhel8-operator@sha256:ed6b5f49ec14f96b5be3b1e858648a613278713ca3e413b4172e6f57c5922d2f_s390x", "8Base-RHODF-4.12:odf4/ocs-metrics-exporter-rhel8@sha256:39c37b2a5cb55ca71c823b74f0b4c75ac61ef88d7f22c7abadc9b1ef5d077b20_amd64", "8Base-RHODF-4.12:odf4/ocs-metrics-exporter-rhel8@sha256:6d4dbcdd641b71ef7e6c6269a8a706fddaa2d137ca5e2d07c29766e620de205f_ppc64le", "8Base-RHODF-4.12:odf4/ocs-metrics-exporter-rhel8@sha256:7c4ab2dca6e1ebc5b89014e4ec253e19473d6ae44f0d150dd8e7d22458056300_s390x", "8Base-RHODF-4.12:odf4/ocs-must-gather-rhel8@sha256:68992b4619ea57b8ab612278c1a02782b855b57bd436ae2c2395b6c55211d816_s390x", "8Base-RHODF-4.12:odf4/ocs-must-gather-rhel8@sha256:89a3457444d77fcc15546138ad259e2ccb29bfd7007dcb3dc3639c5a47c799c3_ppc64le", "8Base-RHODF-4.12:odf4/ocs-must-gather-rhel8@sha256:fa7d06a3c4204ee865eb284393faefacdd2113fa5bdb7412c3b7b6473852832b_amd64", "8Base-RHODF-4.12:odf4/ocs-operator-bundle@sha256:5a7bc8abfd378a1314ebea571ba0483abaca80867fe7fdc1d0cb99772981a503_s390x", "8Base-RHODF-4.12:odf4/ocs-operator-bundle@sha256:ace10d33f03530bad02e5f5aade65ebdb78e42e664a62595e510d4edabd64f60_amd64", "8Base-RHODF-4.12:odf4/ocs-operator-bundle@sha256:d4bec711f42d23753357d1e73be1e35d6781424d22b295371d9622dccc0b33aa_ppc64le", "8Base-RHODF-4.12:odf4/ocs-rhel8-operator@sha256:b9d941ef97de91ce2c67405c956f308ac39a966f88901cb7299c7d32f15fc1f6_amd64", "8Base-RHODF-4.12:odf4/ocs-rhel8-operator@sha256:c5bb36336e3280dbc6fe2f969c73f40f31fbdfecf89e55b0bb8d2b83fa579644_s390x", "8Base-RHODF-4.12:odf4/ocs-rhel8-operator@sha256:e5ca033f2b87a40dc028df91b14c5fd92342f6599ff07b08b0c5a7f06b9e3257_ppc64le", "8Base-RHODF-4.12:odf4/odf-console-rhel8@sha256:6f1fc5945bafbf023825d576e2994f484eff88c7c34fcbd8a2234a7b144b42c1_ppc64le", "8Base-RHODF-4.12:odf4/odf-console-rhel8@sha256:7918fcabebe3d881e2a6bbcb424ac6b99bd96f13775eb3f9c455b7890c728873_amd64", "8Base-RHODF-4.12:odf4/odf-console-rhel8@sha256:b3d6539df6ca21e8bfb772991cf1c0103ad20388159996e83f6f400a64d93a89_s390x", "8Base-RHODF-4.12:odf4/odf-csi-addons-operator-bundle@sha256:5c7ff483da2eb34694a59d2826d0e18309aff8f254650008ecfb5c03629d9442_amd64", "8Base-RHODF-4.12:odf4/odf-csi-addons-operator-bundle@sha256:b1fad19bb8ed92f5340ba5cfaa2c6f435831712d384e0c222bb997cbb811c4be_ppc64le", "8Base-RHODF-4.12:odf4/odf-csi-addons-operator-bundle@sha256:c58240dff0db8328d56d36fd2bcdcdfdb43ebaebbe445628150e6e6079439ae6_s390x", "8Base-RHODF-4.12:odf4/odf-csi-addons-rhel8-operator@sha256:3245c50b363c3cadf2758934e273ffe8fcac489a303d2c39afea79abac1b52fb_ppc64le", "8Base-RHODF-4.12:odf4/odf-csi-addons-rhel8-operator@sha256:40c893b1ee61cb6f174da357578299bf21e26fd1dca73fc4d0664da564df84f1_amd64", "8Base-RHODF-4.12:odf4/odf-csi-addons-rhel8-operator@sha256:f6a9c322c4dff132bbf01d1fc088a5988b5174ca953054c7d722bbd837b7d23b_s390x", "8Base-RHODF-4.12:odf4/odf-csi-addons-sidecar-rhel8@sha256:06b915bf990e0a8b3679ad5fab4a98c155b02a88110d47429fc26c4b7fc54ca0_ppc64le", "8Base-RHODF-4.12:odf4/odf-csi-addons-sidecar-rhel8@sha256:8f812808ce2767198968eb49004d1d0a6b70cb5ad19f306e78c84c1aa7b3775c_s390x", "8Base-RHODF-4.12:odf4/odf-csi-addons-sidecar-rhel8@sha256:ceaafe96af89589eb486ba74733e34ee3e202c346aad2773ed70d707ad7e2d42_amd64", "8Base-RHODF-4.12:odf4/odf-multicluster-console-rhel8@sha256:390481a9f0f0769056df89f5ce3cb2fbbeadf0e2f8d44469f68a9291e2d9fa48_s390x", "8Base-RHODF-4.12:odf4/odf-multicluster-console-rhel8@sha256:9eafc473d37d35fe5a84b36b8d3bf9876f529efd8b37ef4ff738cecb8b0f5389_ppc64le", "8Base-RHODF-4.12:odf4/odf-multicluster-console-rhel8@sha256:c6984aabd7dae84be1a3b114ca36d4cdc655b271000540709ce978ad4e3e7159_amd64", "8Base-RHODF-4.12:odf4/odf-multicluster-operator-bundle@sha256:2afd8dc3f15a7eadad49f3c18d00ef9136dbf59f26e5b8345b16f92233dbd352_s390x", "8Base-RHODF-4.12:odf4/odf-multicluster-operator-bundle@sha256:4e36ce74a62b99f65ff1ce1a6b228ea34b5f6a18a5aad490ac2316ae141f4f2a_ppc64le", "8Base-RHODF-4.12:odf4/odf-multicluster-operator-bundle@sha256:b4aaf641c7117bea99bcf3bb2f58409935b22e72039105c5aa3f086f04775f7b_amd64", "8Base-RHODF-4.12:odf4/odf-multicluster-rhel8-operator@sha256:2d18752f56076d91b6fcbdad4e934cada87ba270532c522e7da2239f5b6f6d7d_ppc64le", "8Base-RHODF-4.12:odf4/odf-multicluster-rhel8-operator@sha256:ce78718d4271a615f37066af652439409f7e7dcf2c5734185a3961c8e83ac4b4_s390x", "8Base-RHODF-4.12:odf4/odf-multicluster-rhel8-operator@sha256:d3e3b0788e28b8c82b770b2db622f2d9dfa83ac2b3f7a4e37742565089dc8fd8_amd64", "8Base-RHODF-4.12:odf4/odf-operator-bundle@sha256:75bab2b59593c31c4ae170b02f45ab193f8b5fb37eae53998bd2069662fc0efc_ppc64le", "8Base-RHODF-4.12:odf4/odf-operator-bundle@sha256:a912aa614bfd273fb6e6da47c32d00ca5aa4a45af3edfeb5f9f870ba4797a5ec_s390x", "8Base-RHODF-4.12:odf4/odf-operator-bundle@sha256:f6182960abfce0ccb509a25ab8fb8780a8e2d73852d589e8295c16d992bb2ff6_amd64", "8Base-RHODF-4.12:odf4/odf-rhel8-operator@sha256:1e3deb6461dae99c94b20f70e4c155551e8579287c1696f752a89c8098953f8d_s390x", "8Base-RHODF-4.12:odf4/odf-rhel8-operator@sha256:cd5ed37c3bd5ad385a3a88dc290456dbde3ba6af2501750a3d1ce25d40e82401_amd64", "8Base-RHODF-4.12:odf4/odf-rhel8-operator@sha256:f53714b582b603bc851349cc4804f27235940fd577ed5b86ccad836a31ddc3fb_ppc64le", "8Base-RHODF-4.12:odf4/odr-cluster-operator-bundle@sha256:78a8b463c8d4161b556c821210eae69243fc73ceb90db49f4ca055a38acde6e0_s390x", "8Base-RHODF-4.12:odf4/odr-cluster-operator-bundle@sha256:7c89ebe7245e3514f6e63d1eca3247b0922e88d232b41c43245d2594e29b27d7_ppc64le", "8Base-RHODF-4.12:odf4/odr-cluster-operator-bundle@sha256:8e0d79006984c3501ea066054cca610b92c109183ae13969c0e81ee03acedc84_amd64", "8Base-RHODF-4.12:odf4/odr-hub-operator-bundle@sha256:2d884bb224a503deb344ac6a4895d6a6d0fe5ab364651eecf923204507c9c92b_ppc64le", "8Base-RHODF-4.12:odf4/odr-hub-operator-bundle@sha256:666c7cec9f2fd6d91b1839fd85576d84d0856a03b27e341e12f9c28ad301f594_amd64", "8Base-RHODF-4.12:odf4/odr-hub-operator-bundle@sha256:c143b2cb9690b850b28d2f5c5394d5e4abefd5404fb41a17c5106058ff241286_s390x", "8Base-RHODF-4.12:odf4/odr-rhel8-operator@sha256:79b66652c0aea87822f578c55963ca948b2e1697caad5ea460e6555a78136039_amd64", "8Base-RHODF-4.12:odf4/odr-rhel8-operator@sha256:aa26f97020ed13ab7092b7a0aa05458a8775e4b4e936e4b9df9a96297df1f5b8_ppc64le", "8Base-RHODF-4.12:odf4/odr-rhel8-operator@sha256:eafa31da6f87efcf476ab63d3b11ed8c7a42e67ef42a2494e70a5fe085e40438_s390x", "8Base-RHODF-4.12:odf4/rook-ceph-rhel8-operator@sha256:198645ebf6a69810821c2d7644347b8abf918d89bbc2fcfc880ec28e924598f2_ppc64le", "8Base-RHODF-4.12:odf4/rook-ceph-rhel8-operator@sha256:460433c554ff60bbac0b3dd267c6a0ab65c4837df3b2e5052e86f6e9145833ee_amd64", "8Base-RHODF-4.12:odf4/rook-ceph-rhel8-operator@sha256:72c63ded186464f185d399145e25ed21ea1a07c52ab842eebdaff224cc2e7998_s390x" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "express: \"qs\" prototype poisoning causes the hang of the node process" } ] }
gsd-2022-23539
Vulnerability from gsd
{ "GSD": { "alias": "CVE-2022-23539", "id": "GSD-2022-23539" }, "gsd": { "metadata": { "exploitCode": "unknown", "remediation": "unknown", "reportConfidence": "confirmed", "type": "vulnerability" }, "osvSchema": { "aliases": [ "CVE-2022-23539" ], "details": "Versions `\u003c=8.5.1` of `jsonwebtoken` library could be misconfigured so that legacy, insecure key types are used for signature verification. For example, DSA keys could be used with the RS256 algorithm. You are affected if you are using an algorithm and a key type other than a combination listed in the GitHub Security Advisory as unaffected. This issue has been fixed, please update to version 9.0.0. This version validates for asymmetric key type and algorithm combinations. Please refer to the above mentioned algorithm / key type combinations for the valid secure configuration. After updating to version 9.0.0, if you still intend to continue with signing or verifying tokens using invalid key type/algorithm value combinations, you\u2019ll need to set the `allowInvalidAsymmetricKeyTypes` option to `true` in the `sign()` and/or `verify()` functions.", "id": "GSD-2022-23539", "modified": "2023-12-13T01:19:34.917196Z", "schema_version": "1.4.0" } }, "namespaces": { "cve.org": { "CVE_data_meta": { "ASSIGNER": "security-advisories@github.com", "ID": "CVE-2022-23539", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "node-jsonwebtoken", "version": { "version_data": [ { "version_affected": "=", "version_value": "\u003c= 8.5.1" } ] } } ] }, "vendor_name": "auth0" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Versions `\u003c=8.5.1` of `jsonwebtoken` library could be misconfigured so that legacy, insecure key types are used for signature verification. For example, DSA keys could be used with the RS256 algorithm. You are affected if you are using an algorithm and a key type other than a combination listed in the GitHub Security Advisory as unaffected. This issue has been fixed, please update to version 9.0.0. This version validates for asymmetric key type and algorithm combinations. Please refer to the above mentioned algorithm / key type combinations for the valid secure configuration. After updating to version 9.0.0, if you still intend to continue with signing or verifying tokens using invalid key type/algorithm value combinations, you\u2019ll need to set the `allowInvalidAsymmetricKeyTypes` option to `true` in the `sign()` and/or `verify()` functions." } ] }, "impact": { "cvss": [ { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.9, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:H/A:N", "version": "3.1" } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "cweId": "CWE-327", "lang": "eng", "value": "CWE-327: Use of a Broken or Risky Cryptographic Algorithm" } ] } ] }, "references": { "reference_data": [ { "name": "https://github.com/auth0/node-jsonwebtoken/commit/e1fa9dcc12054a8681db4e6373da1b30cf7016e3", "refsource": "MISC", "url": "https://github.com/auth0/node-jsonwebtoken/commit/e1fa9dcc12054a8681db4e6373da1b30cf7016e3" }, { "name": "https://github.com/auth0/node-jsonwebtoken/security/advisories/GHSA-8cf7-32gw-wr33", "refsource": "MISC", "url": "https://github.com/auth0/node-jsonwebtoken/security/advisories/GHSA-8cf7-32gw-wr33" } ] }, "source": { "advisory": "GHSA-8cf7-32gw-wr33", "discovery": "UNKNOWN" } }, "gitlab.com": { "advisories": [ { "affected_range": "\u003c=8.5.1", "affected_versions": "All versions up to 8.5.1", "cvss_v3": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N", "cwe_ids": [ "CWE-1035", "CWE-327", "CWE-937" ], "date": "2022-12-30", "description": "Versions `\u003c=8.5.1` of `jsonwebtoken` library could be misconfigured so that legacy, insecure key types are used for signature verification. For example, DSA keys could be used with the RS256 algorithm. You are affected if you are using an algorithm and a key type other than a combination listed in the GitHub Security Advisory as unaffected. This issue has been fixed, please update to version 9.0.0. This version validates for asymmetric key type and algorithm combinations. Please refer to the above mentioned algorithm / key type combinations for the valid secure configuration. After updating to version 9.0.0, if you still intend to continue with signing or verifying tokens using invalid key type/algorithm value combinations, you\u2019ll need to set the `allowInvalidAsymmetricKeyTypes` option to `true` in the `sign()` and/or `verify()` functions.", "fixed_versions": [ "9.0.0" ], "identifier": "CVE-2022-23539", "identifiers": [ "CVE-2022-23539", "GHSA-8cf7-32gw-wr33" ], "not_impacted": "All versions after 8.5.1", "package_slug": "npm/jsonwebtoken", "pubdate": "2022-12-23", "solution": "Upgrade to version 9.0.0 or above.", "title": "Use of a Broken or Risky Cryptographic Algorithm", "urls": [ "https://github.com/auth0/node-jsonwebtoken/security/advisories/GHSA-8cf7-32gw-wr33", "https://github.com/auth0/node-jsonwebtoken/commit/e1fa9dcc12054a8681db4e6373da1b30cf7016e3", "https://nvd.nist.gov/vuln/detail/CVE-2022-23539", "https://github.com/advisories/GHSA-8cf7-32gw-wr33" ], "uuid": "ca4f7d80-4b87-47cc-8389-e60920e08f56" } ] }, "nvd.nist.gov": { "configurations": { "CVE_data_version": "4.0", "nodes": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:auth0:jsonwebtoken:*:*:*:*:*:node.js:*:*", "cpe_name": [], "versionEndIncluding": "8.5.1", "vulnerable": true } ], "operator": "OR" } ] }, "cve": { "CVE_data_meta": { "ASSIGNER": "security-advisories@github.com", "ID": "CVE-2022-23539" }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "en", "value": "Versions `\u003c=8.5.1` of `jsonwebtoken` library could be misconfigured so that legacy, insecure key types are used for signature verification. For example, DSA keys could be used with the RS256 algorithm. You are affected if you are using an algorithm and a key type other than a combination listed in the GitHub Security Advisory as unaffected. This issue has been fixed, please update to version 9.0.0. This version validates for asymmetric key type and algorithm combinations. Please refer to the above mentioned algorithm / key type combinations for the valid secure configuration. After updating to version 9.0.0, if you still intend to continue with signing or verifying tokens using invalid key type/algorithm value combinations, you\u2019ll need to set the `allowInvalidAsymmetricKeyTypes` option to `true` in the `sign()` and/or `verify()` functions." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "en", "value": "CWE-327" } ] } ] }, "references": { "reference_data": [ { "name": "https://github.com/auth0/node-jsonwebtoken/security/advisories/GHSA-8cf7-32gw-wr33", "refsource": "MISC", "tags": [ "Third Party Advisory" ], "url": "https://github.com/auth0/node-jsonwebtoken/security/advisories/GHSA-8cf7-32gw-wr33" }, { "name": "https://github.com/auth0/node-jsonwebtoken/commit/e1fa9dcc12054a8681db4e6373da1b30cf7016e3", "refsource": "MISC", "tags": [ "Patch", "Third Party Advisory" ], "url": "https://github.com/auth0/node-jsonwebtoken/commit/e1fa9dcc12054a8681db4e6373da1b30cf7016e3" } ] } }, "impact": { "baseMetricV3": { "cvssV3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 8.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 5.2 } }, "lastModifiedDate": "2022-12-30T21:48Z", "publishedDate": "2022-12-23T00:15Z" } } }
ghsa-8cf7-32gw-wr33
Vulnerability from github
Overview
Versions <=8.5.1
of jsonwebtoken
library could be misconfigured so that legacy, insecure key types are used for signature verification. For example, DSA keys could be used with the RS256 algorithm.
Am I affected?
You are affected if you are using an algorithm and a key type other than the combinations mentioned below
| Key type | algorithm | |----------|------------------------------------------| | ec | ES256, ES384, ES512 | | rsa | RS256, RS384, RS512, PS256, PS384, PS512 | | rsa-pss | PS256, PS384, PS512 |
And for Elliptic Curve algorithms:
| alg
| Curve |
|-------|------------|
| ES256 | prime256v1 |
| ES384 | secp384r1 |
| ES512 | secp521r1 |
How do I fix it?
Update to version 9.0.0. This version validates for asymmetric key type and algorithm combinations. Please refer to the above mentioned algorithm / key type combinations for the valid secure configuration. After updating to version 9.0.0, If you still intend to continue with signing or verifying tokens using invalid key type/algorithm value combinations, you’ll need to set the allowInvalidAsymmetricKeyTypes
option to true
in the sign()
and/or verify()
functions.
Will the fix impact my users?
There will be no impact, if you update to version 9.0.0 and you already use a valid secure combination of key type and algorithm. Otherwise, use the allowInvalidAsymmetricKeyTypes
option to true
in the sign()
and verify()
functions to continue usage of invalid key type/algorithm combination in 9.0.0 for legacy compatibility.
{ "affected": [ { "database_specific": { "last_known_affected_version_range": "\u003c= 8.5.1" }, "package": { "ecosystem": "npm", "name": "jsonwebtoken" }, "ranges": [ { "events": [ { "introduced": "0" }, { "fixed": "9.0.0" } ], "type": "ECOSYSTEM" } ] } ], "aliases": [ "CVE-2022-23539" ], "database_specific": { "cwe_ids": [ "CWE-327" ], "github_reviewed": true, "github_reviewed_at": "2022-12-22T03:32:22Z", "nvd_published_at": "2022-12-23T00:15:00Z", "severity": "HIGH" }, "details": "# Overview\n\nVersions `\u003c=8.5.1` of `jsonwebtoken` library could be misconfigured so that legacy, insecure key types are used for signature verification. For example, DSA keys could be used with the RS256 algorithm. \n\n# Am I affected?\n\nYou are affected if you are using an algorithm and a key type other than the combinations mentioned below\n\n| Key type | algorithm |\n|----------|------------------------------------------|\n| ec | ES256, ES384, ES512 |\n| rsa | RS256, RS384, RS512, PS256, PS384, PS512 |\n| rsa-pss | PS256, PS384, PS512 |\n\nAnd for Elliptic Curve algorithms:\n\n| `alg` | Curve |\n|-------|------------|\n| ES256 | prime256v1 |\n| ES384 | secp384r1 |\n| ES512 | secp521r1 |\n\n# How do I fix it?\n\nUpdate to version 9.0.0. This version validates for asymmetric key type and algorithm combinations. Please refer to the above mentioned algorithm / key type combinations for the valid secure configuration. After updating to version 9.0.0, If you still intend to continue with signing or verifying tokens using invalid key type/algorithm value combinations, you\u2019ll need to set the `allowInvalidAsymmetricKeyTypes` option to `true` in the `sign()` and/or `verify()` functions.\n\n# Will the fix impact my users?\n\nThere will be no impact, if you update to version 9.0.0 and you already use a valid secure combination of key type and algorithm. Otherwise, use the `allowInvalidAsymmetricKeyTypes` option to `true` in the `sign()` and `verify()` functions to continue usage of invalid key type/algorithm combination in 9.0.0 for legacy compatibility. \n\n", "id": "GHSA-8cf7-32gw-wr33", "modified": "2024-06-24T21:23:38Z", "published": "2022-12-22T03:32:22Z", "references": [ { "type": "WEB", "url": "https://github.com/auth0/node-jsonwebtoken/security/advisories/GHSA-8cf7-32gw-wr33" }, { "type": "ADVISORY", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-23539" }, { "type": "WEB", "url": "https://github.com/auth0/node-jsonwebtoken/commit/e1fa9dcc12054a8681db4e6373da1b30cf7016e3" }, { "type": "PACKAGE", "url": "https://github.com/auth0/node-jsonwebtoken" }, { "type": "WEB", "url": "https://security.netapp.com/advisory/ntap-20240621-0007" } ], "schema_version": "1.4.0", "severity": [ { "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N", "type": "CVSS_V3" } ], "summary": "jsonwebtoken unrestricted key type could lead to legacy keys usage " }
Sightings
Author | Source | Type | Date |
---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.