Action not permitted
Modal body text goes here.
cve-2023-28366
Vulnerability from cvelistv5
Published
2023-09-01 00:00
Modified
2024-08-02 12:38
Severity ?
EPSS score ?
Summary
The broker in Eclipse Mosquitto 1.3.2 through 2.x before 2.0.16 has a memory leak that can be abused remotely when a client sends many QoS 2 messages with duplicate message IDs, and fails to respond to PUBREC commands. This occurs because of mishandling of EAGAIN from the libc send function.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T12:38:25.296Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://github.com/eclipse/mosquitto/compare/v2.0.15...v2.0.16"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.compass-security.com/fileadmin/Research/Advisories/2023_02_CSNC-2023-001_Eclipse_Mosquitto_Memory_Leak.txt"
},
{
"tags": [
"x_transferred"
],
"url": "https://mosquitto.org/blog/2023/08/version-2-0-16-released/"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/eclipse/mosquitto/commit/6113eac95a9df634fbc858be542c4a0456bfe7b9"
},
{
"name": "FEDORA-2023-9adc4be8b0",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KJ2FMBGVVQEQWTTQB7YLKTAHMX2UM66X/"
},
{
"name": "DSA-5511",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.debian.org/security/2023/dsa-5511"
},
{
"name": "GLSA-202401-09",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202401-09"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The broker in Eclipse Mosquitto 1.3.2 through 2.x before 2.0.16 has a memory leak that can be abused remotely when a client sends many QoS 2 messages with duplicate message IDs, and fails to respond to PUBREC commands. This occurs because of mishandling of EAGAIN from the libc send function."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-01-07T10:06:19.321332",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://github.com/eclipse/mosquitto/compare/v2.0.15...v2.0.16"
},
{
"url": "https://www.compass-security.com/fileadmin/Research/Advisories/2023_02_CSNC-2023-001_Eclipse_Mosquitto_Memory_Leak.txt"
},
{
"url": "https://mosquitto.org/blog/2023/08/version-2-0-16-released/"
},
{
"url": "https://github.com/eclipse/mosquitto/commit/6113eac95a9df634fbc858be542c4a0456bfe7b9"
},
{
"name": "FEDORA-2023-9adc4be8b0",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KJ2FMBGVVQEQWTTQB7YLKTAHMX2UM66X/"
},
{
"name": "DSA-5511",
"tags": [
"vendor-advisory"
],
"url": "https://www.debian.org/security/2023/dsa-5511"
},
{
"name": "GLSA-202401-09",
"tags": [
"vendor-advisory"
],
"url": "https://security.gentoo.org/glsa/202401-09"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2023-28366",
"datePublished": "2023-09-01T00:00:00",
"dateReserved": "2023-03-15T00:00:00",
"dateUpdated": "2024-08-02T12:38:25.296Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2023-28366\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2023-09-01T16:15:07.790\",\"lastModified\":\"2024-01-07T10:15:08.467\",\"vulnStatus\":\"Modified\",\"descriptions\":[{\"lang\":\"en\",\"value\":\"The broker in Eclipse Mosquitto 1.3.2 through 2.x before 2.0.16 has a memory leak that can be abused remotely when a client sends many QoS 2 messages with duplicate message IDs, and fails to respond to PUBREC commands. This occurs because of mishandling of EAGAIN from the libc send function.\"},{\"lang\":\"es\",\"value\":\"El intermediario en Eclipse Mosquitto 1.3.2 hasta 2.x anterior a 2.0.16 tiene una p\u00e9rdida de memoria de la que se puede abusar de forma remota cuando un cliente env\u00eda muchos mensajes QoS 2 con ID de mensajes duplicados y no responde a los comandos PUBREC. Esto ocurre debido a un mal manejo de EAGAIN desde la funci\u00f3n de env\u00edo de libc.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-401\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:eclipse:mosquitto:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"1.3.2\",\"versionEndExcluding\":\"2.0.16\",\"matchCriteriaId\":\"489726DB-BC82-41A1-AB84-800B80E459A1\"}]}]}],\"references\":[{\"url\":\"https://github.com/eclipse/mosquitto/commit/6113eac95a9df634fbc858be542c4a0456bfe7b9\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\"]},{\"url\":\"https://github.com/eclipse/mosquitto/compare/v2.0.15...v2.0.16\",\"source\":\"cve@mitre.org\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KJ2FMBGVVQEQWTTQB7YLKTAHMX2UM66X/\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://mosquitto.org/blog/2023/08/version-2-0-16-released/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://security.gentoo.org/glsa/202401-09\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://www.compass-security.com/fileadmin/Research/Advisories/2023_02_CSNC-2023-001_Eclipse_Mosquitto_Memory_Leak.txt\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.debian.org/security/2023/dsa-5511\",\"source\":\"cve@mitre.org\"}]}}"
}
}
gsd-2023-28366
Vulnerability from gsd
Modified
2023-12-13 01:20
Details
The broker in Eclipse Mosquitto 1.3.2 through 2.x before 2.0.16 has a memory leak that can be abused remotely when a client sends many QoS 2 messages with duplicate message IDs, and fails to respond to PUBREC commands. This occurs because of mishandling of EAGAIN from the libc send function.
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2023-28366",
"id": "GSD-2023-28366"
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2023-28366"
],
"details": "The broker in Eclipse Mosquitto 1.3.2 through 2.x before 2.0.16 has a memory leak that can be abused remotely when a client sends many QoS 2 messages with duplicate message IDs, and fails to respond to PUBREC commands. This occurs because of mishandling of EAGAIN from the libc send function.",
"id": "GSD-2023-28366",
"modified": "2023-12-13T01:20:48.493869Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2023-28366",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The broker in Eclipse Mosquitto 1.3.2 through 2.x before 2.0.16 has a memory leak that can be abused remotely when a client sends many QoS 2 messages with duplicate message IDs, and fails to respond to PUBREC commands. This occurs because of mishandling of EAGAIN from the libc send function."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/eclipse/mosquitto/compare/v2.0.15...v2.0.16",
"refsource": "MISC",
"url": "https://github.com/eclipse/mosquitto/compare/v2.0.15...v2.0.16"
},
{
"name": "https://www.compass-security.com/fileadmin/Research/Advisories/2023_02_CSNC-2023-001_Eclipse_Mosquitto_Memory_Leak.txt",
"refsource": "MISC",
"url": "https://www.compass-security.com/fileadmin/Research/Advisories/2023_02_CSNC-2023-001_Eclipse_Mosquitto_Memory_Leak.txt"
},
{
"name": "https://mosquitto.org/blog/2023/08/version-2-0-16-released/",
"refsource": "CONFIRM",
"url": "https://mosquitto.org/blog/2023/08/version-2-0-16-released/"
},
{
"name": "https://github.com/eclipse/mosquitto/commit/6113eac95a9df634fbc858be542c4a0456bfe7b9",
"refsource": "CONFIRM",
"url": "https://github.com/eclipse/mosquitto/commit/6113eac95a9df634fbc858be542c4a0456bfe7b9"
},
{
"name": "FEDORA-2023-9adc4be8b0",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KJ2FMBGVVQEQWTTQB7YLKTAHMX2UM66X/"
},
{
"name": "DSA-5511",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2023/dsa-5511"
},
{
"name": "GLSA-202401-09",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/202401-09"
}
]
}
},
"nvd.nist.gov": {
"cve": {
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:eclipse:mosquitto:*:*:*:*:*:*:*:*",
"matchCriteriaId": "489726DB-BC82-41A1-AB84-800B80E459A1",
"versionEndExcluding": "2.0.16",
"versionStartIncluding": "1.3.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The broker in Eclipse Mosquitto 1.3.2 through 2.x before 2.0.16 has a memory leak that can be abused remotely when a client sends many QoS 2 messages with duplicate message IDs, and fails to respond to PUBREC commands. This occurs because of mishandling of EAGAIN from the libc send function."
},
{
"lang": "es",
"value": "El intermediario en Eclipse Mosquitto 1.3.2 hasta 2.x anterior a 2.0.16 tiene una p\u00e9rdida de memoria de la que se puede abusar de forma remota cuando un cliente env\u00eda muchos mensajes QoS 2 con ID de mensajes duplicados y no responde a los comandos PUBREC. Esto ocurre debido a un mal manejo de EAGAIN desde la funci\u00f3n de env\u00edo de libc."
}
],
"id": "CVE-2023-28366",
"lastModified": "2024-01-07T10:15:08.467",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-09-01T16:15:07.790",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "https://github.com/eclipse/mosquitto/commit/6113eac95a9df634fbc858be542c4a0456bfe7b9"
},
{
"source": "cve@mitre.org",
"tags": [
"Release Notes"
],
"url": "https://github.com/eclipse/mosquitto/compare/v2.0.15...v2.0.16"
},
{
"source": "cve@mitre.org",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KJ2FMBGVVQEQWTTQB7YLKTAHMX2UM66X/"
},
{
"source": "cve@mitre.org",
"tags": [
"Release Notes"
],
"url": "https://mosquitto.org/blog/2023/08/version-2-0-16-released/"
},
{
"source": "cve@mitre.org",
"url": "https://security.gentoo.org/glsa/202401-09"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://www.compass-security.com/fileadmin/Research/Advisories/2023_02_CSNC-2023-001_Eclipse_Mosquitto_Memory_Leak.txt"
},
{
"source": "cve@mitre.org",
"url": "https://www.debian.org/security/2023/dsa-5511"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-401"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
}
}
}
wid-sec-w-2023-2724
Vulnerability from csaf_certbund
Published
2023-10-22 22:00
Modified
2023-10-22 22:00
Summary
IBM Integration Bus: Mehrere Schwachstellen ermöglichen Denial of Service
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
IBM Integration Bus ist eine "lightweight" ESB, welche die Integration von SOAP oder non-SOAP Datenquellen von verschiedenen Plattformen ermöglicht.
Angriff
Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in IBM Integration Bus ausnutzen, um einen Denial of Service Angriff durchzuführen.
Betroffene Betriebssysteme
- Linux
- Windows
- Sonstiges
{
"document": {
"aggregate_severity": {
"text": "mittel"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "IBM Integration Bus ist eine \"lightweight\" ESB, welche die Integration von SOAP oder non-SOAP Datenquellen von verschiedenen Plattformen erm\u00f6glicht.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in IBM Integration Bus ausnutzen, um einen Denial of Service Angriff durchzuf\u00fchren.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Linux\n- Windows\n- Sonstiges",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2023-2724 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2023/wid-sec-w-2023-2724.json"
},
{
"category": "self",
"summary": "WID-SEC-2023-2724 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-2724"
},
{
"category": "external",
"summary": "IBM Security Bulletin: 7056518 vom 2023-10-22",
"url": "https://www.ibm.com/support/pages/node/7056518"
},
{
"category": "external",
"summary": "IBM Security Bulletin: 7056456 vom 2023-10-22",
"url": "https://www.ibm.com/support/pages/node/7056456"
}
],
"source_lang": "en-US",
"title": "IBM Integration Bus: Mehrere Schwachstellen erm\u00f6glichen Denial of Service",
"tracking": {
"current_release_date": "2023-10-22T22:00:00.000+00:00",
"generator": {
"date": "2024-02-15T17:48:48.447+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.3.0"
}
},
"id": "WID-SEC-W-2023-2724",
"initial_release_date": "2023-10-22T22:00:00.000+00:00",
"revision_history": [
{
"date": "2023-10-22T22:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "IBM Integration Bus 10.1 - 10.1.0.1",
"product": {
"name": "IBM Integration Bus 10.1 - 10.1.0.1",
"product_id": "T028402",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:integration_bus:10.1_-_10.1.0.1"
}
}
}
],
"category": "vendor",
"name": "IBM"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-3635",
"notes": [
{
"category": "description",
"text": "In IBM Integration Bus existieren mehrere Schwachstellen. Diese bestehen in Komponenten von Drittanbietern und sind auf Speicherlecks sowie nicht abgefangene Excepetions zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T028402"
]
},
"release_date": "2023-10-22T22:00:00Z",
"title": "CVE-2023-3635"
},
{
"cve": "CVE-2023-3592",
"notes": [
{
"category": "description",
"text": "In IBM Integration Bus existieren mehrere Schwachstellen. Diese bestehen in Komponenten von Drittanbietern und sind auf Speicherlecks sowie nicht abgefangene Excepetions zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T028402"
]
},
"release_date": "2023-10-22T22:00:00Z",
"title": "CVE-2023-3592"
},
{
"cve": "CVE-2023-28366",
"notes": [
{
"category": "description",
"text": "In IBM Integration Bus existieren mehrere Schwachstellen. Diese bestehen in Komponenten von Drittanbietern und sind auf Speicherlecks sowie nicht abgefangene Excepetions zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T028402"
]
},
"release_date": "2023-10-22T22:00:00Z",
"title": "CVE-2023-28366"
},
{
"cve": "CVE-2023-0809",
"notes": [
{
"category": "description",
"text": "In IBM Integration Bus existieren mehrere Schwachstellen. Diese bestehen in Komponenten von Drittanbietern und sind auf Speicherlecks sowie nicht abgefangene Excepetions zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T028402"
]
},
"release_date": "2023-10-22T22:00:00Z",
"title": "CVE-2023-0809"
}
]
}
rhsa-2024_1061
Vulnerability from csaf_redhat
Published
2024-02-29 20:37
Modified
2024-11-06 05:07
Summary
Red Hat Security Advisory: Red Hat Satellite 6 security and bug fix update
Notes
Topic
An update is now available for Red Hat Satellite 6.13 for RHEL 8.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat Satellite is a system management solution that allows organizations to
configure and maintain their systems without the necessity to provide public
Internet access to their servers or other client systems. It performs
provisioning and configuration management of predefined standard operating
environments.
Security Fix(es):
* satellite: Blind SSRF via Referer header (CVE-2022-4130)
* mosquitto: memory leak leads to unresponsive broker (CVE-2023-0809, CVE-2023-28366, CVE-2023-3592)
* foreman: World readable file containing secrets (CVE-2023-4886)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Bug Fix(es):
* Long running postgres threads during content-export (BZ#2257299)
* After upstream repo switched to zst compression, Satellite 6.12.5.1 unable to sync (BZ#2257300)
* Actions::ForemanLeapp::PreupgradeJob fails with null value in column "preupgrade_report_id" violates not-null constraint when run with non-admin user (BZ#2257302)
* Puppet reports without any messages don't get an origin (BZ#2257314)
* Provisioning vm host fails with error "Failed to attach ISO image to CDROM drive of instance client.example.com: InvalidPowerState: The attempted operation cannot be performed in the current state (Powered on)". (BZ#2257316)
* [Improvement] RefreshRepos step in Capsule Sync to refresh just repos to sync (BZ#2260526)
* Support Satellite Clone running on Python 3.12 (BZ#2264354)
* Support Satellite Ansible Collection running on Python 3.12 (BZ#2264918)
* Unable to sync library/busybox from gcr.io (BZ#2265149)
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update is now available for Red Hat Satellite 6.13 for RHEL 8.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat Satellite is a system management solution that allows organizations to\nconfigure and maintain their systems without the necessity to provide public\nInternet access to their servers or other client systems. It performs\nprovisioning and configuration management of predefined standard operating\nenvironments.\n\nSecurity Fix(es):\n\n* satellite: Blind SSRF via Referer header (CVE-2022-4130)\n\n* mosquitto: memory leak leads to unresponsive broker (CVE-2023-0809, CVE-2023-28366, CVE-2023-3592)\n\n* foreman: World readable file containing secrets (CVE-2023-4886)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nBug Fix(es):\n\n* Long running postgres threads during content-export (BZ#2257299)\n\n* After upstream repo switched to zst compression, Satellite 6.12.5.1 unable to sync (BZ#2257300)\n\n* Actions::ForemanLeapp::PreupgradeJob fails with null value in column \"preupgrade_report_id\" violates not-null constraint when run with non-admin user (BZ#2257302)\n\n* Puppet reports without any messages don\u0027t get an origin (BZ#2257314)\n\n* Provisioning vm host fails with error \"Failed to attach ISO image to CDROM drive of instance client.example.com: InvalidPowerState: The attempted operation cannot be performed in the current state (Powered on)\". (BZ#2257316)\n\n* [Improvement] RefreshRepos step in Capsule Sync to refresh just repos to sync (BZ#2260526)\n\n* Support Satellite Clone running on Python 3.12 (BZ#2264354)\n\n* Support Satellite Ansible Collection running on Python 3.12 (BZ#2264918)\n\n* Unable to sync library/busybox from gcr.io (BZ#2265149)",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2024:1061",
"url": "https://access.redhat.com/errata/RHSA-2024:1061"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_satellite/6.13/html/upgrading_and_updating_red_hat_satellite/index",
"url": "https://access.redhat.com/documentation/en-us/red_hat_satellite/6.13/html/upgrading_and_updating_red_hat_satellite/index"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/vulnerabilities/RHSB-2023-003",
"url": "https://access.redhat.com/security/vulnerabilities/RHSB-2023-003"
},
{
"category": "external",
"summary": "2145254",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2145254"
},
{
"category": "external",
"summary": "2230135",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2230135"
},
{
"category": "external",
"summary": "2236882",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2236882"
},
{
"category": "external",
"summary": "2257299",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2257299"
},
{
"category": "external",
"summary": "2257300",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2257300"
},
{
"category": "external",
"summary": "2257302",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2257302"
},
{
"category": "external",
"summary": "2257314",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2257314"
},
{
"category": "external",
"summary": "2257316",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2257316"
},
{
"category": "external",
"summary": "2260526",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2260526"
},
{
"category": "external",
"summary": "2264354",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2264354"
},
{
"category": "external",
"summary": "2264918",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2264918"
},
{
"category": "external",
"summary": "2265149",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2265149"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_1061.json"
}
],
"title": "Red Hat Security Advisory: Red Hat Satellite 6 security and bug fix update",
"tracking": {
"current_release_date": "2024-11-06T05:07:43+00:00",
"generator": {
"date": "2024-11-06T05:07:43+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.1.1"
}
},
"id": "RHSA-2024:1061",
"initial_release_date": "2024-02-29T20:37:45+00:00",
"revision_history": [
{
"date": "2024-02-29T20:37:45+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2024-02-29T20:37:45+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-06T05:07:43+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Satellite 6.13 for RHEL 8",
"product": {
"name": "Red Hat Satellite 6.13 for RHEL 8",
"product_id": "8Base-satellite-6.13",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:satellite:6.13::el8"
}
}
},
{
"category": "product_name",
"name": "Red Hat Satellite 6.13 for RHEL 8",
"product": {
"name": "Red Hat Satellite 6.13 for RHEL 8",
"product_id": "8Base-satellite-6.13-capsule",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:satellite_capsule:6.13::el8"
}
}
},
{
"category": "product_name",
"name": "Red Hat Satellite 6.13 for RHEL 8",
"product": {
"name": "Red Hat Satellite 6.13 for RHEL 8",
"product_id": "8Base-satellite-6.13-utils",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:satellite_utils:6.13::el8"
}
}
},
{
"category": "product_name",
"name": "Red Hat Satellite 6.13 for RHEL 8",
"product": {
"name": "Red Hat Satellite 6.13 for RHEL 8",
"product_id": "8Base-satellite-6.13-maintenance",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:satellite_maintenance:6.13::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat Satellite 6"
},
{
"branches": [
{
"category": "product_version",
"name": "createrepo_c-0:1.0.2-2.el8pc.src",
"product": {
"name": "createrepo_c-0:1.0.2-2.el8pc.src",
"product_id": "createrepo_c-0:1.0.2-2.el8pc.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/createrepo_c@1.0.2-2.el8pc?arch=src"
}
}
},
{
"category": "product_version",
"name": "foreman-0:3.5.1.24-1.el8sat.src",
"product": {
"name": "foreman-0:3.5.1.24-1.el8sat.src",
"product_id": "foreman-0:3.5.1.24-1.el8sat.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman@3.5.1.24-1.el8sat?arch=src"
}
}
},
{
"category": "product_version",
"name": "foreman-installer-1:3.5.2.7-1.el8sat.src",
"product": {
"name": "foreman-installer-1:3.5.2.7-1.el8sat.src",
"product_id": "foreman-installer-1:3.5.2.7-1.el8sat.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman-installer@3.5.2.7-1.el8sat?arch=src\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "mosquitto-0:2.0.17-1.el8sat.src",
"product": {
"name": "mosquitto-0:2.0.17-1.el8sat.src",
"product_id": "mosquitto-0:2.0.17-1.el8sat.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mosquitto@2.0.17-1.el8sat?arch=src"
}
}
},
{
"category": "product_version",
"name": "python-pulp-rpm-0:3.18.19-2.el8pc.src",
"product": {
"name": "python-pulp-rpm-0:3.18.19-2.el8pc.src",
"product_id": "python-pulp-rpm-0:3.18.19-2.el8pc.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-pulp-rpm@3.18.19-2.el8pc?arch=src"
}
}
},
{
"category": "product_version",
"name": "rubygem-foreman_bootdisk-0:21.0.5-1.el8sat.src",
"product": {
"name": "rubygem-foreman_bootdisk-0:21.0.5-1.el8sat.src",
"product_id": "rubygem-foreman_bootdisk-0:21.0.5-1.el8sat.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-foreman_bootdisk@21.0.5-1.el8sat?arch=src"
}
}
},
{
"category": "product_version",
"name": "rubygem-foreman_leapp-0:0.1.13-2.el8sat.src",
"product": {
"name": "rubygem-foreman_leapp-0:0.1.13-2.el8sat.src",
"product_id": "rubygem-foreman_leapp-0:0.1.13-2.el8sat.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-foreman_leapp@0.1.13-2.el8sat?arch=src"
}
}
},
{
"category": "product_version",
"name": "rubygem-katello-0:4.7.0.36-1.el8sat.src",
"product": {
"name": "rubygem-katello-0:4.7.0.36-1.el8sat.src",
"product_id": "rubygem-katello-0:4.7.0.36-1.el8sat.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-katello@4.7.0.36-1.el8sat?arch=src"
}
}
},
{
"category": "product_version",
"name": "satellite-0:6.13.7-1.el8sat.src",
"product": {
"name": "satellite-0:6.13.7-1.el8sat.src",
"product_id": "satellite-0:6.13.7-1.el8sat.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/satellite@6.13.7-1.el8sat?arch=src"
}
}
},
{
"category": "product_version",
"name": "ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.src",
"product": {
"name": "ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.src",
"product_id": "ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ansible-collection-redhat-satellite@3.9.0-3.el8sat?arch=src"
}
}
},
{
"category": "product_version",
"name": "python-pulp-container-0:2.14.11-1.el8pc.src",
"product": {
"name": "python-pulp-container-0:2.14.11-1.el8pc.src",
"product_id": "python-pulp-container-0:2.14.11-1.el8pc.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-pulp-container@2.14.11-1.el8pc?arch=src"
}
}
},
{
"category": "product_version",
"name": "satellite-clone-0:3.5.0-1.el8sat.src",
"product": {
"name": "satellite-clone-0:3.5.0-1.el8sat.src",
"product_id": "satellite-clone-0:3.5.0-1.el8sat.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/satellite-clone@3.5.0-1.el8sat?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "createrepo_c-0:1.0.2-2.el8pc.x86_64",
"product": {
"name": "createrepo_c-0:1.0.2-2.el8pc.x86_64",
"product_id": "createrepo_c-0:1.0.2-2.el8pc.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/createrepo_c@1.0.2-2.el8pc?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "createrepo_c-libs-0:1.0.2-2.el8pc.x86_64",
"product": {
"name": "createrepo_c-libs-0:1.0.2-2.el8pc.x86_64",
"product_id": "createrepo_c-libs-0:1.0.2-2.el8pc.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/createrepo_c-libs@1.0.2-2.el8pc?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "python3-createrepo_c-0:1.0.2-2.el8pc.x86_64",
"product": {
"name": "python3-createrepo_c-0:1.0.2-2.el8pc.x86_64",
"product_id": "python3-createrepo_c-0:1.0.2-2.el8pc.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-createrepo_c@1.0.2-2.el8pc?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "python39-createrepo_c-0:1.0.2-2.el8pc.x86_64",
"product": {
"name": "python39-createrepo_c-0:1.0.2-2.el8pc.x86_64",
"product_id": "python39-createrepo_c-0:1.0.2-2.el8pc.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python39-createrepo_c@1.0.2-2.el8pc?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64",
"product": {
"name": "createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64",
"product_id": "createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/createrepo_c-debugsource@1.0.2-2.el8pc?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"product": {
"name": "createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"product_id": "createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/createrepo_c-debuginfo@1.0.2-2.el8pc?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64",
"product": {
"name": "createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64",
"product_id": "createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/createrepo_c-libs-debuginfo@1.0.2-2.el8pc?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"product": {
"name": "python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"product_id": "python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-createrepo_c-debuginfo@1.0.2-2.el8pc?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"product": {
"name": "python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"product_id": "python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python39-createrepo_c-debuginfo@1.0.2-2.el8pc?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "mosquitto-0:2.0.17-1.el8sat.x86_64",
"product": {
"name": "mosquitto-0:2.0.17-1.el8sat.x86_64",
"product_id": "mosquitto-0:2.0.17-1.el8sat.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mosquitto@2.0.17-1.el8sat?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64",
"product": {
"name": "mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64",
"product_id": "mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mosquitto-debugsource@2.0.17-1.el8sat?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64",
"product": {
"name": "mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64",
"product_id": "mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mosquitto-debuginfo@2.0.17-1.el8sat?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "foreman-debug-0:3.5.1.24-1.el8sat.noarch",
"product": {
"name": "foreman-debug-0:3.5.1.24-1.el8sat.noarch",
"product_id": "foreman-debug-0:3.5.1.24-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman-debug@3.5.1.24-1.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "foreman-0:3.5.1.24-1.el8sat.noarch",
"product": {
"name": "foreman-0:3.5.1.24-1.el8sat.noarch",
"product_id": "foreman-0:3.5.1.24-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman@3.5.1.24-1.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "foreman-cli-0:3.5.1.24-1.el8sat.noarch",
"product": {
"name": "foreman-cli-0:3.5.1.24-1.el8sat.noarch",
"product_id": "foreman-cli-0:3.5.1.24-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman-cli@3.5.1.24-1.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch",
"product": {
"name": "foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch",
"product_id": "foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman-dynflow-sidekiq@3.5.1.24-1.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "foreman-ec2-0:3.5.1.24-1.el8sat.noarch",
"product": {
"name": "foreman-ec2-0:3.5.1.24-1.el8sat.noarch",
"product_id": "foreman-ec2-0:3.5.1.24-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman-ec2@3.5.1.24-1.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "foreman-journald-0:3.5.1.24-1.el8sat.noarch",
"product": {
"name": "foreman-journald-0:3.5.1.24-1.el8sat.noarch",
"product_id": "foreman-journald-0:3.5.1.24-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman-journald@3.5.1.24-1.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "foreman-libvirt-0:3.5.1.24-1.el8sat.noarch",
"product": {
"name": "foreman-libvirt-0:3.5.1.24-1.el8sat.noarch",
"product_id": "foreman-libvirt-0:3.5.1.24-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman-libvirt@3.5.1.24-1.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "foreman-openstack-0:3.5.1.24-1.el8sat.noarch",
"product": {
"name": "foreman-openstack-0:3.5.1.24-1.el8sat.noarch",
"product_id": "foreman-openstack-0:3.5.1.24-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman-openstack@3.5.1.24-1.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "foreman-ovirt-0:3.5.1.24-1.el8sat.noarch",
"product": {
"name": "foreman-ovirt-0:3.5.1.24-1.el8sat.noarch",
"product_id": "foreman-ovirt-0:3.5.1.24-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman-ovirt@3.5.1.24-1.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "foreman-postgresql-0:3.5.1.24-1.el8sat.noarch",
"product": {
"name": "foreman-postgresql-0:3.5.1.24-1.el8sat.noarch",
"product_id": "foreman-postgresql-0:3.5.1.24-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman-postgresql@3.5.1.24-1.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "foreman-service-0:3.5.1.24-1.el8sat.noarch",
"product": {
"name": "foreman-service-0:3.5.1.24-1.el8sat.noarch",
"product_id": "foreman-service-0:3.5.1.24-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman-service@3.5.1.24-1.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "foreman-telemetry-0:3.5.1.24-1.el8sat.noarch",
"product": {
"name": "foreman-telemetry-0:3.5.1.24-1.el8sat.noarch",
"product_id": "foreman-telemetry-0:3.5.1.24-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman-telemetry@3.5.1.24-1.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "foreman-vmware-0:3.5.1.24-1.el8sat.noarch",
"product": {
"name": "foreman-vmware-0:3.5.1.24-1.el8sat.noarch",
"product_id": "foreman-vmware-0:3.5.1.24-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman-vmware@3.5.1.24-1.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "foreman-installer-1:3.5.2.7-1.el8sat.noarch",
"product": {
"name": "foreman-installer-1:3.5.2.7-1.el8sat.noarch",
"product_id": "foreman-installer-1:3.5.2.7-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman-installer@3.5.2.7-1.el8sat?arch=noarch\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "foreman-installer-katello-1:3.5.2.7-1.el8sat.noarch",
"product": {
"name": "foreman-installer-katello-1:3.5.2.7-1.el8sat.noarch",
"product_id": "foreman-installer-katello-1:3.5.2.7-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman-installer-katello@3.5.2.7-1.el8sat?arch=noarch\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "python39-pulp-rpm-0:3.18.19-2.el8pc.noarch",
"product": {
"name": "python39-pulp-rpm-0:3.18.19-2.el8pc.noarch",
"product_id": "python39-pulp-rpm-0:3.18.19-2.el8pc.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python39-pulp-rpm@3.18.19-2.el8pc?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "rubygem-foreman_bootdisk-0:21.0.5-1.el8sat.noarch",
"product": {
"name": "rubygem-foreman_bootdisk-0:21.0.5-1.el8sat.noarch",
"product_id": "rubygem-foreman_bootdisk-0:21.0.5-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-foreman_bootdisk@21.0.5-1.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "rubygem-foreman_leapp-0:0.1.13-2.el8sat.noarch",
"product": {
"name": "rubygem-foreman_leapp-0:0.1.13-2.el8sat.noarch",
"product_id": "rubygem-foreman_leapp-0:0.1.13-2.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-foreman_leapp@0.1.13-2.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "rubygem-katello-0:4.7.0.36-1.el8sat.noarch",
"product": {
"name": "rubygem-katello-0:4.7.0.36-1.el8sat.noarch",
"product_id": "rubygem-katello-0:4.7.0.36-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-katello@4.7.0.36-1.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "satellite-capsule-0:6.13.7-1.el8sat.noarch",
"product": {
"name": "satellite-capsule-0:6.13.7-1.el8sat.noarch",
"product_id": "satellite-capsule-0:6.13.7-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/satellite-capsule@6.13.7-1.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "satellite-common-0:6.13.7-1.el8sat.noarch",
"product": {
"name": "satellite-common-0:6.13.7-1.el8sat.noarch",
"product_id": "satellite-common-0:6.13.7-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/satellite-common@6.13.7-1.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "satellite-0:6.13.7-1.el8sat.noarch",
"product": {
"name": "satellite-0:6.13.7-1.el8sat.noarch",
"product_id": "satellite-0:6.13.7-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/satellite@6.13.7-1.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "satellite-cli-0:6.13.7-1.el8sat.noarch",
"product": {
"name": "satellite-cli-0:6.13.7-1.el8sat.noarch",
"product_id": "satellite-cli-0:6.13.7-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/satellite-cli@6.13.7-1.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.noarch",
"product": {
"name": "ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.noarch",
"product_id": "ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ansible-collection-redhat-satellite@3.9.0-3.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "python39-pulp-container-0:2.14.11-1.el8pc.noarch",
"product": {
"name": "python39-pulp-container-0:2.14.11-1.el8pc.noarch",
"product_id": "python39-pulp-container-0:2.14.11-1.el8pc.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python39-pulp-container@2.14.11-1.el8pc?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "satellite-clone-0:3.5.0-1.el8sat.noarch",
"product": {
"name": "satellite-clone-0:3.5.0-1.el8sat.noarch",
"product_id": "satellite-clone-0:3.5.0-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/satellite-clone@3.5.0-1.el8sat?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8",
"product_id": "8Base-satellite-6.13-capsule:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.noarch"
},
"product_reference": "ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.13-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.src as a component of Red Hat Satellite 6.13 for RHEL 8",
"product_id": "8Base-satellite-6.13-capsule:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.src"
},
"product_reference": "ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.src",
"relates_to_product_reference": "8Base-satellite-6.13-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "createrepo_c-0:1.0.2-2.el8pc.src as a component of Red Hat Satellite 6.13 for RHEL 8",
"product_id": "8Base-satellite-6.13-capsule:createrepo_c-0:1.0.2-2.el8pc.src"
},
"product_reference": "createrepo_c-0:1.0.2-2.el8pc.src",
"relates_to_product_reference": "8Base-satellite-6.13-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "createrepo_c-0:1.0.2-2.el8pc.x86_64 as a component of Red Hat Satellite 6.13 for RHEL 8",
"product_id": "8Base-satellite-6.13-capsule:createrepo_c-0:1.0.2-2.el8pc.x86_64"
},
"product_reference": "createrepo_c-0:1.0.2-2.el8pc.x86_64",
"relates_to_product_reference": "8Base-satellite-6.13-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64 as a component of Red Hat Satellite 6.13 for RHEL 8",
"product_id": "8Base-satellite-6.13-capsule:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64"
},
"product_reference": "createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"relates_to_product_reference": "8Base-satellite-6.13-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64 as a component of Red Hat Satellite 6.13 for RHEL 8",
"product_id": "8Base-satellite-6.13-capsule:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64"
},
"product_reference": "createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64",
"relates_to_product_reference": "8Base-satellite-6.13-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "createrepo_c-libs-0:1.0.2-2.el8pc.x86_64 as a component of Red Hat Satellite 6.13 for RHEL 8",
"product_id": "8Base-satellite-6.13-capsule:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64"
},
"product_reference": "createrepo_c-libs-0:1.0.2-2.el8pc.x86_64",
"relates_to_product_reference": "8Base-satellite-6.13-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64 as a component of Red Hat Satellite 6.13 for RHEL 8",
"product_id": "8Base-satellite-6.13-capsule:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64"
},
"product_reference": "createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64",
"relates_to_product_reference": "8Base-satellite-6.13-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-0:3.5.1.24-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8",
"product_id": "8Base-satellite-6.13-capsule:foreman-0:3.5.1.24-1.el8sat.noarch"
},
"product_reference": "foreman-0:3.5.1.24-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.13-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-0:3.5.1.24-1.el8sat.src as a component of Red Hat Satellite 6.13 for RHEL 8",
"product_id": "8Base-satellite-6.13-capsule:foreman-0:3.5.1.24-1.el8sat.src"
},
"product_reference": "foreman-0:3.5.1.24-1.el8sat.src",
"relates_to_product_reference": "8Base-satellite-6.13-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-cli-0:3.5.1.24-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8",
"product_id": "8Base-satellite-6.13-capsule:foreman-cli-0:3.5.1.24-1.el8sat.noarch"
},
"product_reference": "foreman-cli-0:3.5.1.24-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.13-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-debug-0:3.5.1.24-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8",
"product_id": "8Base-satellite-6.13-capsule:foreman-debug-0:3.5.1.24-1.el8sat.noarch"
},
"product_reference": "foreman-debug-0:3.5.1.24-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.13-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8",
"product_id": "8Base-satellite-6.13-capsule:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch"
},
"product_reference": "foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.13-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-ec2-0:3.5.1.24-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8",
"product_id": "8Base-satellite-6.13-capsule:foreman-ec2-0:3.5.1.24-1.el8sat.noarch"
},
"product_reference": "foreman-ec2-0:3.5.1.24-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.13-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-installer-1:3.5.2.7-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8",
"product_id": "8Base-satellite-6.13-capsule:foreman-installer-1:3.5.2.7-1.el8sat.noarch"
},
"product_reference": "foreman-installer-1:3.5.2.7-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.13-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-installer-1:3.5.2.7-1.el8sat.src as a component of Red Hat Satellite 6.13 for RHEL 8",
"product_id": "8Base-satellite-6.13-capsule:foreman-installer-1:3.5.2.7-1.el8sat.src"
},
"product_reference": "foreman-installer-1:3.5.2.7-1.el8sat.src",
"relates_to_product_reference": "8Base-satellite-6.13-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-installer-katello-1:3.5.2.7-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8",
"product_id": "8Base-satellite-6.13-capsule:foreman-installer-katello-1:3.5.2.7-1.el8sat.noarch"
},
"product_reference": "foreman-installer-katello-1:3.5.2.7-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.13-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-journald-0:3.5.1.24-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8",
"product_id": "8Base-satellite-6.13-capsule:foreman-journald-0:3.5.1.24-1.el8sat.noarch"
},
"product_reference": "foreman-journald-0:3.5.1.24-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.13-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-libvirt-0:3.5.1.24-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8",
"product_id": "8Base-satellite-6.13-capsule:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch"
},
"product_reference": "foreman-libvirt-0:3.5.1.24-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.13-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-openstack-0:3.5.1.24-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8",
"product_id": "8Base-satellite-6.13-capsule:foreman-openstack-0:3.5.1.24-1.el8sat.noarch"
},
"product_reference": "foreman-openstack-0:3.5.1.24-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.13-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-ovirt-0:3.5.1.24-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8",
"product_id": "8Base-satellite-6.13-capsule:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch"
},
"product_reference": "foreman-ovirt-0:3.5.1.24-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.13-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-postgresql-0:3.5.1.24-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8",
"product_id": "8Base-satellite-6.13-capsule:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch"
},
"product_reference": "foreman-postgresql-0:3.5.1.24-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.13-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-service-0:3.5.1.24-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8",
"product_id": "8Base-satellite-6.13-capsule:foreman-service-0:3.5.1.24-1.el8sat.noarch"
},
"product_reference": "foreman-service-0:3.5.1.24-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.13-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-telemetry-0:3.5.1.24-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8",
"product_id": "8Base-satellite-6.13-capsule:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch"
},
"product_reference": "foreman-telemetry-0:3.5.1.24-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.13-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-vmware-0:3.5.1.24-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8",
"product_id": "8Base-satellite-6.13-capsule:foreman-vmware-0:3.5.1.24-1.el8sat.noarch"
},
"product_reference": "foreman-vmware-0:3.5.1.24-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.13-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mosquitto-0:2.0.17-1.el8sat.src as a component of Red Hat Satellite 6.13 for RHEL 8",
"product_id": "8Base-satellite-6.13-capsule:mosquitto-0:2.0.17-1.el8sat.src"
},
"product_reference": "mosquitto-0:2.0.17-1.el8sat.src",
"relates_to_product_reference": "8Base-satellite-6.13-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mosquitto-0:2.0.17-1.el8sat.x86_64 as a component of Red Hat Satellite 6.13 for RHEL 8",
"product_id": "8Base-satellite-6.13-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64"
},
"product_reference": "mosquitto-0:2.0.17-1.el8sat.x86_64",
"relates_to_product_reference": "8Base-satellite-6.13-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64 as a component of Red Hat Satellite 6.13 for RHEL 8",
"product_id": "8Base-satellite-6.13-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64"
},
"product_reference": "mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64",
"relates_to_product_reference": "8Base-satellite-6.13-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64 as a component of Red Hat Satellite 6.13 for RHEL 8",
"product_id": "8Base-satellite-6.13-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64"
},
"product_reference": "mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64",
"relates_to_product_reference": "8Base-satellite-6.13-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-pulp-container-0:2.14.11-1.el8pc.src as a component of Red Hat Satellite 6.13 for RHEL 8",
"product_id": "8Base-satellite-6.13-capsule:python-pulp-container-0:2.14.11-1.el8pc.src"
},
"product_reference": "python-pulp-container-0:2.14.11-1.el8pc.src",
"relates_to_product_reference": "8Base-satellite-6.13-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-pulp-rpm-0:3.18.19-2.el8pc.src as a component of Red Hat Satellite 6.13 for RHEL 8",
"product_id": "8Base-satellite-6.13-capsule:python-pulp-rpm-0:3.18.19-2.el8pc.src"
},
"product_reference": "python-pulp-rpm-0:3.18.19-2.el8pc.src",
"relates_to_product_reference": "8Base-satellite-6.13-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-createrepo_c-0:1.0.2-2.el8pc.x86_64 as a component of Red Hat Satellite 6.13 for RHEL 8",
"product_id": "8Base-satellite-6.13-capsule:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64"
},
"product_reference": "python3-createrepo_c-0:1.0.2-2.el8pc.x86_64",
"relates_to_product_reference": "8Base-satellite-6.13-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64 as a component of Red Hat Satellite 6.13 for RHEL 8",
"product_id": "8Base-satellite-6.13-capsule:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64"
},
"product_reference": "python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"relates_to_product_reference": "8Base-satellite-6.13-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python39-createrepo_c-0:1.0.2-2.el8pc.x86_64 as a component of Red Hat Satellite 6.13 for RHEL 8",
"product_id": "8Base-satellite-6.13-capsule:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64"
},
"product_reference": "python39-createrepo_c-0:1.0.2-2.el8pc.x86_64",
"relates_to_product_reference": "8Base-satellite-6.13-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64 as a component of Red Hat Satellite 6.13 for RHEL 8",
"product_id": "8Base-satellite-6.13-capsule:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64"
},
"product_reference": "python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"relates_to_product_reference": "8Base-satellite-6.13-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python39-pulp-container-0:2.14.11-1.el8pc.noarch as a component of Red Hat Satellite 6.13 for RHEL 8",
"product_id": "8Base-satellite-6.13-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch"
},
"product_reference": "python39-pulp-container-0:2.14.11-1.el8pc.noarch",
"relates_to_product_reference": "8Base-satellite-6.13-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python39-pulp-rpm-0:3.18.19-2.el8pc.noarch as a component of Red Hat Satellite 6.13 for RHEL 8",
"product_id": "8Base-satellite-6.13-capsule:python39-pulp-rpm-0:3.18.19-2.el8pc.noarch"
},
"product_reference": "python39-pulp-rpm-0:3.18.19-2.el8pc.noarch",
"relates_to_product_reference": "8Base-satellite-6.13-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-0:6.13.7-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8",
"product_id": "8Base-satellite-6.13-capsule:satellite-0:6.13.7-1.el8sat.noarch"
},
"product_reference": "satellite-0:6.13.7-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.13-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-0:6.13.7-1.el8sat.src as a component of Red Hat Satellite 6.13 for RHEL 8",
"product_id": "8Base-satellite-6.13-capsule:satellite-0:6.13.7-1.el8sat.src"
},
"product_reference": "satellite-0:6.13.7-1.el8sat.src",
"relates_to_product_reference": "8Base-satellite-6.13-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-capsule-0:6.13.7-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8",
"product_id": "8Base-satellite-6.13-capsule:satellite-capsule-0:6.13.7-1.el8sat.noarch"
},
"product_reference": "satellite-capsule-0:6.13.7-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.13-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-cli-0:6.13.7-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8",
"product_id": "8Base-satellite-6.13-capsule:satellite-cli-0:6.13.7-1.el8sat.noarch"
},
"product_reference": "satellite-cli-0:6.13.7-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.13-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-common-0:6.13.7-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8",
"product_id": "8Base-satellite-6.13-capsule:satellite-common-0:6.13.7-1.el8sat.noarch"
},
"product_reference": "satellite-common-0:6.13.7-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.13-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-clone-0:3.5.0-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8",
"product_id": "8Base-satellite-6.13-maintenance:satellite-clone-0:3.5.0-1.el8sat.noarch"
},
"product_reference": "satellite-clone-0:3.5.0-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.13-maintenance"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-clone-0:3.5.0-1.el8sat.src as a component of Red Hat Satellite 6.13 for RHEL 8",
"product_id": "8Base-satellite-6.13-maintenance:satellite-clone-0:3.5.0-1.el8sat.src"
},
"product_reference": "satellite-clone-0:3.5.0-1.el8sat.src",
"relates_to_product_reference": "8Base-satellite-6.13-maintenance"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-0:3.5.1.24-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8",
"product_id": "8Base-satellite-6.13-utils:foreman-0:3.5.1.24-1.el8sat.noarch"
},
"product_reference": "foreman-0:3.5.1.24-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.13-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-0:3.5.1.24-1.el8sat.src as a component of Red Hat Satellite 6.13 for RHEL 8",
"product_id": "8Base-satellite-6.13-utils:foreman-0:3.5.1.24-1.el8sat.src"
},
"product_reference": "foreman-0:3.5.1.24-1.el8sat.src",
"relates_to_product_reference": "8Base-satellite-6.13-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-cli-0:3.5.1.24-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8",
"product_id": "8Base-satellite-6.13-utils:foreman-cli-0:3.5.1.24-1.el8sat.noarch"
},
"product_reference": "foreman-cli-0:3.5.1.24-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.13-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-debug-0:3.5.1.24-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8",
"product_id": "8Base-satellite-6.13-utils:foreman-debug-0:3.5.1.24-1.el8sat.noarch"
},
"product_reference": "foreman-debug-0:3.5.1.24-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.13-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8",
"product_id": "8Base-satellite-6.13-utils:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch"
},
"product_reference": "foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.13-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-ec2-0:3.5.1.24-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8",
"product_id": "8Base-satellite-6.13-utils:foreman-ec2-0:3.5.1.24-1.el8sat.noarch"
},
"product_reference": "foreman-ec2-0:3.5.1.24-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.13-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-journald-0:3.5.1.24-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8",
"product_id": "8Base-satellite-6.13-utils:foreman-journald-0:3.5.1.24-1.el8sat.noarch"
},
"product_reference": "foreman-journald-0:3.5.1.24-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.13-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-libvirt-0:3.5.1.24-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8",
"product_id": "8Base-satellite-6.13-utils:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch"
},
"product_reference": "foreman-libvirt-0:3.5.1.24-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.13-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-openstack-0:3.5.1.24-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8",
"product_id": "8Base-satellite-6.13-utils:foreman-openstack-0:3.5.1.24-1.el8sat.noarch"
},
"product_reference": "foreman-openstack-0:3.5.1.24-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.13-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-ovirt-0:3.5.1.24-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8",
"product_id": "8Base-satellite-6.13-utils:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch"
},
"product_reference": "foreman-ovirt-0:3.5.1.24-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.13-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-postgresql-0:3.5.1.24-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8",
"product_id": "8Base-satellite-6.13-utils:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch"
},
"product_reference": "foreman-postgresql-0:3.5.1.24-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.13-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-service-0:3.5.1.24-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8",
"product_id": "8Base-satellite-6.13-utils:foreman-service-0:3.5.1.24-1.el8sat.noarch"
},
"product_reference": "foreman-service-0:3.5.1.24-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.13-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-telemetry-0:3.5.1.24-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8",
"product_id": "8Base-satellite-6.13-utils:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch"
},
"product_reference": "foreman-telemetry-0:3.5.1.24-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.13-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-vmware-0:3.5.1.24-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8",
"product_id": "8Base-satellite-6.13-utils:foreman-vmware-0:3.5.1.24-1.el8sat.noarch"
},
"product_reference": "foreman-vmware-0:3.5.1.24-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.13-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-0:6.13.7-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8",
"product_id": "8Base-satellite-6.13-utils:satellite-0:6.13.7-1.el8sat.noarch"
},
"product_reference": "satellite-0:6.13.7-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.13-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-0:6.13.7-1.el8sat.src as a component of Red Hat Satellite 6.13 for RHEL 8",
"product_id": "8Base-satellite-6.13-utils:satellite-0:6.13.7-1.el8sat.src"
},
"product_reference": "satellite-0:6.13.7-1.el8sat.src",
"relates_to_product_reference": "8Base-satellite-6.13-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-capsule-0:6.13.7-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8",
"product_id": "8Base-satellite-6.13-utils:satellite-capsule-0:6.13.7-1.el8sat.noarch"
},
"product_reference": "satellite-capsule-0:6.13.7-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.13-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-cli-0:6.13.7-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8",
"product_id": "8Base-satellite-6.13-utils:satellite-cli-0:6.13.7-1.el8sat.noarch"
},
"product_reference": "satellite-cli-0:6.13.7-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.13-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-common-0:6.13.7-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8",
"product_id": "8Base-satellite-6.13-utils:satellite-common-0:6.13.7-1.el8sat.noarch"
},
"product_reference": "satellite-common-0:6.13.7-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.13-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8",
"product_id": "8Base-satellite-6.13:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.noarch"
},
"product_reference": "ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.src as a component of Red Hat Satellite 6.13 for RHEL 8",
"product_id": "8Base-satellite-6.13:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.src"
},
"product_reference": "ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.src",
"relates_to_product_reference": "8Base-satellite-6.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "createrepo_c-0:1.0.2-2.el8pc.src as a component of Red Hat Satellite 6.13 for RHEL 8",
"product_id": "8Base-satellite-6.13:createrepo_c-0:1.0.2-2.el8pc.src"
},
"product_reference": "createrepo_c-0:1.0.2-2.el8pc.src",
"relates_to_product_reference": "8Base-satellite-6.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "createrepo_c-0:1.0.2-2.el8pc.x86_64 as a component of Red Hat Satellite 6.13 for RHEL 8",
"product_id": "8Base-satellite-6.13:createrepo_c-0:1.0.2-2.el8pc.x86_64"
},
"product_reference": "createrepo_c-0:1.0.2-2.el8pc.x86_64",
"relates_to_product_reference": "8Base-satellite-6.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64 as a component of Red Hat Satellite 6.13 for RHEL 8",
"product_id": "8Base-satellite-6.13:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64"
},
"product_reference": "createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"relates_to_product_reference": "8Base-satellite-6.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64 as a component of Red Hat Satellite 6.13 for RHEL 8",
"product_id": "8Base-satellite-6.13:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64"
},
"product_reference": "createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64",
"relates_to_product_reference": "8Base-satellite-6.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "createrepo_c-libs-0:1.0.2-2.el8pc.x86_64 as a component of Red Hat Satellite 6.13 for RHEL 8",
"product_id": "8Base-satellite-6.13:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64"
},
"product_reference": "createrepo_c-libs-0:1.0.2-2.el8pc.x86_64",
"relates_to_product_reference": "8Base-satellite-6.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64 as a component of Red Hat Satellite 6.13 for RHEL 8",
"product_id": "8Base-satellite-6.13:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64"
},
"product_reference": "createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64",
"relates_to_product_reference": "8Base-satellite-6.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-0:3.5.1.24-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8",
"product_id": "8Base-satellite-6.13:foreman-0:3.5.1.24-1.el8sat.noarch"
},
"product_reference": "foreman-0:3.5.1.24-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-0:3.5.1.24-1.el8sat.src as a component of Red Hat Satellite 6.13 for RHEL 8",
"product_id": "8Base-satellite-6.13:foreman-0:3.5.1.24-1.el8sat.src"
},
"product_reference": "foreman-0:3.5.1.24-1.el8sat.src",
"relates_to_product_reference": "8Base-satellite-6.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-cli-0:3.5.1.24-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8",
"product_id": "8Base-satellite-6.13:foreman-cli-0:3.5.1.24-1.el8sat.noarch"
},
"product_reference": "foreman-cli-0:3.5.1.24-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-debug-0:3.5.1.24-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8",
"product_id": "8Base-satellite-6.13:foreman-debug-0:3.5.1.24-1.el8sat.noarch"
},
"product_reference": "foreman-debug-0:3.5.1.24-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8",
"product_id": "8Base-satellite-6.13:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch"
},
"product_reference": "foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-ec2-0:3.5.1.24-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8",
"product_id": "8Base-satellite-6.13:foreman-ec2-0:3.5.1.24-1.el8sat.noarch"
},
"product_reference": "foreman-ec2-0:3.5.1.24-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-installer-1:3.5.2.7-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8",
"product_id": "8Base-satellite-6.13:foreman-installer-1:3.5.2.7-1.el8sat.noarch"
},
"product_reference": "foreman-installer-1:3.5.2.7-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-installer-1:3.5.2.7-1.el8sat.src as a component of Red Hat Satellite 6.13 for RHEL 8",
"product_id": "8Base-satellite-6.13:foreman-installer-1:3.5.2.7-1.el8sat.src"
},
"product_reference": "foreman-installer-1:3.5.2.7-1.el8sat.src",
"relates_to_product_reference": "8Base-satellite-6.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-installer-katello-1:3.5.2.7-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8",
"product_id": "8Base-satellite-6.13:foreman-installer-katello-1:3.5.2.7-1.el8sat.noarch"
},
"product_reference": "foreman-installer-katello-1:3.5.2.7-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-journald-0:3.5.1.24-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8",
"product_id": "8Base-satellite-6.13:foreman-journald-0:3.5.1.24-1.el8sat.noarch"
},
"product_reference": "foreman-journald-0:3.5.1.24-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-libvirt-0:3.5.1.24-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8",
"product_id": "8Base-satellite-6.13:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch"
},
"product_reference": "foreman-libvirt-0:3.5.1.24-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-openstack-0:3.5.1.24-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8",
"product_id": "8Base-satellite-6.13:foreman-openstack-0:3.5.1.24-1.el8sat.noarch"
},
"product_reference": "foreman-openstack-0:3.5.1.24-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-ovirt-0:3.5.1.24-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8",
"product_id": "8Base-satellite-6.13:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch"
},
"product_reference": "foreman-ovirt-0:3.5.1.24-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-postgresql-0:3.5.1.24-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8",
"product_id": "8Base-satellite-6.13:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch"
},
"product_reference": "foreman-postgresql-0:3.5.1.24-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-service-0:3.5.1.24-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8",
"product_id": "8Base-satellite-6.13:foreman-service-0:3.5.1.24-1.el8sat.noarch"
},
"product_reference": "foreman-service-0:3.5.1.24-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-telemetry-0:3.5.1.24-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8",
"product_id": "8Base-satellite-6.13:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch"
},
"product_reference": "foreman-telemetry-0:3.5.1.24-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-vmware-0:3.5.1.24-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8",
"product_id": "8Base-satellite-6.13:foreman-vmware-0:3.5.1.24-1.el8sat.noarch"
},
"product_reference": "foreman-vmware-0:3.5.1.24-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mosquitto-0:2.0.17-1.el8sat.src as a component of Red Hat Satellite 6.13 for RHEL 8",
"product_id": "8Base-satellite-6.13:mosquitto-0:2.0.17-1.el8sat.src"
},
"product_reference": "mosquitto-0:2.0.17-1.el8sat.src",
"relates_to_product_reference": "8Base-satellite-6.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mosquitto-0:2.0.17-1.el8sat.x86_64 as a component of Red Hat Satellite 6.13 for RHEL 8",
"product_id": "8Base-satellite-6.13:mosquitto-0:2.0.17-1.el8sat.x86_64"
},
"product_reference": "mosquitto-0:2.0.17-1.el8sat.x86_64",
"relates_to_product_reference": "8Base-satellite-6.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64 as a component of Red Hat Satellite 6.13 for RHEL 8",
"product_id": "8Base-satellite-6.13:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64"
},
"product_reference": "mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64",
"relates_to_product_reference": "8Base-satellite-6.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64 as a component of Red Hat Satellite 6.13 for RHEL 8",
"product_id": "8Base-satellite-6.13:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64"
},
"product_reference": "mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64",
"relates_to_product_reference": "8Base-satellite-6.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-pulp-container-0:2.14.11-1.el8pc.src as a component of Red Hat Satellite 6.13 for RHEL 8",
"product_id": "8Base-satellite-6.13:python-pulp-container-0:2.14.11-1.el8pc.src"
},
"product_reference": "python-pulp-container-0:2.14.11-1.el8pc.src",
"relates_to_product_reference": "8Base-satellite-6.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-pulp-rpm-0:3.18.19-2.el8pc.src as a component of Red Hat Satellite 6.13 for RHEL 8",
"product_id": "8Base-satellite-6.13:python-pulp-rpm-0:3.18.19-2.el8pc.src"
},
"product_reference": "python-pulp-rpm-0:3.18.19-2.el8pc.src",
"relates_to_product_reference": "8Base-satellite-6.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-createrepo_c-0:1.0.2-2.el8pc.x86_64 as a component of Red Hat Satellite 6.13 for RHEL 8",
"product_id": "8Base-satellite-6.13:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64"
},
"product_reference": "python3-createrepo_c-0:1.0.2-2.el8pc.x86_64",
"relates_to_product_reference": "8Base-satellite-6.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64 as a component of Red Hat Satellite 6.13 for RHEL 8",
"product_id": "8Base-satellite-6.13:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64"
},
"product_reference": "python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"relates_to_product_reference": "8Base-satellite-6.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python39-createrepo_c-0:1.0.2-2.el8pc.x86_64 as a component of Red Hat Satellite 6.13 for RHEL 8",
"product_id": "8Base-satellite-6.13:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64"
},
"product_reference": "python39-createrepo_c-0:1.0.2-2.el8pc.x86_64",
"relates_to_product_reference": "8Base-satellite-6.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64 as a component of Red Hat Satellite 6.13 for RHEL 8",
"product_id": "8Base-satellite-6.13:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64"
},
"product_reference": "python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"relates_to_product_reference": "8Base-satellite-6.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python39-pulp-container-0:2.14.11-1.el8pc.noarch as a component of Red Hat Satellite 6.13 for RHEL 8",
"product_id": "8Base-satellite-6.13:python39-pulp-container-0:2.14.11-1.el8pc.noarch"
},
"product_reference": "python39-pulp-container-0:2.14.11-1.el8pc.noarch",
"relates_to_product_reference": "8Base-satellite-6.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python39-pulp-rpm-0:3.18.19-2.el8pc.noarch as a component of Red Hat Satellite 6.13 for RHEL 8",
"product_id": "8Base-satellite-6.13:python39-pulp-rpm-0:3.18.19-2.el8pc.noarch"
},
"product_reference": "python39-pulp-rpm-0:3.18.19-2.el8pc.noarch",
"relates_to_product_reference": "8Base-satellite-6.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-foreman_bootdisk-0:21.0.5-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8",
"product_id": "8Base-satellite-6.13:rubygem-foreman_bootdisk-0:21.0.5-1.el8sat.noarch"
},
"product_reference": "rubygem-foreman_bootdisk-0:21.0.5-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-foreman_bootdisk-0:21.0.5-1.el8sat.src as a component of Red Hat Satellite 6.13 for RHEL 8",
"product_id": "8Base-satellite-6.13:rubygem-foreman_bootdisk-0:21.0.5-1.el8sat.src"
},
"product_reference": "rubygem-foreman_bootdisk-0:21.0.5-1.el8sat.src",
"relates_to_product_reference": "8Base-satellite-6.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-foreman_leapp-0:0.1.13-2.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8",
"product_id": "8Base-satellite-6.13:rubygem-foreman_leapp-0:0.1.13-2.el8sat.noarch"
},
"product_reference": "rubygem-foreman_leapp-0:0.1.13-2.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-foreman_leapp-0:0.1.13-2.el8sat.src as a component of Red Hat Satellite 6.13 for RHEL 8",
"product_id": "8Base-satellite-6.13:rubygem-foreman_leapp-0:0.1.13-2.el8sat.src"
},
"product_reference": "rubygem-foreman_leapp-0:0.1.13-2.el8sat.src",
"relates_to_product_reference": "8Base-satellite-6.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-katello-0:4.7.0.36-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8",
"product_id": "8Base-satellite-6.13:rubygem-katello-0:4.7.0.36-1.el8sat.noarch"
},
"product_reference": "rubygem-katello-0:4.7.0.36-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-katello-0:4.7.0.36-1.el8sat.src as a component of Red Hat Satellite 6.13 for RHEL 8",
"product_id": "8Base-satellite-6.13:rubygem-katello-0:4.7.0.36-1.el8sat.src"
},
"product_reference": "rubygem-katello-0:4.7.0.36-1.el8sat.src",
"relates_to_product_reference": "8Base-satellite-6.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-0:6.13.7-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8",
"product_id": "8Base-satellite-6.13:satellite-0:6.13.7-1.el8sat.noarch"
},
"product_reference": "satellite-0:6.13.7-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-0:6.13.7-1.el8sat.src as a component of Red Hat Satellite 6.13 for RHEL 8",
"product_id": "8Base-satellite-6.13:satellite-0:6.13.7-1.el8sat.src"
},
"product_reference": "satellite-0:6.13.7-1.el8sat.src",
"relates_to_product_reference": "8Base-satellite-6.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-capsule-0:6.13.7-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8",
"product_id": "8Base-satellite-6.13:satellite-capsule-0:6.13.7-1.el8sat.noarch"
},
"product_reference": "satellite-capsule-0:6.13.7-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-cli-0:6.13.7-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8",
"product_id": "8Base-satellite-6.13:satellite-cli-0:6.13.7-1.el8sat.noarch"
},
"product_reference": "satellite-cli-0:6.13.7-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-common-0:6.13.7-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8",
"product_id": "8Base-satellite-6.13:satellite-common-0:6.13.7-1.el8sat.noarch"
},
"product_reference": "satellite-common-0:6.13.7-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.13"
}
]
},
"vulnerabilities": [
{
"acknowledgments": [
{
"names": [
"Fernando Velazquez"
],
"organization": "Red Hat",
"summary": "This issue was discovered by Red Hat."
}
],
"cve": "CVE-2022-4130",
"cwe": {
"id": "CWE-918",
"name": "Server-Side Request Forgery (SSRF)"
},
"discovery_date": "2022-11-23T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-satellite-6.13-capsule:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.noarch",
"8Base-satellite-6.13-capsule:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.src",
"8Base-satellite-6.13-capsule:createrepo_c-0:1.0.2-2.el8pc.src",
"8Base-satellite-6.13-capsule:createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13-capsule:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13-capsule:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13-capsule:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13-capsule:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13-capsule:foreman-cli-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:foreman-debug-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:foreman-ec2-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:foreman-installer-1:3.5.2.7-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:foreman-installer-1:3.5.2.7-1.el8sat.src",
"8Base-satellite-6.13-capsule:foreman-installer-katello-1:3.5.2.7-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:foreman-journald-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:foreman-openstack-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:foreman-service-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:foreman-vmware-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:mosquitto-0:2.0.17-1.el8sat.src",
"8Base-satellite-6.13-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.13-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.13-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.13-capsule:python-pulp-container-0:2.14.11-1.el8pc.src",
"8Base-satellite-6.13-capsule:python-pulp-rpm-0:3.18.19-2.el8pc.src",
"8Base-satellite-6.13-capsule:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13-capsule:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13-capsule:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13-capsule:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch",
"8Base-satellite-6.13-capsule:python39-pulp-rpm-0:3.18.19-2.el8pc.noarch",
"8Base-satellite-6.13-capsule:satellite-0:6.13.7-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:satellite-0:6.13.7-1.el8sat.src",
"8Base-satellite-6.13-capsule:satellite-capsule-0:6.13.7-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:satellite-cli-0:6.13.7-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:satellite-common-0:6.13.7-1.el8sat.noarch",
"8Base-satellite-6.13-maintenance:satellite-clone-0:3.5.0-1.el8sat.noarch",
"8Base-satellite-6.13-maintenance:satellite-clone-0:3.5.0-1.el8sat.src",
"8Base-satellite-6.13-utils:foreman-cli-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-utils:foreman-debug-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-utils:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-utils:foreman-ec2-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-utils:foreman-journald-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-utils:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-utils:foreman-openstack-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-utils:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-utils:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-utils:foreman-service-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-utils:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-utils:foreman-vmware-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-utils:satellite-0:6.13.7-1.el8sat.noarch",
"8Base-satellite-6.13-utils:satellite-0:6.13.7-1.el8sat.src",
"8Base-satellite-6.13-utils:satellite-capsule-0:6.13.7-1.el8sat.noarch",
"8Base-satellite-6.13-utils:satellite-cli-0:6.13.7-1.el8sat.noarch",
"8Base-satellite-6.13-utils:satellite-common-0:6.13.7-1.el8sat.noarch",
"8Base-satellite-6.13:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.noarch",
"8Base-satellite-6.13:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.src",
"8Base-satellite-6.13:createrepo_c-0:1.0.2-2.el8pc.src",
"8Base-satellite-6.13:createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13:foreman-cli-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13:foreman-debug-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13:foreman-ec2-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13:foreman-installer-1:3.5.2.7-1.el8sat.noarch",
"8Base-satellite-6.13:foreman-installer-1:3.5.2.7-1.el8sat.src",
"8Base-satellite-6.13:foreman-installer-katello-1:3.5.2.7-1.el8sat.noarch",
"8Base-satellite-6.13:foreman-journald-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13:foreman-openstack-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13:foreman-service-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13:foreman-vmware-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13:mosquitto-0:2.0.17-1.el8sat.src",
"8Base-satellite-6.13:mosquitto-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.13:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.13:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.13:python-pulp-container-0:2.14.11-1.el8pc.src",
"8Base-satellite-6.13:python-pulp-rpm-0:3.18.19-2.el8pc.src",
"8Base-satellite-6.13:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13:python39-pulp-container-0:2.14.11-1.el8pc.noarch",
"8Base-satellite-6.13:python39-pulp-rpm-0:3.18.19-2.el8pc.noarch",
"8Base-satellite-6.13:rubygem-foreman_bootdisk-0:21.0.5-1.el8sat.noarch",
"8Base-satellite-6.13:rubygem-foreman_bootdisk-0:21.0.5-1.el8sat.src",
"8Base-satellite-6.13:rubygem-foreman_leapp-0:0.1.13-2.el8sat.noarch",
"8Base-satellite-6.13:rubygem-foreman_leapp-0:0.1.13-2.el8sat.src",
"8Base-satellite-6.13:rubygem-katello-0:4.7.0.36-1.el8sat.noarch",
"8Base-satellite-6.13:rubygem-katello-0:4.7.0.36-1.el8sat.src",
"8Base-satellite-6.13:satellite-0:6.13.7-1.el8sat.noarch",
"8Base-satellite-6.13:satellite-0:6.13.7-1.el8sat.src",
"8Base-satellite-6.13:satellite-capsule-0:6.13.7-1.el8sat.noarch",
"8Base-satellite-6.13:satellite-cli-0:6.13.7-1.el8sat.noarch",
"8Base-satellite-6.13:satellite-common-0:6.13.7-1.el8sat.noarch"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2145254"
}
],
"notes": [
{
"category": "description",
"text": "A blind site-to-site request forgery vulnerability was found in Satellite server. It is possible to trigger an external interaction to an attacker\u0027s server by modifying the Referer header in an HTTP request of specific resources in the server.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "satellite: Blind SSRF via Referer header",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-satellite-6.13-capsule:foreman-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:foreman-0:3.5.1.24-1.el8sat.src",
"8Base-satellite-6.13-utils:foreman-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-utils:foreman-0:3.5.1.24-1.el8sat.src",
"8Base-satellite-6.13:foreman-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13:foreman-0:3.5.1.24-1.el8sat.src"
],
"known_not_affected": [
"8Base-satellite-6.13-capsule:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.noarch",
"8Base-satellite-6.13-capsule:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.src",
"8Base-satellite-6.13-capsule:createrepo_c-0:1.0.2-2.el8pc.src",
"8Base-satellite-6.13-capsule:createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13-capsule:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13-capsule:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13-capsule:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13-capsule:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13-capsule:foreman-cli-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:foreman-debug-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:foreman-ec2-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:foreman-installer-1:3.5.2.7-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:foreman-installer-1:3.5.2.7-1.el8sat.src",
"8Base-satellite-6.13-capsule:foreman-installer-katello-1:3.5.2.7-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:foreman-journald-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:foreman-openstack-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:foreman-service-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:foreman-vmware-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:mosquitto-0:2.0.17-1.el8sat.src",
"8Base-satellite-6.13-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.13-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.13-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.13-capsule:python-pulp-container-0:2.14.11-1.el8pc.src",
"8Base-satellite-6.13-capsule:python-pulp-rpm-0:3.18.19-2.el8pc.src",
"8Base-satellite-6.13-capsule:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13-capsule:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13-capsule:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13-capsule:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch",
"8Base-satellite-6.13-capsule:python39-pulp-rpm-0:3.18.19-2.el8pc.noarch",
"8Base-satellite-6.13-capsule:satellite-0:6.13.7-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:satellite-0:6.13.7-1.el8sat.src",
"8Base-satellite-6.13-capsule:satellite-capsule-0:6.13.7-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:satellite-cli-0:6.13.7-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:satellite-common-0:6.13.7-1.el8sat.noarch",
"8Base-satellite-6.13-maintenance:satellite-clone-0:3.5.0-1.el8sat.noarch",
"8Base-satellite-6.13-maintenance:satellite-clone-0:3.5.0-1.el8sat.src",
"8Base-satellite-6.13-utils:foreman-cli-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-utils:foreman-debug-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-utils:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-utils:foreman-ec2-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-utils:foreman-journald-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-utils:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-utils:foreman-openstack-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-utils:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-utils:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-utils:foreman-service-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-utils:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-utils:foreman-vmware-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-utils:satellite-0:6.13.7-1.el8sat.noarch",
"8Base-satellite-6.13-utils:satellite-0:6.13.7-1.el8sat.src",
"8Base-satellite-6.13-utils:satellite-capsule-0:6.13.7-1.el8sat.noarch",
"8Base-satellite-6.13-utils:satellite-cli-0:6.13.7-1.el8sat.noarch",
"8Base-satellite-6.13-utils:satellite-common-0:6.13.7-1.el8sat.noarch",
"8Base-satellite-6.13:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.noarch",
"8Base-satellite-6.13:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.src",
"8Base-satellite-6.13:createrepo_c-0:1.0.2-2.el8pc.src",
"8Base-satellite-6.13:createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13:foreman-cli-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13:foreman-debug-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13:foreman-ec2-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13:foreman-installer-1:3.5.2.7-1.el8sat.noarch",
"8Base-satellite-6.13:foreman-installer-1:3.5.2.7-1.el8sat.src",
"8Base-satellite-6.13:foreman-installer-katello-1:3.5.2.7-1.el8sat.noarch",
"8Base-satellite-6.13:foreman-journald-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13:foreman-openstack-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13:foreman-service-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13:foreman-vmware-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13:mosquitto-0:2.0.17-1.el8sat.src",
"8Base-satellite-6.13:mosquitto-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.13:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.13:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.13:python-pulp-container-0:2.14.11-1.el8pc.src",
"8Base-satellite-6.13:python-pulp-rpm-0:3.18.19-2.el8pc.src",
"8Base-satellite-6.13:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13:python39-pulp-container-0:2.14.11-1.el8pc.noarch",
"8Base-satellite-6.13:python39-pulp-rpm-0:3.18.19-2.el8pc.noarch",
"8Base-satellite-6.13:rubygem-foreman_bootdisk-0:21.0.5-1.el8sat.noarch",
"8Base-satellite-6.13:rubygem-foreman_bootdisk-0:21.0.5-1.el8sat.src",
"8Base-satellite-6.13:rubygem-foreman_leapp-0:0.1.13-2.el8sat.noarch",
"8Base-satellite-6.13:rubygem-foreman_leapp-0:0.1.13-2.el8sat.src",
"8Base-satellite-6.13:rubygem-katello-0:4.7.0.36-1.el8sat.noarch",
"8Base-satellite-6.13:rubygem-katello-0:4.7.0.36-1.el8sat.src",
"8Base-satellite-6.13:satellite-0:6.13.7-1.el8sat.noarch",
"8Base-satellite-6.13:satellite-0:6.13.7-1.el8sat.src",
"8Base-satellite-6.13:satellite-capsule-0:6.13.7-1.el8sat.noarch",
"8Base-satellite-6.13:satellite-cli-0:6.13.7-1.el8sat.noarch",
"8Base-satellite-6.13:satellite-common-0:6.13.7-1.el8sat.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-4130"
},
{
"category": "external",
"summary": "RHBZ#2145254",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2145254"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-4130",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4130"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-4130",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-4130"
}
],
"release_date": "2023-01-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-02-29T20:37:45+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor detailed instructions how to apply this update, refer to:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_satellite/6.6/html/upgrading_and_updating_red_hat_satellite/updating_satellite_server_capsule_server_and_content_hosts",
"product_ids": [
"8Base-satellite-6.13-capsule:foreman-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:foreman-0:3.5.1.24-1.el8sat.src",
"8Base-satellite-6.13-utils:foreman-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-utils:foreman-0:3.5.1.24-1.el8sat.src",
"8Base-satellite-6.13:foreman-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13:foreman-0:3.5.1.24-1.el8sat.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:1061"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.5,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"8Base-satellite-6.13-capsule:foreman-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:foreman-0:3.5.1.24-1.el8sat.src",
"8Base-satellite-6.13-utils:foreman-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-utils:foreman-0:3.5.1.24-1.el8sat.src",
"8Base-satellite-6.13:foreman-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13:foreman-0:3.5.1.24-1.el8sat.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "satellite: Blind SSRF via Referer header"
},
{
"cve": "CVE-2023-0809",
"cwe": {
"id": "CWE-401",
"name": "Missing Release of Memory after Effective Lifetime"
},
"discovery_date": "2023-09-01T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-satellite-6.13-capsule:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.noarch",
"8Base-satellite-6.13-capsule:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.src",
"8Base-satellite-6.13-capsule:createrepo_c-0:1.0.2-2.el8pc.src",
"8Base-satellite-6.13-capsule:createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13-capsule:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13-capsule:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13-capsule:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13-capsule:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13-capsule:foreman-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:foreman-0:3.5.1.24-1.el8sat.src",
"8Base-satellite-6.13-capsule:foreman-cli-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:foreman-debug-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:foreman-ec2-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:foreman-installer-1:3.5.2.7-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:foreman-installer-1:3.5.2.7-1.el8sat.src",
"8Base-satellite-6.13-capsule:foreman-installer-katello-1:3.5.2.7-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:foreman-journald-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:foreman-openstack-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:foreman-service-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:foreman-vmware-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:python-pulp-container-0:2.14.11-1.el8pc.src",
"8Base-satellite-6.13-capsule:python-pulp-rpm-0:3.18.19-2.el8pc.src",
"8Base-satellite-6.13-capsule:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13-capsule:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13-capsule:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13-capsule:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch",
"8Base-satellite-6.13-capsule:python39-pulp-rpm-0:3.18.19-2.el8pc.noarch",
"8Base-satellite-6.13-capsule:satellite-0:6.13.7-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:satellite-0:6.13.7-1.el8sat.src",
"8Base-satellite-6.13-capsule:satellite-capsule-0:6.13.7-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:satellite-cli-0:6.13.7-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:satellite-common-0:6.13.7-1.el8sat.noarch",
"8Base-satellite-6.13-maintenance:satellite-clone-0:3.5.0-1.el8sat.noarch",
"8Base-satellite-6.13-maintenance:satellite-clone-0:3.5.0-1.el8sat.src",
"8Base-satellite-6.13-utils:foreman-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-utils:foreman-0:3.5.1.24-1.el8sat.src",
"8Base-satellite-6.13-utils:foreman-cli-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-utils:foreman-debug-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-utils:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-utils:foreman-ec2-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-utils:foreman-journald-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-utils:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-utils:foreman-openstack-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-utils:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-utils:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-utils:foreman-service-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-utils:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-utils:foreman-vmware-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-utils:satellite-0:6.13.7-1.el8sat.noarch",
"8Base-satellite-6.13-utils:satellite-0:6.13.7-1.el8sat.src",
"8Base-satellite-6.13-utils:satellite-capsule-0:6.13.7-1.el8sat.noarch",
"8Base-satellite-6.13-utils:satellite-cli-0:6.13.7-1.el8sat.noarch",
"8Base-satellite-6.13-utils:satellite-common-0:6.13.7-1.el8sat.noarch",
"8Base-satellite-6.13:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.noarch",
"8Base-satellite-6.13:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.src",
"8Base-satellite-6.13:createrepo_c-0:1.0.2-2.el8pc.src",
"8Base-satellite-6.13:createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13:foreman-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13:foreman-0:3.5.1.24-1.el8sat.src",
"8Base-satellite-6.13:foreman-cli-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13:foreman-debug-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13:foreman-ec2-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13:foreman-installer-1:3.5.2.7-1.el8sat.noarch",
"8Base-satellite-6.13:foreman-installer-1:3.5.2.7-1.el8sat.src",
"8Base-satellite-6.13:foreman-installer-katello-1:3.5.2.7-1.el8sat.noarch",
"8Base-satellite-6.13:foreman-journald-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13:foreman-openstack-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13:foreman-service-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13:foreman-vmware-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13:python-pulp-container-0:2.14.11-1.el8pc.src",
"8Base-satellite-6.13:python-pulp-rpm-0:3.18.19-2.el8pc.src",
"8Base-satellite-6.13:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13:python39-pulp-container-0:2.14.11-1.el8pc.noarch",
"8Base-satellite-6.13:python39-pulp-rpm-0:3.18.19-2.el8pc.noarch",
"8Base-satellite-6.13:rubygem-foreman_bootdisk-0:21.0.5-1.el8sat.noarch",
"8Base-satellite-6.13:rubygem-foreman_bootdisk-0:21.0.5-1.el8sat.src",
"8Base-satellite-6.13:rubygem-foreman_leapp-0:0.1.13-2.el8sat.noarch",
"8Base-satellite-6.13:rubygem-foreman_leapp-0:0.1.13-2.el8sat.src",
"8Base-satellite-6.13:rubygem-katello-0:4.7.0.36-1.el8sat.noarch",
"8Base-satellite-6.13:rubygem-katello-0:4.7.0.36-1.el8sat.src",
"8Base-satellite-6.13:satellite-0:6.13.7-1.el8sat.noarch",
"8Base-satellite-6.13:satellite-0:6.13.7-1.el8sat.src",
"8Base-satellite-6.13:satellite-capsule-0:6.13.7-1.el8sat.noarch",
"8Base-satellite-6.13:satellite-cli-0:6.13.7-1.el8sat.noarch",
"8Base-satellite-6.13:satellite-common-0:6.13.7-1.el8sat.noarch"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2236882"
}
],
"notes": [
{
"category": "description",
"text": "A memory leak vulnerability was found in Eclipse Mosquitto. This issue is triggered by malicious initial packets or certain client actions and may allow a remote attacker to the deplete system resources causing memory exhaustion, leading to a disruption in services and a denial of service condition.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "mosquitto: memory leak leads to unresponsive broker",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-satellite-6.13-capsule:mosquitto-0:2.0.17-1.el8sat.src",
"8Base-satellite-6.13-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.13-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.13-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.13:mosquitto-0:2.0.17-1.el8sat.src",
"8Base-satellite-6.13:mosquitto-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.13:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.13:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64"
],
"known_not_affected": [
"8Base-satellite-6.13-capsule:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.noarch",
"8Base-satellite-6.13-capsule:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.src",
"8Base-satellite-6.13-capsule:createrepo_c-0:1.0.2-2.el8pc.src",
"8Base-satellite-6.13-capsule:createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13-capsule:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13-capsule:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13-capsule:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13-capsule:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13-capsule:foreman-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:foreman-0:3.5.1.24-1.el8sat.src",
"8Base-satellite-6.13-capsule:foreman-cli-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:foreman-debug-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:foreman-ec2-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:foreman-installer-1:3.5.2.7-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:foreman-installer-1:3.5.2.7-1.el8sat.src",
"8Base-satellite-6.13-capsule:foreman-installer-katello-1:3.5.2.7-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:foreman-journald-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:foreman-openstack-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:foreman-service-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:foreman-vmware-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:python-pulp-container-0:2.14.11-1.el8pc.src",
"8Base-satellite-6.13-capsule:python-pulp-rpm-0:3.18.19-2.el8pc.src",
"8Base-satellite-6.13-capsule:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13-capsule:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13-capsule:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13-capsule:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch",
"8Base-satellite-6.13-capsule:python39-pulp-rpm-0:3.18.19-2.el8pc.noarch",
"8Base-satellite-6.13-capsule:satellite-0:6.13.7-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:satellite-0:6.13.7-1.el8sat.src",
"8Base-satellite-6.13-capsule:satellite-capsule-0:6.13.7-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:satellite-cli-0:6.13.7-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:satellite-common-0:6.13.7-1.el8sat.noarch",
"8Base-satellite-6.13-maintenance:satellite-clone-0:3.5.0-1.el8sat.noarch",
"8Base-satellite-6.13-maintenance:satellite-clone-0:3.5.0-1.el8sat.src",
"8Base-satellite-6.13-utils:foreman-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-utils:foreman-0:3.5.1.24-1.el8sat.src",
"8Base-satellite-6.13-utils:foreman-cli-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-utils:foreman-debug-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-utils:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-utils:foreman-ec2-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-utils:foreman-journald-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-utils:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-utils:foreman-openstack-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-utils:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-utils:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-utils:foreman-service-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-utils:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-utils:foreman-vmware-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-utils:satellite-0:6.13.7-1.el8sat.noarch",
"8Base-satellite-6.13-utils:satellite-0:6.13.7-1.el8sat.src",
"8Base-satellite-6.13-utils:satellite-capsule-0:6.13.7-1.el8sat.noarch",
"8Base-satellite-6.13-utils:satellite-cli-0:6.13.7-1.el8sat.noarch",
"8Base-satellite-6.13-utils:satellite-common-0:6.13.7-1.el8sat.noarch",
"8Base-satellite-6.13:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.noarch",
"8Base-satellite-6.13:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.src",
"8Base-satellite-6.13:createrepo_c-0:1.0.2-2.el8pc.src",
"8Base-satellite-6.13:createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13:foreman-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13:foreman-0:3.5.1.24-1.el8sat.src",
"8Base-satellite-6.13:foreman-cli-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13:foreman-debug-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13:foreman-ec2-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13:foreman-installer-1:3.5.2.7-1.el8sat.noarch",
"8Base-satellite-6.13:foreman-installer-1:3.5.2.7-1.el8sat.src",
"8Base-satellite-6.13:foreman-installer-katello-1:3.5.2.7-1.el8sat.noarch",
"8Base-satellite-6.13:foreman-journald-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13:foreman-openstack-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13:foreman-service-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13:foreman-vmware-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13:python-pulp-container-0:2.14.11-1.el8pc.src",
"8Base-satellite-6.13:python-pulp-rpm-0:3.18.19-2.el8pc.src",
"8Base-satellite-6.13:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13:python39-pulp-container-0:2.14.11-1.el8pc.noarch",
"8Base-satellite-6.13:python39-pulp-rpm-0:3.18.19-2.el8pc.noarch",
"8Base-satellite-6.13:rubygem-foreman_bootdisk-0:21.0.5-1.el8sat.noarch",
"8Base-satellite-6.13:rubygem-foreman_bootdisk-0:21.0.5-1.el8sat.src",
"8Base-satellite-6.13:rubygem-foreman_leapp-0:0.1.13-2.el8sat.noarch",
"8Base-satellite-6.13:rubygem-foreman_leapp-0:0.1.13-2.el8sat.src",
"8Base-satellite-6.13:rubygem-katello-0:4.7.0.36-1.el8sat.noarch",
"8Base-satellite-6.13:rubygem-katello-0:4.7.0.36-1.el8sat.src",
"8Base-satellite-6.13:satellite-0:6.13.7-1.el8sat.noarch",
"8Base-satellite-6.13:satellite-0:6.13.7-1.el8sat.src",
"8Base-satellite-6.13:satellite-capsule-0:6.13.7-1.el8sat.noarch",
"8Base-satellite-6.13:satellite-cli-0:6.13.7-1.el8sat.noarch",
"8Base-satellite-6.13:satellite-common-0:6.13.7-1.el8sat.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-0809"
},
{
"category": "external",
"summary": "RHBZ#2236882",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2236882"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-0809",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0809"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-0809",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-0809"
},
{
"category": "external",
"summary": "https://github.com/eclipse/mosquitto/commit/6113eac95a9df634fbc858be542c4a0456bfe7b9",
"url": "https://github.com/eclipse/mosquitto/commit/6113eac95a9df634fbc858be542c4a0456bfe7b9"
}
],
"release_date": "2023-09-01T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-02-29T20:37:45+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor detailed instructions how to apply this update, refer to:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_satellite/6.6/html/upgrading_and_updating_red_hat_satellite/updating_satellite_server_capsule_server_and_content_hosts",
"product_ids": [
"8Base-satellite-6.13-capsule:mosquitto-0:2.0.17-1.el8sat.src",
"8Base-satellite-6.13-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.13-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.13-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.13:mosquitto-0:2.0.17-1.el8sat.src",
"8Base-satellite-6.13:mosquitto-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.13:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.13:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:1061"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-satellite-6.13-capsule:mosquitto-0:2.0.17-1.el8sat.src",
"8Base-satellite-6.13-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.13-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.13-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.13:mosquitto-0:2.0.17-1.el8sat.src",
"8Base-satellite-6.13:mosquitto-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.13:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.13:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "mosquitto: memory leak leads to unresponsive broker"
},
{
"cve": "CVE-2023-3592",
"cwe": {
"id": "CWE-401",
"name": "Missing Release of Memory after Effective Lifetime"
},
"discovery_date": "2023-09-01T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-satellite-6.13-capsule:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.noarch",
"8Base-satellite-6.13-capsule:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.src",
"8Base-satellite-6.13-capsule:createrepo_c-0:1.0.2-2.el8pc.src",
"8Base-satellite-6.13-capsule:createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13-capsule:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13-capsule:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13-capsule:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13-capsule:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13-capsule:foreman-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:foreman-0:3.5.1.24-1.el8sat.src",
"8Base-satellite-6.13-capsule:foreman-cli-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:foreman-debug-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:foreman-ec2-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:foreman-installer-1:3.5.2.7-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:foreman-installer-1:3.5.2.7-1.el8sat.src",
"8Base-satellite-6.13-capsule:foreman-installer-katello-1:3.5.2.7-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:foreman-journald-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:foreman-openstack-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:foreman-service-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:foreman-vmware-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:python-pulp-container-0:2.14.11-1.el8pc.src",
"8Base-satellite-6.13-capsule:python-pulp-rpm-0:3.18.19-2.el8pc.src",
"8Base-satellite-6.13-capsule:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13-capsule:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13-capsule:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13-capsule:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch",
"8Base-satellite-6.13-capsule:python39-pulp-rpm-0:3.18.19-2.el8pc.noarch",
"8Base-satellite-6.13-capsule:satellite-0:6.13.7-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:satellite-0:6.13.7-1.el8sat.src",
"8Base-satellite-6.13-capsule:satellite-capsule-0:6.13.7-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:satellite-cli-0:6.13.7-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:satellite-common-0:6.13.7-1.el8sat.noarch",
"8Base-satellite-6.13-maintenance:satellite-clone-0:3.5.0-1.el8sat.noarch",
"8Base-satellite-6.13-maintenance:satellite-clone-0:3.5.0-1.el8sat.src",
"8Base-satellite-6.13-utils:foreman-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-utils:foreman-0:3.5.1.24-1.el8sat.src",
"8Base-satellite-6.13-utils:foreman-cli-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-utils:foreman-debug-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-utils:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-utils:foreman-ec2-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-utils:foreman-journald-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-utils:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-utils:foreman-openstack-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-utils:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-utils:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-utils:foreman-service-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-utils:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-utils:foreman-vmware-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-utils:satellite-0:6.13.7-1.el8sat.noarch",
"8Base-satellite-6.13-utils:satellite-0:6.13.7-1.el8sat.src",
"8Base-satellite-6.13-utils:satellite-capsule-0:6.13.7-1.el8sat.noarch",
"8Base-satellite-6.13-utils:satellite-cli-0:6.13.7-1.el8sat.noarch",
"8Base-satellite-6.13-utils:satellite-common-0:6.13.7-1.el8sat.noarch",
"8Base-satellite-6.13:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.noarch",
"8Base-satellite-6.13:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.src",
"8Base-satellite-6.13:createrepo_c-0:1.0.2-2.el8pc.src",
"8Base-satellite-6.13:createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13:foreman-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13:foreman-0:3.5.1.24-1.el8sat.src",
"8Base-satellite-6.13:foreman-cli-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13:foreman-debug-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13:foreman-ec2-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13:foreman-installer-1:3.5.2.7-1.el8sat.noarch",
"8Base-satellite-6.13:foreman-installer-1:3.5.2.7-1.el8sat.src",
"8Base-satellite-6.13:foreman-installer-katello-1:3.5.2.7-1.el8sat.noarch",
"8Base-satellite-6.13:foreman-journald-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13:foreman-openstack-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13:foreman-service-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13:foreman-vmware-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13:python-pulp-container-0:2.14.11-1.el8pc.src",
"8Base-satellite-6.13:python-pulp-rpm-0:3.18.19-2.el8pc.src",
"8Base-satellite-6.13:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13:python39-pulp-container-0:2.14.11-1.el8pc.noarch",
"8Base-satellite-6.13:python39-pulp-rpm-0:3.18.19-2.el8pc.noarch",
"8Base-satellite-6.13:rubygem-foreman_bootdisk-0:21.0.5-1.el8sat.noarch",
"8Base-satellite-6.13:rubygem-foreman_bootdisk-0:21.0.5-1.el8sat.src",
"8Base-satellite-6.13:rubygem-foreman_leapp-0:0.1.13-2.el8sat.noarch",
"8Base-satellite-6.13:rubygem-foreman_leapp-0:0.1.13-2.el8sat.src",
"8Base-satellite-6.13:rubygem-katello-0:4.7.0.36-1.el8sat.noarch",
"8Base-satellite-6.13:rubygem-katello-0:4.7.0.36-1.el8sat.src",
"8Base-satellite-6.13:satellite-0:6.13.7-1.el8sat.noarch",
"8Base-satellite-6.13:satellite-0:6.13.7-1.el8sat.src",
"8Base-satellite-6.13:satellite-capsule-0:6.13.7-1.el8sat.noarch",
"8Base-satellite-6.13:satellite-cli-0:6.13.7-1.el8sat.noarch",
"8Base-satellite-6.13:satellite-common-0:6.13.7-1.el8sat.noarch"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2236882"
}
],
"notes": [
{
"category": "description",
"text": "A memory leak vulnerability was found in Eclipse Mosquitto. This issue is triggered by malicious initial packets or certain client actions and may allow a remote attacker to the deplete system resources causing memory exhaustion, leading to a disruption in services and a denial of service condition.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "mosquitto: memory leak leads to unresponsive broker",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-satellite-6.13-capsule:mosquitto-0:2.0.17-1.el8sat.src",
"8Base-satellite-6.13-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.13-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.13-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.13:mosquitto-0:2.0.17-1.el8sat.src",
"8Base-satellite-6.13:mosquitto-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.13:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.13:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64"
],
"known_not_affected": [
"8Base-satellite-6.13-capsule:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.noarch",
"8Base-satellite-6.13-capsule:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.src",
"8Base-satellite-6.13-capsule:createrepo_c-0:1.0.2-2.el8pc.src",
"8Base-satellite-6.13-capsule:createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13-capsule:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13-capsule:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13-capsule:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13-capsule:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13-capsule:foreman-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:foreman-0:3.5.1.24-1.el8sat.src",
"8Base-satellite-6.13-capsule:foreman-cli-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:foreman-debug-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:foreman-ec2-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:foreman-installer-1:3.5.2.7-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:foreman-installer-1:3.5.2.7-1.el8sat.src",
"8Base-satellite-6.13-capsule:foreman-installer-katello-1:3.5.2.7-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:foreman-journald-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:foreman-openstack-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:foreman-service-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:foreman-vmware-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:python-pulp-container-0:2.14.11-1.el8pc.src",
"8Base-satellite-6.13-capsule:python-pulp-rpm-0:3.18.19-2.el8pc.src",
"8Base-satellite-6.13-capsule:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13-capsule:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13-capsule:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13-capsule:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch",
"8Base-satellite-6.13-capsule:python39-pulp-rpm-0:3.18.19-2.el8pc.noarch",
"8Base-satellite-6.13-capsule:satellite-0:6.13.7-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:satellite-0:6.13.7-1.el8sat.src",
"8Base-satellite-6.13-capsule:satellite-capsule-0:6.13.7-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:satellite-cli-0:6.13.7-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:satellite-common-0:6.13.7-1.el8sat.noarch",
"8Base-satellite-6.13-maintenance:satellite-clone-0:3.5.0-1.el8sat.noarch",
"8Base-satellite-6.13-maintenance:satellite-clone-0:3.5.0-1.el8sat.src",
"8Base-satellite-6.13-utils:foreman-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-utils:foreman-0:3.5.1.24-1.el8sat.src",
"8Base-satellite-6.13-utils:foreman-cli-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-utils:foreman-debug-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-utils:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-utils:foreman-ec2-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-utils:foreman-journald-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-utils:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-utils:foreman-openstack-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-utils:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-utils:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-utils:foreman-service-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-utils:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-utils:foreman-vmware-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-utils:satellite-0:6.13.7-1.el8sat.noarch",
"8Base-satellite-6.13-utils:satellite-0:6.13.7-1.el8sat.src",
"8Base-satellite-6.13-utils:satellite-capsule-0:6.13.7-1.el8sat.noarch",
"8Base-satellite-6.13-utils:satellite-cli-0:6.13.7-1.el8sat.noarch",
"8Base-satellite-6.13-utils:satellite-common-0:6.13.7-1.el8sat.noarch",
"8Base-satellite-6.13:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.noarch",
"8Base-satellite-6.13:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.src",
"8Base-satellite-6.13:createrepo_c-0:1.0.2-2.el8pc.src",
"8Base-satellite-6.13:createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13:foreman-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13:foreman-0:3.5.1.24-1.el8sat.src",
"8Base-satellite-6.13:foreman-cli-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13:foreman-debug-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13:foreman-ec2-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13:foreman-installer-1:3.5.2.7-1.el8sat.noarch",
"8Base-satellite-6.13:foreman-installer-1:3.5.2.7-1.el8sat.src",
"8Base-satellite-6.13:foreman-installer-katello-1:3.5.2.7-1.el8sat.noarch",
"8Base-satellite-6.13:foreman-journald-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13:foreman-openstack-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13:foreman-service-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13:foreman-vmware-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13:python-pulp-container-0:2.14.11-1.el8pc.src",
"8Base-satellite-6.13:python-pulp-rpm-0:3.18.19-2.el8pc.src",
"8Base-satellite-6.13:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13:python39-pulp-container-0:2.14.11-1.el8pc.noarch",
"8Base-satellite-6.13:python39-pulp-rpm-0:3.18.19-2.el8pc.noarch",
"8Base-satellite-6.13:rubygem-foreman_bootdisk-0:21.0.5-1.el8sat.noarch",
"8Base-satellite-6.13:rubygem-foreman_bootdisk-0:21.0.5-1.el8sat.src",
"8Base-satellite-6.13:rubygem-foreman_leapp-0:0.1.13-2.el8sat.noarch",
"8Base-satellite-6.13:rubygem-foreman_leapp-0:0.1.13-2.el8sat.src",
"8Base-satellite-6.13:rubygem-katello-0:4.7.0.36-1.el8sat.noarch",
"8Base-satellite-6.13:rubygem-katello-0:4.7.0.36-1.el8sat.src",
"8Base-satellite-6.13:satellite-0:6.13.7-1.el8sat.noarch",
"8Base-satellite-6.13:satellite-0:6.13.7-1.el8sat.src",
"8Base-satellite-6.13:satellite-capsule-0:6.13.7-1.el8sat.noarch",
"8Base-satellite-6.13:satellite-cli-0:6.13.7-1.el8sat.noarch",
"8Base-satellite-6.13:satellite-common-0:6.13.7-1.el8sat.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-3592"
},
{
"category": "external",
"summary": "RHBZ#2236882",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2236882"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-3592",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3592"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-3592",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-3592"
},
{
"category": "external",
"summary": "https://github.com/eclipse/mosquitto/commit/6113eac95a9df634fbc858be542c4a0456bfe7b9",
"url": "https://github.com/eclipse/mosquitto/commit/6113eac95a9df634fbc858be542c4a0456bfe7b9"
}
],
"release_date": "2023-09-01T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-02-29T20:37:45+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor detailed instructions how to apply this update, refer to:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_satellite/6.6/html/upgrading_and_updating_red_hat_satellite/updating_satellite_server_capsule_server_and_content_hosts",
"product_ids": [
"8Base-satellite-6.13-capsule:mosquitto-0:2.0.17-1.el8sat.src",
"8Base-satellite-6.13-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.13-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.13-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.13:mosquitto-0:2.0.17-1.el8sat.src",
"8Base-satellite-6.13:mosquitto-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.13:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.13:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:1061"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-satellite-6.13-capsule:mosquitto-0:2.0.17-1.el8sat.src",
"8Base-satellite-6.13-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.13-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.13-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.13:mosquitto-0:2.0.17-1.el8sat.src",
"8Base-satellite-6.13:mosquitto-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.13:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.13:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "mosquitto: memory leak leads to unresponsive broker"
},
{
"cve": "CVE-2023-4886",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"discovery_date": "2023-08-08T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-satellite-6.13-capsule:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.noarch",
"8Base-satellite-6.13-capsule:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.src",
"8Base-satellite-6.13-capsule:createrepo_c-0:1.0.2-2.el8pc.src",
"8Base-satellite-6.13-capsule:createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13-capsule:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13-capsule:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13-capsule:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13-capsule:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13-capsule:foreman-installer-1:3.5.2.7-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:foreman-installer-1:3.5.2.7-1.el8sat.src",
"8Base-satellite-6.13-capsule:foreman-installer-katello-1:3.5.2.7-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:mosquitto-0:2.0.17-1.el8sat.src",
"8Base-satellite-6.13-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.13-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.13-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.13-capsule:python-pulp-container-0:2.14.11-1.el8pc.src",
"8Base-satellite-6.13-capsule:python-pulp-rpm-0:3.18.19-2.el8pc.src",
"8Base-satellite-6.13-capsule:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13-capsule:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13-capsule:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13-capsule:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch",
"8Base-satellite-6.13-capsule:python39-pulp-rpm-0:3.18.19-2.el8pc.noarch",
"8Base-satellite-6.13-capsule:satellite-0:6.13.7-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:satellite-0:6.13.7-1.el8sat.src",
"8Base-satellite-6.13-capsule:satellite-capsule-0:6.13.7-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:satellite-cli-0:6.13.7-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:satellite-common-0:6.13.7-1.el8sat.noarch",
"8Base-satellite-6.13-maintenance:satellite-clone-0:3.5.0-1.el8sat.noarch",
"8Base-satellite-6.13-maintenance:satellite-clone-0:3.5.0-1.el8sat.src",
"8Base-satellite-6.13-utils:satellite-0:6.13.7-1.el8sat.noarch",
"8Base-satellite-6.13-utils:satellite-0:6.13.7-1.el8sat.src",
"8Base-satellite-6.13-utils:satellite-capsule-0:6.13.7-1.el8sat.noarch",
"8Base-satellite-6.13-utils:satellite-cli-0:6.13.7-1.el8sat.noarch",
"8Base-satellite-6.13-utils:satellite-common-0:6.13.7-1.el8sat.noarch",
"8Base-satellite-6.13:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.noarch",
"8Base-satellite-6.13:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.src",
"8Base-satellite-6.13:createrepo_c-0:1.0.2-2.el8pc.src",
"8Base-satellite-6.13:createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13:foreman-installer-1:3.5.2.7-1.el8sat.noarch",
"8Base-satellite-6.13:foreman-installer-1:3.5.2.7-1.el8sat.src",
"8Base-satellite-6.13:foreman-installer-katello-1:3.5.2.7-1.el8sat.noarch",
"8Base-satellite-6.13:mosquitto-0:2.0.17-1.el8sat.src",
"8Base-satellite-6.13:mosquitto-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.13:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.13:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.13:python-pulp-container-0:2.14.11-1.el8pc.src",
"8Base-satellite-6.13:python-pulp-rpm-0:3.18.19-2.el8pc.src",
"8Base-satellite-6.13:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13:python39-pulp-container-0:2.14.11-1.el8pc.noarch",
"8Base-satellite-6.13:python39-pulp-rpm-0:3.18.19-2.el8pc.noarch",
"8Base-satellite-6.13:rubygem-foreman_bootdisk-0:21.0.5-1.el8sat.noarch",
"8Base-satellite-6.13:rubygem-foreman_bootdisk-0:21.0.5-1.el8sat.src",
"8Base-satellite-6.13:rubygem-foreman_leapp-0:0.1.13-2.el8sat.noarch",
"8Base-satellite-6.13:rubygem-foreman_leapp-0:0.1.13-2.el8sat.src",
"8Base-satellite-6.13:rubygem-katello-0:4.7.0.36-1.el8sat.noarch",
"8Base-satellite-6.13:rubygem-katello-0:4.7.0.36-1.el8sat.src",
"8Base-satellite-6.13:satellite-0:6.13.7-1.el8sat.noarch",
"8Base-satellite-6.13:satellite-0:6.13.7-1.el8sat.src",
"8Base-satellite-6.13:satellite-capsule-0:6.13.7-1.el8sat.noarch",
"8Base-satellite-6.13:satellite-cli-0:6.13.7-1.el8sat.noarch",
"8Base-satellite-6.13:satellite-common-0:6.13.7-1.el8sat.noarch"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2230135"
}
],
"notes": [
{
"category": "description",
"text": "A sensitive information exposure vulnerability was found in foreman. Contents of tomcat\u0027s server.xml file, which contain passwords to candlepin\u0027s keystore and truststore, were found to be world readable.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "foreman: World readable file containing secrets",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw has a limited impact on security, as candlepin\u0027s individual stores\u0027 privileges are limited to root and tomcat only. Therefore, the impact is limited to highly privileged users.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-satellite-6.13-capsule:foreman-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:foreman-0:3.5.1.24-1.el8sat.src",
"8Base-satellite-6.13-capsule:foreman-cli-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:foreman-debug-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:foreman-ec2-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:foreman-journald-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:foreman-openstack-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:foreman-service-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:foreman-vmware-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-utils:foreman-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-utils:foreman-0:3.5.1.24-1.el8sat.src",
"8Base-satellite-6.13-utils:foreman-cli-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-utils:foreman-debug-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-utils:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-utils:foreman-ec2-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-utils:foreman-journald-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-utils:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-utils:foreman-openstack-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-utils:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-utils:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-utils:foreman-service-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-utils:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-utils:foreman-vmware-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13:foreman-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13:foreman-0:3.5.1.24-1.el8sat.src",
"8Base-satellite-6.13:foreman-cli-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13:foreman-debug-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13:foreman-ec2-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13:foreman-journald-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13:foreman-openstack-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13:foreman-service-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13:foreman-vmware-0:3.5.1.24-1.el8sat.noarch"
],
"known_not_affected": [
"8Base-satellite-6.13-capsule:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.noarch",
"8Base-satellite-6.13-capsule:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.src",
"8Base-satellite-6.13-capsule:createrepo_c-0:1.0.2-2.el8pc.src",
"8Base-satellite-6.13-capsule:createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13-capsule:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13-capsule:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13-capsule:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13-capsule:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13-capsule:foreman-installer-1:3.5.2.7-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:foreman-installer-1:3.5.2.7-1.el8sat.src",
"8Base-satellite-6.13-capsule:foreman-installer-katello-1:3.5.2.7-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:mosquitto-0:2.0.17-1.el8sat.src",
"8Base-satellite-6.13-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.13-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.13-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.13-capsule:python-pulp-container-0:2.14.11-1.el8pc.src",
"8Base-satellite-6.13-capsule:python-pulp-rpm-0:3.18.19-2.el8pc.src",
"8Base-satellite-6.13-capsule:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13-capsule:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13-capsule:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13-capsule:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch",
"8Base-satellite-6.13-capsule:python39-pulp-rpm-0:3.18.19-2.el8pc.noarch",
"8Base-satellite-6.13-capsule:satellite-0:6.13.7-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:satellite-0:6.13.7-1.el8sat.src",
"8Base-satellite-6.13-capsule:satellite-capsule-0:6.13.7-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:satellite-cli-0:6.13.7-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:satellite-common-0:6.13.7-1.el8sat.noarch",
"8Base-satellite-6.13-maintenance:satellite-clone-0:3.5.0-1.el8sat.noarch",
"8Base-satellite-6.13-maintenance:satellite-clone-0:3.5.0-1.el8sat.src",
"8Base-satellite-6.13-utils:satellite-0:6.13.7-1.el8sat.noarch",
"8Base-satellite-6.13-utils:satellite-0:6.13.7-1.el8sat.src",
"8Base-satellite-6.13-utils:satellite-capsule-0:6.13.7-1.el8sat.noarch",
"8Base-satellite-6.13-utils:satellite-cli-0:6.13.7-1.el8sat.noarch",
"8Base-satellite-6.13-utils:satellite-common-0:6.13.7-1.el8sat.noarch",
"8Base-satellite-6.13:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.noarch",
"8Base-satellite-6.13:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.src",
"8Base-satellite-6.13:createrepo_c-0:1.0.2-2.el8pc.src",
"8Base-satellite-6.13:createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13:foreman-installer-1:3.5.2.7-1.el8sat.noarch",
"8Base-satellite-6.13:foreman-installer-1:3.5.2.7-1.el8sat.src",
"8Base-satellite-6.13:foreman-installer-katello-1:3.5.2.7-1.el8sat.noarch",
"8Base-satellite-6.13:mosquitto-0:2.0.17-1.el8sat.src",
"8Base-satellite-6.13:mosquitto-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.13:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.13:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.13:python-pulp-container-0:2.14.11-1.el8pc.src",
"8Base-satellite-6.13:python-pulp-rpm-0:3.18.19-2.el8pc.src",
"8Base-satellite-6.13:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13:python39-pulp-container-0:2.14.11-1.el8pc.noarch",
"8Base-satellite-6.13:python39-pulp-rpm-0:3.18.19-2.el8pc.noarch",
"8Base-satellite-6.13:rubygem-foreman_bootdisk-0:21.0.5-1.el8sat.noarch",
"8Base-satellite-6.13:rubygem-foreman_bootdisk-0:21.0.5-1.el8sat.src",
"8Base-satellite-6.13:rubygem-foreman_leapp-0:0.1.13-2.el8sat.noarch",
"8Base-satellite-6.13:rubygem-foreman_leapp-0:0.1.13-2.el8sat.src",
"8Base-satellite-6.13:rubygem-katello-0:4.7.0.36-1.el8sat.noarch",
"8Base-satellite-6.13:rubygem-katello-0:4.7.0.36-1.el8sat.src",
"8Base-satellite-6.13:satellite-0:6.13.7-1.el8sat.noarch",
"8Base-satellite-6.13:satellite-0:6.13.7-1.el8sat.src",
"8Base-satellite-6.13:satellite-capsule-0:6.13.7-1.el8sat.noarch",
"8Base-satellite-6.13:satellite-cli-0:6.13.7-1.el8sat.noarch",
"8Base-satellite-6.13:satellite-common-0:6.13.7-1.el8sat.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-4886"
},
{
"category": "external",
"summary": "RHBZ#2230135",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2230135"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-4886",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4886"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-4886",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-4886"
}
],
"release_date": "2023-10-03T14:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-02-29T20:37:45+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor detailed instructions how to apply this update, refer to:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_satellite/6.6/html/upgrading_and_updating_red_hat_satellite/updating_satellite_server_capsule_server_and_content_hosts",
"product_ids": [
"8Base-satellite-6.13-capsule:foreman-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:foreman-0:3.5.1.24-1.el8sat.src",
"8Base-satellite-6.13-capsule:foreman-cli-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:foreman-debug-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:foreman-ec2-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:foreman-journald-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:foreman-openstack-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:foreman-service-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:foreman-vmware-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-utils:foreman-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-utils:foreman-0:3.5.1.24-1.el8sat.src",
"8Base-satellite-6.13-utils:foreman-cli-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-utils:foreman-debug-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-utils:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-utils:foreman-ec2-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-utils:foreman-journald-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-utils:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-utils:foreman-openstack-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-utils:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-utils:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-utils:foreman-service-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-utils:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-utils:foreman-vmware-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13:foreman-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13:foreman-0:3.5.1.24-1.el8sat.src",
"8Base-satellite-6.13:foreman-cli-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13:foreman-debug-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13:foreman-ec2-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13:foreman-journald-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13:foreman-openstack-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13:foreman-service-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13:foreman-vmware-0:3.5.1.24-1.el8sat.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:1061"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-satellite-6.13-capsule:foreman-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:foreman-0:3.5.1.24-1.el8sat.src",
"8Base-satellite-6.13-capsule:foreman-cli-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:foreman-debug-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:foreman-ec2-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:foreman-journald-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:foreman-openstack-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:foreman-service-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:foreman-vmware-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-utils:foreman-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-utils:foreman-0:3.5.1.24-1.el8sat.src",
"8Base-satellite-6.13-utils:foreman-cli-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-utils:foreman-debug-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-utils:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-utils:foreman-ec2-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-utils:foreman-journald-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-utils:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-utils:foreman-openstack-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-utils:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-utils:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-utils:foreman-service-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-utils:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-utils:foreman-vmware-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13:foreman-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13:foreman-0:3.5.1.24-1.el8sat.src",
"8Base-satellite-6.13:foreman-cli-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13:foreman-debug-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13:foreman-ec2-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13:foreman-journald-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13:foreman-openstack-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13:foreman-service-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13:foreman-vmware-0:3.5.1.24-1.el8sat.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "foreman: World readable file containing secrets"
},
{
"cve": "CVE-2023-28366",
"cwe": {
"id": "CWE-401",
"name": "Missing Release of Memory after Effective Lifetime"
},
"discovery_date": "2023-09-01T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-satellite-6.13-capsule:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.noarch",
"8Base-satellite-6.13-capsule:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.src",
"8Base-satellite-6.13-capsule:createrepo_c-0:1.0.2-2.el8pc.src",
"8Base-satellite-6.13-capsule:createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13-capsule:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13-capsule:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13-capsule:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13-capsule:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13-capsule:foreman-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:foreman-0:3.5.1.24-1.el8sat.src",
"8Base-satellite-6.13-capsule:foreman-cli-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:foreman-debug-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:foreman-ec2-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:foreman-installer-1:3.5.2.7-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:foreman-installer-1:3.5.2.7-1.el8sat.src",
"8Base-satellite-6.13-capsule:foreman-installer-katello-1:3.5.2.7-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:foreman-journald-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:foreman-openstack-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:foreman-service-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:foreman-vmware-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:python-pulp-container-0:2.14.11-1.el8pc.src",
"8Base-satellite-6.13-capsule:python-pulp-rpm-0:3.18.19-2.el8pc.src",
"8Base-satellite-6.13-capsule:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13-capsule:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13-capsule:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13-capsule:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch",
"8Base-satellite-6.13-capsule:python39-pulp-rpm-0:3.18.19-2.el8pc.noarch",
"8Base-satellite-6.13-capsule:satellite-0:6.13.7-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:satellite-0:6.13.7-1.el8sat.src",
"8Base-satellite-6.13-capsule:satellite-capsule-0:6.13.7-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:satellite-cli-0:6.13.7-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:satellite-common-0:6.13.7-1.el8sat.noarch",
"8Base-satellite-6.13-maintenance:satellite-clone-0:3.5.0-1.el8sat.noarch",
"8Base-satellite-6.13-maintenance:satellite-clone-0:3.5.0-1.el8sat.src",
"8Base-satellite-6.13-utils:foreman-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-utils:foreman-0:3.5.1.24-1.el8sat.src",
"8Base-satellite-6.13-utils:foreman-cli-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-utils:foreman-debug-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-utils:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-utils:foreman-ec2-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-utils:foreman-journald-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-utils:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-utils:foreman-openstack-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-utils:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-utils:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-utils:foreman-service-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-utils:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-utils:foreman-vmware-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-utils:satellite-0:6.13.7-1.el8sat.noarch",
"8Base-satellite-6.13-utils:satellite-0:6.13.7-1.el8sat.src",
"8Base-satellite-6.13-utils:satellite-capsule-0:6.13.7-1.el8sat.noarch",
"8Base-satellite-6.13-utils:satellite-cli-0:6.13.7-1.el8sat.noarch",
"8Base-satellite-6.13-utils:satellite-common-0:6.13.7-1.el8sat.noarch",
"8Base-satellite-6.13:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.noarch",
"8Base-satellite-6.13:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.src",
"8Base-satellite-6.13:createrepo_c-0:1.0.2-2.el8pc.src",
"8Base-satellite-6.13:createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13:foreman-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13:foreman-0:3.5.1.24-1.el8sat.src",
"8Base-satellite-6.13:foreman-cli-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13:foreman-debug-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13:foreman-ec2-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13:foreman-installer-1:3.5.2.7-1.el8sat.noarch",
"8Base-satellite-6.13:foreman-installer-1:3.5.2.7-1.el8sat.src",
"8Base-satellite-6.13:foreman-installer-katello-1:3.5.2.7-1.el8sat.noarch",
"8Base-satellite-6.13:foreman-journald-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13:foreman-openstack-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13:foreman-service-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13:foreman-vmware-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13:python-pulp-container-0:2.14.11-1.el8pc.src",
"8Base-satellite-6.13:python-pulp-rpm-0:3.18.19-2.el8pc.src",
"8Base-satellite-6.13:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13:python39-pulp-container-0:2.14.11-1.el8pc.noarch",
"8Base-satellite-6.13:python39-pulp-rpm-0:3.18.19-2.el8pc.noarch",
"8Base-satellite-6.13:rubygem-foreman_bootdisk-0:21.0.5-1.el8sat.noarch",
"8Base-satellite-6.13:rubygem-foreman_bootdisk-0:21.0.5-1.el8sat.src",
"8Base-satellite-6.13:rubygem-foreman_leapp-0:0.1.13-2.el8sat.noarch",
"8Base-satellite-6.13:rubygem-foreman_leapp-0:0.1.13-2.el8sat.src",
"8Base-satellite-6.13:rubygem-katello-0:4.7.0.36-1.el8sat.noarch",
"8Base-satellite-6.13:rubygem-katello-0:4.7.0.36-1.el8sat.src",
"8Base-satellite-6.13:satellite-0:6.13.7-1.el8sat.noarch",
"8Base-satellite-6.13:satellite-0:6.13.7-1.el8sat.src",
"8Base-satellite-6.13:satellite-capsule-0:6.13.7-1.el8sat.noarch",
"8Base-satellite-6.13:satellite-cli-0:6.13.7-1.el8sat.noarch",
"8Base-satellite-6.13:satellite-common-0:6.13.7-1.el8sat.noarch"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2236882"
}
],
"notes": [
{
"category": "description",
"text": "A memory leak vulnerability was found in Eclipse Mosquitto. This issue is triggered by malicious initial packets or certain client actions and may allow a remote attacker to the deplete system resources causing memory exhaustion, leading to a disruption in services and a denial of service condition.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "mosquitto: memory leak leads to unresponsive broker",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-satellite-6.13-capsule:mosquitto-0:2.0.17-1.el8sat.src",
"8Base-satellite-6.13-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.13-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.13-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.13:mosquitto-0:2.0.17-1.el8sat.src",
"8Base-satellite-6.13:mosquitto-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.13:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.13:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64"
],
"known_not_affected": [
"8Base-satellite-6.13-capsule:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.noarch",
"8Base-satellite-6.13-capsule:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.src",
"8Base-satellite-6.13-capsule:createrepo_c-0:1.0.2-2.el8pc.src",
"8Base-satellite-6.13-capsule:createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13-capsule:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13-capsule:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13-capsule:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13-capsule:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13-capsule:foreman-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:foreman-0:3.5.1.24-1.el8sat.src",
"8Base-satellite-6.13-capsule:foreman-cli-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:foreman-debug-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:foreman-ec2-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:foreman-installer-1:3.5.2.7-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:foreman-installer-1:3.5.2.7-1.el8sat.src",
"8Base-satellite-6.13-capsule:foreman-installer-katello-1:3.5.2.7-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:foreman-journald-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:foreman-openstack-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:foreman-service-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:foreman-vmware-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:python-pulp-container-0:2.14.11-1.el8pc.src",
"8Base-satellite-6.13-capsule:python-pulp-rpm-0:3.18.19-2.el8pc.src",
"8Base-satellite-6.13-capsule:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13-capsule:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13-capsule:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13-capsule:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch",
"8Base-satellite-6.13-capsule:python39-pulp-rpm-0:3.18.19-2.el8pc.noarch",
"8Base-satellite-6.13-capsule:satellite-0:6.13.7-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:satellite-0:6.13.7-1.el8sat.src",
"8Base-satellite-6.13-capsule:satellite-capsule-0:6.13.7-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:satellite-cli-0:6.13.7-1.el8sat.noarch",
"8Base-satellite-6.13-capsule:satellite-common-0:6.13.7-1.el8sat.noarch",
"8Base-satellite-6.13-maintenance:satellite-clone-0:3.5.0-1.el8sat.noarch",
"8Base-satellite-6.13-maintenance:satellite-clone-0:3.5.0-1.el8sat.src",
"8Base-satellite-6.13-utils:foreman-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-utils:foreman-0:3.5.1.24-1.el8sat.src",
"8Base-satellite-6.13-utils:foreman-cli-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-utils:foreman-debug-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-utils:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-utils:foreman-ec2-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-utils:foreman-journald-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-utils:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-utils:foreman-openstack-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-utils:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-utils:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-utils:foreman-service-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-utils:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-utils:foreman-vmware-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13-utils:satellite-0:6.13.7-1.el8sat.noarch",
"8Base-satellite-6.13-utils:satellite-0:6.13.7-1.el8sat.src",
"8Base-satellite-6.13-utils:satellite-capsule-0:6.13.7-1.el8sat.noarch",
"8Base-satellite-6.13-utils:satellite-cli-0:6.13.7-1.el8sat.noarch",
"8Base-satellite-6.13-utils:satellite-common-0:6.13.7-1.el8sat.noarch",
"8Base-satellite-6.13:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.noarch",
"8Base-satellite-6.13:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.src",
"8Base-satellite-6.13:createrepo_c-0:1.0.2-2.el8pc.src",
"8Base-satellite-6.13:createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13:foreman-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13:foreman-0:3.5.1.24-1.el8sat.src",
"8Base-satellite-6.13:foreman-cli-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13:foreman-debug-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13:foreman-ec2-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13:foreman-installer-1:3.5.2.7-1.el8sat.noarch",
"8Base-satellite-6.13:foreman-installer-1:3.5.2.7-1.el8sat.src",
"8Base-satellite-6.13:foreman-installer-katello-1:3.5.2.7-1.el8sat.noarch",
"8Base-satellite-6.13:foreman-journald-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13:foreman-openstack-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13:foreman-service-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13:foreman-vmware-0:3.5.1.24-1.el8sat.noarch",
"8Base-satellite-6.13:python-pulp-container-0:2.14.11-1.el8pc.src",
"8Base-satellite-6.13:python-pulp-rpm-0:3.18.19-2.el8pc.src",
"8Base-satellite-6.13:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.13:python39-pulp-container-0:2.14.11-1.el8pc.noarch",
"8Base-satellite-6.13:python39-pulp-rpm-0:3.18.19-2.el8pc.noarch",
"8Base-satellite-6.13:rubygem-foreman_bootdisk-0:21.0.5-1.el8sat.noarch",
"8Base-satellite-6.13:rubygem-foreman_bootdisk-0:21.0.5-1.el8sat.src",
"8Base-satellite-6.13:rubygem-foreman_leapp-0:0.1.13-2.el8sat.noarch",
"8Base-satellite-6.13:rubygem-foreman_leapp-0:0.1.13-2.el8sat.src",
"8Base-satellite-6.13:rubygem-katello-0:4.7.0.36-1.el8sat.noarch",
"8Base-satellite-6.13:rubygem-katello-0:4.7.0.36-1.el8sat.src",
"8Base-satellite-6.13:satellite-0:6.13.7-1.el8sat.noarch",
"8Base-satellite-6.13:satellite-0:6.13.7-1.el8sat.src",
"8Base-satellite-6.13:satellite-capsule-0:6.13.7-1.el8sat.noarch",
"8Base-satellite-6.13:satellite-cli-0:6.13.7-1.el8sat.noarch",
"8Base-satellite-6.13:satellite-common-0:6.13.7-1.el8sat.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-28366"
},
{
"category": "external",
"summary": "RHBZ#2236882",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2236882"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-28366",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28366"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-28366",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-28366"
},
{
"category": "external",
"summary": "https://github.com/eclipse/mosquitto/commit/6113eac95a9df634fbc858be542c4a0456bfe7b9",
"url": "https://github.com/eclipse/mosquitto/commit/6113eac95a9df634fbc858be542c4a0456bfe7b9"
}
],
"release_date": "2023-09-01T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-02-29T20:37:45+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor detailed instructions how to apply this update, refer to:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_satellite/6.6/html/upgrading_and_updating_red_hat_satellite/updating_satellite_server_capsule_server_and_content_hosts",
"product_ids": [
"8Base-satellite-6.13-capsule:mosquitto-0:2.0.17-1.el8sat.src",
"8Base-satellite-6.13-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.13-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.13-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.13:mosquitto-0:2.0.17-1.el8sat.src",
"8Base-satellite-6.13:mosquitto-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.13:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.13:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:1061"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-satellite-6.13-capsule:mosquitto-0:2.0.17-1.el8sat.src",
"8Base-satellite-6.13-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.13-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.13-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.13:mosquitto-0:2.0.17-1.el8sat.src",
"8Base-satellite-6.13:mosquitto-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.13:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.13:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "mosquitto: memory leak leads to unresponsive broker"
}
]
}
rhsa-2024_0797
Vulnerability from csaf_redhat
Published
2024-02-13 14:45
Modified
2024-11-15 21:00
Summary
Red Hat Security Advisory: Satellite 6.14.2 Async Security Update
Notes
Topic
Updated Satellite 6.14 packages that fixes Important security bugs and several
regular bugs are now available for Red Hat Satellite.
Details
Red Hat Satellite is a system management solution that allows organizations
to configure and maintain their systems without the necessity to provide
public Internet access to their servers or other client systems. It
performs provisioning and configuration management of predefined standard
operating environments.
Security fix(es):
* CVE-2023-26049 (puppetserver): Cookie parsing of quoted values can exfiltrate values from other cookies
* CVE-2023-26141 (rubygem-sidekiq): Denial of Service (DoS) in dashboard-charts
* CVE-2023-36479 (puppetserver): Improper addition of quotation marks to user inputs in CgiServlet
* CVE-2023-38545 (puppet-agent): Heap-based buffer overflow in the SOCKS5 proxy handshake
* CVE-2023-40167 (puppetserver): Improper validation of HTTP/1 content-length
* CVE-2023-40175 (rubygem-puma): HTTP request smuggling when parsing chunked transfer encoding bodies and zero-length content-length headers
* CVE-2023-4785 (rubygem-grpc): File descriptor exhaustion leads to denial of service
* CVE-2023-0809, CVE-2023-28366, CVE-2023-3592 (mosquitto): Memory leak leads to unresponsive broker
This update fixes the following bugs:
2250347 - 'Sun, 11 Jun 2023 17:51:29 GMT' could not be parsed at index 0 at java.time.format.DateTimeFormatter.parseResolved
2254974 - satellite-convert2rhel-toolkit install fails on latest rpm with `/usr/bin/bash: /usr/libexec/satellite-convert2rhel-appliance/action-install.sh: No such file or directory`
2255260 - 6.14 - satellite-convert2rhel-toolkit is part of the satellite module
2257321 - Request for UEFI Kickstart Provisioning to handle naming convention for VLAN tagged interfaces of the format <parent_device>.<vlan_id> in addition to vlan<vlan_id>
2257324 - Generate applicability tasks fails with error "ERROR: insert or update on table "katello_content_facet_errata" violates foreign key constraint "katello_content_facet_errata_ca_id"
2257326 - Show failed resources in failed installation report
2257327 - Puppet reports without any messages don't get an origin
2257329 - Host registration fails with error "Attached to can't be blank" when the VLAN name includes UPPERCASE letters
2257330 - default tuning profile leaves httpd MaxClients 150 which httpd raises a warning
2257331 - Registering host through load balancer causes REX not to know what capsule to choose for 'registered_through'
2257332 - Registration can't find any Capsules when their locations are not assigned to admin user
2257415 - Provisioning vm host fails with error "Failed to attach ISO image to CDROM drive of instance client.example.com: InvalidPowerState: The attempted operation cannot be performed in the current state (Powered on)".
2260525 - [Improvement] RefreshRepos step in Capsule Sync to refresh just repos to sync
2262131 - Unable to sync library/busybox from gcr.io
Users of Red Hat Satellite are advised to upgrade to these updated
packages, which fix these bugs.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Updated Satellite 6.14 packages that fixes Important security bugs and several\nregular bugs are now available for Red Hat Satellite.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat Satellite is a system management solution that allows organizations\nto configure and maintain their systems without the necessity to provide\npublic Internet access to their servers or other client systems. It\nperforms provisioning and configuration management of predefined standard\noperating environments.\n\nSecurity fix(es):\n* CVE-2023-26049 (puppetserver): Cookie parsing of quoted values can exfiltrate values from other cookies\n* CVE-2023-26141 (rubygem-sidekiq): Denial of Service (DoS) in dashboard-charts\n* CVE-2023-36479 (puppetserver): Improper addition of quotation marks to user inputs in CgiServlet\n* CVE-2023-38545 (puppet-agent): Heap-based buffer overflow in the SOCKS5 proxy handshake\n* CVE-2023-40167 (puppetserver): Improper validation of HTTP/1 content-length\n* CVE-2023-40175 (rubygem-puma): HTTP request smuggling when parsing chunked transfer encoding bodies and zero-length content-length headers\n* CVE-2023-4785 (rubygem-grpc): File descriptor exhaustion leads to denial of service\n* CVE-2023-0809, CVE-2023-28366, CVE-2023-3592 (mosquitto): Memory leak leads to unresponsive broker\n\nThis update fixes the following bugs:\n2250347 - \u0027Sun, 11 Jun 2023 17:51:29 GMT\u0027 could not be parsed at index 0 at java.time.format.DateTimeFormatter.parseResolved\n2254974 - satellite-convert2rhel-toolkit install fails on latest rpm with `/usr/bin/bash: /usr/libexec/satellite-convert2rhel-appliance/action-install.sh: No such file or directory`\n2255260 - 6.14 - satellite-convert2rhel-toolkit is part of the satellite module\n2257321 - Request for UEFI Kickstart Provisioning to handle naming convention for VLAN tagged interfaces of the format \u003cparent_device\u003e.\u003cvlan_id\u003e in addition to vlan\u003cvlan_id\u003e\n2257324 - Generate applicability tasks fails with error \"ERROR: insert or update on table \"katello_content_facet_errata\" violates foreign key constraint \"katello_content_facet_errata_ca_id\"\n2257326 - Show failed resources in failed installation report\n2257327 - Puppet reports without any messages don\u0027t get an origin\n2257329 - Host registration fails with error \"Attached to can\u0027t be blank\" when the VLAN name includes UPPERCASE letters\n2257330 - default tuning profile leaves httpd MaxClients 150 which httpd raises a warning\n2257331 - Registering host through load balancer causes REX not to know what capsule to choose for \u0027registered_through\u0027\n2257332 - Registration can\u0027t find any Capsules when their locations are not assigned to admin user\n2257415 - Provisioning vm host fails with error \"Failed to attach ISO image to CDROM drive of instance client.example.com: InvalidPowerState: The attempted operation cannot be performed in the current state (Powered on)\". \n2260525 - [Improvement] RefreshRepos step in Capsule Sync to refresh just repos to sync \n2262131 - Unable to sync library/busybox from gcr.io \n\nUsers of Red Hat Satellite are advised to upgrade to these updated\npackages, which fix these bugs.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2024:0797",
"url": "https://access.redhat.com/errata/RHSA-2024:0797"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_satellite/6.14/html/upgrading_and_updating_red_hat_satellite/index",
"url": "https://access.redhat.com/documentation/en-us/red_hat_satellite/6.14/html/upgrading_and_updating_red_hat_satellite/index"
},
{
"category": "external",
"summary": "2232729",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2232729"
},
{
"category": "external",
"summary": "2236341",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2236341"
},
{
"category": "external",
"summary": "2236882",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2236882"
},
{
"category": "external",
"summary": "2239010",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2239010"
},
{
"category": "external",
"summary": "2239017",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2239017"
},
{
"category": "external",
"summary": "2239630",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2239630"
},
{
"category": "external",
"summary": "2239634",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2239634"
},
{
"category": "external",
"summary": "2241933",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2241933"
},
{
"category": "external",
"summary": "2250347",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2250347"
},
{
"category": "external",
"summary": "2254974",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2254974"
},
{
"category": "external",
"summary": "2255260",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2255260"
},
{
"category": "external",
"summary": "2257321",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2257321"
},
{
"category": "external",
"summary": "2257324",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2257324"
},
{
"category": "external",
"summary": "2257326",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2257326"
},
{
"category": "external",
"summary": "2257327",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2257327"
},
{
"category": "external",
"summary": "2257329",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2257329"
},
{
"category": "external",
"summary": "2257330",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2257330"
},
{
"category": "external",
"summary": "2257331",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2257331"
},
{
"category": "external",
"summary": "2257332",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2257332"
},
{
"category": "external",
"summary": "2257415",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2257415"
},
{
"category": "external",
"summary": "2260525",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2260525"
},
{
"category": "external",
"summary": "2262131",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2262131"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_0797.json"
}
],
"title": "Red Hat Security Advisory: Satellite 6.14.2 Async Security Update",
"tracking": {
"current_release_date": "2024-11-15T21:00:20+00:00",
"generator": {
"date": "2024-11-15T21:00:20+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.1"
}
},
"id": "RHSA-2024:0797",
"initial_release_date": "2024-02-13T14:45:57+00:00",
"revision_history": [
{
"date": "2024-02-13T14:45:57+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2024-02-13T14:45:57+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-15T21:00:20+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Satellite 6.14 for RHEL 8",
"product": {
"name": "Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:satellite:6.14::el8"
}
}
},
{
"category": "product_name",
"name": "Red Hat Satellite 6.14 for RHEL 8",
"product": {
"name": "Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-capsule",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:satellite_capsule:6.14::el8"
}
}
},
{
"category": "product_name",
"name": "Red Hat Satellite 6.14 for RHEL 8",
"product": {
"name": "Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-utils",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:satellite_utils:6.14::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat Satellite 6"
},
{
"branches": [
{
"category": "product_version",
"name": "rubygem-katello-0:4.9.0.21-1.el8sat.src",
"product": {
"name": "rubygem-katello-0:4.9.0.21-1.el8sat.src",
"product_id": "rubygem-katello-0:4.9.0.21-1.el8sat.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-katello@4.9.0.21-1.el8sat?arch=src"
}
}
},
{
"category": "product_version",
"name": "python-pulp-container-0:2.14.11-1.el8pc.src",
"product": {
"name": "python-pulp-container-0:2.14.11-1.el8pc.src",
"product_id": "python-pulp-container-0:2.14.11-1.el8pc.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-pulp-container@2.14.11-1.el8pc?arch=src"
}
}
},
{
"category": "product_version",
"name": "candlepin-0:4.3.11-1.el8sat.src",
"product": {
"name": "candlepin-0:4.3.11-1.el8sat.src",
"product_id": "candlepin-0:4.3.11-1.el8sat.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/candlepin@4.3.11-1.el8sat?arch=src"
}
}
},
{
"category": "product_version",
"name": "foreman-0:3.7.0.11-2.el8sat.src",
"product": {
"name": "foreman-0:3.7.0.11-2.el8sat.src",
"product_id": "foreman-0:3.7.0.11-2.el8sat.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman@3.7.0.11-2.el8sat?arch=src"
}
}
},
{
"category": "product_version",
"name": "mosquitto-0:2.0.17-1.el8sat.src",
"product": {
"name": "mosquitto-0:2.0.17-1.el8sat.src",
"product_id": "mosquitto-0:2.0.17-1.el8sat.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mosquitto@2.0.17-1.el8sat?arch=src"
}
}
},
{
"category": "product_version",
"name": "puppet-agent-0:7.27.0-1.el8sat.src",
"product": {
"name": "puppet-agent-0:7.27.0-1.el8sat.src",
"product_id": "puppet-agent-0:7.27.0-1.el8sat.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/puppet-agent@7.27.0-1.el8sat?arch=src"
}
}
},
{
"category": "product_version",
"name": "puppetserver-0:7.14.0-1.el8sat.src",
"product": {
"name": "puppetserver-0:7.14.0-1.el8sat.src",
"product_id": "puppetserver-0:7.14.0-1.el8sat.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/puppetserver@7.14.0-1.el8sat?arch=src"
}
}
},
{
"category": "product_version",
"name": "rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.src",
"product": {
"name": "rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.src",
"product_id": "rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-foreman_bootdisk@21.2.1-1.el8sat?arch=src"
}
}
},
{
"category": "product_version",
"name": "rubygem-google-protobuf-0:3.24.3-1.el8sat.src",
"product": {
"name": "rubygem-google-protobuf-0:3.24.3-1.el8sat.src",
"product_id": "rubygem-google-protobuf-0:3.24.3-1.el8sat.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-google-protobuf@3.24.3-1.el8sat?arch=src"
}
}
},
{
"category": "product_version",
"name": "rubygem-grpc-0:1.58.0-1.el8sat.src",
"product": {
"name": "rubygem-grpc-0:1.58.0-1.el8sat.src",
"product_id": "rubygem-grpc-0:1.58.0-1.el8sat.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-grpc@1.58.0-1.el8sat?arch=src"
}
}
},
{
"category": "product_version",
"name": "rubygem-kafo-0:7.2.0-1.el8sat.src",
"product": {
"name": "rubygem-kafo-0:7.2.0-1.el8sat.src",
"product_id": "rubygem-kafo-0:7.2.0-1.el8sat.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-kafo@7.2.0-1.el8sat?arch=src"
}
}
},
{
"category": "product_version",
"name": "rubygem-puma-0:6.3.1-1.el8sat.src",
"product": {
"name": "rubygem-puma-0:6.3.1-1.el8sat.src",
"product_id": "rubygem-puma-0:6.3.1-1.el8sat.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-puma@6.3.1-1.el8sat?arch=src"
}
}
},
{
"category": "product_version",
"name": "rubygem-sidekiq-0:6.5.12-1.el8sat.src",
"product": {
"name": "rubygem-sidekiq-0:6.5.12-1.el8sat.src",
"product_id": "rubygem-sidekiq-0:6.5.12-1.el8sat.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-sidekiq@6.5.12-1.el8sat?arch=src"
}
}
},
{
"category": "product_version",
"name": "satellite-0:6.14.2-1.el8sat.src",
"product": {
"name": "satellite-0:6.14.2-1.el8sat.src",
"product_id": "satellite-0:6.14.2-1.el8sat.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/satellite@6.14.2-1.el8sat?arch=src"
}
}
},
{
"category": "product_version",
"name": "satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.src",
"product": {
"name": "satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.src",
"product_id": "satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/satellite-convert2rhel-toolkit@1.0.1-1.el8sat?arch=src"
}
}
},
{
"category": "product_version",
"name": "foreman-installer-1:3.7.0.7-1.el8sat.src",
"product": {
"name": "foreman-installer-1:3.7.0.7-1.el8sat.src",
"product_id": "foreman-installer-1:3.7.0.7-1.el8sat.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman-installer@3.7.0.7-1.el8sat?arch=src\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "rubygem-katello-0:4.9.0.21-1.el8sat.noarch",
"product": {
"name": "rubygem-katello-0:4.9.0.21-1.el8sat.noarch",
"product_id": "rubygem-katello-0:4.9.0.21-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-katello@4.9.0.21-1.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "python39-pulp-container-0:2.14.11-1.el8pc.noarch",
"product": {
"name": "python39-pulp-container-0:2.14.11-1.el8pc.noarch",
"product_id": "python39-pulp-container-0:2.14.11-1.el8pc.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python39-pulp-container@2.14.11-1.el8pc?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "candlepin-0:4.3.11-1.el8sat.noarch",
"product": {
"name": "candlepin-0:4.3.11-1.el8sat.noarch",
"product_id": "candlepin-0:4.3.11-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/candlepin@4.3.11-1.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "candlepin-selinux-0:4.3.11-1.el8sat.noarch",
"product": {
"name": "candlepin-selinux-0:4.3.11-1.el8sat.noarch",
"product_id": "candlepin-selinux-0:4.3.11-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/candlepin-selinux@4.3.11-1.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "foreman-cli-0:3.7.0.11-2.el8sat.noarch",
"product": {
"name": "foreman-cli-0:3.7.0.11-2.el8sat.noarch",
"product_id": "foreman-cli-0:3.7.0.11-2.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman-cli@3.7.0.11-2.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "foreman-debug-0:3.7.0.11-2.el8sat.noarch",
"product": {
"name": "foreman-debug-0:3.7.0.11-2.el8sat.noarch",
"product_id": "foreman-debug-0:3.7.0.11-2.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman-debug@3.7.0.11-2.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "foreman-0:3.7.0.11-2.el8sat.noarch",
"product": {
"name": "foreman-0:3.7.0.11-2.el8sat.noarch",
"product_id": "foreman-0:3.7.0.11-2.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman@3.7.0.11-2.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch",
"product": {
"name": "foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch",
"product_id": "foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman-dynflow-sidekiq@3.7.0.11-2.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "foreman-ec2-0:3.7.0.11-2.el8sat.noarch",
"product": {
"name": "foreman-ec2-0:3.7.0.11-2.el8sat.noarch",
"product_id": "foreman-ec2-0:3.7.0.11-2.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman-ec2@3.7.0.11-2.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "foreman-journald-0:3.7.0.11-2.el8sat.noarch",
"product": {
"name": "foreman-journald-0:3.7.0.11-2.el8sat.noarch",
"product_id": "foreman-journald-0:3.7.0.11-2.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman-journald@3.7.0.11-2.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "foreman-libvirt-0:3.7.0.11-2.el8sat.noarch",
"product": {
"name": "foreman-libvirt-0:3.7.0.11-2.el8sat.noarch",
"product_id": "foreman-libvirt-0:3.7.0.11-2.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman-libvirt@3.7.0.11-2.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "foreman-openstack-0:3.7.0.11-2.el8sat.noarch",
"product": {
"name": "foreman-openstack-0:3.7.0.11-2.el8sat.noarch",
"product_id": "foreman-openstack-0:3.7.0.11-2.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman-openstack@3.7.0.11-2.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "foreman-ovirt-0:3.7.0.11-2.el8sat.noarch",
"product": {
"name": "foreman-ovirt-0:3.7.0.11-2.el8sat.noarch",
"product_id": "foreman-ovirt-0:3.7.0.11-2.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman-ovirt@3.7.0.11-2.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "foreman-postgresql-0:3.7.0.11-2.el8sat.noarch",
"product": {
"name": "foreman-postgresql-0:3.7.0.11-2.el8sat.noarch",
"product_id": "foreman-postgresql-0:3.7.0.11-2.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman-postgresql@3.7.0.11-2.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "foreman-redis-0:3.7.0.11-2.el8sat.noarch",
"product": {
"name": "foreman-redis-0:3.7.0.11-2.el8sat.noarch",
"product_id": "foreman-redis-0:3.7.0.11-2.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman-redis@3.7.0.11-2.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "foreman-service-0:3.7.0.11-2.el8sat.noarch",
"product": {
"name": "foreman-service-0:3.7.0.11-2.el8sat.noarch",
"product_id": "foreman-service-0:3.7.0.11-2.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman-service@3.7.0.11-2.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "foreman-telemetry-0:3.7.0.11-2.el8sat.noarch",
"product": {
"name": "foreman-telemetry-0:3.7.0.11-2.el8sat.noarch",
"product_id": "foreman-telemetry-0:3.7.0.11-2.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman-telemetry@3.7.0.11-2.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "foreman-vmware-0:3.7.0.11-2.el8sat.noarch",
"product": {
"name": "foreman-vmware-0:3.7.0.11-2.el8sat.noarch",
"product_id": "foreman-vmware-0:3.7.0.11-2.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman-vmware@3.7.0.11-2.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "puppetserver-0:7.14.0-1.el8sat.noarch",
"product": {
"name": "puppetserver-0:7.14.0-1.el8sat.noarch",
"product_id": "puppetserver-0:7.14.0-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/puppetserver@7.14.0-1.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.noarch",
"product": {
"name": "rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.noarch",
"product_id": "rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-foreman_bootdisk@21.2.1-1.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "rubygem-kafo-0:7.2.0-1.el8sat.noarch",
"product": {
"name": "rubygem-kafo-0:7.2.0-1.el8sat.noarch",
"product_id": "rubygem-kafo-0:7.2.0-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-kafo@7.2.0-1.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "rubygem-sidekiq-0:6.5.12-1.el8sat.noarch",
"product": {
"name": "rubygem-sidekiq-0:6.5.12-1.el8sat.noarch",
"product_id": "rubygem-sidekiq-0:6.5.12-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-sidekiq@6.5.12-1.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "satellite-cli-0:6.14.2-1.el8sat.noarch",
"product": {
"name": "satellite-cli-0:6.14.2-1.el8sat.noarch",
"product_id": "satellite-cli-0:6.14.2-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/satellite-cli@6.14.2-1.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "satellite-capsule-0:6.14.2-1.el8sat.noarch",
"product": {
"name": "satellite-capsule-0:6.14.2-1.el8sat.noarch",
"product_id": "satellite-capsule-0:6.14.2-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/satellite-capsule@6.14.2-1.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "satellite-common-0:6.14.2-1.el8sat.noarch",
"product": {
"name": "satellite-common-0:6.14.2-1.el8sat.noarch",
"product_id": "satellite-common-0:6.14.2-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/satellite-common@6.14.2-1.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "satellite-0:6.14.2-1.el8sat.noarch",
"product": {
"name": "satellite-0:6.14.2-1.el8sat.noarch",
"product_id": "satellite-0:6.14.2-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/satellite@6.14.2-1.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "foreman-installer-1:3.7.0.7-1.el8sat.noarch",
"product": {
"name": "foreman-installer-1:3.7.0.7-1.el8sat.noarch",
"product_id": "foreman-installer-1:3.7.0.7-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman-installer@3.7.0.7-1.el8sat?arch=noarch\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch",
"product": {
"name": "foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch",
"product_id": "foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman-installer-katello@3.7.0.7-1.el8sat?arch=noarch\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "mosquitto-0:2.0.17-1.el8sat.x86_64",
"product": {
"name": "mosquitto-0:2.0.17-1.el8sat.x86_64",
"product_id": "mosquitto-0:2.0.17-1.el8sat.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mosquitto@2.0.17-1.el8sat?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64",
"product": {
"name": "mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64",
"product_id": "mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mosquitto-debugsource@2.0.17-1.el8sat?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64",
"product": {
"name": "mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64",
"product_id": "mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mosquitto-debuginfo@2.0.17-1.el8sat?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "puppet-agent-0:7.27.0-1.el8sat.x86_64",
"product": {
"name": "puppet-agent-0:7.27.0-1.el8sat.x86_64",
"product_id": "puppet-agent-0:7.27.0-1.el8sat.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/puppet-agent@7.27.0-1.el8sat?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rubygem-google-protobuf-0:3.24.3-1.el8sat.x86_64",
"product": {
"name": "rubygem-google-protobuf-0:3.24.3-1.el8sat.x86_64",
"product_id": "rubygem-google-protobuf-0:3.24.3-1.el8sat.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-google-protobuf@3.24.3-1.el8sat?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rubygem-google-protobuf-debugsource-0:3.24.3-1.el8sat.x86_64",
"product": {
"name": "rubygem-google-protobuf-debugsource-0:3.24.3-1.el8sat.x86_64",
"product_id": "rubygem-google-protobuf-debugsource-0:3.24.3-1.el8sat.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-google-protobuf-debugsource@3.24.3-1.el8sat?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rubygem-google-protobuf-debuginfo-0:3.24.3-1.el8sat.x86_64",
"product": {
"name": "rubygem-google-protobuf-debuginfo-0:3.24.3-1.el8sat.x86_64",
"product_id": "rubygem-google-protobuf-debuginfo-0:3.24.3-1.el8sat.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-google-protobuf-debuginfo@3.24.3-1.el8sat?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rubygem-grpc-0:1.58.0-1.el8sat.x86_64",
"product": {
"name": "rubygem-grpc-0:1.58.0-1.el8sat.x86_64",
"product_id": "rubygem-grpc-0:1.58.0-1.el8sat.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-grpc@1.58.0-1.el8sat?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rubygem-puma-0:6.3.1-1.el8sat.x86_64",
"product": {
"name": "rubygem-puma-0:6.3.1-1.el8sat.x86_64",
"product_id": "rubygem-puma-0:6.3.1-1.el8sat.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-puma@6.3.1-1.el8sat?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rubygem-puma-debugsource-0:6.3.1-1.el8sat.x86_64",
"product": {
"name": "rubygem-puma-debugsource-0:6.3.1-1.el8sat.x86_64",
"product_id": "rubygem-puma-debugsource-0:6.3.1-1.el8sat.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-puma-debugsource@6.3.1-1.el8sat?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rubygem-puma-debuginfo-0:6.3.1-1.el8sat.x86_64",
"product": {
"name": "rubygem-puma-debuginfo-0:6.3.1-1.el8sat.x86_64",
"product_id": "rubygem-puma-debuginfo-0:6.3.1-1.el8sat.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-puma-debuginfo@6.3.1-1.el8sat?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.x86_64",
"product": {
"name": "satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.x86_64",
"product_id": "satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/satellite-convert2rhel-toolkit@1.0.1-1.el8sat?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.noarch"
},
"product_reference": "foreman-0:3.7.0.11-2.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-0:3.7.0.11-2.el8sat.src as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.src"
},
"product_reference": "foreman-0:3.7.0.11-2.el8sat.src",
"relates_to_product_reference": "8Base-satellite-6.14-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-cli-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-capsule:foreman-cli-0:3.7.0.11-2.el8sat.noarch"
},
"product_reference": "foreman-cli-0:3.7.0.11-2.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-debug-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-capsule:foreman-debug-0:3.7.0.11-2.el8sat.noarch"
},
"product_reference": "foreman-debug-0:3.7.0.11-2.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-capsule:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch"
},
"product_reference": "foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-ec2-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-capsule:foreman-ec2-0:3.7.0.11-2.el8sat.noarch"
},
"product_reference": "foreman-ec2-0:3.7.0.11-2.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-installer-1:3.7.0.7-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.noarch"
},
"product_reference": "foreman-installer-1:3.7.0.7-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-installer-1:3.7.0.7-1.el8sat.src as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.src"
},
"product_reference": "foreman-installer-1:3.7.0.7-1.el8sat.src",
"relates_to_product_reference": "8Base-satellite-6.14-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-capsule:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch"
},
"product_reference": "foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-journald-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-capsule:foreman-journald-0:3.7.0.11-2.el8sat.noarch"
},
"product_reference": "foreman-journald-0:3.7.0.11-2.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-libvirt-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-capsule:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch"
},
"product_reference": "foreman-libvirt-0:3.7.0.11-2.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-openstack-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-capsule:foreman-openstack-0:3.7.0.11-2.el8sat.noarch"
},
"product_reference": "foreman-openstack-0:3.7.0.11-2.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-ovirt-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-capsule:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch"
},
"product_reference": "foreman-ovirt-0:3.7.0.11-2.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-postgresql-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-capsule:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch"
},
"product_reference": "foreman-postgresql-0:3.7.0.11-2.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-redis-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-capsule:foreman-redis-0:3.7.0.11-2.el8sat.noarch"
},
"product_reference": "foreman-redis-0:3.7.0.11-2.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-service-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-capsule:foreman-service-0:3.7.0.11-2.el8sat.noarch"
},
"product_reference": "foreman-service-0:3.7.0.11-2.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-telemetry-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-capsule:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch"
},
"product_reference": "foreman-telemetry-0:3.7.0.11-2.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-vmware-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-capsule:foreman-vmware-0:3.7.0.11-2.el8sat.noarch"
},
"product_reference": "foreman-vmware-0:3.7.0.11-2.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mosquitto-0:2.0.17-1.el8sat.src as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.src"
},
"product_reference": "mosquitto-0:2.0.17-1.el8sat.src",
"relates_to_product_reference": "8Base-satellite-6.14-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mosquitto-0:2.0.17-1.el8sat.x86_64 as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64"
},
"product_reference": "mosquitto-0:2.0.17-1.el8sat.x86_64",
"relates_to_product_reference": "8Base-satellite-6.14-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64 as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64"
},
"product_reference": "mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64",
"relates_to_product_reference": "8Base-satellite-6.14-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64 as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64"
},
"product_reference": "mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64",
"relates_to_product_reference": "8Base-satellite-6.14-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "puppet-agent-0:7.27.0-1.el8sat.src as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.src"
},
"product_reference": "puppet-agent-0:7.27.0-1.el8sat.src",
"relates_to_product_reference": "8Base-satellite-6.14-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "puppet-agent-0:7.27.0-1.el8sat.x86_64 as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.x86_64"
},
"product_reference": "puppet-agent-0:7.27.0-1.el8sat.x86_64",
"relates_to_product_reference": "8Base-satellite-6.14-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "puppetserver-0:7.14.0-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.noarch"
},
"product_reference": "puppetserver-0:7.14.0-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "puppetserver-0:7.14.0-1.el8sat.src as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.src"
},
"product_reference": "puppetserver-0:7.14.0-1.el8sat.src",
"relates_to_product_reference": "8Base-satellite-6.14-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-pulp-container-0:2.14.11-1.el8pc.src as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-capsule:python-pulp-container-0:2.14.11-1.el8pc.src"
},
"product_reference": "python-pulp-container-0:2.14.11-1.el8pc.src",
"relates_to_product_reference": "8Base-satellite-6.14-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python39-pulp-container-0:2.14.11-1.el8pc.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch"
},
"product_reference": "python39-pulp-container-0:2.14.11-1.el8pc.noarch",
"relates_to_product_reference": "8Base-satellite-6.14-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-kafo-0:7.2.0-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.noarch"
},
"product_reference": "rubygem-kafo-0:7.2.0-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-kafo-0:7.2.0-1.el8sat.src as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.src"
},
"product_reference": "rubygem-kafo-0:7.2.0-1.el8sat.src",
"relates_to_product_reference": "8Base-satellite-6.14-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-0:6.14.2-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.noarch"
},
"product_reference": "satellite-0:6.14.2-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-0:6.14.2-1.el8sat.src as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.src"
},
"product_reference": "satellite-0:6.14.2-1.el8sat.src",
"relates_to_product_reference": "8Base-satellite-6.14-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-capsule-0:6.14.2-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-capsule:satellite-capsule-0:6.14.2-1.el8sat.noarch"
},
"product_reference": "satellite-capsule-0:6.14.2-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-cli-0:6.14.2-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-capsule:satellite-cli-0:6.14.2-1.el8sat.noarch"
},
"product_reference": "satellite-cli-0:6.14.2-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-common-0:6.14.2-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-capsule:satellite-common-0:6.14.2-1.el8sat.noarch"
},
"product_reference": "satellite-common-0:6.14.2-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.noarch"
},
"product_reference": "foreman-0:3.7.0.11-2.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-0:3.7.0.11-2.el8sat.src as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.src"
},
"product_reference": "foreman-0:3.7.0.11-2.el8sat.src",
"relates_to_product_reference": "8Base-satellite-6.14-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-cli-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-utils:foreman-cli-0:3.7.0.11-2.el8sat.noarch"
},
"product_reference": "foreman-cli-0:3.7.0.11-2.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-debug-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-utils:foreman-debug-0:3.7.0.11-2.el8sat.noarch"
},
"product_reference": "foreman-debug-0:3.7.0.11-2.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-utils:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch"
},
"product_reference": "foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-ec2-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-utils:foreman-ec2-0:3.7.0.11-2.el8sat.noarch"
},
"product_reference": "foreman-ec2-0:3.7.0.11-2.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-journald-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-utils:foreman-journald-0:3.7.0.11-2.el8sat.noarch"
},
"product_reference": "foreman-journald-0:3.7.0.11-2.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-libvirt-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-utils:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch"
},
"product_reference": "foreman-libvirt-0:3.7.0.11-2.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-openstack-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-utils:foreman-openstack-0:3.7.0.11-2.el8sat.noarch"
},
"product_reference": "foreman-openstack-0:3.7.0.11-2.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-ovirt-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-utils:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch"
},
"product_reference": "foreman-ovirt-0:3.7.0.11-2.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-postgresql-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-utils:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch"
},
"product_reference": "foreman-postgresql-0:3.7.0.11-2.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-redis-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-utils:foreman-redis-0:3.7.0.11-2.el8sat.noarch"
},
"product_reference": "foreman-redis-0:3.7.0.11-2.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-service-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-utils:foreman-service-0:3.7.0.11-2.el8sat.noarch"
},
"product_reference": "foreman-service-0:3.7.0.11-2.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-telemetry-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-utils:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch"
},
"product_reference": "foreman-telemetry-0:3.7.0.11-2.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-vmware-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-utils:foreman-vmware-0:3.7.0.11-2.el8sat.noarch"
},
"product_reference": "foreman-vmware-0:3.7.0.11-2.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-0:6.14.2-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.noarch"
},
"product_reference": "satellite-0:6.14.2-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-0:6.14.2-1.el8sat.src as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.src"
},
"product_reference": "satellite-0:6.14.2-1.el8sat.src",
"relates_to_product_reference": "8Base-satellite-6.14-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-capsule-0:6.14.2-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-utils:satellite-capsule-0:6.14.2-1.el8sat.noarch"
},
"product_reference": "satellite-capsule-0:6.14.2-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-cli-0:6.14.2-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-utils:satellite-cli-0:6.14.2-1.el8sat.noarch"
},
"product_reference": "satellite-cli-0:6.14.2-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-common-0:6.14.2-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-utils:satellite-common-0:6.14.2-1.el8sat.noarch"
},
"product_reference": "satellite-common-0:6.14.2-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "candlepin-0:4.3.11-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.noarch"
},
"product_reference": "candlepin-0:4.3.11-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "candlepin-0:4.3.11-1.el8sat.src as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.src"
},
"product_reference": "candlepin-0:4.3.11-1.el8sat.src",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "candlepin-selinux-0:4.3.11-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:candlepin-selinux-0:4.3.11-1.el8sat.noarch"
},
"product_reference": "candlepin-selinux-0:4.3.11-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.noarch"
},
"product_reference": "foreman-0:3.7.0.11-2.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-0:3.7.0.11-2.el8sat.src as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.src"
},
"product_reference": "foreman-0:3.7.0.11-2.el8sat.src",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-cli-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:foreman-cli-0:3.7.0.11-2.el8sat.noarch"
},
"product_reference": "foreman-cli-0:3.7.0.11-2.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-debug-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:foreman-debug-0:3.7.0.11-2.el8sat.noarch"
},
"product_reference": "foreman-debug-0:3.7.0.11-2.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch"
},
"product_reference": "foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-ec2-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:foreman-ec2-0:3.7.0.11-2.el8sat.noarch"
},
"product_reference": "foreman-ec2-0:3.7.0.11-2.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-installer-1:3.7.0.7-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.noarch"
},
"product_reference": "foreman-installer-1:3.7.0.7-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-installer-1:3.7.0.7-1.el8sat.src as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.src"
},
"product_reference": "foreman-installer-1:3.7.0.7-1.el8sat.src",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch"
},
"product_reference": "foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-journald-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:foreman-journald-0:3.7.0.11-2.el8sat.noarch"
},
"product_reference": "foreman-journald-0:3.7.0.11-2.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-libvirt-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch"
},
"product_reference": "foreman-libvirt-0:3.7.0.11-2.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-openstack-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:foreman-openstack-0:3.7.0.11-2.el8sat.noarch"
},
"product_reference": "foreman-openstack-0:3.7.0.11-2.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-ovirt-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch"
},
"product_reference": "foreman-ovirt-0:3.7.0.11-2.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-postgresql-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch"
},
"product_reference": "foreman-postgresql-0:3.7.0.11-2.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-redis-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:foreman-redis-0:3.7.0.11-2.el8sat.noarch"
},
"product_reference": "foreman-redis-0:3.7.0.11-2.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-service-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:foreman-service-0:3.7.0.11-2.el8sat.noarch"
},
"product_reference": "foreman-service-0:3.7.0.11-2.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-telemetry-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch"
},
"product_reference": "foreman-telemetry-0:3.7.0.11-2.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-vmware-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:foreman-vmware-0:3.7.0.11-2.el8sat.noarch"
},
"product_reference": "foreman-vmware-0:3.7.0.11-2.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mosquitto-0:2.0.17-1.el8sat.src as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.src"
},
"product_reference": "mosquitto-0:2.0.17-1.el8sat.src",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mosquitto-0:2.0.17-1.el8sat.x86_64 as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.x86_64"
},
"product_reference": "mosquitto-0:2.0.17-1.el8sat.x86_64",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64 as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64"
},
"product_reference": "mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64 as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64"
},
"product_reference": "mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "puppet-agent-0:7.27.0-1.el8sat.src as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.src"
},
"product_reference": "puppet-agent-0:7.27.0-1.el8sat.src",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "puppet-agent-0:7.27.0-1.el8sat.x86_64 as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.x86_64"
},
"product_reference": "puppet-agent-0:7.27.0-1.el8sat.x86_64",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "puppetserver-0:7.14.0-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.noarch"
},
"product_reference": "puppetserver-0:7.14.0-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "puppetserver-0:7.14.0-1.el8sat.src as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.src"
},
"product_reference": "puppetserver-0:7.14.0-1.el8sat.src",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-pulp-container-0:2.14.11-1.el8pc.src as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:python-pulp-container-0:2.14.11-1.el8pc.src"
},
"product_reference": "python-pulp-container-0:2.14.11-1.el8pc.src",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python39-pulp-container-0:2.14.11-1.el8pc.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:python39-pulp-container-0:2.14.11-1.el8pc.noarch"
},
"product_reference": "python39-pulp-container-0:2.14.11-1.el8pc.noarch",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.noarch"
},
"product_reference": "rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.src as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.src"
},
"product_reference": "rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.src",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-google-protobuf-0:3.24.3-1.el8sat.src as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.src"
},
"product_reference": "rubygem-google-protobuf-0:3.24.3-1.el8sat.src",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-google-protobuf-0:3.24.3-1.el8sat.x86_64 as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.x86_64"
},
"product_reference": "rubygem-google-protobuf-0:3.24.3-1.el8sat.x86_64",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-google-protobuf-debuginfo-0:3.24.3-1.el8sat.x86_64 as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:rubygem-google-protobuf-debuginfo-0:3.24.3-1.el8sat.x86_64"
},
"product_reference": "rubygem-google-protobuf-debuginfo-0:3.24.3-1.el8sat.x86_64",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-google-protobuf-debugsource-0:3.24.3-1.el8sat.x86_64 as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:rubygem-google-protobuf-debugsource-0:3.24.3-1.el8sat.x86_64"
},
"product_reference": "rubygem-google-protobuf-debugsource-0:3.24.3-1.el8sat.x86_64",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-grpc-0:1.58.0-1.el8sat.src as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.src"
},
"product_reference": "rubygem-grpc-0:1.58.0-1.el8sat.src",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-grpc-0:1.58.0-1.el8sat.x86_64 as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.x86_64"
},
"product_reference": "rubygem-grpc-0:1.58.0-1.el8sat.x86_64",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-kafo-0:7.2.0-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.noarch"
},
"product_reference": "rubygem-kafo-0:7.2.0-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-kafo-0:7.2.0-1.el8sat.src as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.src"
},
"product_reference": "rubygem-kafo-0:7.2.0-1.el8sat.src",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-katello-0:4.9.0.21-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.noarch"
},
"product_reference": "rubygem-katello-0:4.9.0.21-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-katello-0:4.9.0.21-1.el8sat.src as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.src"
},
"product_reference": "rubygem-katello-0:4.9.0.21-1.el8sat.src",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-puma-0:6.3.1-1.el8sat.src as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.src"
},
"product_reference": "rubygem-puma-0:6.3.1-1.el8sat.src",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-puma-0:6.3.1-1.el8sat.x86_64 as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.x86_64"
},
"product_reference": "rubygem-puma-0:6.3.1-1.el8sat.x86_64",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-puma-debuginfo-0:6.3.1-1.el8sat.x86_64 as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:rubygem-puma-debuginfo-0:6.3.1-1.el8sat.x86_64"
},
"product_reference": "rubygem-puma-debuginfo-0:6.3.1-1.el8sat.x86_64",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-puma-debugsource-0:6.3.1-1.el8sat.x86_64 as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:rubygem-puma-debugsource-0:6.3.1-1.el8sat.x86_64"
},
"product_reference": "rubygem-puma-debugsource-0:6.3.1-1.el8sat.x86_64",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-sidekiq-0:6.5.12-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.noarch"
},
"product_reference": "rubygem-sidekiq-0:6.5.12-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-sidekiq-0:6.5.12-1.el8sat.src as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.src"
},
"product_reference": "rubygem-sidekiq-0:6.5.12-1.el8sat.src",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-0:6.14.2-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.noarch"
},
"product_reference": "satellite-0:6.14.2-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-0:6.14.2-1.el8sat.src as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.src"
},
"product_reference": "satellite-0:6.14.2-1.el8sat.src",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-capsule-0:6.14.2-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:satellite-capsule-0:6.14.2-1.el8sat.noarch"
},
"product_reference": "satellite-capsule-0:6.14.2-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-cli-0:6.14.2-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:satellite-cli-0:6.14.2-1.el8sat.noarch"
},
"product_reference": "satellite-cli-0:6.14.2-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-common-0:6.14.2-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:satellite-common-0:6.14.2-1.el8sat.noarch"
},
"product_reference": "satellite-common-0:6.14.2-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.src as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.src"
},
"product_reference": "satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.src",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.x86_64 as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.x86_64"
},
"product_reference": "satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.x86_64",
"relates_to_product_reference": "8Base-satellite-6.14"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-0809",
"cwe": {
"id": "CWE-401",
"name": "Missing Release of Memory after Effective Lifetime"
},
"discovery_date": "2023-09-01T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.src",
"8Base-satellite-6.14-capsule:foreman-cli-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-debug-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-ec2-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.src",
"8Base-satellite-6.14-capsule:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-journald-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-openstack-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-redis-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-service-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-vmware-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.src",
"8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.x86_64",
"8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.src",
"8Base-satellite-6.14-capsule:python-pulp-container-0:2.14.11-1.el8pc.src",
"8Base-satellite-6.14-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch",
"8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.src",
"8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.src",
"8Base-satellite-6.14-capsule:satellite-capsule-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:satellite-cli-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:satellite-common-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.src",
"8Base-satellite-6.14-utils:foreman-cli-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-debug-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-ec2-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-journald-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-openstack-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-redis-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-service-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-vmware-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.src",
"8Base-satellite-6.14-utils:satellite-capsule-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-cli-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-common-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.noarch",
"8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.src",
"8Base-satellite-6.14:candlepin-selinux-0:4.3.11-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.src",
"8Base-satellite-6.14:foreman-cli-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-debug-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-ec2-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.src",
"8Base-satellite-6.14:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-journald-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-openstack-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-redis-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-service-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-vmware-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.src",
"8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.x86_64",
"8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.noarch",
"8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.src",
"8Base-satellite-6.14:python-pulp-container-0:2.14.11-1.el8pc.src",
"8Base-satellite-6.14:python39-pulp-container-0:2.14.11-1.el8pc.noarch",
"8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.src",
"8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.src",
"8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.x86_64",
"8Base-satellite-6.14:rubygem-google-protobuf-debuginfo-0:3.24.3-1.el8sat.x86_64",
"8Base-satellite-6.14:rubygem-google-protobuf-debugsource-0:3.24.3-1.el8sat.x86_64",
"8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.src",
"8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.x86_64",
"8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.src",
"8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.src",
"8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.src",
"8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.x86_64",
"8Base-satellite-6.14:rubygem-puma-debuginfo-0:6.3.1-1.el8sat.x86_64",
"8Base-satellite-6.14:rubygem-puma-debugsource-0:6.3.1-1.el8sat.x86_64",
"8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.src",
"8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.src",
"8Base-satellite-6.14:satellite-capsule-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-cli-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-common-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.src",
"8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.x86_64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2236882"
}
],
"notes": [
{
"category": "description",
"text": "A memory leak vulnerability was found in Eclipse Mosquitto. This issue is triggered by malicious initial packets or certain client actions and may allow a remote attacker to the deplete system resources causing memory exhaustion, leading to a disruption in services and a denial of service condition.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "mosquitto: memory leak leads to unresponsive broker",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.src",
"8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.14-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.14-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.src",
"8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.14:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.14:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64"
],
"known_not_affected": [
"8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.src",
"8Base-satellite-6.14-capsule:foreman-cli-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-debug-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-ec2-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.src",
"8Base-satellite-6.14-capsule:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-journald-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-openstack-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-redis-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-service-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-vmware-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.src",
"8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.x86_64",
"8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.src",
"8Base-satellite-6.14-capsule:python-pulp-container-0:2.14.11-1.el8pc.src",
"8Base-satellite-6.14-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch",
"8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.src",
"8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.src",
"8Base-satellite-6.14-capsule:satellite-capsule-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:satellite-cli-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:satellite-common-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.src",
"8Base-satellite-6.14-utils:foreman-cli-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-debug-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-ec2-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-journald-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-openstack-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-redis-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-service-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-vmware-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.src",
"8Base-satellite-6.14-utils:satellite-capsule-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-cli-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-common-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.noarch",
"8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.src",
"8Base-satellite-6.14:candlepin-selinux-0:4.3.11-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.src",
"8Base-satellite-6.14:foreman-cli-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-debug-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-ec2-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.src",
"8Base-satellite-6.14:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-journald-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-openstack-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-redis-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-service-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-vmware-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.src",
"8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.x86_64",
"8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.noarch",
"8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.src",
"8Base-satellite-6.14:python-pulp-container-0:2.14.11-1.el8pc.src",
"8Base-satellite-6.14:python39-pulp-container-0:2.14.11-1.el8pc.noarch",
"8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.src",
"8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.src",
"8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.x86_64",
"8Base-satellite-6.14:rubygem-google-protobuf-debuginfo-0:3.24.3-1.el8sat.x86_64",
"8Base-satellite-6.14:rubygem-google-protobuf-debugsource-0:3.24.3-1.el8sat.x86_64",
"8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.src",
"8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.x86_64",
"8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.src",
"8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.src",
"8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.src",
"8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.x86_64",
"8Base-satellite-6.14:rubygem-puma-debuginfo-0:6.3.1-1.el8sat.x86_64",
"8Base-satellite-6.14:rubygem-puma-debugsource-0:6.3.1-1.el8sat.x86_64",
"8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.src",
"8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.src",
"8Base-satellite-6.14:satellite-capsule-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-cli-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-common-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.src",
"8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-0809"
},
{
"category": "external",
"summary": "RHBZ#2236882",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2236882"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-0809",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0809"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-0809",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-0809"
},
{
"category": "external",
"summary": "https://github.com/eclipse/mosquitto/commit/6113eac95a9df634fbc858be542c4a0456bfe7b9",
"url": "https://github.com/eclipse/mosquitto/commit/6113eac95a9df634fbc858be542c4a0456bfe7b9"
}
],
"release_date": "2023-09-01T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-02-13T14:45:57+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.src",
"8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.14-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.14-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.src",
"8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.14:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.14:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:0797"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.src",
"8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.14-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.14-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.src",
"8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.14:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.14:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "mosquitto: memory leak leads to unresponsive broker"
},
{
"cve": "CVE-2023-3592",
"cwe": {
"id": "CWE-401",
"name": "Missing Release of Memory after Effective Lifetime"
},
"discovery_date": "2023-09-01T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.src",
"8Base-satellite-6.14-capsule:foreman-cli-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-debug-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-ec2-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.src",
"8Base-satellite-6.14-capsule:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-journald-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-openstack-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-redis-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-service-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-vmware-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.src",
"8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.x86_64",
"8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.src",
"8Base-satellite-6.14-capsule:python-pulp-container-0:2.14.11-1.el8pc.src",
"8Base-satellite-6.14-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch",
"8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.src",
"8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.src",
"8Base-satellite-6.14-capsule:satellite-capsule-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:satellite-cli-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:satellite-common-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.src",
"8Base-satellite-6.14-utils:foreman-cli-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-debug-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-ec2-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-journald-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-openstack-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-redis-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-service-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-vmware-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.src",
"8Base-satellite-6.14-utils:satellite-capsule-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-cli-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-common-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.noarch",
"8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.src",
"8Base-satellite-6.14:candlepin-selinux-0:4.3.11-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.src",
"8Base-satellite-6.14:foreman-cli-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-debug-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-ec2-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.src",
"8Base-satellite-6.14:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-journald-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-openstack-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-redis-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-service-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-vmware-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.src",
"8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.x86_64",
"8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.noarch",
"8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.src",
"8Base-satellite-6.14:python-pulp-container-0:2.14.11-1.el8pc.src",
"8Base-satellite-6.14:python39-pulp-container-0:2.14.11-1.el8pc.noarch",
"8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.src",
"8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.src",
"8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.x86_64",
"8Base-satellite-6.14:rubygem-google-protobuf-debuginfo-0:3.24.3-1.el8sat.x86_64",
"8Base-satellite-6.14:rubygem-google-protobuf-debugsource-0:3.24.3-1.el8sat.x86_64",
"8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.src",
"8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.x86_64",
"8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.src",
"8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.src",
"8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.src",
"8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.x86_64",
"8Base-satellite-6.14:rubygem-puma-debuginfo-0:6.3.1-1.el8sat.x86_64",
"8Base-satellite-6.14:rubygem-puma-debugsource-0:6.3.1-1.el8sat.x86_64",
"8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.src",
"8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.src",
"8Base-satellite-6.14:satellite-capsule-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-cli-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-common-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.src",
"8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.x86_64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2236882"
}
],
"notes": [
{
"category": "description",
"text": "A memory leak vulnerability was found in Eclipse Mosquitto. This issue is triggered by malicious initial packets or certain client actions and may allow a remote attacker to the deplete system resources causing memory exhaustion, leading to a disruption in services and a denial of service condition.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "mosquitto: memory leak leads to unresponsive broker",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.src",
"8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.14-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.14-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.src",
"8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.14:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.14:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64"
],
"known_not_affected": [
"8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.src",
"8Base-satellite-6.14-capsule:foreman-cli-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-debug-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-ec2-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.src",
"8Base-satellite-6.14-capsule:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-journald-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-openstack-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-redis-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-service-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-vmware-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.src",
"8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.x86_64",
"8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.src",
"8Base-satellite-6.14-capsule:python-pulp-container-0:2.14.11-1.el8pc.src",
"8Base-satellite-6.14-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch",
"8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.src",
"8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.src",
"8Base-satellite-6.14-capsule:satellite-capsule-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:satellite-cli-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:satellite-common-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.src",
"8Base-satellite-6.14-utils:foreman-cli-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-debug-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-ec2-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-journald-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-openstack-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-redis-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-service-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-vmware-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.src",
"8Base-satellite-6.14-utils:satellite-capsule-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-cli-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-common-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.noarch",
"8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.src",
"8Base-satellite-6.14:candlepin-selinux-0:4.3.11-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.src",
"8Base-satellite-6.14:foreman-cli-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-debug-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-ec2-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.src",
"8Base-satellite-6.14:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-journald-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-openstack-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-redis-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-service-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-vmware-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.src",
"8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.x86_64",
"8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.noarch",
"8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.src",
"8Base-satellite-6.14:python-pulp-container-0:2.14.11-1.el8pc.src",
"8Base-satellite-6.14:python39-pulp-container-0:2.14.11-1.el8pc.noarch",
"8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.src",
"8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.src",
"8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.x86_64",
"8Base-satellite-6.14:rubygem-google-protobuf-debuginfo-0:3.24.3-1.el8sat.x86_64",
"8Base-satellite-6.14:rubygem-google-protobuf-debugsource-0:3.24.3-1.el8sat.x86_64",
"8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.src",
"8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.x86_64",
"8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.src",
"8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.src",
"8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.src",
"8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.x86_64",
"8Base-satellite-6.14:rubygem-puma-debuginfo-0:6.3.1-1.el8sat.x86_64",
"8Base-satellite-6.14:rubygem-puma-debugsource-0:6.3.1-1.el8sat.x86_64",
"8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.src",
"8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.src",
"8Base-satellite-6.14:satellite-capsule-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-cli-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-common-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.src",
"8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-3592"
},
{
"category": "external",
"summary": "RHBZ#2236882",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2236882"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-3592",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3592"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-3592",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-3592"
},
{
"category": "external",
"summary": "https://github.com/eclipse/mosquitto/commit/6113eac95a9df634fbc858be542c4a0456bfe7b9",
"url": "https://github.com/eclipse/mosquitto/commit/6113eac95a9df634fbc858be542c4a0456bfe7b9"
}
],
"release_date": "2023-09-01T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-02-13T14:45:57+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.src",
"8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.14-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.14-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.src",
"8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.14:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.14:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:0797"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.src",
"8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.14-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.14-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.src",
"8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.14:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.14:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "mosquitto: memory leak leads to unresponsive broker"
},
{
"cve": "CVE-2023-4785",
"cwe": {
"id": "CWE-248",
"name": "Uncaught Exception"
},
"discovery_date": "2023-09-14T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.src",
"8Base-satellite-6.14-capsule:foreman-cli-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-debug-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-ec2-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.src",
"8Base-satellite-6.14-capsule:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-journald-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-openstack-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-redis-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-service-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-vmware-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.src",
"8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.14-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.14-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.src",
"8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.x86_64",
"8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.src",
"8Base-satellite-6.14-capsule:python-pulp-container-0:2.14.11-1.el8pc.src",
"8Base-satellite-6.14-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch",
"8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.src",
"8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.src",
"8Base-satellite-6.14-capsule:satellite-capsule-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:satellite-cli-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:satellite-common-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.src",
"8Base-satellite-6.14-utils:foreman-cli-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-debug-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-ec2-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-journald-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-openstack-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-redis-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-service-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-vmware-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.src",
"8Base-satellite-6.14-utils:satellite-capsule-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-cli-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-common-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.noarch",
"8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.src",
"8Base-satellite-6.14:candlepin-selinux-0:4.3.11-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.src",
"8Base-satellite-6.14:foreman-cli-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-debug-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-ec2-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.src",
"8Base-satellite-6.14:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-journald-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-openstack-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-redis-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-service-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-vmware-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.src",
"8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.14:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.14:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.src",
"8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.x86_64",
"8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.noarch",
"8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.src",
"8Base-satellite-6.14:python-pulp-container-0:2.14.11-1.el8pc.src",
"8Base-satellite-6.14:python39-pulp-container-0:2.14.11-1.el8pc.noarch",
"8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.src",
"8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.src",
"8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.x86_64",
"8Base-satellite-6.14:rubygem-google-protobuf-debuginfo-0:3.24.3-1.el8sat.x86_64",
"8Base-satellite-6.14:rubygem-google-protobuf-debugsource-0:3.24.3-1.el8sat.x86_64",
"8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.src",
"8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.src",
"8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.src",
"8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.x86_64",
"8Base-satellite-6.14:rubygem-puma-debuginfo-0:6.3.1-1.el8sat.x86_64",
"8Base-satellite-6.14:rubygem-puma-debugsource-0:6.3.1-1.el8sat.x86_64",
"8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.src",
"8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.src",
"8Base-satellite-6.14:satellite-capsule-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-cli-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-common-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.src",
"8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.x86_64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2239017"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in gRPC. Lack of error handling in the TCP server in Google\u0027s gRPC, starting in version 1.23 on POSIX-compatible platforms (for example, Linux), allows an attacker to cause a denial of service by initiating a significant number of connections with the server. Note that gRPC C++, Python, and Ruby are affected, but gRPC Java and Go are NOT affected.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "gRPC: file descriptor exhaustion leads to denial of service",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.src",
"8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.x86_64"
],
"known_not_affected": [
"8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.src",
"8Base-satellite-6.14-capsule:foreman-cli-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-debug-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-ec2-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.src",
"8Base-satellite-6.14-capsule:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-journald-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-openstack-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-redis-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-service-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-vmware-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.src",
"8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.14-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.14-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.src",
"8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.x86_64",
"8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.src",
"8Base-satellite-6.14-capsule:python-pulp-container-0:2.14.11-1.el8pc.src",
"8Base-satellite-6.14-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch",
"8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.src",
"8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.src",
"8Base-satellite-6.14-capsule:satellite-capsule-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:satellite-cli-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:satellite-common-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.src",
"8Base-satellite-6.14-utils:foreman-cli-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-debug-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-ec2-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-journald-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-openstack-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-redis-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-service-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-vmware-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.src",
"8Base-satellite-6.14-utils:satellite-capsule-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-cli-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-common-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.noarch",
"8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.src",
"8Base-satellite-6.14:candlepin-selinux-0:4.3.11-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.src",
"8Base-satellite-6.14:foreman-cli-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-debug-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-ec2-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.src",
"8Base-satellite-6.14:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-journald-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-openstack-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-redis-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-service-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-vmware-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.src",
"8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.14:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.14:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.src",
"8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.x86_64",
"8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.noarch",
"8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.src",
"8Base-satellite-6.14:python-pulp-container-0:2.14.11-1.el8pc.src",
"8Base-satellite-6.14:python39-pulp-container-0:2.14.11-1.el8pc.noarch",
"8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.src",
"8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.src",
"8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.x86_64",
"8Base-satellite-6.14:rubygem-google-protobuf-debuginfo-0:3.24.3-1.el8sat.x86_64",
"8Base-satellite-6.14:rubygem-google-protobuf-debugsource-0:3.24.3-1.el8sat.x86_64",
"8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.src",
"8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.src",
"8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.src",
"8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.x86_64",
"8Base-satellite-6.14:rubygem-puma-debuginfo-0:6.3.1-1.el8sat.x86_64",
"8Base-satellite-6.14:rubygem-puma-debugsource-0:6.3.1-1.el8sat.x86_64",
"8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.src",
"8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.src",
"8Base-satellite-6.14:satellite-capsule-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-cli-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-common-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.src",
"8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-4785"
},
{
"category": "external",
"summary": "RHBZ#2239017",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2239017"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-4785",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4785"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-4785",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-4785"
},
{
"category": "external",
"summary": "https://github.com/advisories/GHSA-p25m-jpj4-qcrr",
"url": "https://github.com/advisories/GHSA-p25m-jpj4-qcrr"
},
{
"category": "external",
"summary": "https://github.com/grpc/grpc/pull/33656",
"url": "https://github.com/grpc/grpc/pull/33656"
},
{
"category": "external",
"summary": "https://github.com/grpc/grpc/pull/33667",
"url": "https://github.com/grpc/grpc/pull/33667"
},
{
"category": "external",
"summary": "https://github.com/grpc/grpc/pull/33669",
"url": "https://github.com/grpc/grpc/pull/33669"
},
{
"category": "external",
"summary": "https://github.com/grpc/grpc/pull/33670",
"url": "https://github.com/grpc/grpc/pull/33670"
},
{
"category": "external",
"summary": "https://github.com/grpc/grpc/pull/33672",
"url": "https://github.com/grpc/grpc/pull/33672"
}
],
"release_date": "2023-09-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-02-13T14:45:57+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.src",
"8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:0797"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.src",
"8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "gRPC: file descriptor exhaustion leads to denial of service"
},
{
"cve": "CVE-2023-26049",
"cwe": {
"id": "CWE-1286",
"name": "Improper Validation of Syntactic Correctness of Input"
},
"discovery_date": "2023-08-30T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.src",
"8Base-satellite-6.14-capsule:foreman-cli-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-debug-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-ec2-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.src",
"8Base-satellite-6.14-capsule:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-journald-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-openstack-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-redis-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-service-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-vmware-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.src",
"8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.14-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.14-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.src",
"8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.x86_64",
"8Base-satellite-6.14-capsule:python-pulp-container-0:2.14.11-1.el8pc.src",
"8Base-satellite-6.14-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch",
"8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.src",
"8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.src",
"8Base-satellite-6.14-capsule:satellite-capsule-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:satellite-cli-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:satellite-common-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.src",
"8Base-satellite-6.14-utils:foreman-cli-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-debug-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-ec2-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-journald-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-openstack-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-redis-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-service-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-vmware-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.src",
"8Base-satellite-6.14-utils:satellite-capsule-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-cli-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-common-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.noarch",
"8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.src",
"8Base-satellite-6.14:candlepin-selinux-0:4.3.11-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.src",
"8Base-satellite-6.14:foreman-cli-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-debug-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-ec2-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.src",
"8Base-satellite-6.14:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-journald-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-openstack-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-redis-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-service-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-vmware-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.src",
"8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.14:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.14:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.src",
"8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.x86_64",
"8Base-satellite-6.14:python-pulp-container-0:2.14.11-1.el8pc.src",
"8Base-satellite-6.14:python39-pulp-container-0:2.14.11-1.el8pc.noarch",
"8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.src",
"8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.src",
"8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.x86_64",
"8Base-satellite-6.14:rubygem-google-protobuf-debuginfo-0:3.24.3-1.el8sat.x86_64",
"8Base-satellite-6.14:rubygem-google-protobuf-debugsource-0:3.24.3-1.el8sat.x86_64",
"8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.src",
"8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.x86_64",
"8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.src",
"8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.src",
"8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.src",
"8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.x86_64",
"8Base-satellite-6.14:rubygem-puma-debuginfo-0:6.3.1-1.el8sat.x86_64",
"8Base-satellite-6.14:rubygem-puma-debugsource-0:6.3.1-1.el8sat.x86_64",
"8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.src",
"8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.src",
"8Base-satellite-6.14:satellite-capsule-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-cli-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-common-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.src",
"8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.x86_64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2236341"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the jetty-server package. Nonstandard cookie parsing in Jetty may allow an attacker to smuggle cookies within other cookies or otherwise perform unintended behavior by tampering with the cookie parsing mechanism.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jetty-server: Cookie parsing of quoted values can exfiltrate values from other cookies",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.src",
"8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.noarch",
"8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.src"
],
"known_not_affected": [
"8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.src",
"8Base-satellite-6.14-capsule:foreman-cli-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-debug-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-ec2-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.src",
"8Base-satellite-6.14-capsule:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-journald-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-openstack-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-redis-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-service-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-vmware-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.src",
"8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.14-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.14-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.src",
"8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.x86_64",
"8Base-satellite-6.14-capsule:python-pulp-container-0:2.14.11-1.el8pc.src",
"8Base-satellite-6.14-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch",
"8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.src",
"8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.src",
"8Base-satellite-6.14-capsule:satellite-capsule-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:satellite-cli-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:satellite-common-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.src",
"8Base-satellite-6.14-utils:foreman-cli-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-debug-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-ec2-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-journald-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-openstack-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-redis-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-service-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-vmware-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.src",
"8Base-satellite-6.14-utils:satellite-capsule-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-cli-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-common-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.noarch",
"8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.src",
"8Base-satellite-6.14:candlepin-selinux-0:4.3.11-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.src",
"8Base-satellite-6.14:foreman-cli-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-debug-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-ec2-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.src",
"8Base-satellite-6.14:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-journald-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-openstack-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-redis-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-service-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-vmware-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.src",
"8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.14:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.14:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.src",
"8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.x86_64",
"8Base-satellite-6.14:python-pulp-container-0:2.14.11-1.el8pc.src",
"8Base-satellite-6.14:python39-pulp-container-0:2.14.11-1.el8pc.noarch",
"8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.src",
"8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.src",
"8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.x86_64",
"8Base-satellite-6.14:rubygem-google-protobuf-debuginfo-0:3.24.3-1.el8sat.x86_64",
"8Base-satellite-6.14:rubygem-google-protobuf-debugsource-0:3.24.3-1.el8sat.x86_64",
"8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.src",
"8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.x86_64",
"8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.src",
"8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.src",
"8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.src",
"8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.x86_64",
"8Base-satellite-6.14:rubygem-puma-debuginfo-0:6.3.1-1.el8sat.x86_64",
"8Base-satellite-6.14:rubygem-puma-debugsource-0:6.3.1-1.el8sat.x86_64",
"8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.src",
"8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.src",
"8Base-satellite-6.14:satellite-capsule-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-cli-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-common-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.src",
"8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-26049"
},
{
"category": "external",
"summary": "RHBZ#2236341",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2236341"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-26049",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-26049"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-26049",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-26049"
},
{
"category": "external",
"summary": "https://github.com/eclipse/jetty.project/security/advisories/GHSA-p26g-97m4-6q7c",
"url": "https://github.com/eclipse/jetty.project/security/advisories/GHSA-p26g-97m4-6q7c"
}
],
"release_date": "2023-04-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-02-13T14:45:57+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.src",
"8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.noarch",
"8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:0797"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.src",
"8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.noarch",
"8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jetty-server: Cookie parsing of quoted values can exfiltrate values from other cookies"
},
{
"cve": "CVE-2023-26141",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2023-09-14T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.src",
"8Base-satellite-6.14-capsule:foreman-cli-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-debug-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-ec2-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.src",
"8Base-satellite-6.14-capsule:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-journald-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-openstack-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-redis-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-service-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-vmware-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.src",
"8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.14-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.14-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.src",
"8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.x86_64",
"8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.src",
"8Base-satellite-6.14-capsule:python-pulp-container-0:2.14.11-1.el8pc.src",
"8Base-satellite-6.14-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch",
"8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.src",
"8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.src",
"8Base-satellite-6.14-capsule:satellite-capsule-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:satellite-cli-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:satellite-common-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.src",
"8Base-satellite-6.14-utils:foreman-cli-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-debug-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-ec2-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-journald-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-openstack-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-redis-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-service-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-vmware-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.src",
"8Base-satellite-6.14-utils:satellite-capsule-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-cli-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-common-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.noarch",
"8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.src",
"8Base-satellite-6.14:candlepin-selinux-0:4.3.11-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.src",
"8Base-satellite-6.14:foreman-cli-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-debug-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-ec2-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.src",
"8Base-satellite-6.14:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-journald-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-openstack-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-redis-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-service-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-vmware-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.src",
"8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.14:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.14:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.src",
"8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.x86_64",
"8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.noarch",
"8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.src",
"8Base-satellite-6.14:python-pulp-container-0:2.14.11-1.el8pc.src",
"8Base-satellite-6.14:python39-pulp-container-0:2.14.11-1.el8pc.noarch",
"8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.src",
"8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.src",
"8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.x86_64",
"8Base-satellite-6.14:rubygem-google-protobuf-debuginfo-0:3.24.3-1.el8sat.x86_64",
"8Base-satellite-6.14:rubygem-google-protobuf-debugsource-0:3.24.3-1.el8sat.x86_64",
"8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.src",
"8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.x86_64",
"8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.src",
"8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.src",
"8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.src",
"8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.x86_64",
"8Base-satellite-6.14:rubygem-puma-debuginfo-0:6.3.1-1.el8sat.x86_64",
"8Base-satellite-6.14:rubygem-puma-debugsource-0:6.3.1-1.el8sat.x86_64",
"8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.src",
"8Base-satellite-6.14:satellite-capsule-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-cli-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-common-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.src",
"8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.x86_64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2239010"
}
],
"notes": [
{
"category": "description",
"text": "A denial of service vulnerability was found in Sidekiq. This flaw allows an attacker to manipulate the localStorage value in the dashboard-charts.js file and cause excessive polling requests.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "sidekiq: DoS in dashboard-charts",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.src"
],
"known_not_affected": [
"8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.src",
"8Base-satellite-6.14-capsule:foreman-cli-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-debug-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-ec2-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.src",
"8Base-satellite-6.14-capsule:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-journald-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-openstack-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-redis-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-service-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-vmware-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.src",
"8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.14-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.14-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.src",
"8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.x86_64",
"8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.src",
"8Base-satellite-6.14-capsule:python-pulp-container-0:2.14.11-1.el8pc.src",
"8Base-satellite-6.14-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch",
"8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.src",
"8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.src",
"8Base-satellite-6.14-capsule:satellite-capsule-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:satellite-cli-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:satellite-common-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.src",
"8Base-satellite-6.14-utils:foreman-cli-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-debug-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-ec2-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-journald-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-openstack-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-redis-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-service-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-vmware-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.src",
"8Base-satellite-6.14-utils:satellite-capsule-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-cli-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-common-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.noarch",
"8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.src",
"8Base-satellite-6.14:candlepin-selinux-0:4.3.11-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.src",
"8Base-satellite-6.14:foreman-cli-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-debug-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-ec2-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.src",
"8Base-satellite-6.14:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-journald-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-openstack-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-redis-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-service-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-vmware-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.src",
"8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.14:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.14:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.src",
"8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.x86_64",
"8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.noarch",
"8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.src",
"8Base-satellite-6.14:python-pulp-container-0:2.14.11-1.el8pc.src",
"8Base-satellite-6.14:python39-pulp-container-0:2.14.11-1.el8pc.noarch",
"8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.src",
"8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.src",
"8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.x86_64",
"8Base-satellite-6.14:rubygem-google-protobuf-debuginfo-0:3.24.3-1.el8sat.x86_64",
"8Base-satellite-6.14:rubygem-google-protobuf-debugsource-0:3.24.3-1.el8sat.x86_64",
"8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.src",
"8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.x86_64",
"8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.src",
"8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.src",
"8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.src",
"8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.x86_64",
"8Base-satellite-6.14:rubygem-puma-debuginfo-0:6.3.1-1.el8sat.x86_64",
"8Base-satellite-6.14:rubygem-puma-debugsource-0:6.3.1-1.el8sat.x86_64",
"8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.src",
"8Base-satellite-6.14:satellite-capsule-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-cli-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-common-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.src",
"8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-26141"
},
{
"category": "external",
"summary": "RHBZ#2239010",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2239010"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-26141",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-26141"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-26141",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-26141"
},
{
"category": "external",
"summary": "https://github.com/sidekiq/sidekiq/commit/62c90d7c5a7d8a378d79909859d87c2e0702bf89",
"url": "https://github.com/sidekiq/sidekiq/commit/62c90d7c5a7d8a378d79909859d87c2e0702bf89"
}
],
"release_date": "2023-09-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-02-13T14:45:57+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:0797"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "sidekiq: DoS in dashboard-charts"
},
{
"cve": "CVE-2023-28366",
"cwe": {
"id": "CWE-401",
"name": "Missing Release of Memory after Effective Lifetime"
},
"discovery_date": "2023-09-01T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.src",
"8Base-satellite-6.14-capsule:foreman-cli-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-debug-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-ec2-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.src",
"8Base-satellite-6.14-capsule:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-journald-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-openstack-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-redis-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-service-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-vmware-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.src",
"8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.x86_64",
"8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.src",
"8Base-satellite-6.14-capsule:python-pulp-container-0:2.14.11-1.el8pc.src",
"8Base-satellite-6.14-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch",
"8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.src",
"8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.src",
"8Base-satellite-6.14-capsule:satellite-capsule-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:satellite-cli-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:satellite-common-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.src",
"8Base-satellite-6.14-utils:foreman-cli-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-debug-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-ec2-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-journald-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-openstack-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-redis-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-service-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-vmware-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.src",
"8Base-satellite-6.14-utils:satellite-capsule-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-cli-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-common-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.noarch",
"8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.src",
"8Base-satellite-6.14:candlepin-selinux-0:4.3.11-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.src",
"8Base-satellite-6.14:foreman-cli-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-debug-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-ec2-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.src",
"8Base-satellite-6.14:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-journald-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-openstack-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-redis-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-service-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-vmware-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.src",
"8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.x86_64",
"8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.noarch",
"8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.src",
"8Base-satellite-6.14:python-pulp-container-0:2.14.11-1.el8pc.src",
"8Base-satellite-6.14:python39-pulp-container-0:2.14.11-1.el8pc.noarch",
"8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.src",
"8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.src",
"8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.x86_64",
"8Base-satellite-6.14:rubygem-google-protobuf-debuginfo-0:3.24.3-1.el8sat.x86_64",
"8Base-satellite-6.14:rubygem-google-protobuf-debugsource-0:3.24.3-1.el8sat.x86_64",
"8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.src",
"8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.x86_64",
"8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.src",
"8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.src",
"8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.src",
"8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.x86_64",
"8Base-satellite-6.14:rubygem-puma-debuginfo-0:6.3.1-1.el8sat.x86_64",
"8Base-satellite-6.14:rubygem-puma-debugsource-0:6.3.1-1.el8sat.x86_64",
"8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.src",
"8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.src",
"8Base-satellite-6.14:satellite-capsule-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-cli-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-common-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.src",
"8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.x86_64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2236882"
}
],
"notes": [
{
"category": "description",
"text": "A memory leak vulnerability was found in Eclipse Mosquitto. This issue is triggered by malicious initial packets or certain client actions and may allow a remote attacker to the deplete system resources causing memory exhaustion, leading to a disruption in services and a denial of service condition.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "mosquitto: memory leak leads to unresponsive broker",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.src",
"8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.14-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.14-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.src",
"8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.14:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.14:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64"
],
"known_not_affected": [
"8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.src",
"8Base-satellite-6.14-capsule:foreman-cli-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-debug-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-ec2-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.src",
"8Base-satellite-6.14-capsule:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-journald-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-openstack-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-redis-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-service-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-vmware-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.src",
"8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.x86_64",
"8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.src",
"8Base-satellite-6.14-capsule:python-pulp-container-0:2.14.11-1.el8pc.src",
"8Base-satellite-6.14-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch",
"8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.src",
"8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.src",
"8Base-satellite-6.14-capsule:satellite-capsule-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:satellite-cli-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:satellite-common-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.src",
"8Base-satellite-6.14-utils:foreman-cli-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-debug-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-ec2-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-journald-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-openstack-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-redis-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-service-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-vmware-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.src",
"8Base-satellite-6.14-utils:satellite-capsule-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-cli-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-common-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.noarch",
"8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.src",
"8Base-satellite-6.14:candlepin-selinux-0:4.3.11-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.src",
"8Base-satellite-6.14:foreman-cli-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-debug-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-ec2-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.src",
"8Base-satellite-6.14:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-journald-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-openstack-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-redis-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-service-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-vmware-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.src",
"8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.x86_64",
"8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.noarch",
"8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.src",
"8Base-satellite-6.14:python-pulp-container-0:2.14.11-1.el8pc.src",
"8Base-satellite-6.14:python39-pulp-container-0:2.14.11-1.el8pc.noarch",
"8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.src",
"8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.src",
"8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.x86_64",
"8Base-satellite-6.14:rubygem-google-protobuf-debuginfo-0:3.24.3-1.el8sat.x86_64",
"8Base-satellite-6.14:rubygem-google-protobuf-debugsource-0:3.24.3-1.el8sat.x86_64",
"8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.src",
"8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.x86_64",
"8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.src",
"8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.src",
"8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.src",
"8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.x86_64",
"8Base-satellite-6.14:rubygem-puma-debuginfo-0:6.3.1-1.el8sat.x86_64",
"8Base-satellite-6.14:rubygem-puma-debugsource-0:6.3.1-1.el8sat.x86_64",
"8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.src",
"8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.src",
"8Base-satellite-6.14:satellite-capsule-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-cli-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-common-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.src",
"8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-28366"
},
{
"category": "external",
"summary": "RHBZ#2236882",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2236882"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-28366",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28366"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-28366",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-28366"
},
{
"category": "external",
"summary": "https://github.com/eclipse/mosquitto/commit/6113eac95a9df634fbc858be542c4a0456bfe7b9",
"url": "https://github.com/eclipse/mosquitto/commit/6113eac95a9df634fbc858be542c4a0456bfe7b9"
}
],
"release_date": "2023-09-01T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-02-13T14:45:57+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.src",
"8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.14-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.14-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.src",
"8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.14:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.14:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:0797"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.src",
"8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.14-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.14-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.src",
"8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.14:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.14:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "mosquitto: memory leak leads to unresponsive broker"
},
{
"cve": "CVE-2023-36479",
"cwe": {
"id": "CWE-149",
"name": "Improper Neutralization of Quoting Syntax"
},
"discovery_date": "2023-09-19T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.src",
"8Base-satellite-6.14-capsule:foreman-cli-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-debug-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-ec2-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.src",
"8Base-satellite-6.14-capsule:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-journald-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-openstack-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-redis-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-service-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-vmware-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.src",
"8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.14-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.14-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.src",
"8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.x86_64",
"8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.src",
"8Base-satellite-6.14-capsule:python-pulp-container-0:2.14.11-1.el8pc.src",
"8Base-satellite-6.14-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch",
"8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.src",
"8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.src",
"8Base-satellite-6.14-capsule:satellite-capsule-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:satellite-cli-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:satellite-common-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.src",
"8Base-satellite-6.14-utils:foreman-cli-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-debug-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-ec2-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-journald-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-openstack-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-redis-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-service-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-vmware-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.src",
"8Base-satellite-6.14-utils:satellite-capsule-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-cli-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-common-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.src",
"8Base-satellite-6.14:foreman-cli-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-debug-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-ec2-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.src",
"8Base-satellite-6.14:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-journald-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-openstack-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-redis-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-service-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-vmware-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.src",
"8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.14:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.14:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.src",
"8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.x86_64",
"8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.noarch",
"8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.src",
"8Base-satellite-6.14:python-pulp-container-0:2.14.11-1.el8pc.src",
"8Base-satellite-6.14:python39-pulp-container-0:2.14.11-1.el8pc.noarch",
"8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.src",
"8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.src",
"8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.x86_64",
"8Base-satellite-6.14:rubygem-google-protobuf-debuginfo-0:3.24.3-1.el8sat.x86_64",
"8Base-satellite-6.14:rubygem-google-protobuf-debugsource-0:3.24.3-1.el8sat.x86_64",
"8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.src",
"8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.x86_64",
"8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.src",
"8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.src",
"8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.src",
"8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.x86_64",
"8Base-satellite-6.14:rubygem-puma-debuginfo-0:6.3.1-1.el8sat.x86_64",
"8Base-satellite-6.14:rubygem-puma-debugsource-0:6.3.1-1.el8sat.x86_64",
"8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.src",
"8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.src",
"8Base-satellite-6.14:satellite-capsule-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-cli-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-common-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.src",
"8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.x86_64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2239630"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Jetty\u0027s CGI servlet which permits incorrect command execution in specific circumstances such as requests with certain characters in requested filenames. This issue could allow an attacker to run permitted commands other than the one requested.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jetty: Improper addition of quotation marks to user inputs in CgiServlet",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.noarch",
"8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.src",
"8Base-satellite-6.14:candlepin-selinux-0:4.3.11-1.el8sat.noarch"
],
"known_not_affected": [
"8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.src",
"8Base-satellite-6.14-capsule:foreman-cli-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-debug-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-ec2-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.src",
"8Base-satellite-6.14-capsule:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-journald-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-openstack-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-redis-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-service-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-vmware-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.src",
"8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.14-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.14-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.src",
"8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.x86_64",
"8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.src",
"8Base-satellite-6.14-capsule:python-pulp-container-0:2.14.11-1.el8pc.src",
"8Base-satellite-6.14-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch",
"8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.src",
"8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.src",
"8Base-satellite-6.14-capsule:satellite-capsule-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:satellite-cli-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:satellite-common-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.src",
"8Base-satellite-6.14-utils:foreman-cli-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-debug-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-ec2-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-journald-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-openstack-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-redis-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-service-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-vmware-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.src",
"8Base-satellite-6.14-utils:satellite-capsule-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-cli-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-common-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.src",
"8Base-satellite-6.14:foreman-cli-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-debug-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-ec2-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.src",
"8Base-satellite-6.14:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-journald-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-openstack-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-redis-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-service-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-vmware-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.src",
"8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.14:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.14:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.src",
"8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.x86_64",
"8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.noarch",
"8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.src",
"8Base-satellite-6.14:python-pulp-container-0:2.14.11-1.el8pc.src",
"8Base-satellite-6.14:python39-pulp-container-0:2.14.11-1.el8pc.noarch",
"8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.src",
"8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.src",
"8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.x86_64",
"8Base-satellite-6.14:rubygem-google-protobuf-debuginfo-0:3.24.3-1.el8sat.x86_64",
"8Base-satellite-6.14:rubygem-google-protobuf-debugsource-0:3.24.3-1.el8sat.x86_64",
"8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.src",
"8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.x86_64",
"8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.src",
"8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.src",
"8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.src",
"8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.x86_64",
"8Base-satellite-6.14:rubygem-puma-debuginfo-0:6.3.1-1.el8sat.x86_64",
"8Base-satellite-6.14:rubygem-puma-debugsource-0:6.3.1-1.el8sat.x86_64",
"8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.src",
"8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.src",
"8Base-satellite-6.14:satellite-capsule-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-cli-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-common-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.src",
"8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-36479"
},
{
"category": "external",
"summary": "RHBZ#2239630",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2239630"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-36479",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-36479"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-36479",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-36479"
}
],
"release_date": "2023-09-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-02-13T14:45:57+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.noarch",
"8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.src",
"8Base-satellite-6.14:candlepin-selinux-0:4.3.11-1.el8sat.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:0797"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.5,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.noarch",
"8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.src",
"8Base-satellite-6.14:candlepin-selinux-0:4.3.11-1.el8sat.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "jetty: Improper addition of quotation marks to user inputs in CgiServlet"
},
{
"acknowledgments": [
{
"names": [
"Jay Satiro"
]
}
],
"cve": "CVE-2023-38545",
"cwe": {
"id": "CWE-119",
"name": "Improper Restriction of Operations within the Bounds of a Memory Buffer"
},
"discovery_date": "2023-10-03T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.src",
"8Base-satellite-6.14-capsule:foreman-cli-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-debug-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-ec2-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.src",
"8Base-satellite-6.14-capsule:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-journald-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-openstack-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-redis-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-service-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-vmware-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.src",
"8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.14-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.14-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.src",
"8Base-satellite-6.14-capsule:python-pulp-container-0:2.14.11-1.el8pc.src",
"8Base-satellite-6.14-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch",
"8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.src",
"8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.src",
"8Base-satellite-6.14-capsule:satellite-capsule-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:satellite-cli-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:satellite-common-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.src",
"8Base-satellite-6.14-utils:foreman-cli-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-debug-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-ec2-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-journald-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-openstack-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-redis-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-service-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-vmware-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.src",
"8Base-satellite-6.14-utils:satellite-capsule-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-cli-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-common-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.noarch",
"8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.src",
"8Base-satellite-6.14:candlepin-selinux-0:4.3.11-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.src",
"8Base-satellite-6.14:foreman-cli-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-debug-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-ec2-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.src",
"8Base-satellite-6.14:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-journald-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-openstack-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-redis-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-service-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-vmware-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.src",
"8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.14:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.14:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.noarch",
"8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.src",
"8Base-satellite-6.14:python-pulp-container-0:2.14.11-1.el8pc.src",
"8Base-satellite-6.14:python39-pulp-container-0:2.14.11-1.el8pc.noarch",
"8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.src",
"8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.src",
"8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.x86_64",
"8Base-satellite-6.14:rubygem-google-protobuf-debuginfo-0:3.24.3-1.el8sat.x86_64",
"8Base-satellite-6.14:rubygem-google-protobuf-debugsource-0:3.24.3-1.el8sat.x86_64",
"8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.src",
"8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.x86_64",
"8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.src",
"8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.src",
"8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.src",
"8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.x86_64",
"8Base-satellite-6.14:rubygem-puma-debuginfo-0:6.3.1-1.el8sat.x86_64",
"8Base-satellite-6.14:rubygem-puma-debugsource-0:6.3.1-1.el8sat.x86_64",
"8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.src",
"8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.src",
"8Base-satellite-6.14:satellite-capsule-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-cli-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-common-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.src",
"8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.x86_64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2241933"
}
],
"notes": [
{
"category": "description",
"text": "A heap-based buffer overflow flaw was found in the SOCKS5 proxy handshake in the Curl package. If Curl is unable to resolve the address itself, it passes the hostname to the SOCKS5 proxy. However, the maximum length of the hostname that can be passed is 255 bytes. If the hostname is longer, then Curl switches to the local name resolving and passes the resolved address only to the proxy. The local variable that instructs Curl to \"let the host resolve the name\" could obtain the wrong value during a slow SOCKS5 handshake, resulting in the too-long hostname being copied to the target buffer instead of the resolved address, which was not the intended behavior.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "curl: heap based buffer overflow in the SOCKS5 proxy handshake",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw does not affect the versions of curl as shipped with Red Hat Enterprise Linux 6, 7, and 8.\n\nAn overflow is only possible in applications that do not set `CURLOPT_BUFFERSIZE`, or set it smaller than approximately 65kB. Since the curl tool sets `CURLOPT_BUFFERSIZE` to 100kB by default, it is not vulnerable unless rate limiting was set by the user to a size smaller than 65kB.\n\nKnowledgebase article:\n\nhttps://access.redhat.com/solutions/7045099",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.src",
"8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.x86_64",
"8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.src",
"8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.x86_64"
],
"known_not_affected": [
"8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.src",
"8Base-satellite-6.14-capsule:foreman-cli-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-debug-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-ec2-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.src",
"8Base-satellite-6.14-capsule:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-journald-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-openstack-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-redis-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-service-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-vmware-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.src",
"8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.14-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.14-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.src",
"8Base-satellite-6.14-capsule:python-pulp-container-0:2.14.11-1.el8pc.src",
"8Base-satellite-6.14-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch",
"8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.src",
"8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.src",
"8Base-satellite-6.14-capsule:satellite-capsule-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:satellite-cli-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:satellite-common-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.src",
"8Base-satellite-6.14-utils:foreman-cli-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-debug-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-ec2-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-journald-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-openstack-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-redis-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-service-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-vmware-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.src",
"8Base-satellite-6.14-utils:satellite-capsule-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-cli-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-common-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.noarch",
"8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.src",
"8Base-satellite-6.14:candlepin-selinux-0:4.3.11-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.src",
"8Base-satellite-6.14:foreman-cli-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-debug-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-ec2-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.src",
"8Base-satellite-6.14:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-journald-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-openstack-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-redis-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-service-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-vmware-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.src",
"8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.14:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.14:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.noarch",
"8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.src",
"8Base-satellite-6.14:python-pulp-container-0:2.14.11-1.el8pc.src",
"8Base-satellite-6.14:python39-pulp-container-0:2.14.11-1.el8pc.noarch",
"8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.src",
"8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.src",
"8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.x86_64",
"8Base-satellite-6.14:rubygem-google-protobuf-debuginfo-0:3.24.3-1.el8sat.x86_64",
"8Base-satellite-6.14:rubygem-google-protobuf-debugsource-0:3.24.3-1.el8sat.x86_64",
"8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.src",
"8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.x86_64",
"8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.src",
"8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.src",
"8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.src",
"8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.x86_64",
"8Base-satellite-6.14:rubygem-puma-debuginfo-0:6.3.1-1.el8sat.x86_64",
"8Base-satellite-6.14:rubygem-puma-debugsource-0:6.3.1-1.el8sat.x86_64",
"8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.src",
"8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.src",
"8Base-satellite-6.14:satellite-capsule-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-cli-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-common-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.src",
"8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-38545"
},
{
"category": "external",
"summary": "RHBZ#2241933",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2241933"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-38545",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38545"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-38545",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-38545"
},
{
"category": "external",
"summary": "https://curl.se/docs/CVE-2023-38545.html",
"url": "https://curl.se/docs/CVE-2023-38545.html"
}
],
"release_date": "2023-10-11T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-02-13T14:45:57+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.src",
"8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.x86_64",
"8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.src",
"8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:0797"
},
{
"category": "workaround",
"details": "To avoid this issue, we recommend you do not use `CURLPROXY_SOCKS5_HOSTNAME` proxies with curl. Also do not set a proxy environment variable to socks5h://",
"product_ids": [
"8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.src",
"8Base-satellite-6.14-capsule:foreman-cli-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-debug-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-ec2-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.src",
"8Base-satellite-6.14-capsule:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-journald-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-openstack-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-redis-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-service-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-vmware-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.src",
"8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.14-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.14-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.src",
"8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.x86_64",
"8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.src",
"8Base-satellite-6.14-capsule:python-pulp-container-0:2.14.11-1.el8pc.src",
"8Base-satellite-6.14-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch",
"8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.src",
"8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.src",
"8Base-satellite-6.14-capsule:satellite-capsule-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:satellite-cli-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:satellite-common-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.src",
"8Base-satellite-6.14-utils:foreman-cli-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-debug-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-ec2-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-journald-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-openstack-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-redis-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-service-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-vmware-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.src",
"8Base-satellite-6.14-utils:satellite-capsule-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-cli-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-common-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.noarch",
"8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.src",
"8Base-satellite-6.14:candlepin-selinux-0:4.3.11-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.src",
"8Base-satellite-6.14:foreman-cli-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-debug-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-ec2-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.src",
"8Base-satellite-6.14:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-journald-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-openstack-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-redis-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-service-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-vmware-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.src",
"8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.14:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.14:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.src",
"8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.x86_64",
"8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.noarch",
"8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.src",
"8Base-satellite-6.14:python-pulp-container-0:2.14.11-1.el8pc.src",
"8Base-satellite-6.14:python39-pulp-container-0:2.14.11-1.el8pc.noarch",
"8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.src",
"8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.src",
"8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.x86_64",
"8Base-satellite-6.14:rubygem-google-protobuf-debuginfo-0:3.24.3-1.el8sat.x86_64",
"8Base-satellite-6.14:rubygem-google-protobuf-debugsource-0:3.24.3-1.el8sat.x86_64",
"8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.src",
"8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.x86_64",
"8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.src",
"8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.src",
"8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.src",
"8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.x86_64",
"8Base-satellite-6.14:rubygem-puma-debuginfo-0:6.3.1-1.el8sat.x86_64",
"8Base-satellite-6.14:rubygem-puma-debugsource-0:6.3.1-1.el8sat.x86_64",
"8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.src",
"8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.src",
"8Base-satellite-6.14:satellite-capsule-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-cli-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-common-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.src",
"8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.src",
"8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.x86_64",
"8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.src",
"8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "curl: heap based buffer overflow in the SOCKS5 proxy handshake"
},
{
"cve": "CVE-2023-40167",
"cwe": {
"id": "CWE-130",
"name": "Improper Handling of Length Parameter Inconsistency"
},
"discovery_date": "2023-09-19T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.src",
"8Base-satellite-6.14-capsule:foreman-cli-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-debug-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-ec2-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.src",
"8Base-satellite-6.14-capsule:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-journald-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-openstack-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-redis-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-service-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-vmware-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.src",
"8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.14-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.14-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.src",
"8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.x86_64",
"8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.src",
"8Base-satellite-6.14-capsule:python-pulp-container-0:2.14.11-1.el8pc.src",
"8Base-satellite-6.14-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch",
"8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.src",
"8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.src",
"8Base-satellite-6.14-capsule:satellite-capsule-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:satellite-cli-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:satellite-common-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.src",
"8Base-satellite-6.14-utils:foreman-cli-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-debug-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-ec2-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-journald-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-openstack-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-redis-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-service-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-vmware-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.src",
"8Base-satellite-6.14-utils:satellite-capsule-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-cli-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-common-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.src",
"8Base-satellite-6.14:foreman-cli-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-debug-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-ec2-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.src",
"8Base-satellite-6.14:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-journald-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-openstack-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-redis-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-service-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-vmware-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.src",
"8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.14:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.14:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.src",
"8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.x86_64",
"8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.noarch",
"8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.src",
"8Base-satellite-6.14:python-pulp-container-0:2.14.11-1.el8pc.src",
"8Base-satellite-6.14:python39-pulp-container-0:2.14.11-1.el8pc.noarch",
"8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.src",
"8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.src",
"8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.x86_64",
"8Base-satellite-6.14:rubygem-google-protobuf-debuginfo-0:3.24.3-1.el8sat.x86_64",
"8Base-satellite-6.14:rubygem-google-protobuf-debugsource-0:3.24.3-1.el8sat.x86_64",
"8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.src",
"8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.x86_64",
"8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.src",
"8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.src",
"8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.src",
"8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.x86_64",
"8Base-satellite-6.14:rubygem-puma-debuginfo-0:6.3.1-1.el8sat.x86_64",
"8Base-satellite-6.14:rubygem-puma-debugsource-0:6.3.1-1.el8sat.x86_64",
"8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.src",
"8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.src",
"8Base-satellite-6.14:satellite-capsule-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-cli-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-common-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.src",
"8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.x86_64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2239634"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Jetty that permits a plus sign (+) preceding the content-length value in a HTTP/1 header field, which is non-standard and more permissive than RFC. This issue could allow an attacker to request smuggling in conjunction with a server that does not close connections after 400 responses.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jetty: Improper validation of HTTP/1 content-length",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.noarch",
"8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.src",
"8Base-satellite-6.14:candlepin-selinux-0:4.3.11-1.el8sat.noarch"
],
"known_not_affected": [
"8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.src",
"8Base-satellite-6.14-capsule:foreman-cli-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-debug-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-ec2-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.src",
"8Base-satellite-6.14-capsule:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-journald-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-openstack-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-redis-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-service-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-vmware-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.src",
"8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.14-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.14-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.src",
"8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.x86_64",
"8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.src",
"8Base-satellite-6.14-capsule:python-pulp-container-0:2.14.11-1.el8pc.src",
"8Base-satellite-6.14-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch",
"8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.src",
"8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.src",
"8Base-satellite-6.14-capsule:satellite-capsule-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:satellite-cli-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:satellite-common-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.src",
"8Base-satellite-6.14-utils:foreman-cli-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-debug-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-ec2-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-journald-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-openstack-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-redis-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-service-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-vmware-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.src",
"8Base-satellite-6.14-utils:satellite-capsule-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-cli-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-common-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.src",
"8Base-satellite-6.14:foreman-cli-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-debug-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-ec2-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.src",
"8Base-satellite-6.14:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-journald-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-openstack-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-redis-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-service-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-vmware-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.src",
"8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.14:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.14:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.src",
"8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.x86_64",
"8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.noarch",
"8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.src",
"8Base-satellite-6.14:python-pulp-container-0:2.14.11-1.el8pc.src",
"8Base-satellite-6.14:python39-pulp-container-0:2.14.11-1.el8pc.noarch",
"8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.src",
"8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.src",
"8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.x86_64",
"8Base-satellite-6.14:rubygem-google-protobuf-debuginfo-0:3.24.3-1.el8sat.x86_64",
"8Base-satellite-6.14:rubygem-google-protobuf-debugsource-0:3.24.3-1.el8sat.x86_64",
"8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.src",
"8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.x86_64",
"8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.src",
"8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.src",
"8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.src",
"8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.x86_64",
"8Base-satellite-6.14:rubygem-puma-debuginfo-0:6.3.1-1.el8sat.x86_64",
"8Base-satellite-6.14:rubygem-puma-debugsource-0:6.3.1-1.el8sat.x86_64",
"8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.src",
"8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.src",
"8Base-satellite-6.14:satellite-capsule-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-cli-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-common-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.src",
"8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-40167"
},
{
"category": "external",
"summary": "RHBZ#2239634",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2239634"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-40167",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-40167"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-40167",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-40167"
},
{
"category": "external",
"summary": "https://github.com/eclipse/jetty.project/security/advisories/GHSA-hmr7-m48g-48f6",
"url": "https://github.com/eclipse/jetty.project/security/advisories/GHSA-hmr7-m48g-48f6"
},
{
"category": "external",
"summary": "https://www.rfc-editor.org/rfc/rfc9110#section-8.6",
"url": "https://www.rfc-editor.org/rfc/rfc9110#section-8.6"
}
],
"release_date": "2023-09-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-02-13T14:45:57+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.noarch",
"8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.src",
"8Base-satellite-6.14:candlepin-selinux-0:4.3.11-1.el8sat.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:0797"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.noarch",
"8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.src",
"8Base-satellite-6.14:candlepin-selinux-0:4.3.11-1.el8sat.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jetty: Improper validation of HTTP/1 content-length"
},
{
"cve": "CVE-2023-40175",
"cwe": {
"id": "CWE-444",
"name": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)"
},
"discovery_date": "2023-08-18T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.src",
"8Base-satellite-6.14-capsule:foreman-cli-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-debug-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-ec2-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.src",
"8Base-satellite-6.14-capsule:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-journald-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-openstack-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-redis-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-service-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-vmware-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.src",
"8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.14-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.14-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.src",
"8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.x86_64",
"8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.src",
"8Base-satellite-6.14-capsule:python-pulp-container-0:2.14.11-1.el8pc.src",
"8Base-satellite-6.14-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch",
"8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.src",
"8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.src",
"8Base-satellite-6.14-capsule:satellite-capsule-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:satellite-cli-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:satellite-common-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.src",
"8Base-satellite-6.14-utils:foreman-cli-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-debug-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-ec2-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-journald-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-openstack-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-redis-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-service-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-vmware-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.src",
"8Base-satellite-6.14-utils:satellite-capsule-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-cli-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-common-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.noarch",
"8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.src",
"8Base-satellite-6.14:candlepin-selinux-0:4.3.11-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.src",
"8Base-satellite-6.14:foreman-cli-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-debug-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-ec2-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.src",
"8Base-satellite-6.14:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-journald-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-openstack-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-redis-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-service-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-vmware-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.src",
"8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.14:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.14:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.src",
"8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.x86_64",
"8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.noarch",
"8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.src",
"8Base-satellite-6.14:python-pulp-container-0:2.14.11-1.el8pc.src",
"8Base-satellite-6.14:python39-pulp-container-0:2.14.11-1.el8pc.noarch",
"8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.src",
"8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.src",
"8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.x86_64",
"8Base-satellite-6.14:rubygem-google-protobuf-debuginfo-0:3.24.3-1.el8sat.x86_64",
"8Base-satellite-6.14:rubygem-google-protobuf-debugsource-0:3.24.3-1.el8sat.x86_64",
"8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.src",
"8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.x86_64",
"8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.src",
"8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.src",
"8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.src",
"8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.src",
"8Base-satellite-6.14:satellite-capsule-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-cli-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-common-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.src",
"8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.x86_64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2232729"
}
],
"notes": [
{
"category": "description",
"text": "An HTTP request smuggling attack vulnerability was found in Rubygem Puma. This flaw allows an attacker to gain unauthorized access to sensitive data due to an inconsistent interpretation of HTTP requests.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "rubygem-puma: HTTP request smuggling when parsing chunked transfer encoding bodies and zero-length content-length headers",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.src",
"8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.x86_64",
"8Base-satellite-6.14:rubygem-puma-debuginfo-0:6.3.1-1.el8sat.x86_64",
"8Base-satellite-6.14:rubygem-puma-debugsource-0:6.3.1-1.el8sat.x86_64"
],
"known_not_affected": [
"8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.src",
"8Base-satellite-6.14-capsule:foreman-cli-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-debug-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-ec2-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.src",
"8Base-satellite-6.14-capsule:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-journald-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-openstack-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-redis-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-service-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-vmware-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.src",
"8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.14-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.14-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.src",
"8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.x86_64",
"8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.src",
"8Base-satellite-6.14-capsule:python-pulp-container-0:2.14.11-1.el8pc.src",
"8Base-satellite-6.14-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch",
"8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.src",
"8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.src",
"8Base-satellite-6.14-capsule:satellite-capsule-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:satellite-cli-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:satellite-common-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.src",
"8Base-satellite-6.14-utils:foreman-cli-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-debug-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-ec2-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-journald-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-openstack-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-redis-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-service-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-vmware-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.src",
"8Base-satellite-6.14-utils:satellite-capsule-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-cli-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-common-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.noarch",
"8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.src",
"8Base-satellite-6.14:candlepin-selinux-0:4.3.11-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.src",
"8Base-satellite-6.14:foreman-cli-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-debug-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-ec2-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.src",
"8Base-satellite-6.14:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-journald-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-openstack-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-redis-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-service-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:foreman-vmware-0:3.7.0.11-2.el8sat.noarch",
"8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.src",
"8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.14:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.14:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64",
"8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.src",
"8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.x86_64",
"8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.noarch",
"8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.src",
"8Base-satellite-6.14:python-pulp-container-0:2.14.11-1.el8pc.src",
"8Base-satellite-6.14:python39-pulp-container-0:2.14.11-1.el8pc.noarch",
"8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.src",
"8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.src",
"8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.x86_64",
"8Base-satellite-6.14:rubygem-google-protobuf-debuginfo-0:3.24.3-1.el8sat.x86_64",
"8Base-satellite-6.14:rubygem-google-protobuf-debugsource-0:3.24.3-1.el8sat.x86_64",
"8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.src",
"8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.x86_64",
"8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.src",
"8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.src",
"8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.src",
"8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.src",
"8Base-satellite-6.14:satellite-capsule-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-cli-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-common-0:6.14.2-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.src",
"8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-40175"
},
{
"category": "external",
"summary": "RHBZ#2232729",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2232729"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-40175",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-40175"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-40175",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-40175"
},
{
"category": "external",
"summary": "https://github.com/puma/puma/security/advisories/GHSA-68xg-gqqm-vgj8",
"url": "https://github.com/puma/puma/security/advisories/GHSA-68xg-gqqm-vgj8"
}
],
"release_date": "2023-08-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-02-13T14:45:57+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.src",
"8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.x86_64",
"8Base-satellite-6.14:rubygem-puma-debuginfo-0:6.3.1-1.el8sat.x86_64",
"8Base-satellite-6.14:rubygem-puma-debugsource-0:6.3.1-1.el8sat.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:0797"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.src",
"8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.x86_64",
"8Base-satellite-6.14:rubygem-puma-debuginfo-0:6.3.1-1.el8sat.x86_64",
"8Base-satellite-6.14:rubygem-puma-debugsource-0:6.3.1-1.el8sat.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "rubygem-puma: HTTP request smuggling when parsing chunked transfer encoding bodies and zero-length content-length headers"
}
]
}
ghsa-897v-899r-j3hg
Vulnerability from github
Published
2023-09-01 18:30
Modified
2024-01-07 12:30
Severity ?
Details
The broker in Eclipse Mosquitto 1.3.2 through 2.x before 2.0.16 has a memory leak that can be abused remotely when a client sends many QoS 2 messages with duplicate message IDs, and fails to respond to PUBREC commands. This occurs because of mishandling of EAGAIN from the libc send function.
{
"affected": [],
"aliases": [
"CVE-2023-28366"
],
"database_specific": {
"cwe_ids": [
"CWE-401"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2023-09-01T16:15:07Z",
"severity": "HIGH"
},
"details": "The broker in Eclipse Mosquitto 1.3.2 through 2.x before 2.0.16 has a memory leak that can be abused remotely when a client sends many QoS 2 messages with duplicate message IDs, and fails to respond to PUBREC commands. This occurs because of mishandling of EAGAIN from the libc send function.",
"id": "GHSA-897v-899r-j3hg",
"modified": "2024-01-07T12:30:29Z",
"published": "2023-09-01T18:30:41Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-28366"
},
{
"type": "WEB",
"url": "https://github.com/eclipse/mosquitto/commit/6113eac95a9df634fbc858be542c4a0456bfe7b9"
},
{
"type": "WEB",
"url": "https://github.com/eclipse/mosquitto/compare/v2.0.15...v2.0.16"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KJ2FMBGVVQEQWTTQB7YLKTAHMX2UM66X"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KJ2FMBGVVQEQWTTQB7YLKTAHMX2UM66X"
},
{
"type": "WEB",
"url": "https://mosquitto.org/blog/2023/08/version-2-0-16-released"
},
{
"type": "WEB",
"url": "https://security.gentoo.org/glsa/202401-09"
},
{
"type": "WEB",
"url": "https://www.compass-security.com/fileadmin/Research/Advisories/2023_02_CSNC-2023-001_Eclipse_Mosquitto_Memory_Leak.txt"
},
{
"type": "WEB",
"url": "https://www.debian.org/security/2023/dsa-5511"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
Loading...
Loading...
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.