Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2023-28366 (GCVE-0-2023-28366)
Vulnerability from cvelistv5
Published
2023-09-01 00:00
Modified
2024-08-02 12:38
Severity ?
EPSS score ?
Summary
The broker in Eclipse Mosquitto 1.3.2 through 2.x before 2.0.16 has a memory leak that can be abused remotely when a client sends many QoS 2 messages with duplicate message IDs, and fails to respond to PUBREC commands. This occurs because of mishandling of EAGAIN from the libc send function.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T12:38:25.296Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://github.com/eclipse/mosquitto/compare/v2.0.15...v2.0.16", }, { tags: [ "x_transferred", ], url: "https://www.compass-security.com/fileadmin/Research/Advisories/2023_02_CSNC-2023-001_Eclipse_Mosquitto_Memory_Leak.txt", }, { tags: [ "x_transferred", ], url: "https://mosquitto.org/blog/2023/08/version-2-0-16-released/", }, { tags: [ "x_transferred", ], url: "https://github.com/eclipse/mosquitto/commit/6113eac95a9df634fbc858be542c4a0456bfe7b9", }, { name: "FEDORA-2023-9adc4be8b0", tags: [ "vendor-advisory", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KJ2FMBGVVQEQWTTQB7YLKTAHMX2UM66X/", }, { name: "DSA-5511", tags: [ "vendor-advisory", "x_transferred", ], url: "https://www.debian.org/security/2023/dsa-5511", }, { name: "GLSA-202401-09", tags: [ "vendor-advisory", "x_transferred", ], url: "https://security.gentoo.org/glsa/202401-09", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "The broker in Eclipse Mosquitto 1.3.2 through 2.x before 2.0.16 has a memory leak that can be abused remotely when a client sends many QoS 2 messages with duplicate message IDs, and fails to respond to PUBREC commands. This occurs because of mishandling of EAGAIN from the libc send function.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2024-01-07T10:06:19.321332", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { url: "https://github.com/eclipse/mosquitto/compare/v2.0.15...v2.0.16", }, { url: "https://www.compass-security.com/fileadmin/Research/Advisories/2023_02_CSNC-2023-001_Eclipse_Mosquitto_Memory_Leak.txt", }, { url: "https://mosquitto.org/blog/2023/08/version-2-0-16-released/", }, { url: "https://github.com/eclipse/mosquitto/commit/6113eac95a9df634fbc858be542c4a0456bfe7b9", }, { name: "FEDORA-2023-9adc4be8b0", tags: [ "vendor-advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KJ2FMBGVVQEQWTTQB7YLKTAHMX2UM66X/", }, { name: "DSA-5511", tags: [ "vendor-advisory", ], url: "https://www.debian.org/security/2023/dsa-5511", }, { name: "GLSA-202401-09", tags: [ "vendor-advisory", ], url: "https://security.gentoo.org/glsa/202401-09", }, ], }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2023-28366", datePublished: "2023-09-01T00:00:00", dateReserved: "2023-03-15T00:00:00", dateUpdated: "2024-08-02T12:38:25.296Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", "vulnerability-lookup:meta": { fkie_nvd: { configurations: "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:eclipse:mosquitto:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"1.3.2\", \"versionEndExcluding\": \"2.0.16\", \"matchCriteriaId\": \"489726DB-BC82-41A1-AB84-800B80E459A1\"}]}]}]", descriptions: "[{\"lang\": \"en\", \"value\": \"The broker in Eclipse Mosquitto 1.3.2 through 2.x before 2.0.16 has a memory leak that can be abused remotely when a client sends many QoS 2 messages with duplicate message IDs, and fails to respond to PUBREC commands. This occurs because of mishandling of EAGAIN from the libc send function.\"}, {\"lang\": \"es\", \"value\": \"El intermediario en Eclipse Mosquitto 1.3.2 hasta 2.x anterior a 2.0.16 tiene una p\\u00e9rdida de memoria de la que se puede abusar de forma remota cuando un cliente env\\u00eda muchos mensajes QoS 2 con ID de mensajes duplicados y no responde a los comandos PUBREC. Esto ocurre debido a un mal manejo de EAGAIN desde la funci\\u00f3n de env\\u00edo de libc.\"}]", id: "CVE-2023-28366", lastModified: "2024-11-21T07:54:55.887", metrics: "{\"cvssMetricV31\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\", \"baseScore\": 7.5, \"baseSeverity\": \"HIGH\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 3.9, \"impactScore\": 3.6}]}", published: "2023-09-01T16:15:07.790", references: "[{\"url\": \"https://github.com/eclipse/mosquitto/commit/6113eac95a9df634fbc858be542c4a0456bfe7b9\", \"source\": \"cve@mitre.org\", \"tags\": [\"Patch\"]}, {\"url\": \"https://github.com/eclipse/mosquitto/compare/v2.0.15...v2.0.16\", \"source\": \"cve@mitre.org\", \"tags\": [\"Release Notes\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KJ2FMBGVVQEQWTTQB7YLKTAHMX2UM66X/\", \"source\": \"cve@mitre.org\"}, {\"url\": \"https://mosquitto.org/blog/2023/08/version-2-0-16-released/\", \"source\": \"cve@mitre.org\", \"tags\": [\"Release Notes\"]}, {\"url\": \"https://security.gentoo.org/glsa/202401-09\", \"source\": \"cve@mitre.org\"}, {\"url\": \"https://www.compass-security.com/fileadmin/Research/Advisories/2023_02_CSNC-2023-001_Eclipse_Mosquitto_Memory_Leak.txt\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://www.debian.org/security/2023/dsa-5511\", \"source\": \"cve@mitre.org\"}, {\"url\": \"https://github.com/eclipse/mosquitto/commit/6113eac95a9df634fbc858be542c4a0456bfe7b9\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\"]}, {\"url\": \"https://github.com/eclipse/mosquitto/compare/v2.0.15...v2.0.16\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Release Notes\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KJ2FMBGVVQEQWTTQB7YLKTAHMX2UM66X/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://mosquitto.org/blog/2023/08/version-2-0-16-released/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Release Notes\"]}, {\"url\": \"https://security.gentoo.org/glsa/202401-09\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://www.compass-security.com/fileadmin/Research/Advisories/2023_02_CSNC-2023-001_Eclipse_Mosquitto_Memory_Leak.txt\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://www.debian.org/security/2023/dsa-5511\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}]", sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-401\"}]}]", }, nvd: "{\"cve\":{\"id\":\"CVE-2023-28366\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2023-09-01T16:15:07.790\",\"lastModified\":\"2024-11-21T07:54:55.887\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"The broker in Eclipse Mosquitto 1.3.2 through 2.x before 2.0.16 has a memory leak that can be abused remotely when a client sends many QoS 2 messages with duplicate message IDs, and fails to respond to PUBREC commands. This occurs because of mishandling of EAGAIN from the libc send function.\"},{\"lang\":\"es\",\"value\":\"El intermediario en Eclipse Mosquitto 1.3.2 hasta 2.x anterior a 2.0.16 tiene una pérdida de memoria de la que se puede abusar de forma remota cuando un cliente envía muchos mensajes QoS 2 con ID de mensajes duplicados y no responde a los comandos PUBREC. Esto ocurre debido a un mal manejo de EAGAIN desde la función de envío de libc.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-401\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:eclipse:mosquitto:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"1.3.2\",\"versionEndExcluding\":\"2.0.16\",\"matchCriteriaId\":\"489726DB-BC82-41A1-AB84-800B80E459A1\"}]}]}],\"references\":[{\"url\":\"https://github.com/eclipse/mosquitto/commit/6113eac95a9df634fbc858be542c4a0456bfe7b9\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\"]},{\"url\":\"https://github.com/eclipse/mosquitto/compare/v2.0.15...v2.0.16\",\"source\":\"cve@mitre.org\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KJ2FMBGVVQEQWTTQB7YLKTAHMX2UM66X/\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://mosquitto.org/blog/2023/08/version-2-0-16-released/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://security.gentoo.org/glsa/202401-09\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://www.compass-security.com/fileadmin/Research/Advisories/2023_02_CSNC-2023-001_Eclipse_Mosquitto_Memory_Leak.txt\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.debian.org/security/2023/dsa-5511\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://github.com/eclipse/mosquitto/commit/6113eac95a9df634fbc858be542c4a0456bfe7b9\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"https://github.com/eclipse/mosquitto/compare/v2.0.15...v2.0.16\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KJ2FMBGVVQEQWTTQB7YLKTAHMX2UM66X/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://mosquitto.org/blog/2023/08/version-2-0-16-released/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://security.gentoo.org/glsa/202401-09\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://www.compass-security.com/fileadmin/Research/Advisories/2023_02_CSNC-2023-001_Eclipse_Mosquitto_Memory_Leak.txt\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.debian.org/security/2023/dsa-5511\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}", }, }
WID-SEC-W-2023-2724
Vulnerability from csaf_certbund
Published
2023-10-22 22:00
Modified
2023-10-22 22:00
Summary
IBM Integration Bus: Mehrere Schwachstellen ermöglichen Denial of Service
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
IBM Integration Bus ist eine "lightweight" ESB, welche die Integration von SOAP oder non-SOAP Datenquellen von verschiedenen Plattformen ermöglicht.
Angriff
Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in IBM Integration Bus ausnutzen, um einen Denial of Service Angriff durchzuführen.
Betroffene Betriebssysteme
- Linux
- Windows
- Sonstiges
{ document: { aggregate_severity: { text: "mittel", }, category: "csaf_base", csaf_version: "2.0", distribution: { tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "de-DE", notes: [ { category: "legal_disclaimer", text: "Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.", }, { category: "description", text: "IBM Integration Bus ist eine \"lightweight\" ESB, welche die Integration von SOAP oder non-SOAP Datenquellen von verschiedenen Plattformen ermöglicht.", title: "Produktbeschreibung", }, { category: "summary", text: "Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in IBM Integration Bus ausnutzen, um einen Denial of Service Angriff durchzuführen.", title: "Angriff", }, { category: "general", text: "- Linux\n- Windows\n- Sonstiges", title: "Betroffene Betriebssysteme", }, ], publisher: { category: "other", contact_details: "csaf-provider@cert-bund.de", name: "Bundesamt für Sicherheit in der Informationstechnik", namespace: "https://www.bsi.bund.de", }, references: [ { category: "self", summary: "WID-SEC-W-2023-2724 - CSAF Version", url: "https://wid.cert-bund.de/.well-known/csaf/white/2023/wid-sec-w-2023-2724.json", }, { category: "self", summary: "WID-SEC-2023-2724 - Portal Version", url: "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-2724", }, { category: "external", summary: "IBM Security Bulletin: 7056518 vom 2023-10-22", url: "https://www.ibm.com/support/pages/node/7056518", }, { category: "external", summary: "IBM Security Bulletin: 7056456 vom 2023-10-22", url: "https://www.ibm.com/support/pages/node/7056456", }, ], source_lang: "en-US", title: "IBM Integration Bus: Mehrere Schwachstellen ermöglichen Denial of Service", tracking: { current_release_date: "2023-10-22T22:00:00.000+00:00", generator: { date: "2024-08-15T18:00:24.040+00:00", engine: { name: "BSI-WID", version: "1.3.5", }, }, id: "WID-SEC-W-2023-2724", initial_release_date: "2023-10-22T22:00:00.000+00:00", revision_history: [ { date: "2023-10-22T22:00:00.000+00:00", number: "1", summary: "Initiale Fassung", }, ], status: "final", version: "1", }, }, product_tree: { branches: [ { branches: [ { category: "product_name", name: "IBM Integration Bus 10.1 - 10.1.0.1", product: { name: "IBM Integration Bus 10.1 - 10.1.0.1", product_id: "T028402", product_identification_helper: { cpe: "cpe:/a:ibm:integration_bus:10.1_-_10.1.0.1", }, }, }, ], category: "vendor", name: "IBM", }, ], }, vulnerabilities: [ { cve: "CVE-2023-3635", notes: [ { category: "description", text: "In IBM Integration Bus existieren mehrere Schwachstellen. Diese bestehen in Komponenten von Drittanbietern und sind auf Speicherlecks sowie nicht abgefangene Excepetions zurückzuführen. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T028402", ], }, release_date: "2023-10-22T22:00:00.000+00:00", title: "CVE-2023-3635", }, { cve: "CVE-2023-3592", notes: [ { category: "description", text: "In IBM Integration Bus existieren mehrere Schwachstellen. Diese bestehen in Komponenten von Drittanbietern und sind auf Speicherlecks sowie nicht abgefangene Excepetions zurückzuführen. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T028402", ], }, release_date: "2023-10-22T22:00:00.000+00:00", title: "CVE-2023-3592", }, { cve: "CVE-2023-28366", notes: [ { category: "description", text: "In IBM Integration Bus existieren mehrere Schwachstellen. Diese bestehen in Komponenten von Drittanbietern und sind auf Speicherlecks sowie nicht abgefangene Excepetions zurückzuführen. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T028402", ], }, release_date: "2023-10-22T22:00:00.000+00:00", title: "CVE-2023-28366", }, { cve: "CVE-2023-0809", notes: [ { category: "description", text: "In IBM Integration Bus existieren mehrere Schwachstellen. Diese bestehen in Komponenten von Drittanbietern und sind auf Speicherlecks sowie nicht abgefangene Excepetions zurückzuführen. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T028402", ], }, release_date: "2023-10-22T22:00:00.000+00:00", title: "CVE-2023-0809", }, ], }
wid-sec-w-2023-2724
Vulnerability from csaf_certbund
Published
2023-10-22 22:00
Modified
2023-10-22 22:00
Summary
IBM Integration Bus: Mehrere Schwachstellen ermöglichen Denial of Service
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
IBM Integration Bus ist eine "lightweight" ESB, welche die Integration von SOAP oder non-SOAP Datenquellen von verschiedenen Plattformen ermöglicht.
Angriff
Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in IBM Integration Bus ausnutzen, um einen Denial of Service Angriff durchzuführen.
Betroffene Betriebssysteme
- Linux
- Windows
- Sonstiges
{ document: { aggregate_severity: { text: "mittel", }, category: "csaf_base", csaf_version: "2.0", distribution: { tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "de-DE", notes: [ { category: "legal_disclaimer", text: "Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.", }, { category: "description", text: "IBM Integration Bus ist eine \"lightweight\" ESB, welche die Integration von SOAP oder non-SOAP Datenquellen von verschiedenen Plattformen ermöglicht.", title: "Produktbeschreibung", }, { category: "summary", text: "Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in IBM Integration Bus ausnutzen, um einen Denial of Service Angriff durchzuführen.", title: "Angriff", }, { category: "general", text: "- Linux\n- Windows\n- Sonstiges", title: "Betroffene Betriebssysteme", }, ], publisher: { category: "other", contact_details: "csaf-provider@cert-bund.de", name: "Bundesamt für Sicherheit in der Informationstechnik", namespace: "https://www.bsi.bund.de", }, references: [ { category: "self", summary: "WID-SEC-W-2023-2724 - CSAF Version", url: "https://wid.cert-bund.de/.well-known/csaf/white/2023/wid-sec-w-2023-2724.json", }, { category: "self", summary: "WID-SEC-2023-2724 - Portal Version", url: "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-2724", }, { category: "external", summary: "IBM Security Bulletin: 7056518 vom 2023-10-22", url: "https://www.ibm.com/support/pages/node/7056518", }, { category: "external", summary: "IBM Security Bulletin: 7056456 vom 2023-10-22", url: "https://www.ibm.com/support/pages/node/7056456", }, ], source_lang: "en-US", title: "IBM Integration Bus: Mehrere Schwachstellen ermöglichen Denial of Service", tracking: { current_release_date: "2023-10-22T22:00:00.000+00:00", generator: { date: "2024-08-15T18:00:24.040+00:00", engine: { name: "BSI-WID", version: "1.3.5", }, }, id: "WID-SEC-W-2023-2724", initial_release_date: "2023-10-22T22:00:00.000+00:00", revision_history: [ { date: "2023-10-22T22:00:00.000+00:00", number: "1", summary: "Initiale Fassung", }, ], status: "final", version: "1", }, }, product_tree: { branches: [ { branches: [ { category: "product_name", name: "IBM Integration Bus 10.1 - 10.1.0.1", product: { name: "IBM Integration Bus 10.1 - 10.1.0.1", product_id: "T028402", product_identification_helper: { cpe: "cpe:/a:ibm:integration_bus:10.1_-_10.1.0.1", }, }, }, ], category: "vendor", name: "IBM", }, ], }, vulnerabilities: [ { cve: "CVE-2023-3635", notes: [ { category: "description", text: "In IBM Integration Bus existieren mehrere Schwachstellen. Diese bestehen in Komponenten von Drittanbietern und sind auf Speicherlecks sowie nicht abgefangene Excepetions zurückzuführen. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T028402", ], }, release_date: "2023-10-22T22:00:00.000+00:00", title: "CVE-2023-3635", }, { cve: "CVE-2023-3592", notes: [ { category: "description", text: "In IBM Integration Bus existieren mehrere Schwachstellen. Diese bestehen in Komponenten von Drittanbietern und sind auf Speicherlecks sowie nicht abgefangene Excepetions zurückzuführen. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T028402", ], }, release_date: "2023-10-22T22:00:00.000+00:00", title: "CVE-2023-3592", }, { cve: "CVE-2023-28366", notes: [ { category: "description", text: "In IBM Integration Bus existieren mehrere Schwachstellen. Diese bestehen in Komponenten von Drittanbietern und sind auf Speicherlecks sowie nicht abgefangene Excepetions zurückzuführen. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T028402", ], }, release_date: "2023-10-22T22:00:00.000+00:00", title: "CVE-2023-28366", }, { cve: "CVE-2023-0809", notes: [ { category: "description", text: "In IBM Integration Bus existieren mehrere Schwachstellen. Diese bestehen in Komponenten von Drittanbietern und sind auf Speicherlecks sowie nicht abgefangene Excepetions zurückzuführen. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T028402", ], }, release_date: "2023-10-22T22:00:00.000+00:00", title: "CVE-2023-0809", }, ], }
rhsa-2024_1061
Vulnerability from csaf_redhat
Published
2024-02-29 20:37
Modified
2024-11-24 12:31
Summary
Red Hat Security Advisory: Red Hat Satellite 6 security and bug fix update
Notes
Topic
An update is now available for Red Hat Satellite 6.13 for RHEL 8.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat Satellite is a system management solution that allows organizations to
configure and maintain their systems without the necessity to provide public
Internet access to their servers or other client systems. It performs
provisioning and configuration management of predefined standard operating
environments.
Security Fix(es):
* satellite: Blind SSRF via Referer header (CVE-2022-4130)
* mosquitto: memory leak leads to unresponsive broker (CVE-2023-0809, CVE-2023-28366, CVE-2023-3592)
* foreman: World readable file containing secrets (CVE-2023-4886)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Bug Fix(es):
* Long running postgres threads during content-export (BZ#2257299)
* After upstream repo switched to zst compression, Satellite 6.12.5.1 unable to sync (BZ#2257300)
* Actions::ForemanLeapp::PreupgradeJob fails with null value in column "preupgrade_report_id" violates not-null constraint when run with non-admin user (BZ#2257302)
* Puppet reports without any messages don't get an origin (BZ#2257314)
* Provisioning vm host fails with error "Failed to attach ISO image to CDROM drive of instance client.example.com: InvalidPowerState: The attempted operation cannot be performed in the current state (Powered on)". (BZ#2257316)
* [Improvement] RefreshRepos step in Capsule Sync to refresh just repos to sync (BZ#2260526)
* Support Satellite Clone running on Python 3.12 (BZ#2264354)
* Support Satellite Ansible Collection running on Python 3.12 (BZ#2264918)
* Unable to sync library/busybox from gcr.io (BZ#2265149)
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Moderate", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "An update is now available for Red Hat Satellite 6.13 for RHEL 8.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", title: "Topic", }, { category: "general", text: "Red Hat Satellite is a system management solution that allows organizations to\nconfigure and maintain their systems without the necessity to provide public\nInternet access to their servers or other client systems. It performs\nprovisioning and configuration management of predefined standard operating\nenvironments.\n\nSecurity Fix(es):\n\n* satellite: Blind SSRF via Referer header (CVE-2022-4130)\n\n* mosquitto: memory leak leads to unresponsive broker (CVE-2023-0809, CVE-2023-28366, CVE-2023-3592)\n\n* foreman: World readable file containing secrets (CVE-2023-4886)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nBug Fix(es):\n\n* Long running postgres threads during content-export (BZ#2257299)\n\n* After upstream repo switched to zst compression, Satellite 6.12.5.1 unable to sync (BZ#2257300)\n\n* Actions::ForemanLeapp::PreupgradeJob fails with null value in column \"preupgrade_report_id\" violates not-null constraint when run with non-admin user (BZ#2257302)\n\n* Puppet reports without any messages don't get an origin (BZ#2257314)\n\n* Provisioning vm host fails with error \"Failed to attach ISO image to CDROM drive of instance client.example.com: InvalidPowerState: The attempted operation cannot be performed in the current state (Powered on)\". (BZ#2257316)\n\n* [Improvement] RefreshRepos step in Capsule Sync to refresh just repos to sync (BZ#2260526)\n\n* Support Satellite Clone running on Python 3.12 (BZ#2264354)\n\n* Support Satellite Ansible Collection running on Python 3.12 (BZ#2264918)\n\n* Unable to sync library/busybox from gcr.io (BZ#2265149)", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2024:1061", url: "https://access.redhat.com/errata/RHSA-2024:1061", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#moderate", url: "https://access.redhat.com/security/updates/classification/#moderate", }, { category: "external", summary: "https://access.redhat.com/documentation/en-us/red_hat_satellite/6.13/html/upgrading_and_updating_red_hat_satellite/index", url: "https://access.redhat.com/documentation/en-us/red_hat_satellite/6.13/html/upgrading_and_updating_red_hat_satellite/index", }, { category: "external", summary: "https://access.redhat.com/security/vulnerabilities/RHSB-2023-003", url: "https://access.redhat.com/security/vulnerabilities/RHSB-2023-003", }, { category: "external", summary: "2145254", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2145254", }, { category: "external", summary: "2230135", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2230135", }, { category: "external", summary: "2236882", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2236882", }, { category: "external", summary: "2257299", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2257299", }, { category: "external", summary: "2257300", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2257300", }, { category: "external", summary: "2257302", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2257302", }, { category: "external", summary: "2257314", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2257314", }, { category: "external", summary: "2257316", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2257316", }, { category: "external", summary: "2260526", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2260526", }, { category: "external", summary: "2264354", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2264354", }, { category: "external", summary: "2264918", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2264918", }, { category: "external", summary: "2265149", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2265149", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_1061.json", }, ], title: "Red Hat Security Advisory: Red Hat Satellite 6 security and bug fix update", tracking: { current_release_date: "2024-11-24T12:31:15+00:00", generator: { date: "2024-11-24T12:31:15+00:00", engine: { name: "Red Hat SDEngine", version: "4.2.1", }, }, id: "RHSA-2024:1061", initial_release_date: "2024-02-29T20:37:45+00:00", revision_history: [ { date: "2024-02-29T20:37:45+00:00", number: "1", summary: "Initial version", }, { date: "2024-02-29T20:37:45+00:00", number: "2", summary: "Last updated version", }, { date: "2024-11-24T12:31:15+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat Satellite 6.13 for RHEL 8", product: { name: "Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13", product_identification_helper: { cpe: "cpe:/a:redhat:satellite:6.13::el8", }, }, }, { category: "product_name", name: "Red Hat Satellite 6.13 for RHEL 8", product: { name: "Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13-capsule", product_identification_helper: { cpe: "cpe:/a:redhat:satellite_capsule:6.13::el8", }, }, }, { category: "product_name", name: "Red Hat Satellite 6.13 for RHEL 8", product: { name: "Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13-utils", product_identification_helper: { cpe: "cpe:/a:redhat:satellite_utils:6.13::el8", }, }, }, { category: "product_name", name: "Red Hat Satellite 6.13 for RHEL 8", product: { name: "Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13-maintenance", product_identification_helper: { cpe: "cpe:/a:redhat:satellite_maintenance:6.13::el8", }, }, }, ], category: "product_family", name: "Red Hat Satellite 6", }, { branches: [ { category: "product_version", name: "createrepo_c-0:1.0.2-2.el8pc.src", product: { name: "createrepo_c-0:1.0.2-2.el8pc.src", product_id: "createrepo_c-0:1.0.2-2.el8pc.src", product_identification_helper: { purl: "pkg:rpm/redhat/createrepo_c@1.0.2-2.el8pc?arch=src", }, }, }, { category: "product_version", name: "foreman-0:3.5.1.24-1.el8sat.src", product: { name: "foreman-0:3.5.1.24-1.el8sat.src", product_id: "foreman-0:3.5.1.24-1.el8sat.src", product_identification_helper: { purl: "pkg:rpm/redhat/foreman@3.5.1.24-1.el8sat?arch=src", }, }, }, { category: "product_version", name: "foreman-installer-1:3.5.2.7-1.el8sat.src", product: { name: "foreman-installer-1:3.5.2.7-1.el8sat.src", product_id: "foreman-installer-1:3.5.2.7-1.el8sat.src", product_identification_helper: { purl: "pkg:rpm/redhat/foreman-installer@3.5.2.7-1.el8sat?arch=src&epoch=1", }, }, }, { category: "product_version", name: "mosquitto-0:2.0.17-1.el8sat.src", product: { name: "mosquitto-0:2.0.17-1.el8sat.src", product_id: "mosquitto-0:2.0.17-1.el8sat.src", product_identification_helper: { purl: "pkg:rpm/redhat/mosquitto@2.0.17-1.el8sat?arch=src", }, }, }, { category: "product_version", name: "python-pulp-rpm-0:3.18.19-2.el8pc.src", product: { name: "python-pulp-rpm-0:3.18.19-2.el8pc.src", product_id: "python-pulp-rpm-0:3.18.19-2.el8pc.src", product_identification_helper: { purl: "pkg:rpm/redhat/python-pulp-rpm@3.18.19-2.el8pc?arch=src", }, }, }, { category: "product_version", name: "rubygem-foreman_bootdisk-0:21.0.5-1.el8sat.src", product: { name: "rubygem-foreman_bootdisk-0:21.0.5-1.el8sat.src", product_id: "rubygem-foreman_bootdisk-0:21.0.5-1.el8sat.src", product_identification_helper: { purl: "pkg:rpm/redhat/rubygem-foreman_bootdisk@21.0.5-1.el8sat?arch=src", }, }, }, { category: "product_version", name: "rubygem-foreman_leapp-0:0.1.13-2.el8sat.src", product: { name: "rubygem-foreman_leapp-0:0.1.13-2.el8sat.src", product_id: "rubygem-foreman_leapp-0:0.1.13-2.el8sat.src", product_identification_helper: { purl: "pkg:rpm/redhat/rubygem-foreman_leapp@0.1.13-2.el8sat?arch=src", }, }, }, { category: "product_version", name: "rubygem-katello-0:4.7.0.36-1.el8sat.src", product: { name: "rubygem-katello-0:4.7.0.36-1.el8sat.src", product_id: "rubygem-katello-0:4.7.0.36-1.el8sat.src", product_identification_helper: { purl: "pkg:rpm/redhat/rubygem-katello@4.7.0.36-1.el8sat?arch=src", }, }, }, { category: "product_version", name: "satellite-0:6.13.7-1.el8sat.src", product: { name: "satellite-0:6.13.7-1.el8sat.src", product_id: "satellite-0:6.13.7-1.el8sat.src", product_identification_helper: { purl: "pkg:rpm/redhat/satellite@6.13.7-1.el8sat?arch=src", }, }, }, { category: "product_version", name: "ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.src", product: { name: "ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.src", product_id: "ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.src", product_identification_helper: { purl: "pkg:rpm/redhat/ansible-collection-redhat-satellite@3.9.0-3.el8sat?arch=src", }, }, }, { category: "product_version", name: "python-pulp-container-0:2.14.11-1.el8pc.src", product: { name: "python-pulp-container-0:2.14.11-1.el8pc.src", product_id: "python-pulp-container-0:2.14.11-1.el8pc.src", product_identification_helper: { purl: "pkg:rpm/redhat/python-pulp-container@2.14.11-1.el8pc?arch=src", }, }, }, { category: "product_version", name: "satellite-clone-0:3.5.0-1.el8sat.src", product: { name: "satellite-clone-0:3.5.0-1.el8sat.src", product_id: "satellite-clone-0:3.5.0-1.el8sat.src", product_identification_helper: { purl: "pkg:rpm/redhat/satellite-clone@3.5.0-1.el8sat?arch=src", }, }, }, ], category: "architecture", name: "src", }, { branches: [ { category: "product_version", name: "createrepo_c-0:1.0.2-2.el8pc.x86_64", product: { name: "createrepo_c-0:1.0.2-2.el8pc.x86_64", product_id: "createrepo_c-0:1.0.2-2.el8pc.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/createrepo_c@1.0.2-2.el8pc?arch=x86_64", }, }, }, { category: "product_version", name: "createrepo_c-libs-0:1.0.2-2.el8pc.x86_64", product: { name: "createrepo_c-libs-0:1.0.2-2.el8pc.x86_64", product_id: "createrepo_c-libs-0:1.0.2-2.el8pc.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/createrepo_c-libs@1.0.2-2.el8pc?arch=x86_64", }, }, }, { category: "product_version", name: "python3-createrepo_c-0:1.0.2-2.el8pc.x86_64", product: { name: "python3-createrepo_c-0:1.0.2-2.el8pc.x86_64", product_id: "python3-createrepo_c-0:1.0.2-2.el8pc.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/python3-createrepo_c@1.0.2-2.el8pc?arch=x86_64", }, }, }, { category: "product_version", name: "python39-createrepo_c-0:1.0.2-2.el8pc.x86_64", product: { name: "python39-createrepo_c-0:1.0.2-2.el8pc.x86_64", product_id: "python39-createrepo_c-0:1.0.2-2.el8pc.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/python39-createrepo_c@1.0.2-2.el8pc?arch=x86_64", }, }, }, { category: "product_version", name: "createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64", product: { name: "createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64", product_id: "createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/createrepo_c-debugsource@1.0.2-2.el8pc?arch=x86_64", }, }, }, { category: "product_version", name: "createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", product: { name: "createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", product_id: "createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/createrepo_c-debuginfo@1.0.2-2.el8pc?arch=x86_64", }, }, }, { category: "product_version", name: "createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64", product: { name: "createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64", product_id: "createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/createrepo_c-libs-debuginfo@1.0.2-2.el8pc?arch=x86_64", }, }, }, { category: "product_version", name: "python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", product: { name: "python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", product_id: "python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/python3-createrepo_c-debuginfo@1.0.2-2.el8pc?arch=x86_64", }, }, }, { category: "product_version", name: "python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", product: { name: "python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", product_id: "python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/python39-createrepo_c-debuginfo@1.0.2-2.el8pc?arch=x86_64", }, }, }, { category: "product_version", name: "mosquitto-0:2.0.17-1.el8sat.x86_64", product: { name: "mosquitto-0:2.0.17-1.el8sat.x86_64", product_id: "mosquitto-0:2.0.17-1.el8sat.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mosquitto@2.0.17-1.el8sat?arch=x86_64", }, }, }, { category: "product_version", name: "mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", product: { name: "mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", product_id: "mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mosquitto-debugsource@2.0.17-1.el8sat?arch=x86_64", }, }, }, { category: "product_version", name: "mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", product: { name: "mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", product_id: "mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mosquitto-debuginfo@2.0.17-1.el8sat?arch=x86_64", }, }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_version", name: "foreman-debug-0:3.5.1.24-1.el8sat.noarch", product: { name: "foreman-debug-0:3.5.1.24-1.el8sat.noarch", product_id: "foreman-debug-0:3.5.1.24-1.el8sat.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/foreman-debug@3.5.1.24-1.el8sat?arch=noarch", }, }, }, { category: "product_version", name: "foreman-0:3.5.1.24-1.el8sat.noarch", product: { name: "foreman-0:3.5.1.24-1.el8sat.noarch", product_id: "foreman-0:3.5.1.24-1.el8sat.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/foreman@3.5.1.24-1.el8sat?arch=noarch", }, }, }, { category: "product_version", name: "foreman-cli-0:3.5.1.24-1.el8sat.noarch", product: { name: "foreman-cli-0:3.5.1.24-1.el8sat.noarch", product_id: "foreman-cli-0:3.5.1.24-1.el8sat.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/foreman-cli@3.5.1.24-1.el8sat?arch=noarch", }, }, }, { category: "product_version", name: "foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch", product: { name: "foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch", product_id: "foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/foreman-dynflow-sidekiq@3.5.1.24-1.el8sat?arch=noarch", }, }, }, { category: "product_version", name: "foreman-ec2-0:3.5.1.24-1.el8sat.noarch", product: { name: "foreman-ec2-0:3.5.1.24-1.el8sat.noarch", product_id: "foreman-ec2-0:3.5.1.24-1.el8sat.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/foreman-ec2@3.5.1.24-1.el8sat?arch=noarch", }, }, }, { category: "product_version", name: "foreman-journald-0:3.5.1.24-1.el8sat.noarch", product: { name: "foreman-journald-0:3.5.1.24-1.el8sat.noarch", product_id: "foreman-journald-0:3.5.1.24-1.el8sat.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/foreman-journald@3.5.1.24-1.el8sat?arch=noarch", }, }, }, { category: "product_version", name: "foreman-libvirt-0:3.5.1.24-1.el8sat.noarch", product: { name: "foreman-libvirt-0:3.5.1.24-1.el8sat.noarch", product_id: "foreman-libvirt-0:3.5.1.24-1.el8sat.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/foreman-libvirt@3.5.1.24-1.el8sat?arch=noarch", }, }, }, { category: "product_version", name: "foreman-openstack-0:3.5.1.24-1.el8sat.noarch", product: { name: "foreman-openstack-0:3.5.1.24-1.el8sat.noarch", product_id: "foreman-openstack-0:3.5.1.24-1.el8sat.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/foreman-openstack@3.5.1.24-1.el8sat?arch=noarch", }, }, }, { category: "product_version", name: "foreman-ovirt-0:3.5.1.24-1.el8sat.noarch", product: { name: "foreman-ovirt-0:3.5.1.24-1.el8sat.noarch", product_id: "foreman-ovirt-0:3.5.1.24-1.el8sat.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/foreman-ovirt@3.5.1.24-1.el8sat?arch=noarch", }, }, }, { category: "product_version", name: "foreman-postgresql-0:3.5.1.24-1.el8sat.noarch", product: { name: "foreman-postgresql-0:3.5.1.24-1.el8sat.noarch", product_id: "foreman-postgresql-0:3.5.1.24-1.el8sat.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/foreman-postgresql@3.5.1.24-1.el8sat?arch=noarch", }, }, }, { category: "product_version", name: "foreman-service-0:3.5.1.24-1.el8sat.noarch", product: { name: "foreman-service-0:3.5.1.24-1.el8sat.noarch", product_id: "foreman-service-0:3.5.1.24-1.el8sat.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/foreman-service@3.5.1.24-1.el8sat?arch=noarch", }, }, }, { category: "product_version", name: "foreman-telemetry-0:3.5.1.24-1.el8sat.noarch", product: { name: "foreman-telemetry-0:3.5.1.24-1.el8sat.noarch", product_id: "foreman-telemetry-0:3.5.1.24-1.el8sat.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/foreman-telemetry@3.5.1.24-1.el8sat?arch=noarch", }, }, }, { category: "product_version", name: "foreman-vmware-0:3.5.1.24-1.el8sat.noarch", product: { name: "foreman-vmware-0:3.5.1.24-1.el8sat.noarch", product_id: "foreman-vmware-0:3.5.1.24-1.el8sat.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/foreman-vmware@3.5.1.24-1.el8sat?arch=noarch", }, }, }, { category: "product_version", name: "foreman-installer-1:3.5.2.7-1.el8sat.noarch", product: { name: "foreman-installer-1:3.5.2.7-1.el8sat.noarch", product_id: "foreman-installer-1:3.5.2.7-1.el8sat.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/foreman-installer@3.5.2.7-1.el8sat?arch=noarch&epoch=1", }, }, }, { category: "product_version", name: "foreman-installer-katello-1:3.5.2.7-1.el8sat.noarch", product: { name: "foreman-installer-katello-1:3.5.2.7-1.el8sat.noarch", product_id: "foreman-installer-katello-1:3.5.2.7-1.el8sat.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/foreman-installer-katello@3.5.2.7-1.el8sat?arch=noarch&epoch=1", }, }, }, { category: "product_version", name: "python39-pulp-rpm-0:3.18.19-2.el8pc.noarch", product: { name: "python39-pulp-rpm-0:3.18.19-2.el8pc.noarch", product_id: "python39-pulp-rpm-0:3.18.19-2.el8pc.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/python39-pulp-rpm@3.18.19-2.el8pc?arch=noarch", }, }, }, { category: "product_version", name: "rubygem-foreman_bootdisk-0:21.0.5-1.el8sat.noarch", product: { name: "rubygem-foreman_bootdisk-0:21.0.5-1.el8sat.noarch", product_id: "rubygem-foreman_bootdisk-0:21.0.5-1.el8sat.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/rubygem-foreman_bootdisk@21.0.5-1.el8sat?arch=noarch", }, }, }, { category: "product_version", name: "rubygem-foreman_leapp-0:0.1.13-2.el8sat.noarch", product: { name: "rubygem-foreman_leapp-0:0.1.13-2.el8sat.noarch", product_id: "rubygem-foreman_leapp-0:0.1.13-2.el8sat.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/rubygem-foreman_leapp@0.1.13-2.el8sat?arch=noarch", }, }, }, { category: "product_version", name: "rubygem-katello-0:4.7.0.36-1.el8sat.noarch", product: { name: "rubygem-katello-0:4.7.0.36-1.el8sat.noarch", product_id: "rubygem-katello-0:4.7.0.36-1.el8sat.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/rubygem-katello@4.7.0.36-1.el8sat?arch=noarch", }, }, }, { category: "product_version", name: "satellite-capsule-0:6.13.7-1.el8sat.noarch", product: { name: "satellite-capsule-0:6.13.7-1.el8sat.noarch", product_id: "satellite-capsule-0:6.13.7-1.el8sat.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/satellite-capsule@6.13.7-1.el8sat?arch=noarch", }, }, }, { category: "product_version", name: "satellite-common-0:6.13.7-1.el8sat.noarch", product: { name: "satellite-common-0:6.13.7-1.el8sat.noarch", product_id: "satellite-common-0:6.13.7-1.el8sat.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/satellite-common@6.13.7-1.el8sat?arch=noarch", }, }, }, { category: "product_version", name: "satellite-0:6.13.7-1.el8sat.noarch", product: { name: "satellite-0:6.13.7-1.el8sat.noarch", product_id: "satellite-0:6.13.7-1.el8sat.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/satellite@6.13.7-1.el8sat?arch=noarch", }, }, }, { category: "product_version", name: "satellite-cli-0:6.13.7-1.el8sat.noarch", product: { name: "satellite-cli-0:6.13.7-1.el8sat.noarch", product_id: "satellite-cli-0:6.13.7-1.el8sat.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/satellite-cli@6.13.7-1.el8sat?arch=noarch", }, }, }, { category: "product_version", name: "ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.noarch", product: { name: "ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.noarch", product_id: "ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/ansible-collection-redhat-satellite@3.9.0-3.el8sat?arch=noarch", }, }, }, { category: "product_version", name: "python39-pulp-container-0:2.14.11-1.el8pc.noarch", product: { name: "python39-pulp-container-0:2.14.11-1.el8pc.noarch", product_id: "python39-pulp-container-0:2.14.11-1.el8pc.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/python39-pulp-container@2.14.11-1.el8pc?arch=noarch", }, }, }, { category: "product_version", name: "satellite-clone-0:3.5.0-1.el8sat.noarch", product: { name: "satellite-clone-0:3.5.0-1.el8sat.noarch", product_id: "satellite-clone-0:3.5.0-1.el8sat.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/satellite-clone@3.5.0-1.el8sat?arch=noarch", }, }, }, ], category: "architecture", name: "noarch", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13-capsule:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.noarch", }, product_reference: "ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.13-capsule", }, { category: "default_component_of", full_product_name: { name: "ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.src as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13-capsule:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.src", }, product_reference: "ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.src", relates_to_product_reference: "8Base-satellite-6.13-capsule", }, { category: "default_component_of", full_product_name: { name: "createrepo_c-0:1.0.2-2.el8pc.src as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13-capsule:createrepo_c-0:1.0.2-2.el8pc.src", }, product_reference: "createrepo_c-0:1.0.2-2.el8pc.src", relates_to_product_reference: "8Base-satellite-6.13-capsule", }, { category: "default_component_of", full_product_name: { name: "createrepo_c-0:1.0.2-2.el8pc.x86_64 as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13-capsule:createrepo_c-0:1.0.2-2.el8pc.x86_64", }, product_reference: "createrepo_c-0:1.0.2-2.el8pc.x86_64", relates_to_product_reference: "8Base-satellite-6.13-capsule", }, { category: "default_component_of", full_product_name: { name: "createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64 as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13-capsule:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", }, product_reference: "createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", relates_to_product_reference: "8Base-satellite-6.13-capsule", }, { category: "default_component_of", full_product_name: { name: "createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64 as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13-capsule:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64", }, product_reference: "createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64", relates_to_product_reference: "8Base-satellite-6.13-capsule", }, { category: "default_component_of", full_product_name: { name: "createrepo_c-libs-0:1.0.2-2.el8pc.x86_64 as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13-capsule:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64", }, product_reference: "createrepo_c-libs-0:1.0.2-2.el8pc.x86_64", relates_to_product_reference: "8Base-satellite-6.13-capsule", }, { category: "default_component_of", full_product_name: { name: "createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64 as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13-capsule:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64", }, product_reference: "createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64", relates_to_product_reference: "8Base-satellite-6.13-capsule", }, { category: "default_component_of", full_product_name: { name: "foreman-0:3.5.1.24-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13-capsule:foreman-0:3.5.1.24-1.el8sat.noarch", }, product_reference: "foreman-0:3.5.1.24-1.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.13-capsule", }, { category: "default_component_of", full_product_name: { name: "foreman-0:3.5.1.24-1.el8sat.src as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13-capsule:foreman-0:3.5.1.24-1.el8sat.src", }, product_reference: "foreman-0:3.5.1.24-1.el8sat.src", relates_to_product_reference: "8Base-satellite-6.13-capsule", }, { category: "default_component_of", full_product_name: { name: "foreman-cli-0:3.5.1.24-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13-capsule:foreman-cli-0:3.5.1.24-1.el8sat.noarch", }, product_reference: "foreman-cli-0:3.5.1.24-1.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.13-capsule", }, { category: "default_component_of", full_product_name: { name: "foreman-debug-0:3.5.1.24-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13-capsule:foreman-debug-0:3.5.1.24-1.el8sat.noarch", }, product_reference: "foreman-debug-0:3.5.1.24-1.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.13-capsule", }, { category: "default_component_of", full_product_name: { name: "foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13-capsule:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch", }, product_reference: "foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.13-capsule", }, { category: "default_component_of", full_product_name: { name: "foreman-ec2-0:3.5.1.24-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13-capsule:foreman-ec2-0:3.5.1.24-1.el8sat.noarch", }, product_reference: "foreman-ec2-0:3.5.1.24-1.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.13-capsule", }, { category: "default_component_of", full_product_name: { name: "foreman-installer-1:3.5.2.7-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13-capsule:foreman-installer-1:3.5.2.7-1.el8sat.noarch", }, product_reference: "foreman-installer-1:3.5.2.7-1.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.13-capsule", }, { category: "default_component_of", full_product_name: { name: "foreman-installer-1:3.5.2.7-1.el8sat.src as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13-capsule:foreman-installer-1:3.5.2.7-1.el8sat.src", }, product_reference: "foreman-installer-1:3.5.2.7-1.el8sat.src", relates_to_product_reference: "8Base-satellite-6.13-capsule", }, { category: "default_component_of", full_product_name: { name: "foreman-installer-katello-1:3.5.2.7-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13-capsule:foreman-installer-katello-1:3.5.2.7-1.el8sat.noarch", }, product_reference: "foreman-installer-katello-1:3.5.2.7-1.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.13-capsule", }, { category: "default_component_of", full_product_name: { name: "foreman-journald-0:3.5.1.24-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13-capsule:foreman-journald-0:3.5.1.24-1.el8sat.noarch", }, product_reference: "foreman-journald-0:3.5.1.24-1.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.13-capsule", }, { category: "default_component_of", full_product_name: { name: "foreman-libvirt-0:3.5.1.24-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13-capsule:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch", }, product_reference: "foreman-libvirt-0:3.5.1.24-1.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.13-capsule", }, { category: "default_component_of", full_product_name: { name: "foreman-openstack-0:3.5.1.24-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13-capsule:foreman-openstack-0:3.5.1.24-1.el8sat.noarch", }, product_reference: "foreman-openstack-0:3.5.1.24-1.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.13-capsule", }, { category: "default_component_of", full_product_name: { name: "foreman-ovirt-0:3.5.1.24-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13-capsule:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch", }, product_reference: "foreman-ovirt-0:3.5.1.24-1.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.13-capsule", }, { category: "default_component_of", full_product_name: { name: "foreman-postgresql-0:3.5.1.24-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13-capsule:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch", }, product_reference: "foreman-postgresql-0:3.5.1.24-1.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.13-capsule", }, { category: "default_component_of", full_product_name: { name: "foreman-service-0:3.5.1.24-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13-capsule:foreman-service-0:3.5.1.24-1.el8sat.noarch", }, product_reference: "foreman-service-0:3.5.1.24-1.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.13-capsule", }, { category: "default_component_of", full_product_name: { name: "foreman-telemetry-0:3.5.1.24-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13-capsule:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch", }, product_reference: "foreman-telemetry-0:3.5.1.24-1.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.13-capsule", }, { category: "default_component_of", full_product_name: { name: "foreman-vmware-0:3.5.1.24-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13-capsule:foreman-vmware-0:3.5.1.24-1.el8sat.noarch", }, product_reference: "foreman-vmware-0:3.5.1.24-1.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.13-capsule", }, { category: "default_component_of", full_product_name: { name: "mosquitto-0:2.0.17-1.el8sat.src as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13-capsule:mosquitto-0:2.0.17-1.el8sat.src", }, product_reference: "mosquitto-0:2.0.17-1.el8sat.src", relates_to_product_reference: "8Base-satellite-6.13-capsule", }, { category: "default_component_of", full_product_name: { name: "mosquitto-0:2.0.17-1.el8sat.x86_64 as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64", }, product_reference: "mosquitto-0:2.0.17-1.el8sat.x86_64", relates_to_product_reference: "8Base-satellite-6.13-capsule", }, { category: "default_component_of", full_product_name: { name: "mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64 as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", }, product_reference: "mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", relates_to_product_reference: "8Base-satellite-6.13-capsule", }, { category: "default_component_of", full_product_name: { name: "mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64 as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", }, product_reference: "mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", relates_to_product_reference: "8Base-satellite-6.13-capsule", }, { category: "default_component_of", full_product_name: { name: "python-pulp-container-0:2.14.11-1.el8pc.src as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13-capsule:python-pulp-container-0:2.14.11-1.el8pc.src", }, product_reference: "python-pulp-container-0:2.14.11-1.el8pc.src", relates_to_product_reference: "8Base-satellite-6.13-capsule", }, { category: "default_component_of", full_product_name: { name: "python-pulp-rpm-0:3.18.19-2.el8pc.src as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13-capsule:python-pulp-rpm-0:3.18.19-2.el8pc.src", }, product_reference: "python-pulp-rpm-0:3.18.19-2.el8pc.src", relates_to_product_reference: "8Base-satellite-6.13-capsule", }, { category: "default_component_of", full_product_name: { name: "python3-createrepo_c-0:1.0.2-2.el8pc.x86_64 as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13-capsule:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64", }, product_reference: "python3-createrepo_c-0:1.0.2-2.el8pc.x86_64", relates_to_product_reference: "8Base-satellite-6.13-capsule", }, { category: "default_component_of", full_product_name: { name: "python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64 as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13-capsule:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", }, product_reference: "python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", relates_to_product_reference: "8Base-satellite-6.13-capsule", }, { category: "default_component_of", full_product_name: { name: "python39-createrepo_c-0:1.0.2-2.el8pc.x86_64 as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13-capsule:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64", }, product_reference: "python39-createrepo_c-0:1.0.2-2.el8pc.x86_64", relates_to_product_reference: "8Base-satellite-6.13-capsule", }, { category: "default_component_of", full_product_name: { name: "python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64 as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13-capsule:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", }, product_reference: "python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", relates_to_product_reference: "8Base-satellite-6.13-capsule", }, { category: "default_component_of", full_product_name: { name: "python39-pulp-container-0:2.14.11-1.el8pc.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch", }, product_reference: "python39-pulp-container-0:2.14.11-1.el8pc.noarch", relates_to_product_reference: "8Base-satellite-6.13-capsule", }, { category: "default_component_of", full_product_name: { name: "python39-pulp-rpm-0:3.18.19-2.el8pc.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13-capsule:python39-pulp-rpm-0:3.18.19-2.el8pc.noarch", }, product_reference: "python39-pulp-rpm-0:3.18.19-2.el8pc.noarch", relates_to_product_reference: "8Base-satellite-6.13-capsule", }, { category: "default_component_of", full_product_name: { name: "satellite-0:6.13.7-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13-capsule:satellite-0:6.13.7-1.el8sat.noarch", }, product_reference: "satellite-0:6.13.7-1.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.13-capsule", }, { category: "default_component_of", full_product_name: { name: "satellite-0:6.13.7-1.el8sat.src as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13-capsule:satellite-0:6.13.7-1.el8sat.src", }, product_reference: "satellite-0:6.13.7-1.el8sat.src", relates_to_product_reference: "8Base-satellite-6.13-capsule", }, { category: "default_component_of", full_product_name: { name: "satellite-capsule-0:6.13.7-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13-capsule:satellite-capsule-0:6.13.7-1.el8sat.noarch", }, product_reference: "satellite-capsule-0:6.13.7-1.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.13-capsule", }, { category: "default_component_of", full_product_name: { name: "satellite-cli-0:6.13.7-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13-capsule:satellite-cli-0:6.13.7-1.el8sat.noarch", }, product_reference: "satellite-cli-0:6.13.7-1.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.13-capsule", }, { category: "default_component_of", full_product_name: { name: "satellite-common-0:6.13.7-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13-capsule:satellite-common-0:6.13.7-1.el8sat.noarch", }, product_reference: "satellite-common-0:6.13.7-1.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.13-capsule", }, { category: "default_component_of", full_product_name: { name: "satellite-clone-0:3.5.0-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13-maintenance:satellite-clone-0:3.5.0-1.el8sat.noarch", }, product_reference: "satellite-clone-0:3.5.0-1.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.13-maintenance", }, { category: "default_component_of", full_product_name: { name: "satellite-clone-0:3.5.0-1.el8sat.src as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13-maintenance:satellite-clone-0:3.5.0-1.el8sat.src", }, product_reference: "satellite-clone-0:3.5.0-1.el8sat.src", relates_to_product_reference: "8Base-satellite-6.13-maintenance", }, { category: "default_component_of", full_product_name: { name: "foreman-0:3.5.1.24-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13-utils:foreman-0:3.5.1.24-1.el8sat.noarch", }, product_reference: "foreman-0:3.5.1.24-1.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.13-utils", }, { category: "default_component_of", full_product_name: { name: "foreman-0:3.5.1.24-1.el8sat.src as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13-utils:foreman-0:3.5.1.24-1.el8sat.src", }, product_reference: "foreman-0:3.5.1.24-1.el8sat.src", relates_to_product_reference: "8Base-satellite-6.13-utils", }, { category: "default_component_of", full_product_name: { name: "foreman-cli-0:3.5.1.24-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13-utils:foreman-cli-0:3.5.1.24-1.el8sat.noarch", }, product_reference: "foreman-cli-0:3.5.1.24-1.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.13-utils", }, { category: "default_component_of", full_product_name: { name: "foreman-debug-0:3.5.1.24-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13-utils:foreman-debug-0:3.5.1.24-1.el8sat.noarch", }, product_reference: "foreman-debug-0:3.5.1.24-1.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.13-utils", }, { category: "default_component_of", full_product_name: { name: "foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13-utils:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch", }, product_reference: "foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.13-utils", }, { category: "default_component_of", full_product_name: { name: "foreman-ec2-0:3.5.1.24-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13-utils:foreman-ec2-0:3.5.1.24-1.el8sat.noarch", }, product_reference: "foreman-ec2-0:3.5.1.24-1.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.13-utils", }, { category: "default_component_of", full_product_name: { name: "foreman-journald-0:3.5.1.24-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13-utils:foreman-journald-0:3.5.1.24-1.el8sat.noarch", }, product_reference: "foreman-journald-0:3.5.1.24-1.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.13-utils", }, { category: "default_component_of", full_product_name: { name: "foreman-libvirt-0:3.5.1.24-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13-utils:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch", }, product_reference: "foreman-libvirt-0:3.5.1.24-1.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.13-utils", }, { category: "default_component_of", full_product_name: { name: "foreman-openstack-0:3.5.1.24-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13-utils:foreman-openstack-0:3.5.1.24-1.el8sat.noarch", }, product_reference: "foreman-openstack-0:3.5.1.24-1.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.13-utils", }, { category: "default_component_of", full_product_name: { name: "foreman-ovirt-0:3.5.1.24-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13-utils:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch", }, product_reference: "foreman-ovirt-0:3.5.1.24-1.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.13-utils", }, { category: "default_component_of", full_product_name: { name: "foreman-postgresql-0:3.5.1.24-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13-utils:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch", }, product_reference: "foreman-postgresql-0:3.5.1.24-1.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.13-utils", }, { category: "default_component_of", full_product_name: { name: "foreman-service-0:3.5.1.24-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13-utils:foreman-service-0:3.5.1.24-1.el8sat.noarch", }, product_reference: "foreman-service-0:3.5.1.24-1.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.13-utils", }, { category: "default_component_of", full_product_name: { name: "foreman-telemetry-0:3.5.1.24-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13-utils:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch", }, product_reference: "foreman-telemetry-0:3.5.1.24-1.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.13-utils", }, { category: "default_component_of", full_product_name: { name: "foreman-vmware-0:3.5.1.24-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13-utils:foreman-vmware-0:3.5.1.24-1.el8sat.noarch", }, product_reference: "foreman-vmware-0:3.5.1.24-1.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.13-utils", }, { category: "default_component_of", full_product_name: { name: "satellite-0:6.13.7-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13-utils:satellite-0:6.13.7-1.el8sat.noarch", }, product_reference: "satellite-0:6.13.7-1.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.13-utils", }, { category: "default_component_of", full_product_name: { name: "satellite-0:6.13.7-1.el8sat.src as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13-utils:satellite-0:6.13.7-1.el8sat.src", }, product_reference: "satellite-0:6.13.7-1.el8sat.src", relates_to_product_reference: "8Base-satellite-6.13-utils", }, { category: "default_component_of", full_product_name: { name: "satellite-capsule-0:6.13.7-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13-utils:satellite-capsule-0:6.13.7-1.el8sat.noarch", }, product_reference: "satellite-capsule-0:6.13.7-1.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.13-utils", }, { category: "default_component_of", full_product_name: { name: "satellite-cli-0:6.13.7-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13-utils:satellite-cli-0:6.13.7-1.el8sat.noarch", }, product_reference: "satellite-cli-0:6.13.7-1.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.13-utils", }, { category: "default_component_of", full_product_name: { name: "satellite-common-0:6.13.7-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13-utils:satellite-common-0:6.13.7-1.el8sat.noarch", }, product_reference: "satellite-common-0:6.13.7-1.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.13-utils", }, { category: "default_component_of", full_product_name: { name: "ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.noarch", }, product_reference: "ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.13", }, { category: "default_component_of", full_product_name: { name: "ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.src as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.src", }, product_reference: "ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.src", relates_to_product_reference: "8Base-satellite-6.13", }, { category: "default_component_of", full_product_name: { name: "createrepo_c-0:1.0.2-2.el8pc.src as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13:createrepo_c-0:1.0.2-2.el8pc.src", }, product_reference: "createrepo_c-0:1.0.2-2.el8pc.src", relates_to_product_reference: "8Base-satellite-6.13", }, { category: "default_component_of", full_product_name: { name: "createrepo_c-0:1.0.2-2.el8pc.x86_64 as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13:createrepo_c-0:1.0.2-2.el8pc.x86_64", }, product_reference: "createrepo_c-0:1.0.2-2.el8pc.x86_64", relates_to_product_reference: "8Base-satellite-6.13", }, { category: "default_component_of", full_product_name: { name: "createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64 as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", }, product_reference: "createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", relates_to_product_reference: "8Base-satellite-6.13", }, { category: "default_component_of", full_product_name: { name: "createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64 as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64", }, product_reference: "createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64", relates_to_product_reference: "8Base-satellite-6.13", }, { category: "default_component_of", full_product_name: { name: "createrepo_c-libs-0:1.0.2-2.el8pc.x86_64 as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64", }, product_reference: "createrepo_c-libs-0:1.0.2-2.el8pc.x86_64", relates_to_product_reference: "8Base-satellite-6.13", }, { category: "default_component_of", full_product_name: { name: "createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64 as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64", }, product_reference: "createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64", relates_to_product_reference: "8Base-satellite-6.13", }, { category: "default_component_of", full_product_name: { name: "foreman-0:3.5.1.24-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13:foreman-0:3.5.1.24-1.el8sat.noarch", }, product_reference: "foreman-0:3.5.1.24-1.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.13", }, { category: "default_component_of", full_product_name: { name: "foreman-0:3.5.1.24-1.el8sat.src as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13:foreman-0:3.5.1.24-1.el8sat.src", }, product_reference: "foreman-0:3.5.1.24-1.el8sat.src", relates_to_product_reference: "8Base-satellite-6.13", }, { category: "default_component_of", full_product_name: { name: "foreman-cli-0:3.5.1.24-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13:foreman-cli-0:3.5.1.24-1.el8sat.noarch", }, product_reference: "foreman-cli-0:3.5.1.24-1.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.13", }, { category: "default_component_of", full_product_name: { name: "foreman-debug-0:3.5.1.24-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13:foreman-debug-0:3.5.1.24-1.el8sat.noarch", }, product_reference: "foreman-debug-0:3.5.1.24-1.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.13", }, { category: "default_component_of", full_product_name: { name: "foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch", }, product_reference: "foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.13", }, { category: "default_component_of", full_product_name: { name: "foreman-ec2-0:3.5.1.24-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13:foreman-ec2-0:3.5.1.24-1.el8sat.noarch", }, product_reference: "foreman-ec2-0:3.5.1.24-1.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.13", }, { category: "default_component_of", full_product_name: { name: "foreman-installer-1:3.5.2.7-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13:foreman-installer-1:3.5.2.7-1.el8sat.noarch", }, product_reference: "foreman-installer-1:3.5.2.7-1.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.13", }, { category: "default_component_of", full_product_name: { name: "foreman-installer-1:3.5.2.7-1.el8sat.src as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13:foreman-installer-1:3.5.2.7-1.el8sat.src", }, product_reference: "foreman-installer-1:3.5.2.7-1.el8sat.src", relates_to_product_reference: "8Base-satellite-6.13", }, { category: "default_component_of", full_product_name: { name: "foreman-installer-katello-1:3.5.2.7-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13:foreman-installer-katello-1:3.5.2.7-1.el8sat.noarch", }, product_reference: "foreman-installer-katello-1:3.5.2.7-1.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.13", }, { category: "default_component_of", full_product_name: { name: "foreman-journald-0:3.5.1.24-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13:foreman-journald-0:3.5.1.24-1.el8sat.noarch", }, product_reference: "foreman-journald-0:3.5.1.24-1.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.13", }, { category: "default_component_of", full_product_name: { name: "foreman-libvirt-0:3.5.1.24-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch", }, product_reference: "foreman-libvirt-0:3.5.1.24-1.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.13", }, { category: "default_component_of", full_product_name: { name: "foreman-openstack-0:3.5.1.24-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13:foreman-openstack-0:3.5.1.24-1.el8sat.noarch", }, product_reference: "foreman-openstack-0:3.5.1.24-1.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.13", }, { category: "default_component_of", full_product_name: { name: "foreman-ovirt-0:3.5.1.24-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch", }, product_reference: "foreman-ovirt-0:3.5.1.24-1.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.13", }, { category: "default_component_of", full_product_name: { name: "foreman-postgresql-0:3.5.1.24-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch", }, product_reference: "foreman-postgresql-0:3.5.1.24-1.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.13", }, { category: "default_component_of", full_product_name: { name: "foreman-service-0:3.5.1.24-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13:foreman-service-0:3.5.1.24-1.el8sat.noarch", }, product_reference: "foreman-service-0:3.5.1.24-1.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.13", }, { category: "default_component_of", full_product_name: { name: "foreman-telemetry-0:3.5.1.24-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch", }, product_reference: "foreman-telemetry-0:3.5.1.24-1.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.13", }, { category: "default_component_of", full_product_name: { name: "foreman-vmware-0:3.5.1.24-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13:foreman-vmware-0:3.5.1.24-1.el8sat.noarch", }, product_reference: "foreman-vmware-0:3.5.1.24-1.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.13", }, { category: "default_component_of", full_product_name: { name: "mosquitto-0:2.0.17-1.el8sat.src as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13:mosquitto-0:2.0.17-1.el8sat.src", }, product_reference: "mosquitto-0:2.0.17-1.el8sat.src", relates_to_product_reference: "8Base-satellite-6.13", }, { category: "default_component_of", full_product_name: { name: "mosquitto-0:2.0.17-1.el8sat.x86_64 as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13:mosquitto-0:2.0.17-1.el8sat.x86_64", }, product_reference: "mosquitto-0:2.0.17-1.el8sat.x86_64", relates_to_product_reference: "8Base-satellite-6.13", }, { category: "default_component_of", full_product_name: { name: "mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64 as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", }, product_reference: "mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", relates_to_product_reference: "8Base-satellite-6.13", }, { category: "default_component_of", full_product_name: { name: "mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64 as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", }, product_reference: "mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", relates_to_product_reference: "8Base-satellite-6.13", }, { category: "default_component_of", full_product_name: { name: "python-pulp-container-0:2.14.11-1.el8pc.src as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13:python-pulp-container-0:2.14.11-1.el8pc.src", }, product_reference: "python-pulp-container-0:2.14.11-1.el8pc.src", relates_to_product_reference: "8Base-satellite-6.13", }, { category: "default_component_of", full_product_name: { name: "python-pulp-rpm-0:3.18.19-2.el8pc.src as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13:python-pulp-rpm-0:3.18.19-2.el8pc.src", }, product_reference: "python-pulp-rpm-0:3.18.19-2.el8pc.src", relates_to_product_reference: "8Base-satellite-6.13", }, { category: "default_component_of", full_product_name: { name: "python3-createrepo_c-0:1.0.2-2.el8pc.x86_64 as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64", }, product_reference: "python3-createrepo_c-0:1.0.2-2.el8pc.x86_64", relates_to_product_reference: "8Base-satellite-6.13", }, { category: "default_component_of", full_product_name: { name: "python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64 as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", }, product_reference: "python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", relates_to_product_reference: "8Base-satellite-6.13", }, { category: "default_component_of", full_product_name: { name: "python39-createrepo_c-0:1.0.2-2.el8pc.x86_64 as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64", }, product_reference: "python39-createrepo_c-0:1.0.2-2.el8pc.x86_64", relates_to_product_reference: "8Base-satellite-6.13", }, { category: "default_component_of", full_product_name: { name: "python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64 as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", }, product_reference: "python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", relates_to_product_reference: "8Base-satellite-6.13", }, { category: "default_component_of", full_product_name: { name: "python39-pulp-container-0:2.14.11-1.el8pc.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13:python39-pulp-container-0:2.14.11-1.el8pc.noarch", }, product_reference: "python39-pulp-container-0:2.14.11-1.el8pc.noarch", relates_to_product_reference: "8Base-satellite-6.13", }, { category: "default_component_of", full_product_name: { name: "python39-pulp-rpm-0:3.18.19-2.el8pc.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13:python39-pulp-rpm-0:3.18.19-2.el8pc.noarch", }, product_reference: "python39-pulp-rpm-0:3.18.19-2.el8pc.noarch", relates_to_product_reference: "8Base-satellite-6.13", }, { category: "default_component_of", full_product_name: { name: "rubygem-foreman_bootdisk-0:21.0.5-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13:rubygem-foreman_bootdisk-0:21.0.5-1.el8sat.noarch", }, product_reference: "rubygem-foreman_bootdisk-0:21.0.5-1.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.13", }, { category: "default_component_of", full_product_name: { name: "rubygem-foreman_bootdisk-0:21.0.5-1.el8sat.src as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13:rubygem-foreman_bootdisk-0:21.0.5-1.el8sat.src", }, product_reference: "rubygem-foreman_bootdisk-0:21.0.5-1.el8sat.src", relates_to_product_reference: "8Base-satellite-6.13", }, { category: "default_component_of", full_product_name: { name: "rubygem-foreman_leapp-0:0.1.13-2.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13:rubygem-foreman_leapp-0:0.1.13-2.el8sat.noarch", }, product_reference: "rubygem-foreman_leapp-0:0.1.13-2.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.13", }, { category: "default_component_of", full_product_name: { name: "rubygem-foreman_leapp-0:0.1.13-2.el8sat.src as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13:rubygem-foreman_leapp-0:0.1.13-2.el8sat.src", }, product_reference: "rubygem-foreman_leapp-0:0.1.13-2.el8sat.src", relates_to_product_reference: "8Base-satellite-6.13", }, { category: "default_component_of", full_product_name: { name: "rubygem-katello-0:4.7.0.36-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13:rubygem-katello-0:4.7.0.36-1.el8sat.noarch", }, product_reference: "rubygem-katello-0:4.7.0.36-1.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.13", }, { category: "default_component_of", full_product_name: { name: "rubygem-katello-0:4.7.0.36-1.el8sat.src as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13:rubygem-katello-0:4.7.0.36-1.el8sat.src", }, product_reference: "rubygem-katello-0:4.7.0.36-1.el8sat.src", relates_to_product_reference: "8Base-satellite-6.13", }, { category: "default_component_of", full_product_name: { name: "satellite-0:6.13.7-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13:satellite-0:6.13.7-1.el8sat.noarch", }, product_reference: "satellite-0:6.13.7-1.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.13", }, { category: "default_component_of", full_product_name: { name: "satellite-0:6.13.7-1.el8sat.src as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13:satellite-0:6.13.7-1.el8sat.src", }, product_reference: "satellite-0:6.13.7-1.el8sat.src", relates_to_product_reference: "8Base-satellite-6.13", }, { category: "default_component_of", full_product_name: { name: "satellite-capsule-0:6.13.7-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13:satellite-capsule-0:6.13.7-1.el8sat.noarch", }, product_reference: "satellite-capsule-0:6.13.7-1.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.13", }, { category: "default_component_of", full_product_name: { name: "satellite-cli-0:6.13.7-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13:satellite-cli-0:6.13.7-1.el8sat.noarch", }, product_reference: "satellite-cli-0:6.13.7-1.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.13", }, { category: "default_component_of", full_product_name: { name: "satellite-common-0:6.13.7-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13:satellite-common-0:6.13.7-1.el8sat.noarch", }, product_reference: "satellite-common-0:6.13.7-1.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.13", }, ], }, vulnerabilities: [ { acknowledgments: [ { names: [ "Fernando Velazquez", ], organization: "Red Hat", summary: "This issue was discovered by Red Hat.", }, ], cve: "CVE-2022-4130", cwe: { id: "CWE-918", name: "Server-Side Request Forgery (SSRF)", }, discovery_date: "2022-11-23T00:00:00+00:00", flags: [ { label: "vulnerable_code_not_present", product_ids: [ "8Base-satellite-6.13-capsule:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.noarch", "8Base-satellite-6.13-capsule:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.src", "8Base-satellite-6.13-capsule:createrepo_c-0:1.0.2-2.el8pc.src", "8Base-satellite-6.13-capsule:createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:foreman-cli-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-debug-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-ec2-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-installer-1:3.5.2.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-installer-1:3.5.2.7-1.el8sat.src", "8Base-satellite-6.13-capsule:foreman-installer-katello-1:3.5.2.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-journald-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-openstack-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-service-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-vmware-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.13-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13-capsule:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.13-capsule:python-pulp-rpm-0:3.18.19-2.el8pc.src", "8Base-satellite-6.13-capsule:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.13-capsule:python39-pulp-rpm-0:3.18.19-2.el8pc.noarch", "8Base-satellite-6.13-capsule:satellite-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:satellite-0:6.13.7-1.el8sat.src", "8Base-satellite-6.13-capsule:satellite-capsule-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:satellite-cli-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:satellite-common-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-maintenance:satellite-clone-0:3.5.0-1.el8sat.noarch", "8Base-satellite-6.13-maintenance:satellite-clone-0:3.5.0-1.el8sat.src", "8Base-satellite-6.13-utils:foreman-cli-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-debug-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-ec2-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-journald-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-openstack-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-service-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-vmware-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:satellite-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-utils:satellite-0:6.13.7-1.el8sat.src", "8Base-satellite-6.13-utils:satellite-capsule-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-utils:satellite-cli-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-utils:satellite-common-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.noarch", "8Base-satellite-6.13:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.src", "8Base-satellite-6.13:createrepo_c-0:1.0.2-2.el8pc.src", "8Base-satellite-6.13:createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:foreman-cli-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-debug-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-ec2-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-installer-1:3.5.2.7-1.el8sat.noarch", "8Base-satellite-6.13:foreman-installer-1:3.5.2.7-1.el8sat.src", "8Base-satellite-6.13:foreman-installer-katello-1:3.5.2.7-1.el8sat.noarch", "8Base-satellite-6.13:foreman-journald-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-openstack-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-service-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-vmware-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.13:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.13:python-pulp-rpm-0:3.18.19-2.el8pc.src", "8Base-satellite-6.13:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.13:python39-pulp-rpm-0:3.18.19-2.el8pc.noarch", "8Base-satellite-6.13:rubygem-foreman_bootdisk-0:21.0.5-1.el8sat.noarch", "8Base-satellite-6.13:rubygem-foreman_bootdisk-0:21.0.5-1.el8sat.src", "8Base-satellite-6.13:rubygem-foreman_leapp-0:0.1.13-2.el8sat.noarch", "8Base-satellite-6.13:rubygem-foreman_leapp-0:0.1.13-2.el8sat.src", "8Base-satellite-6.13:rubygem-katello-0:4.7.0.36-1.el8sat.noarch", "8Base-satellite-6.13:rubygem-katello-0:4.7.0.36-1.el8sat.src", "8Base-satellite-6.13:satellite-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13:satellite-0:6.13.7-1.el8sat.src", "8Base-satellite-6.13:satellite-capsule-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13:satellite-cli-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13:satellite-common-0:6.13.7-1.el8sat.noarch", ], }, ], ids: [ { system_name: "Red Hat Bugzilla ID", text: "2145254", }, ], notes: [ { category: "description", text: "A blind site-to-site request forgery vulnerability was found in Satellite server. It is possible to trigger an external interaction to an attacker's server by modifying the Referer header in an HTTP request of specific resources in the server.", title: "Vulnerability description", }, { category: "summary", text: "satellite: Blind SSRF via Referer header", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "8Base-satellite-6.13-capsule:foreman-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-0:3.5.1.24-1.el8sat.src", "8Base-satellite-6.13-utils:foreman-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-0:3.5.1.24-1.el8sat.src", "8Base-satellite-6.13:foreman-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-0:3.5.1.24-1.el8sat.src", ], known_not_affected: [ "8Base-satellite-6.13-capsule:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.noarch", "8Base-satellite-6.13-capsule:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.src", "8Base-satellite-6.13-capsule:createrepo_c-0:1.0.2-2.el8pc.src", "8Base-satellite-6.13-capsule:createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:foreman-cli-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-debug-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-ec2-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-installer-1:3.5.2.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-installer-1:3.5.2.7-1.el8sat.src", "8Base-satellite-6.13-capsule:foreman-installer-katello-1:3.5.2.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-journald-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-openstack-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-service-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-vmware-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.13-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13-capsule:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.13-capsule:python-pulp-rpm-0:3.18.19-2.el8pc.src", "8Base-satellite-6.13-capsule:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.13-capsule:python39-pulp-rpm-0:3.18.19-2.el8pc.noarch", "8Base-satellite-6.13-capsule:satellite-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:satellite-0:6.13.7-1.el8sat.src", "8Base-satellite-6.13-capsule:satellite-capsule-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:satellite-cli-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:satellite-common-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-maintenance:satellite-clone-0:3.5.0-1.el8sat.noarch", "8Base-satellite-6.13-maintenance:satellite-clone-0:3.5.0-1.el8sat.src", "8Base-satellite-6.13-utils:foreman-cli-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-debug-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-ec2-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-journald-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-openstack-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-service-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-vmware-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:satellite-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-utils:satellite-0:6.13.7-1.el8sat.src", "8Base-satellite-6.13-utils:satellite-capsule-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-utils:satellite-cli-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-utils:satellite-common-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.noarch", "8Base-satellite-6.13:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.src", "8Base-satellite-6.13:createrepo_c-0:1.0.2-2.el8pc.src", "8Base-satellite-6.13:createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:foreman-cli-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-debug-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-ec2-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-installer-1:3.5.2.7-1.el8sat.noarch", "8Base-satellite-6.13:foreman-installer-1:3.5.2.7-1.el8sat.src", "8Base-satellite-6.13:foreman-installer-katello-1:3.5.2.7-1.el8sat.noarch", "8Base-satellite-6.13:foreman-journald-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-openstack-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-service-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-vmware-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.13:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.13:python-pulp-rpm-0:3.18.19-2.el8pc.src", "8Base-satellite-6.13:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.13:python39-pulp-rpm-0:3.18.19-2.el8pc.noarch", "8Base-satellite-6.13:rubygem-foreman_bootdisk-0:21.0.5-1.el8sat.noarch", "8Base-satellite-6.13:rubygem-foreman_bootdisk-0:21.0.5-1.el8sat.src", "8Base-satellite-6.13:rubygem-foreman_leapp-0:0.1.13-2.el8sat.noarch", "8Base-satellite-6.13:rubygem-foreman_leapp-0:0.1.13-2.el8sat.src", "8Base-satellite-6.13:rubygem-katello-0:4.7.0.36-1.el8sat.noarch", "8Base-satellite-6.13:rubygem-katello-0:4.7.0.36-1.el8sat.src", "8Base-satellite-6.13:satellite-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13:satellite-0:6.13.7-1.el8sat.src", "8Base-satellite-6.13:satellite-capsule-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13:satellite-cli-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13:satellite-common-0:6.13.7-1.el8sat.noarch", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2022-4130", }, { category: "external", summary: "RHBZ#2145254", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2145254", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2022-4130", url: "https://www.cve.org/CVERecord?id=CVE-2022-4130", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2022-4130", url: "https://nvd.nist.gov/vuln/detail/CVE-2022-4130", }, ], release_date: "2023-01-16T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-02-29T20:37:45+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor detailed instructions how to apply this update, refer to:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_satellite/6.6/html/upgrading_and_updating_red_hat_satellite/updating_satellite_server_capsule_server_and_content_hosts", product_ids: [ "8Base-satellite-6.13-capsule:foreman-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-0:3.5.1.24-1.el8sat.src", "8Base-satellite-6.13-utils:foreman-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-0:3.5.1.24-1.el8sat.src", "8Base-satellite-6.13:foreman-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-0:3.5.1.24-1.el8sat.src", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:1061", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 3.5, baseSeverity: "LOW", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:L/I:L/A:N", version: "3.1", }, products: [ "8Base-satellite-6.13-capsule:foreman-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-0:3.5.1.24-1.el8sat.src", "8Base-satellite-6.13-utils:foreman-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-0:3.5.1.24-1.el8sat.src", "8Base-satellite-6.13:foreman-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-0:3.5.1.24-1.el8sat.src", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "satellite: Blind SSRF via Referer header", }, { cve: "CVE-2023-0809", cwe: { id: "CWE-401", name: "Missing Release of Memory after Effective Lifetime", }, discovery_date: "2023-09-01T00:00:00+00:00", flags: [ { label: "vulnerable_code_not_present", product_ids: [ "8Base-satellite-6.13-capsule:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.noarch", "8Base-satellite-6.13-capsule:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.src", "8Base-satellite-6.13-capsule:createrepo_c-0:1.0.2-2.el8pc.src", "8Base-satellite-6.13-capsule:createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:foreman-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-0:3.5.1.24-1.el8sat.src", "8Base-satellite-6.13-capsule:foreman-cli-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-debug-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-ec2-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-installer-1:3.5.2.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-installer-1:3.5.2.7-1.el8sat.src", "8Base-satellite-6.13-capsule:foreman-installer-katello-1:3.5.2.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-journald-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-openstack-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-service-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-vmware-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.13-capsule:python-pulp-rpm-0:3.18.19-2.el8pc.src", "8Base-satellite-6.13-capsule:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.13-capsule:python39-pulp-rpm-0:3.18.19-2.el8pc.noarch", "8Base-satellite-6.13-capsule:satellite-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:satellite-0:6.13.7-1.el8sat.src", "8Base-satellite-6.13-capsule:satellite-capsule-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:satellite-cli-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:satellite-common-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-maintenance:satellite-clone-0:3.5.0-1.el8sat.noarch", "8Base-satellite-6.13-maintenance:satellite-clone-0:3.5.0-1.el8sat.src", "8Base-satellite-6.13-utils:foreman-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-0:3.5.1.24-1.el8sat.src", "8Base-satellite-6.13-utils:foreman-cli-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-debug-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-ec2-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-journald-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-openstack-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-service-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-vmware-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:satellite-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-utils:satellite-0:6.13.7-1.el8sat.src", "8Base-satellite-6.13-utils:satellite-capsule-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-utils:satellite-cli-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-utils:satellite-common-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.noarch", "8Base-satellite-6.13:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.src", "8Base-satellite-6.13:createrepo_c-0:1.0.2-2.el8pc.src", "8Base-satellite-6.13:createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:foreman-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-0:3.5.1.24-1.el8sat.src", "8Base-satellite-6.13:foreman-cli-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-debug-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-ec2-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-installer-1:3.5.2.7-1.el8sat.noarch", "8Base-satellite-6.13:foreman-installer-1:3.5.2.7-1.el8sat.src", "8Base-satellite-6.13:foreman-installer-katello-1:3.5.2.7-1.el8sat.noarch", "8Base-satellite-6.13:foreman-journald-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-openstack-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-service-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-vmware-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.13:python-pulp-rpm-0:3.18.19-2.el8pc.src", "8Base-satellite-6.13:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.13:python39-pulp-rpm-0:3.18.19-2.el8pc.noarch", "8Base-satellite-6.13:rubygem-foreman_bootdisk-0:21.0.5-1.el8sat.noarch", "8Base-satellite-6.13:rubygem-foreman_bootdisk-0:21.0.5-1.el8sat.src", "8Base-satellite-6.13:rubygem-foreman_leapp-0:0.1.13-2.el8sat.noarch", "8Base-satellite-6.13:rubygem-foreman_leapp-0:0.1.13-2.el8sat.src", "8Base-satellite-6.13:rubygem-katello-0:4.7.0.36-1.el8sat.noarch", "8Base-satellite-6.13:rubygem-katello-0:4.7.0.36-1.el8sat.src", "8Base-satellite-6.13:satellite-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13:satellite-0:6.13.7-1.el8sat.src", "8Base-satellite-6.13:satellite-capsule-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13:satellite-cli-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13:satellite-common-0:6.13.7-1.el8sat.noarch", ], }, ], ids: [ { system_name: "Red Hat Bugzilla ID", text: "2236882", }, ], notes: [ { category: "description", text: "A memory leak vulnerability was found in Eclipse Mosquitto. This issue is triggered by malicious initial packets or certain client actions and may allow a remote attacker to the deplete system resources causing memory exhaustion, leading to a disruption in services and a denial of service condition.", title: "Vulnerability description", }, { category: "summary", text: "mosquitto: memory leak leads to unresponsive broker", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "8Base-satellite-6.13-capsule:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.13-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.13:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", ], known_not_affected: [ "8Base-satellite-6.13-capsule:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.noarch", "8Base-satellite-6.13-capsule:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.src", "8Base-satellite-6.13-capsule:createrepo_c-0:1.0.2-2.el8pc.src", "8Base-satellite-6.13-capsule:createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:foreman-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-0:3.5.1.24-1.el8sat.src", "8Base-satellite-6.13-capsule:foreman-cli-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-debug-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-ec2-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-installer-1:3.5.2.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-installer-1:3.5.2.7-1.el8sat.src", "8Base-satellite-6.13-capsule:foreman-installer-katello-1:3.5.2.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-journald-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-openstack-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-service-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-vmware-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.13-capsule:python-pulp-rpm-0:3.18.19-2.el8pc.src", "8Base-satellite-6.13-capsule:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.13-capsule:python39-pulp-rpm-0:3.18.19-2.el8pc.noarch", "8Base-satellite-6.13-capsule:satellite-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:satellite-0:6.13.7-1.el8sat.src", "8Base-satellite-6.13-capsule:satellite-capsule-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:satellite-cli-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:satellite-common-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-maintenance:satellite-clone-0:3.5.0-1.el8sat.noarch", "8Base-satellite-6.13-maintenance:satellite-clone-0:3.5.0-1.el8sat.src", "8Base-satellite-6.13-utils:foreman-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-0:3.5.1.24-1.el8sat.src", "8Base-satellite-6.13-utils:foreman-cli-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-debug-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-ec2-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-journald-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-openstack-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-service-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-vmware-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:satellite-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-utils:satellite-0:6.13.7-1.el8sat.src", "8Base-satellite-6.13-utils:satellite-capsule-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-utils:satellite-cli-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-utils:satellite-common-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.noarch", "8Base-satellite-6.13:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.src", "8Base-satellite-6.13:createrepo_c-0:1.0.2-2.el8pc.src", "8Base-satellite-6.13:createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:foreman-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-0:3.5.1.24-1.el8sat.src", "8Base-satellite-6.13:foreman-cli-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-debug-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-ec2-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-installer-1:3.5.2.7-1.el8sat.noarch", "8Base-satellite-6.13:foreman-installer-1:3.5.2.7-1.el8sat.src", "8Base-satellite-6.13:foreman-installer-katello-1:3.5.2.7-1.el8sat.noarch", "8Base-satellite-6.13:foreman-journald-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-openstack-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-service-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-vmware-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.13:python-pulp-rpm-0:3.18.19-2.el8pc.src", "8Base-satellite-6.13:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.13:python39-pulp-rpm-0:3.18.19-2.el8pc.noarch", "8Base-satellite-6.13:rubygem-foreman_bootdisk-0:21.0.5-1.el8sat.noarch", "8Base-satellite-6.13:rubygem-foreman_bootdisk-0:21.0.5-1.el8sat.src", "8Base-satellite-6.13:rubygem-foreman_leapp-0:0.1.13-2.el8sat.noarch", "8Base-satellite-6.13:rubygem-foreman_leapp-0:0.1.13-2.el8sat.src", "8Base-satellite-6.13:rubygem-katello-0:4.7.0.36-1.el8sat.noarch", "8Base-satellite-6.13:rubygem-katello-0:4.7.0.36-1.el8sat.src", "8Base-satellite-6.13:satellite-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13:satellite-0:6.13.7-1.el8sat.src", "8Base-satellite-6.13:satellite-capsule-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13:satellite-cli-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13:satellite-common-0:6.13.7-1.el8sat.noarch", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2023-0809", }, { category: "external", summary: "RHBZ#2236882", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2236882", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2023-0809", url: "https://www.cve.org/CVERecord?id=CVE-2023-0809", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2023-0809", url: "https://nvd.nist.gov/vuln/detail/CVE-2023-0809", }, { category: "external", summary: "https://github.com/eclipse/mosquitto/commit/6113eac95a9df634fbc858be542c4a0456bfe7b9", url: "https://github.com/eclipse/mosquitto/commit/6113eac95a9df634fbc858be542c4a0456bfe7b9", }, ], release_date: "2023-09-01T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-02-29T20:37:45+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor detailed instructions how to apply this update, refer to:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_satellite/6.6/html/upgrading_and_updating_red_hat_satellite/updating_satellite_server_capsule_server_and_content_hosts", product_ids: [ "8Base-satellite-6.13-capsule:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.13-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.13:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:1061", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "8Base-satellite-6.13-capsule:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.13-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.13:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "mosquitto: memory leak leads to unresponsive broker", }, { cve: "CVE-2023-3592", cwe: { id: "CWE-401", name: "Missing Release of Memory after Effective Lifetime", }, discovery_date: "2023-09-01T00:00:00+00:00", flags: [ { label: "vulnerable_code_not_present", product_ids: [ "8Base-satellite-6.13-capsule:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.noarch", "8Base-satellite-6.13-capsule:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.src", "8Base-satellite-6.13-capsule:createrepo_c-0:1.0.2-2.el8pc.src", "8Base-satellite-6.13-capsule:createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:foreman-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-0:3.5.1.24-1.el8sat.src", "8Base-satellite-6.13-capsule:foreman-cli-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-debug-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-ec2-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-installer-1:3.5.2.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-installer-1:3.5.2.7-1.el8sat.src", "8Base-satellite-6.13-capsule:foreman-installer-katello-1:3.5.2.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-journald-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-openstack-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-service-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-vmware-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.13-capsule:python-pulp-rpm-0:3.18.19-2.el8pc.src", "8Base-satellite-6.13-capsule:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.13-capsule:python39-pulp-rpm-0:3.18.19-2.el8pc.noarch", "8Base-satellite-6.13-capsule:satellite-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:satellite-0:6.13.7-1.el8sat.src", "8Base-satellite-6.13-capsule:satellite-capsule-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:satellite-cli-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:satellite-common-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-maintenance:satellite-clone-0:3.5.0-1.el8sat.noarch", "8Base-satellite-6.13-maintenance:satellite-clone-0:3.5.0-1.el8sat.src", "8Base-satellite-6.13-utils:foreman-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-0:3.5.1.24-1.el8sat.src", "8Base-satellite-6.13-utils:foreman-cli-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-debug-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-ec2-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-journald-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-openstack-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-service-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-vmware-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:satellite-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-utils:satellite-0:6.13.7-1.el8sat.src", "8Base-satellite-6.13-utils:satellite-capsule-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-utils:satellite-cli-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-utils:satellite-common-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.noarch", "8Base-satellite-6.13:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.src", "8Base-satellite-6.13:createrepo_c-0:1.0.2-2.el8pc.src", "8Base-satellite-6.13:createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:foreman-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-0:3.5.1.24-1.el8sat.src", "8Base-satellite-6.13:foreman-cli-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-debug-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-ec2-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-installer-1:3.5.2.7-1.el8sat.noarch", "8Base-satellite-6.13:foreman-installer-1:3.5.2.7-1.el8sat.src", "8Base-satellite-6.13:foreman-installer-katello-1:3.5.2.7-1.el8sat.noarch", "8Base-satellite-6.13:foreman-journald-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-openstack-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-service-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-vmware-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.13:python-pulp-rpm-0:3.18.19-2.el8pc.src", "8Base-satellite-6.13:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.13:python39-pulp-rpm-0:3.18.19-2.el8pc.noarch", "8Base-satellite-6.13:rubygem-foreman_bootdisk-0:21.0.5-1.el8sat.noarch", "8Base-satellite-6.13:rubygem-foreman_bootdisk-0:21.0.5-1.el8sat.src", "8Base-satellite-6.13:rubygem-foreman_leapp-0:0.1.13-2.el8sat.noarch", "8Base-satellite-6.13:rubygem-foreman_leapp-0:0.1.13-2.el8sat.src", "8Base-satellite-6.13:rubygem-katello-0:4.7.0.36-1.el8sat.noarch", "8Base-satellite-6.13:rubygem-katello-0:4.7.0.36-1.el8sat.src", "8Base-satellite-6.13:satellite-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13:satellite-0:6.13.7-1.el8sat.src", "8Base-satellite-6.13:satellite-capsule-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13:satellite-cli-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13:satellite-common-0:6.13.7-1.el8sat.noarch", ], }, ], ids: [ { system_name: "Red Hat Bugzilla ID", text: "2236882", }, ], notes: [ { category: "description", text: "A memory leak vulnerability was found in Eclipse Mosquitto. This issue is triggered by malicious initial packets or certain client actions and may allow a remote attacker to the deplete system resources causing memory exhaustion, leading to a disruption in services and a denial of service condition.", title: "Vulnerability description", }, { category: "summary", text: "mosquitto: memory leak leads to unresponsive broker", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "8Base-satellite-6.13-capsule:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.13-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.13:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", ], known_not_affected: [ "8Base-satellite-6.13-capsule:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.noarch", "8Base-satellite-6.13-capsule:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.src", "8Base-satellite-6.13-capsule:createrepo_c-0:1.0.2-2.el8pc.src", "8Base-satellite-6.13-capsule:createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:foreman-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-0:3.5.1.24-1.el8sat.src", "8Base-satellite-6.13-capsule:foreman-cli-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-debug-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-ec2-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-installer-1:3.5.2.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-installer-1:3.5.2.7-1.el8sat.src", "8Base-satellite-6.13-capsule:foreman-installer-katello-1:3.5.2.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-journald-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-openstack-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-service-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-vmware-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.13-capsule:python-pulp-rpm-0:3.18.19-2.el8pc.src", "8Base-satellite-6.13-capsule:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.13-capsule:python39-pulp-rpm-0:3.18.19-2.el8pc.noarch", "8Base-satellite-6.13-capsule:satellite-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:satellite-0:6.13.7-1.el8sat.src", "8Base-satellite-6.13-capsule:satellite-capsule-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:satellite-cli-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:satellite-common-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-maintenance:satellite-clone-0:3.5.0-1.el8sat.noarch", "8Base-satellite-6.13-maintenance:satellite-clone-0:3.5.0-1.el8sat.src", "8Base-satellite-6.13-utils:foreman-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-0:3.5.1.24-1.el8sat.src", "8Base-satellite-6.13-utils:foreman-cli-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-debug-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-ec2-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-journald-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-openstack-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-service-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-vmware-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:satellite-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-utils:satellite-0:6.13.7-1.el8sat.src", "8Base-satellite-6.13-utils:satellite-capsule-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-utils:satellite-cli-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-utils:satellite-common-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.noarch", "8Base-satellite-6.13:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.src", "8Base-satellite-6.13:createrepo_c-0:1.0.2-2.el8pc.src", "8Base-satellite-6.13:createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:foreman-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-0:3.5.1.24-1.el8sat.src", "8Base-satellite-6.13:foreman-cli-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-debug-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-ec2-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-installer-1:3.5.2.7-1.el8sat.noarch", "8Base-satellite-6.13:foreman-installer-1:3.5.2.7-1.el8sat.src", "8Base-satellite-6.13:foreman-installer-katello-1:3.5.2.7-1.el8sat.noarch", "8Base-satellite-6.13:foreman-journald-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-openstack-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-service-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-vmware-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.13:python-pulp-rpm-0:3.18.19-2.el8pc.src", "8Base-satellite-6.13:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.13:python39-pulp-rpm-0:3.18.19-2.el8pc.noarch", "8Base-satellite-6.13:rubygem-foreman_bootdisk-0:21.0.5-1.el8sat.noarch", "8Base-satellite-6.13:rubygem-foreman_bootdisk-0:21.0.5-1.el8sat.src", "8Base-satellite-6.13:rubygem-foreman_leapp-0:0.1.13-2.el8sat.noarch", "8Base-satellite-6.13:rubygem-foreman_leapp-0:0.1.13-2.el8sat.src", "8Base-satellite-6.13:rubygem-katello-0:4.7.0.36-1.el8sat.noarch", "8Base-satellite-6.13:rubygem-katello-0:4.7.0.36-1.el8sat.src", "8Base-satellite-6.13:satellite-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13:satellite-0:6.13.7-1.el8sat.src", "8Base-satellite-6.13:satellite-capsule-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13:satellite-cli-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13:satellite-common-0:6.13.7-1.el8sat.noarch", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2023-3592", }, { category: "external", summary: "RHBZ#2236882", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2236882", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2023-3592", url: "https://www.cve.org/CVERecord?id=CVE-2023-3592", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2023-3592", url: "https://nvd.nist.gov/vuln/detail/CVE-2023-3592", }, { category: "external", summary: "https://github.com/eclipse/mosquitto/commit/6113eac95a9df634fbc858be542c4a0456bfe7b9", url: "https://github.com/eclipse/mosquitto/commit/6113eac95a9df634fbc858be542c4a0456bfe7b9", }, ], release_date: "2023-09-01T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-02-29T20:37:45+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor detailed instructions how to apply this update, refer to:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_satellite/6.6/html/upgrading_and_updating_red_hat_satellite/updating_satellite_server_capsule_server_and_content_hosts", product_ids: [ "8Base-satellite-6.13-capsule:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.13-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.13:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:1061", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "8Base-satellite-6.13-capsule:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.13-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.13:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "mosquitto: memory leak leads to unresponsive broker", }, { cve: "CVE-2023-4886", cwe: { id: "CWE-200", name: "Exposure of Sensitive Information to an Unauthorized Actor", }, discovery_date: "2023-08-08T00:00:00+00:00", flags: [ { label: "vulnerable_code_not_present", product_ids: [ "8Base-satellite-6.13-capsule:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.noarch", "8Base-satellite-6.13-capsule:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.src", "8Base-satellite-6.13-capsule:createrepo_c-0:1.0.2-2.el8pc.src", "8Base-satellite-6.13-capsule:createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:foreman-installer-1:3.5.2.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-installer-1:3.5.2.7-1.el8sat.src", "8Base-satellite-6.13-capsule:foreman-installer-katello-1:3.5.2.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.13-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13-capsule:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.13-capsule:python-pulp-rpm-0:3.18.19-2.el8pc.src", "8Base-satellite-6.13-capsule:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.13-capsule:python39-pulp-rpm-0:3.18.19-2.el8pc.noarch", "8Base-satellite-6.13-capsule:satellite-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:satellite-0:6.13.7-1.el8sat.src", "8Base-satellite-6.13-capsule:satellite-capsule-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:satellite-cli-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:satellite-common-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-maintenance:satellite-clone-0:3.5.0-1.el8sat.noarch", "8Base-satellite-6.13-maintenance:satellite-clone-0:3.5.0-1.el8sat.src", "8Base-satellite-6.13-utils:satellite-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-utils:satellite-0:6.13.7-1.el8sat.src", "8Base-satellite-6.13-utils:satellite-capsule-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-utils:satellite-cli-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-utils:satellite-common-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.noarch", "8Base-satellite-6.13:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.src", "8Base-satellite-6.13:createrepo_c-0:1.0.2-2.el8pc.src", "8Base-satellite-6.13:createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:foreman-installer-1:3.5.2.7-1.el8sat.noarch", "8Base-satellite-6.13:foreman-installer-1:3.5.2.7-1.el8sat.src", "8Base-satellite-6.13:foreman-installer-katello-1:3.5.2.7-1.el8sat.noarch", "8Base-satellite-6.13:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.13:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.13:python-pulp-rpm-0:3.18.19-2.el8pc.src", "8Base-satellite-6.13:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.13:python39-pulp-rpm-0:3.18.19-2.el8pc.noarch", "8Base-satellite-6.13:rubygem-foreman_bootdisk-0:21.0.5-1.el8sat.noarch", "8Base-satellite-6.13:rubygem-foreman_bootdisk-0:21.0.5-1.el8sat.src", "8Base-satellite-6.13:rubygem-foreman_leapp-0:0.1.13-2.el8sat.noarch", "8Base-satellite-6.13:rubygem-foreman_leapp-0:0.1.13-2.el8sat.src", "8Base-satellite-6.13:rubygem-katello-0:4.7.0.36-1.el8sat.noarch", "8Base-satellite-6.13:rubygem-katello-0:4.7.0.36-1.el8sat.src", "8Base-satellite-6.13:satellite-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13:satellite-0:6.13.7-1.el8sat.src", "8Base-satellite-6.13:satellite-capsule-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13:satellite-cli-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13:satellite-common-0:6.13.7-1.el8sat.noarch", ], }, ], ids: [ { system_name: "Red Hat Bugzilla ID", text: "2230135", }, ], notes: [ { category: "description", text: "A sensitive information exposure vulnerability was found in foreman. Contents of tomcat's server.xml file, which contain passwords to candlepin's keystore and truststore, were found to be world readable.", title: "Vulnerability description", }, { category: "summary", text: "foreman: World readable file containing secrets", title: "Vulnerability summary", }, { category: "other", text: "This flaw has a limited impact on security, as candlepin's individual stores' privileges are limited to root and tomcat only. Therefore, the impact is limited to highly privileged users.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "8Base-satellite-6.13-capsule:foreman-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-0:3.5.1.24-1.el8sat.src", "8Base-satellite-6.13-capsule:foreman-cli-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-debug-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-ec2-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-journald-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-openstack-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-service-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-vmware-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-0:3.5.1.24-1.el8sat.src", "8Base-satellite-6.13-utils:foreman-cli-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-debug-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-ec2-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-journald-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-openstack-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-service-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-vmware-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-0:3.5.1.24-1.el8sat.src", "8Base-satellite-6.13:foreman-cli-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-debug-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-ec2-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-journald-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-openstack-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-service-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-vmware-0:3.5.1.24-1.el8sat.noarch", ], known_not_affected: [ "8Base-satellite-6.13-capsule:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.noarch", "8Base-satellite-6.13-capsule:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.src", "8Base-satellite-6.13-capsule:createrepo_c-0:1.0.2-2.el8pc.src", "8Base-satellite-6.13-capsule:createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:foreman-installer-1:3.5.2.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-installer-1:3.5.2.7-1.el8sat.src", "8Base-satellite-6.13-capsule:foreman-installer-katello-1:3.5.2.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.13-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13-capsule:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.13-capsule:python-pulp-rpm-0:3.18.19-2.el8pc.src", "8Base-satellite-6.13-capsule:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.13-capsule:python39-pulp-rpm-0:3.18.19-2.el8pc.noarch", "8Base-satellite-6.13-capsule:satellite-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:satellite-0:6.13.7-1.el8sat.src", "8Base-satellite-6.13-capsule:satellite-capsule-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:satellite-cli-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:satellite-common-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-maintenance:satellite-clone-0:3.5.0-1.el8sat.noarch", "8Base-satellite-6.13-maintenance:satellite-clone-0:3.5.0-1.el8sat.src", "8Base-satellite-6.13-utils:satellite-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-utils:satellite-0:6.13.7-1.el8sat.src", "8Base-satellite-6.13-utils:satellite-capsule-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-utils:satellite-cli-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-utils:satellite-common-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.noarch", "8Base-satellite-6.13:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.src", "8Base-satellite-6.13:createrepo_c-0:1.0.2-2.el8pc.src", "8Base-satellite-6.13:createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:foreman-installer-1:3.5.2.7-1.el8sat.noarch", "8Base-satellite-6.13:foreman-installer-1:3.5.2.7-1.el8sat.src", "8Base-satellite-6.13:foreman-installer-katello-1:3.5.2.7-1.el8sat.noarch", "8Base-satellite-6.13:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.13:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.13:python-pulp-rpm-0:3.18.19-2.el8pc.src", "8Base-satellite-6.13:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.13:python39-pulp-rpm-0:3.18.19-2.el8pc.noarch", "8Base-satellite-6.13:rubygem-foreman_bootdisk-0:21.0.5-1.el8sat.noarch", "8Base-satellite-6.13:rubygem-foreman_bootdisk-0:21.0.5-1.el8sat.src", "8Base-satellite-6.13:rubygem-foreman_leapp-0:0.1.13-2.el8sat.noarch", "8Base-satellite-6.13:rubygem-foreman_leapp-0:0.1.13-2.el8sat.src", "8Base-satellite-6.13:rubygem-katello-0:4.7.0.36-1.el8sat.noarch", "8Base-satellite-6.13:rubygem-katello-0:4.7.0.36-1.el8sat.src", "8Base-satellite-6.13:satellite-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13:satellite-0:6.13.7-1.el8sat.src", "8Base-satellite-6.13:satellite-capsule-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13:satellite-cli-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13:satellite-common-0:6.13.7-1.el8sat.noarch", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2023-4886", }, { category: "external", summary: "RHBZ#2230135", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2230135", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2023-4886", url: "https://www.cve.org/CVERecord?id=CVE-2023-4886", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2023-4886", url: "https://nvd.nist.gov/vuln/detail/CVE-2023-4886", }, ], release_date: "2023-10-03T14:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-02-29T20:37:45+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor detailed instructions how to apply this update, refer to:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_satellite/6.6/html/upgrading_and_updating_red_hat_satellite/updating_satellite_server_capsule_server_and_content_hosts", product_ids: [ "8Base-satellite-6.13-capsule:foreman-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-0:3.5.1.24-1.el8sat.src", "8Base-satellite-6.13-capsule:foreman-cli-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-debug-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-ec2-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-journald-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-openstack-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-service-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-vmware-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-0:3.5.1.24-1.el8sat.src", "8Base-satellite-6.13-utils:foreman-cli-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-debug-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-ec2-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-journald-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-openstack-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-service-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-vmware-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-0:3.5.1.24-1.el8sat.src", "8Base-satellite-6.13:foreman-cli-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-debug-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-ec2-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-journald-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-openstack-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-service-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-vmware-0:3.5.1.24-1.el8sat.noarch", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:1061", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 6.7, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "8Base-satellite-6.13-capsule:foreman-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-0:3.5.1.24-1.el8sat.src", "8Base-satellite-6.13-capsule:foreman-cli-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-debug-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-ec2-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-journald-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-openstack-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-service-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-vmware-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-0:3.5.1.24-1.el8sat.src", "8Base-satellite-6.13-utils:foreman-cli-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-debug-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-ec2-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-journald-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-openstack-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-service-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-vmware-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-0:3.5.1.24-1.el8sat.src", "8Base-satellite-6.13:foreman-cli-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-debug-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-ec2-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-journald-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-openstack-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-service-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-vmware-0:3.5.1.24-1.el8sat.noarch", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "foreman: World readable file containing secrets", }, { cve: "CVE-2023-28366", cwe: { id: "CWE-401", name: "Missing Release of Memory after Effective Lifetime", }, discovery_date: "2023-09-01T00:00:00+00:00", flags: [ { label: "vulnerable_code_not_present", product_ids: [ "8Base-satellite-6.13-capsule:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.noarch", "8Base-satellite-6.13-capsule:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.src", "8Base-satellite-6.13-capsule:createrepo_c-0:1.0.2-2.el8pc.src", "8Base-satellite-6.13-capsule:createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:foreman-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-0:3.5.1.24-1.el8sat.src", "8Base-satellite-6.13-capsule:foreman-cli-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-debug-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-ec2-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-installer-1:3.5.2.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-installer-1:3.5.2.7-1.el8sat.src", "8Base-satellite-6.13-capsule:foreman-installer-katello-1:3.5.2.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-journald-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-openstack-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-service-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-vmware-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.13-capsule:python-pulp-rpm-0:3.18.19-2.el8pc.src", "8Base-satellite-6.13-capsule:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.13-capsule:python39-pulp-rpm-0:3.18.19-2.el8pc.noarch", "8Base-satellite-6.13-capsule:satellite-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:satellite-0:6.13.7-1.el8sat.src", "8Base-satellite-6.13-capsule:satellite-capsule-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:satellite-cli-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:satellite-common-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-maintenance:satellite-clone-0:3.5.0-1.el8sat.noarch", "8Base-satellite-6.13-maintenance:satellite-clone-0:3.5.0-1.el8sat.src", "8Base-satellite-6.13-utils:foreman-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-0:3.5.1.24-1.el8sat.src", "8Base-satellite-6.13-utils:foreman-cli-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-debug-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-ec2-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-journald-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-openstack-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-service-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-vmware-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:satellite-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-utils:satellite-0:6.13.7-1.el8sat.src", "8Base-satellite-6.13-utils:satellite-capsule-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-utils:satellite-cli-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-utils:satellite-common-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.noarch", "8Base-satellite-6.13:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.src", "8Base-satellite-6.13:createrepo_c-0:1.0.2-2.el8pc.src", "8Base-satellite-6.13:createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:foreman-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-0:3.5.1.24-1.el8sat.src", "8Base-satellite-6.13:foreman-cli-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-debug-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-ec2-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-installer-1:3.5.2.7-1.el8sat.noarch", "8Base-satellite-6.13:foreman-installer-1:3.5.2.7-1.el8sat.src", "8Base-satellite-6.13:foreman-installer-katello-1:3.5.2.7-1.el8sat.noarch", "8Base-satellite-6.13:foreman-journald-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-openstack-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-service-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-vmware-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.13:python-pulp-rpm-0:3.18.19-2.el8pc.src", "8Base-satellite-6.13:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.13:python39-pulp-rpm-0:3.18.19-2.el8pc.noarch", "8Base-satellite-6.13:rubygem-foreman_bootdisk-0:21.0.5-1.el8sat.noarch", "8Base-satellite-6.13:rubygem-foreman_bootdisk-0:21.0.5-1.el8sat.src", "8Base-satellite-6.13:rubygem-foreman_leapp-0:0.1.13-2.el8sat.noarch", "8Base-satellite-6.13:rubygem-foreman_leapp-0:0.1.13-2.el8sat.src", "8Base-satellite-6.13:rubygem-katello-0:4.7.0.36-1.el8sat.noarch", "8Base-satellite-6.13:rubygem-katello-0:4.7.0.36-1.el8sat.src", "8Base-satellite-6.13:satellite-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13:satellite-0:6.13.7-1.el8sat.src", "8Base-satellite-6.13:satellite-capsule-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13:satellite-cli-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13:satellite-common-0:6.13.7-1.el8sat.noarch", ], }, ], ids: [ { system_name: "Red Hat Bugzilla ID", text: "2236882", }, ], notes: [ { category: "description", text: "A memory leak vulnerability was found in Eclipse Mosquitto. This issue is triggered by malicious initial packets or certain client actions and may allow a remote attacker to the deplete system resources causing memory exhaustion, leading to a disruption in services and a denial of service condition.", title: "Vulnerability description", }, { category: "summary", text: "mosquitto: memory leak leads to unresponsive broker", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "8Base-satellite-6.13-capsule:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.13-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.13:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", ], known_not_affected: [ "8Base-satellite-6.13-capsule:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.noarch", "8Base-satellite-6.13-capsule:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.src", "8Base-satellite-6.13-capsule:createrepo_c-0:1.0.2-2.el8pc.src", "8Base-satellite-6.13-capsule:createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:foreman-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-0:3.5.1.24-1.el8sat.src", "8Base-satellite-6.13-capsule:foreman-cli-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-debug-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-ec2-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-installer-1:3.5.2.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-installer-1:3.5.2.7-1.el8sat.src", "8Base-satellite-6.13-capsule:foreman-installer-katello-1:3.5.2.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-journald-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-openstack-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-service-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-vmware-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.13-capsule:python-pulp-rpm-0:3.18.19-2.el8pc.src", "8Base-satellite-6.13-capsule:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.13-capsule:python39-pulp-rpm-0:3.18.19-2.el8pc.noarch", "8Base-satellite-6.13-capsule:satellite-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:satellite-0:6.13.7-1.el8sat.src", "8Base-satellite-6.13-capsule:satellite-capsule-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:satellite-cli-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:satellite-common-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-maintenance:satellite-clone-0:3.5.0-1.el8sat.noarch", "8Base-satellite-6.13-maintenance:satellite-clone-0:3.5.0-1.el8sat.src", "8Base-satellite-6.13-utils:foreman-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-0:3.5.1.24-1.el8sat.src", "8Base-satellite-6.13-utils:foreman-cli-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-debug-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-ec2-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-journald-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-openstack-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-service-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-vmware-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:satellite-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-utils:satellite-0:6.13.7-1.el8sat.src", "8Base-satellite-6.13-utils:satellite-capsule-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-utils:satellite-cli-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-utils:satellite-common-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.noarch", "8Base-satellite-6.13:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.src", "8Base-satellite-6.13:createrepo_c-0:1.0.2-2.el8pc.src", "8Base-satellite-6.13:createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:foreman-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-0:3.5.1.24-1.el8sat.src", "8Base-satellite-6.13:foreman-cli-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-debug-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-ec2-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-installer-1:3.5.2.7-1.el8sat.noarch", "8Base-satellite-6.13:foreman-installer-1:3.5.2.7-1.el8sat.src", "8Base-satellite-6.13:foreman-installer-katello-1:3.5.2.7-1.el8sat.noarch", "8Base-satellite-6.13:foreman-journald-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-openstack-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-service-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-vmware-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.13:python-pulp-rpm-0:3.18.19-2.el8pc.src", "8Base-satellite-6.13:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.13:python39-pulp-rpm-0:3.18.19-2.el8pc.noarch", "8Base-satellite-6.13:rubygem-foreman_bootdisk-0:21.0.5-1.el8sat.noarch", "8Base-satellite-6.13:rubygem-foreman_bootdisk-0:21.0.5-1.el8sat.src", "8Base-satellite-6.13:rubygem-foreman_leapp-0:0.1.13-2.el8sat.noarch", "8Base-satellite-6.13:rubygem-foreman_leapp-0:0.1.13-2.el8sat.src", "8Base-satellite-6.13:rubygem-katello-0:4.7.0.36-1.el8sat.noarch", "8Base-satellite-6.13:rubygem-katello-0:4.7.0.36-1.el8sat.src", "8Base-satellite-6.13:satellite-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13:satellite-0:6.13.7-1.el8sat.src", "8Base-satellite-6.13:satellite-capsule-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13:satellite-cli-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13:satellite-common-0:6.13.7-1.el8sat.noarch", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2023-28366", }, { category: "external", summary: "RHBZ#2236882", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2236882", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2023-28366", url: "https://www.cve.org/CVERecord?id=CVE-2023-28366", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2023-28366", url: "https://nvd.nist.gov/vuln/detail/CVE-2023-28366", }, { category: "external", summary: "https://github.com/eclipse/mosquitto/commit/6113eac95a9df634fbc858be542c4a0456bfe7b9", url: "https://github.com/eclipse/mosquitto/commit/6113eac95a9df634fbc858be542c4a0456bfe7b9", }, ], release_date: "2023-09-01T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-02-29T20:37:45+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor detailed instructions how to apply this update, refer to:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_satellite/6.6/html/upgrading_and_updating_red_hat_satellite/updating_satellite_server_capsule_server_and_content_hosts", product_ids: [ "8Base-satellite-6.13-capsule:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.13-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.13:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:1061", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "8Base-satellite-6.13-capsule:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.13-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.13:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "mosquitto: memory leak leads to unresponsive broker", }, ], }
rhsa-2024_0797
Vulnerability from csaf_redhat
Published
2024-02-13 14:45
Modified
2024-12-10 16:44
Summary
Red Hat Security Advisory: Satellite 6.14.2 Async Security Update
Notes
Topic
Updated Satellite 6.14 packages that fixes Important security bugs and several
regular bugs are now available for Red Hat Satellite.
Details
Red Hat Satellite is a system management solution that allows organizations
to configure and maintain their systems without the necessity to provide
public Internet access to their servers or other client systems. It
performs provisioning and configuration management of predefined standard
operating environments.
Security fix(es):
* CVE-2023-26049 (puppetserver): Cookie parsing of quoted values can exfiltrate values from other cookies
* CVE-2023-26141 (rubygem-sidekiq): Denial of Service (DoS) in dashboard-charts
* CVE-2023-36479 (puppetserver): Improper addition of quotation marks to user inputs in CgiServlet
* CVE-2023-38545 (puppet-agent): Heap-based buffer overflow in the SOCKS5 proxy handshake
* CVE-2023-40167 (puppetserver): Improper validation of HTTP/1 content-length
* CVE-2023-40175 (rubygem-puma): HTTP request smuggling when parsing chunked transfer encoding bodies and zero-length content-length headers
* CVE-2023-4785 (rubygem-grpc): File descriptor exhaustion leads to denial of service
* CVE-2023-0809, CVE-2023-28366, CVE-2023-3592 (mosquitto): Memory leak leads to unresponsive broker
This update fixes the following bugs:
2250347 - 'Sun, 11 Jun 2023 17:51:29 GMT' could not be parsed at index 0 at java.time.format.DateTimeFormatter.parseResolved
2254974 - satellite-convert2rhel-toolkit install fails on latest rpm with `/usr/bin/bash: /usr/libexec/satellite-convert2rhel-appliance/action-install.sh: No such file or directory`
2255260 - 6.14 - satellite-convert2rhel-toolkit is part of the satellite module
2257321 - Request for UEFI Kickstart Provisioning to handle naming convention for VLAN tagged interfaces of the format <parent_device>.<vlan_id> in addition to vlan<vlan_id>
2257324 - Generate applicability tasks fails with error "ERROR: insert or update on table "katello_content_facet_errata" violates foreign key constraint "katello_content_facet_errata_ca_id"
2257326 - Show failed resources in failed installation report
2257327 - Puppet reports without any messages don't get an origin
2257329 - Host registration fails with error "Attached to can't be blank" when the VLAN name includes UPPERCASE letters
2257330 - default tuning profile leaves httpd MaxClients 150 which httpd raises a warning
2257331 - Registering host through load balancer causes REX not to know what capsule to choose for 'registered_through'
2257332 - Registration can't find any Capsules when their locations are not assigned to admin user
2257415 - Provisioning vm host fails with error "Failed to attach ISO image to CDROM drive of instance client.example.com: InvalidPowerState: The attempted operation cannot be performed in the current state (Powered on)".
2260525 - [Improvement] RefreshRepos step in Capsule Sync to refresh just repos to sync
2262131 - Unable to sync library/busybox from gcr.io
Users of Red Hat Satellite are advised to upgrade to these updated
packages, which fix these bugs.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Updated Satellite 6.14 packages that fixes Important security bugs and several\nregular bugs are now available for Red Hat Satellite.", title: "Topic", }, { category: "general", text: "Red Hat Satellite is a system management solution that allows organizations\nto configure and maintain their systems without the necessity to provide\npublic Internet access to their servers or other client systems. It\nperforms provisioning and configuration management of predefined standard\noperating environments.\n\nSecurity fix(es):\n* CVE-2023-26049 (puppetserver): Cookie parsing of quoted values can exfiltrate values from other cookies\n* CVE-2023-26141 (rubygem-sidekiq): Denial of Service (DoS) in dashboard-charts\n* CVE-2023-36479 (puppetserver): Improper addition of quotation marks to user inputs in CgiServlet\n* CVE-2023-38545 (puppet-agent): Heap-based buffer overflow in the SOCKS5 proxy handshake\n* CVE-2023-40167 (puppetserver): Improper validation of HTTP/1 content-length\n* CVE-2023-40175 (rubygem-puma): HTTP request smuggling when parsing chunked transfer encoding bodies and zero-length content-length headers\n* CVE-2023-4785 (rubygem-grpc): File descriptor exhaustion leads to denial of service\n* CVE-2023-0809, CVE-2023-28366, CVE-2023-3592 (mosquitto): Memory leak leads to unresponsive broker\n\nThis update fixes the following bugs:\n2250347 - 'Sun, 11 Jun 2023 17:51:29 GMT' could not be parsed at index 0 at java.time.format.DateTimeFormatter.parseResolved\n2254974 - satellite-convert2rhel-toolkit install fails on latest rpm with `/usr/bin/bash: /usr/libexec/satellite-convert2rhel-appliance/action-install.sh: No such file or directory`\n2255260 - 6.14 - satellite-convert2rhel-toolkit is part of the satellite module\n2257321 - Request for UEFI Kickstart Provisioning to handle naming convention for VLAN tagged interfaces of the format <parent_device>.<vlan_id> in addition to vlan<vlan_id>\n2257324 - Generate applicability tasks fails with error \"ERROR: insert or update on table \"katello_content_facet_errata\" violates foreign key constraint \"katello_content_facet_errata_ca_id\"\n2257326 - Show failed resources in failed installation report\n2257327 - Puppet reports without any messages don't get an origin\n2257329 - Host registration fails with error \"Attached to can't be blank\" when the VLAN name includes UPPERCASE letters\n2257330 - default tuning profile leaves httpd MaxClients 150 which httpd raises a warning\n2257331 - Registering host through load balancer causes REX not to know what capsule to choose for 'registered_through'\n2257332 - Registration can't find any Capsules when their locations are not assigned to admin user\n2257415 - Provisioning vm host fails with error \"Failed to attach ISO image to CDROM drive of instance client.example.com: InvalidPowerState: The attempted operation cannot be performed in the current state (Powered on)\". \n2260525 - [Improvement] RefreshRepos step in Capsule Sync to refresh just repos to sync \n2262131 - Unable to sync library/busybox from gcr.io \n\nUsers of Red Hat Satellite are advised to upgrade to these updated\npackages, which fix these bugs.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2024:0797", url: "https://access.redhat.com/errata/RHSA-2024:0797", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#important", url: "https://access.redhat.com/security/updates/classification/#important", }, { category: "external", summary: "https://access.redhat.com/documentation/en-us/red_hat_satellite/6.14/html/upgrading_and_updating_red_hat_satellite/index", url: "https://access.redhat.com/documentation/en-us/red_hat_satellite/6.14/html/upgrading_and_updating_red_hat_satellite/index", }, { category: "external", summary: "2232729", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2232729", }, { category: "external", summary: "2236341", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2236341", }, { category: "external", summary: "2236882", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2236882", }, { category: "external", summary: "2239010", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2239010", }, { category: "external", summary: "2239017", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2239017", }, { category: "external", summary: "2239630", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2239630", }, { category: "external", summary: "2239634", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2239634", }, { category: "external", summary: "2241933", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2241933", }, { category: "external", summary: "2250347", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2250347", }, { category: "external", summary: "2254974", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2254974", }, { category: "external", summary: "2255260", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2255260", }, { category: "external", summary: "2257321", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2257321", }, { category: "external", summary: "2257324", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2257324", }, { category: "external", summary: "2257326", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2257326", }, { category: "external", summary: "2257327", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2257327", }, { category: "external", summary: "2257329", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2257329", }, { category: "external", summary: "2257330", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2257330", }, { category: "external", summary: "2257331", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2257331", }, { category: "external", summary: "2257332", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2257332", }, { category: "external", summary: "2257415", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2257415", }, { category: "external", summary: "2260525", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2260525", }, { category: "external", summary: "2262131", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2262131", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_0797.json", }, ], title: "Red Hat Security Advisory: Satellite 6.14.2 Async Security Update", tracking: { current_release_date: "2024-12-10T16:44:47+00:00", generator: { date: "2024-12-10T16:44:47+00:00", engine: { name: "Red Hat SDEngine", version: "4.2.3", }, }, id: "RHSA-2024:0797", initial_release_date: "2024-02-13T14:45:57+00:00", revision_history: [ { date: "2024-02-13T14:45:57+00:00", number: "1", summary: "Initial version", }, { date: "2024-02-13T14:45:57+00:00", number: "2", summary: "Last updated version", }, { date: "2024-12-10T16:44:47+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat Satellite 6.14 for RHEL 8", product: { name: "Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14", product_identification_helper: { cpe: "cpe:/a:redhat:satellite:6.14::el8", }, }, }, { category: "product_name", name: "Red Hat Satellite 6.14 for RHEL 8", product: { name: "Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14-capsule", product_identification_helper: { cpe: "cpe:/a:redhat:satellite_capsule:6.14::el8", }, }, }, { category: "product_name", name: "Red Hat Satellite 6.14 for RHEL 8", product: { name: "Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14-utils", product_identification_helper: { cpe: "cpe:/a:redhat:satellite_utils:6.14::el8", }, }, }, ], category: "product_family", name: "Red Hat Satellite 6", }, { branches: [ { category: "product_version", name: "rubygem-katello-0:4.9.0.21-1.el8sat.src", product: { name: "rubygem-katello-0:4.9.0.21-1.el8sat.src", product_id: "rubygem-katello-0:4.9.0.21-1.el8sat.src", product_identification_helper: { purl: "pkg:rpm/redhat/rubygem-katello@4.9.0.21-1.el8sat?arch=src", }, }, }, { category: "product_version", name: "python-pulp-container-0:2.14.11-1.el8pc.src", product: { name: "python-pulp-container-0:2.14.11-1.el8pc.src", product_id: "python-pulp-container-0:2.14.11-1.el8pc.src", product_identification_helper: { purl: "pkg:rpm/redhat/python-pulp-container@2.14.11-1.el8pc?arch=src", }, }, }, { category: "product_version", name: "candlepin-0:4.3.11-1.el8sat.src", product: { name: "candlepin-0:4.3.11-1.el8sat.src", product_id: "candlepin-0:4.3.11-1.el8sat.src", product_identification_helper: { purl: "pkg:rpm/redhat/candlepin@4.3.11-1.el8sat?arch=src", }, }, }, { category: "product_version", name: "foreman-0:3.7.0.11-2.el8sat.src", product: { name: "foreman-0:3.7.0.11-2.el8sat.src", product_id: "foreman-0:3.7.0.11-2.el8sat.src", product_identification_helper: { purl: "pkg:rpm/redhat/foreman@3.7.0.11-2.el8sat?arch=src", }, }, }, { category: "product_version", name: "mosquitto-0:2.0.17-1.el8sat.src", product: { name: "mosquitto-0:2.0.17-1.el8sat.src", product_id: "mosquitto-0:2.0.17-1.el8sat.src", product_identification_helper: { purl: "pkg:rpm/redhat/mosquitto@2.0.17-1.el8sat?arch=src", }, }, }, { category: "product_version", name: "puppet-agent-0:7.27.0-1.el8sat.src", product: { name: "puppet-agent-0:7.27.0-1.el8sat.src", product_id: "puppet-agent-0:7.27.0-1.el8sat.src", product_identification_helper: { purl: "pkg:rpm/redhat/puppet-agent@7.27.0-1.el8sat?arch=src", }, }, }, { category: "product_version", name: "puppetserver-0:7.14.0-1.el8sat.src", product: { name: "puppetserver-0:7.14.0-1.el8sat.src", product_id: "puppetserver-0:7.14.0-1.el8sat.src", product_identification_helper: { purl: "pkg:rpm/redhat/puppetserver@7.14.0-1.el8sat?arch=src", }, }, }, { category: "product_version", name: "rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.src", product: { name: "rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.src", product_id: "rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.src", product_identification_helper: { purl: "pkg:rpm/redhat/rubygem-foreman_bootdisk@21.2.1-1.el8sat?arch=src", }, }, }, { category: "product_version", name: "rubygem-google-protobuf-0:3.24.3-1.el8sat.src", product: { name: "rubygem-google-protobuf-0:3.24.3-1.el8sat.src", product_id: "rubygem-google-protobuf-0:3.24.3-1.el8sat.src", product_identification_helper: { purl: "pkg:rpm/redhat/rubygem-google-protobuf@3.24.3-1.el8sat?arch=src", }, }, }, { category: "product_version", name: "rubygem-grpc-0:1.58.0-1.el8sat.src", product: { name: "rubygem-grpc-0:1.58.0-1.el8sat.src", product_id: "rubygem-grpc-0:1.58.0-1.el8sat.src", product_identification_helper: { purl: "pkg:rpm/redhat/rubygem-grpc@1.58.0-1.el8sat?arch=src", }, }, }, { category: "product_version", name: "rubygem-kafo-0:7.2.0-1.el8sat.src", product: { name: "rubygem-kafo-0:7.2.0-1.el8sat.src", product_id: "rubygem-kafo-0:7.2.0-1.el8sat.src", product_identification_helper: { purl: "pkg:rpm/redhat/rubygem-kafo@7.2.0-1.el8sat?arch=src", }, }, }, { category: "product_version", name: "rubygem-puma-0:6.3.1-1.el8sat.src", product: { name: "rubygem-puma-0:6.3.1-1.el8sat.src", product_id: "rubygem-puma-0:6.3.1-1.el8sat.src", product_identification_helper: { purl: "pkg:rpm/redhat/rubygem-puma@6.3.1-1.el8sat?arch=src", }, }, }, { category: "product_version", name: "rubygem-sidekiq-0:6.5.12-1.el8sat.src", product: { name: "rubygem-sidekiq-0:6.5.12-1.el8sat.src", product_id: "rubygem-sidekiq-0:6.5.12-1.el8sat.src", product_identification_helper: { purl: "pkg:rpm/redhat/rubygem-sidekiq@6.5.12-1.el8sat?arch=src", }, }, }, { category: "product_version", name: "satellite-0:6.14.2-1.el8sat.src", product: { name: "satellite-0:6.14.2-1.el8sat.src", product_id: "satellite-0:6.14.2-1.el8sat.src", product_identification_helper: { purl: "pkg:rpm/redhat/satellite@6.14.2-1.el8sat?arch=src", }, }, }, { category: "product_version", name: "satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.src", product: { name: "satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.src", product_id: "satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.src", product_identification_helper: { purl: "pkg:rpm/redhat/satellite-convert2rhel-toolkit@1.0.1-1.el8sat?arch=src", }, }, }, { category: "product_version", name: "foreman-installer-1:3.7.0.7-1.el8sat.src", product: { name: "foreman-installer-1:3.7.0.7-1.el8sat.src", product_id: "foreman-installer-1:3.7.0.7-1.el8sat.src", product_identification_helper: { purl: "pkg:rpm/redhat/foreman-installer@3.7.0.7-1.el8sat?arch=src&epoch=1", }, }, }, ], category: "architecture", name: "src", }, { branches: [ { category: "product_version", name: "rubygem-katello-0:4.9.0.21-1.el8sat.noarch", product: { name: "rubygem-katello-0:4.9.0.21-1.el8sat.noarch", product_id: "rubygem-katello-0:4.9.0.21-1.el8sat.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/rubygem-katello@4.9.0.21-1.el8sat?arch=noarch", }, }, }, { category: "product_version", name: "python39-pulp-container-0:2.14.11-1.el8pc.noarch", product: { name: "python39-pulp-container-0:2.14.11-1.el8pc.noarch", product_id: "python39-pulp-container-0:2.14.11-1.el8pc.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/python39-pulp-container@2.14.11-1.el8pc?arch=noarch", }, }, }, { category: "product_version", name: "candlepin-0:4.3.11-1.el8sat.noarch", product: { name: "candlepin-0:4.3.11-1.el8sat.noarch", product_id: "candlepin-0:4.3.11-1.el8sat.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/candlepin@4.3.11-1.el8sat?arch=noarch", }, }, }, { category: "product_version", name: "candlepin-selinux-0:4.3.11-1.el8sat.noarch", product: { name: "candlepin-selinux-0:4.3.11-1.el8sat.noarch", product_id: "candlepin-selinux-0:4.3.11-1.el8sat.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/candlepin-selinux@4.3.11-1.el8sat?arch=noarch", }, }, }, { category: "product_version", name: "foreman-cli-0:3.7.0.11-2.el8sat.noarch", product: { name: "foreman-cli-0:3.7.0.11-2.el8sat.noarch", product_id: "foreman-cli-0:3.7.0.11-2.el8sat.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/foreman-cli@3.7.0.11-2.el8sat?arch=noarch", }, }, }, { category: "product_version", name: "foreman-debug-0:3.7.0.11-2.el8sat.noarch", product: { name: "foreman-debug-0:3.7.0.11-2.el8sat.noarch", product_id: "foreman-debug-0:3.7.0.11-2.el8sat.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/foreman-debug@3.7.0.11-2.el8sat?arch=noarch", }, }, }, { category: "product_version", name: "foreman-0:3.7.0.11-2.el8sat.noarch", product: { name: "foreman-0:3.7.0.11-2.el8sat.noarch", product_id: "foreman-0:3.7.0.11-2.el8sat.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/foreman@3.7.0.11-2.el8sat?arch=noarch", }, }, }, { category: "product_version", name: "foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", product: { name: "foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", product_id: "foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/foreman-dynflow-sidekiq@3.7.0.11-2.el8sat?arch=noarch", }, }, }, { category: "product_version", name: "foreman-ec2-0:3.7.0.11-2.el8sat.noarch", product: { name: "foreman-ec2-0:3.7.0.11-2.el8sat.noarch", product_id: "foreman-ec2-0:3.7.0.11-2.el8sat.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/foreman-ec2@3.7.0.11-2.el8sat?arch=noarch", }, }, }, { category: "product_version", name: "foreman-journald-0:3.7.0.11-2.el8sat.noarch", product: { name: "foreman-journald-0:3.7.0.11-2.el8sat.noarch", product_id: "foreman-journald-0:3.7.0.11-2.el8sat.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/foreman-journald@3.7.0.11-2.el8sat?arch=noarch", }, }, }, { category: "product_version", name: "foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", product: { name: "foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", product_id: "foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/foreman-libvirt@3.7.0.11-2.el8sat?arch=noarch", }, }, }, { category: "product_version", name: "foreman-openstack-0:3.7.0.11-2.el8sat.noarch", product: { name: "foreman-openstack-0:3.7.0.11-2.el8sat.noarch", product_id: "foreman-openstack-0:3.7.0.11-2.el8sat.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/foreman-openstack@3.7.0.11-2.el8sat?arch=noarch", }, }, }, { category: "product_version", name: "foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", product: { name: "foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", product_id: "foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/foreman-ovirt@3.7.0.11-2.el8sat?arch=noarch", }, }, }, { category: "product_version", name: "foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", product: { name: "foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", product_id: "foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/foreman-postgresql@3.7.0.11-2.el8sat?arch=noarch", }, }, }, { category: "product_version", name: "foreman-redis-0:3.7.0.11-2.el8sat.noarch", product: { name: "foreman-redis-0:3.7.0.11-2.el8sat.noarch", product_id: "foreman-redis-0:3.7.0.11-2.el8sat.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/foreman-redis@3.7.0.11-2.el8sat?arch=noarch", }, }, }, { category: "product_version", name: "foreman-service-0:3.7.0.11-2.el8sat.noarch", product: { name: "foreman-service-0:3.7.0.11-2.el8sat.noarch", product_id: "foreman-service-0:3.7.0.11-2.el8sat.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/foreman-service@3.7.0.11-2.el8sat?arch=noarch", }, }, }, { category: "product_version", name: "foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", product: { name: "foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", product_id: "foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/foreman-telemetry@3.7.0.11-2.el8sat?arch=noarch", }, }, }, { category: "product_version", name: "foreman-vmware-0:3.7.0.11-2.el8sat.noarch", product: { name: "foreman-vmware-0:3.7.0.11-2.el8sat.noarch", product_id: "foreman-vmware-0:3.7.0.11-2.el8sat.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/foreman-vmware@3.7.0.11-2.el8sat?arch=noarch", }, }, }, { category: "product_version", name: "puppetserver-0:7.14.0-1.el8sat.noarch", product: { name: "puppetserver-0:7.14.0-1.el8sat.noarch", product_id: "puppetserver-0:7.14.0-1.el8sat.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/puppetserver@7.14.0-1.el8sat?arch=noarch", }, }, }, { category: "product_version", name: "rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.noarch", product: { name: "rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.noarch", product_id: "rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/rubygem-foreman_bootdisk@21.2.1-1.el8sat?arch=noarch", }, }, }, { category: "product_version", name: "rubygem-kafo-0:7.2.0-1.el8sat.noarch", product: { name: "rubygem-kafo-0:7.2.0-1.el8sat.noarch", product_id: "rubygem-kafo-0:7.2.0-1.el8sat.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/rubygem-kafo@7.2.0-1.el8sat?arch=noarch", }, }, }, { category: "product_version", name: "rubygem-sidekiq-0:6.5.12-1.el8sat.noarch", product: { name: "rubygem-sidekiq-0:6.5.12-1.el8sat.noarch", product_id: "rubygem-sidekiq-0:6.5.12-1.el8sat.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/rubygem-sidekiq@6.5.12-1.el8sat?arch=noarch", }, }, }, { category: "product_version", name: "satellite-cli-0:6.14.2-1.el8sat.noarch", product: { name: "satellite-cli-0:6.14.2-1.el8sat.noarch", product_id: "satellite-cli-0:6.14.2-1.el8sat.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/satellite-cli@6.14.2-1.el8sat?arch=noarch", }, }, }, { category: "product_version", name: "satellite-capsule-0:6.14.2-1.el8sat.noarch", product: { name: "satellite-capsule-0:6.14.2-1.el8sat.noarch", product_id: "satellite-capsule-0:6.14.2-1.el8sat.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/satellite-capsule@6.14.2-1.el8sat?arch=noarch", }, }, }, { category: "product_version", name: "satellite-common-0:6.14.2-1.el8sat.noarch", product: { name: "satellite-common-0:6.14.2-1.el8sat.noarch", product_id: "satellite-common-0:6.14.2-1.el8sat.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/satellite-common@6.14.2-1.el8sat?arch=noarch", }, }, }, { category: "product_version", name: "satellite-0:6.14.2-1.el8sat.noarch", product: { name: "satellite-0:6.14.2-1.el8sat.noarch", product_id: "satellite-0:6.14.2-1.el8sat.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/satellite@6.14.2-1.el8sat?arch=noarch", }, }, }, { category: "product_version", name: "foreman-installer-1:3.7.0.7-1.el8sat.noarch", product: { name: "foreman-installer-1:3.7.0.7-1.el8sat.noarch", product_id: "foreman-installer-1:3.7.0.7-1.el8sat.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/foreman-installer@3.7.0.7-1.el8sat?arch=noarch&epoch=1", }, }, }, { category: "product_version", name: "foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", product: { name: "foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", product_id: "foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/foreman-installer-katello@3.7.0.7-1.el8sat?arch=noarch&epoch=1", }, }, }, ], category: "architecture", name: "noarch", }, { branches: [ { category: "product_version", name: "mosquitto-0:2.0.17-1.el8sat.x86_64", product: { name: "mosquitto-0:2.0.17-1.el8sat.x86_64", product_id: "mosquitto-0:2.0.17-1.el8sat.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mosquitto@2.0.17-1.el8sat?arch=x86_64", }, }, }, { category: "product_version", name: "mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", product: { name: "mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", product_id: "mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mosquitto-debugsource@2.0.17-1.el8sat?arch=x86_64", }, }, }, { category: "product_version", name: "mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", product: { name: "mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", product_id: "mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mosquitto-debuginfo@2.0.17-1.el8sat?arch=x86_64", }, }, }, { category: "product_version", name: "puppet-agent-0:7.27.0-1.el8sat.x86_64", product: { name: "puppet-agent-0:7.27.0-1.el8sat.x86_64", product_id: "puppet-agent-0:7.27.0-1.el8sat.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/puppet-agent@7.27.0-1.el8sat?arch=x86_64", }, }, }, { category: "product_version", name: "rubygem-google-protobuf-0:3.24.3-1.el8sat.x86_64", product: { name: "rubygem-google-protobuf-0:3.24.3-1.el8sat.x86_64", product_id: "rubygem-google-protobuf-0:3.24.3-1.el8sat.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/rubygem-google-protobuf@3.24.3-1.el8sat?arch=x86_64", }, }, }, { category: "product_version", name: "rubygem-google-protobuf-debugsource-0:3.24.3-1.el8sat.x86_64", product: { name: "rubygem-google-protobuf-debugsource-0:3.24.3-1.el8sat.x86_64", product_id: "rubygem-google-protobuf-debugsource-0:3.24.3-1.el8sat.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/rubygem-google-protobuf-debugsource@3.24.3-1.el8sat?arch=x86_64", }, }, }, { category: "product_version", name: "rubygem-google-protobuf-debuginfo-0:3.24.3-1.el8sat.x86_64", product: { name: "rubygem-google-protobuf-debuginfo-0:3.24.3-1.el8sat.x86_64", product_id: "rubygem-google-protobuf-debuginfo-0:3.24.3-1.el8sat.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/rubygem-google-protobuf-debuginfo@3.24.3-1.el8sat?arch=x86_64", }, }, }, { category: "product_version", name: "rubygem-grpc-0:1.58.0-1.el8sat.x86_64", product: { name: "rubygem-grpc-0:1.58.0-1.el8sat.x86_64", product_id: "rubygem-grpc-0:1.58.0-1.el8sat.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/rubygem-grpc@1.58.0-1.el8sat?arch=x86_64", }, }, }, { category: "product_version", name: "rubygem-puma-0:6.3.1-1.el8sat.x86_64", product: { name: "rubygem-puma-0:6.3.1-1.el8sat.x86_64", product_id: "rubygem-puma-0:6.3.1-1.el8sat.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/rubygem-puma@6.3.1-1.el8sat?arch=x86_64", }, }, }, { category: "product_version", name: "rubygem-puma-debugsource-0:6.3.1-1.el8sat.x86_64", product: { name: "rubygem-puma-debugsource-0:6.3.1-1.el8sat.x86_64", product_id: "rubygem-puma-debugsource-0:6.3.1-1.el8sat.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/rubygem-puma-debugsource@6.3.1-1.el8sat?arch=x86_64", }, }, }, { category: "product_version", name: "rubygem-puma-debuginfo-0:6.3.1-1.el8sat.x86_64", product: { name: "rubygem-puma-debuginfo-0:6.3.1-1.el8sat.x86_64", product_id: "rubygem-puma-debuginfo-0:6.3.1-1.el8sat.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/rubygem-puma-debuginfo@6.3.1-1.el8sat?arch=x86_64", }, }, }, { category: "product_version", name: "satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.x86_64", product: { name: "satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.x86_64", product_id: "satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/satellite-convert2rhel-toolkit@1.0.1-1.el8sat?arch=x86_64", }, }, }, ], category: "architecture", name: "x86_64", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "foreman-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.noarch", }, product_reference: "foreman-0:3.7.0.11-2.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.14-capsule", }, { category: "default_component_of", full_product_name: { name: "foreman-0:3.7.0.11-2.el8sat.src as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.src", }, product_reference: "foreman-0:3.7.0.11-2.el8sat.src", relates_to_product_reference: "8Base-satellite-6.14-capsule", }, { category: "default_component_of", full_product_name: { name: "foreman-cli-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14-capsule:foreman-cli-0:3.7.0.11-2.el8sat.noarch", }, product_reference: "foreman-cli-0:3.7.0.11-2.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.14-capsule", }, { category: "default_component_of", full_product_name: { name: "foreman-debug-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14-capsule:foreman-debug-0:3.7.0.11-2.el8sat.noarch", }, product_reference: "foreman-debug-0:3.7.0.11-2.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.14-capsule", }, { category: "default_component_of", full_product_name: { name: "foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14-capsule:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", }, product_reference: "foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.14-capsule", }, { category: "default_component_of", full_product_name: { name: "foreman-ec2-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14-capsule:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", }, product_reference: "foreman-ec2-0:3.7.0.11-2.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.14-capsule", }, { category: "default_component_of", full_product_name: { name: "foreman-installer-1:3.7.0.7-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.noarch", }, product_reference: "foreman-installer-1:3.7.0.7-1.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.14-capsule", }, { category: "default_component_of", full_product_name: { name: "foreman-installer-1:3.7.0.7-1.el8sat.src as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.src", }, product_reference: "foreman-installer-1:3.7.0.7-1.el8sat.src", relates_to_product_reference: "8Base-satellite-6.14-capsule", }, { category: "default_component_of", full_product_name: { name: "foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14-capsule:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", }, product_reference: "foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.14-capsule", }, { category: "default_component_of", full_product_name: { name: "foreman-journald-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14-capsule:foreman-journald-0:3.7.0.11-2.el8sat.noarch", }, product_reference: "foreman-journald-0:3.7.0.11-2.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.14-capsule", }, { category: "default_component_of", full_product_name: { name: "foreman-libvirt-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14-capsule:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", }, product_reference: "foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.14-capsule", }, { category: "default_component_of", full_product_name: { name: "foreman-openstack-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14-capsule:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", }, product_reference: "foreman-openstack-0:3.7.0.11-2.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.14-capsule", }, { category: "default_component_of", full_product_name: { name: "foreman-ovirt-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14-capsule:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", }, product_reference: "foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.14-capsule", }, { category: "default_component_of", full_product_name: { name: "foreman-postgresql-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14-capsule:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", }, product_reference: "foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.14-capsule", }, { category: "default_component_of", full_product_name: { name: "foreman-redis-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14-capsule:foreman-redis-0:3.7.0.11-2.el8sat.noarch", }, product_reference: "foreman-redis-0:3.7.0.11-2.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.14-capsule", }, { category: "default_component_of", full_product_name: { name: "foreman-service-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14-capsule:foreman-service-0:3.7.0.11-2.el8sat.noarch", }, product_reference: "foreman-service-0:3.7.0.11-2.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.14-capsule", }, { category: "default_component_of", full_product_name: { name: "foreman-telemetry-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14-capsule:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", }, product_reference: "foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.14-capsule", }, { category: "default_component_of", full_product_name: { name: "foreman-vmware-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14-capsule:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", }, product_reference: "foreman-vmware-0:3.7.0.11-2.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.14-capsule", }, { category: "default_component_of", full_product_name: { name: "mosquitto-0:2.0.17-1.el8sat.src as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.src", }, product_reference: "mosquitto-0:2.0.17-1.el8sat.src", relates_to_product_reference: "8Base-satellite-6.14-capsule", }, { category: "default_component_of", full_product_name: { name: "mosquitto-0:2.0.17-1.el8sat.x86_64 as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64", }, product_reference: "mosquitto-0:2.0.17-1.el8sat.x86_64", relates_to_product_reference: "8Base-satellite-6.14-capsule", }, { category: "default_component_of", full_product_name: { name: "mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64 as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", }, product_reference: "mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", relates_to_product_reference: "8Base-satellite-6.14-capsule", }, { category: "default_component_of", full_product_name: { name: "mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64 as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", }, product_reference: "mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", relates_to_product_reference: "8Base-satellite-6.14-capsule", }, { category: "default_component_of", full_product_name: { name: "puppet-agent-0:7.27.0-1.el8sat.src as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.src", }, product_reference: "puppet-agent-0:7.27.0-1.el8sat.src", relates_to_product_reference: "8Base-satellite-6.14-capsule", }, { category: "default_component_of", full_product_name: { name: "puppet-agent-0:7.27.0-1.el8sat.x86_64 as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.x86_64", }, product_reference: "puppet-agent-0:7.27.0-1.el8sat.x86_64", relates_to_product_reference: "8Base-satellite-6.14-capsule", }, { category: "default_component_of", full_product_name: { name: "puppetserver-0:7.14.0-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.noarch", }, product_reference: "puppetserver-0:7.14.0-1.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.14-capsule", }, { category: "default_component_of", full_product_name: { name: "puppetserver-0:7.14.0-1.el8sat.src as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.src", }, product_reference: "puppetserver-0:7.14.0-1.el8sat.src", relates_to_product_reference: "8Base-satellite-6.14-capsule", }, { category: "default_component_of", full_product_name: { name: "python-pulp-container-0:2.14.11-1.el8pc.src as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14-capsule:python-pulp-container-0:2.14.11-1.el8pc.src", }, product_reference: "python-pulp-container-0:2.14.11-1.el8pc.src", relates_to_product_reference: "8Base-satellite-6.14-capsule", }, { category: "default_component_of", full_product_name: { name: "python39-pulp-container-0:2.14.11-1.el8pc.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch", }, product_reference: "python39-pulp-container-0:2.14.11-1.el8pc.noarch", relates_to_product_reference: "8Base-satellite-6.14-capsule", }, { category: "default_component_of", full_product_name: { name: "rubygem-kafo-0:7.2.0-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.noarch", }, product_reference: "rubygem-kafo-0:7.2.0-1.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.14-capsule", }, { category: "default_component_of", full_product_name: { name: "rubygem-kafo-0:7.2.0-1.el8sat.src as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.src", }, product_reference: "rubygem-kafo-0:7.2.0-1.el8sat.src", relates_to_product_reference: "8Base-satellite-6.14-capsule", }, { category: "default_component_of", full_product_name: { name: "satellite-0:6.14.2-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.noarch", }, product_reference: "satellite-0:6.14.2-1.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.14-capsule", }, { category: "default_component_of", full_product_name: { name: "satellite-0:6.14.2-1.el8sat.src as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.src", }, product_reference: "satellite-0:6.14.2-1.el8sat.src", relates_to_product_reference: "8Base-satellite-6.14-capsule", }, { category: "default_component_of", full_product_name: { name: "satellite-capsule-0:6.14.2-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14-capsule:satellite-capsule-0:6.14.2-1.el8sat.noarch", }, product_reference: "satellite-capsule-0:6.14.2-1.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.14-capsule", }, { category: "default_component_of", full_product_name: { name: "satellite-cli-0:6.14.2-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14-capsule:satellite-cli-0:6.14.2-1.el8sat.noarch", }, product_reference: "satellite-cli-0:6.14.2-1.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.14-capsule", }, { category: "default_component_of", full_product_name: { name: "satellite-common-0:6.14.2-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14-capsule:satellite-common-0:6.14.2-1.el8sat.noarch", }, product_reference: "satellite-common-0:6.14.2-1.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.14-capsule", }, { category: "default_component_of", full_product_name: { name: "foreman-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.noarch", }, product_reference: "foreman-0:3.7.0.11-2.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.14-utils", }, { category: "default_component_of", full_product_name: { name: "foreman-0:3.7.0.11-2.el8sat.src as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.src", }, product_reference: "foreman-0:3.7.0.11-2.el8sat.src", relates_to_product_reference: "8Base-satellite-6.14-utils", }, { category: "default_component_of", full_product_name: { name: "foreman-cli-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14-utils:foreman-cli-0:3.7.0.11-2.el8sat.noarch", }, product_reference: "foreman-cli-0:3.7.0.11-2.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.14-utils", }, { category: "default_component_of", full_product_name: { name: "foreman-debug-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14-utils:foreman-debug-0:3.7.0.11-2.el8sat.noarch", }, product_reference: "foreman-debug-0:3.7.0.11-2.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.14-utils", }, { category: "default_component_of", full_product_name: { name: "foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14-utils:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", }, product_reference: "foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.14-utils", }, { category: "default_component_of", full_product_name: { name: "foreman-ec2-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14-utils:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", }, product_reference: "foreman-ec2-0:3.7.0.11-2.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.14-utils", }, { category: "default_component_of", full_product_name: { name: "foreman-journald-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14-utils:foreman-journald-0:3.7.0.11-2.el8sat.noarch", }, product_reference: "foreman-journald-0:3.7.0.11-2.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.14-utils", }, { category: "default_component_of", full_product_name: { name: "foreman-libvirt-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14-utils:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", }, product_reference: "foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.14-utils", }, { category: "default_component_of", full_product_name: { name: "foreman-openstack-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14-utils:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", }, product_reference: "foreman-openstack-0:3.7.0.11-2.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.14-utils", }, { category: "default_component_of", full_product_name: { name: "foreman-ovirt-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14-utils:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", }, product_reference: "foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.14-utils", }, { category: "default_component_of", full_product_name: { name: "foreman-postgresql-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14-utils:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", }, product_reference: "foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.14-utils", }, { category: "default_component_of", full_product_name: { name: "foreman-redis-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14-utils:foreman-redis-0:3.7.0.11-2.el8sat.noarch", }, product_reference: "foreman-redis-0:3.7.0.11-2.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.14-utils", }, { category: "default_component_of", full_product_name: { name: "foreman-service-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14-utils:foreman-service-0:3.7.0.11-2.el8sat.noarch", }, product_reference: "foreman-service-0:3.7.0.11-2.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.14-utils", }, { category: "default_component_of", full_product_name: { name: "foreman-telemetry-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14-utils:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", }, product_reference: "foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.14-utils", }, { category: "default_component_of", full_product_name: { name: "foreman-vmware-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14-utils:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", }, product_reference: "foreman-vmware-0:3.7.0.11-2.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.14-utils", }, { category: "default_component_of", full_product_name: { name: "satellite-0:6.14.2-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.noarch", }, product_reference: "satellite-0:6.14.2-1.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.14-utils", }, { category: "default_component_of", full_product_name: { name: "satellite-0:6.14.2-1.el8sat.src as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.src", }, product_reference: "satellite-0:6.14.2-1.el8sat.src", relates_to_product_reference: "8Base-satellite-6.14-utils", }, { category: "default_component_of", full_product_name: { name: "satellite-capsule-0:6.14.2-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14-utils:satellite-capsule-0:6.14.2-1.el8sat.noarch", }, product_reference: "satellite-capsule-0:6.14.2-1.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.14-utils", }, { category: "default_component_of", full_product_name: { name: "satellite-cli-0:6.14.2-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14-utils:satellite-cli-0:6.14.2-1.el8sat.noarch", }, product_reference: "satellite-cli-0:6.14.2-1.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.14-utils", }, { category: "default_component_of", full_product_name: { name: "satellite-common-0:6.14.2-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14-utils:satellite-common-0:6.14.2-1.el8sat.noarch", }, product_reference: "satellite-common-0:6.14.2-1.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.14-utils", }, { category: "default_component_of", full_product_name: { name: "candlepin-0:4.3.11-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.noarch", }, product_reference: "candlepin-0:4.3.11-1.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.14", }, { category: "default_component_of", full_product_name: { name: "candlepin-0:4.3.11-1.el8sat.src as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.src", }, product_reference: "candlepin-0:4.3.11-1.el8sat.src", relates_to_product_reference: "8Base-satellite-6.14", }, { category: "default_component_of", full_product_name: { name: "candlepin-selinux-0:4.3.11-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14:candlepin-selinux-0:4.3.11-1.el8sat.noarch", }, product_reference: "candlepin-selinux-0:4.3.11-1.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.14", }, { category: "default_component_of", full_product_name: { name: "foreman-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.noarch", }, product_reference: "foreman-0:3.7.0.11-2.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.14", }, { category: "default_component_of", full_product_name: { name: "foreman-0:3.7.0.11-2.el8sat.src as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.src", }, product_reference: "foreman-0:3.7.0.11-2.el8sat.src", relates_to_product_reference: "8Base-satellite-6.14", }, { category: "default_component_of", full_product_name: { name: "foreman-cli-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14:foreman-cli-0:3.7.0.11-2.el8sat.noarch", }, product_reference: "foreman-cli-0:3.7.0.11-2.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.14", }, { category: "default_component_of", full_product_name: { name: "foreman-debug-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14:foreman-debug-0:3.7.0.11-2.el8sat.noarch", }, product_reference: "foreman-debug-0:3.7.0.11-2.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.14", }, { category: "default_component_of", full_product_name: { name: "foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", }, product_reference: "foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.14", }, { category: "default_component_of", full_product_name: { name: "foreman-ec2-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", }, product_reference: "foreman-ec2-0:3.7.0.11-2.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.14", }, { category: "default_component_of", full_product_name: { name: "foreman-installer-1:3.7.0.7-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.noarch", }, product_reference: "foreman-installer-1:3.7.0.7-1.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.14", }, { category: "default_component_of", full_product_name: { name: "foreman-installer-1:3.7.0.7-1.el8sat.src as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.src", }, product_reference: "foreman-installer-1:3.7.0.7-1.el8sat.src", relates_to_product_reference: "8Base-satellite-6.14", }, { category: "default_component_of", full_product_name: { name: "foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", }, product_reference: "foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.14", }, { category: "default_component_of", full_product_name: { name: "foreman-journald-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14:foreman-journald-0:3.7.0.11-2.el8sat.noarch", }, product_reference: "foreman-journald-0:3.7.0.11-2.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.14", }, { category: "default_component_of", full_product_name: { name: "foreman-libvirt-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", }, product_reference: "foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.14", }, { category: "default_component_of", full_product_name: { name: "foreman-openstack-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", }, product_reference: "foreman-openstack-0:3.7.0.11-2.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.14", }, { category: "default_component_of", full_product_name: { name: "foreman-ovirt-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", }, product_reference: "foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.14", }, { category: "default_component_of", full_product_name: { name: "foreman-postgresql-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", }, product_reference: "foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.14", }, { category: "default_component_of", full_product_name: { name: "foreman-redis-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14:foreman-redis-0:3.7.0.11-2.el8sat.noarch", }, product_reference: "foreman-redis-0:3.7.0.11-2.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.14", }, { category: "default_component_of", full_product_name: { name: "foreman-service-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14:foreman-service-0:3.7.0.11-2.el8sat.noarch", }, product_reference: "foreman-service-0:3.7.0.11-2.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.14", }, { category: "default_component_of", full_product_name: { name: "foreman-telemetry-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", }, product_reference: "foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.14", }, { category: "default_component_of", full_product_name: { name: "foreman-vmware-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", }, product_reference: "foreman-vmware-0:3.7.0.11-2.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.14", }, { category: "default_component_of", full_product_name: { name: "mosquitto-0:2.0.17-1.el8sat.src as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.src", }, product_reference: "mosquitto-0:2.0.17-1.el8sat.src", relates_to_product_reference: "8Base-satellite-6.14", }, { category: "default_component_of", full_product_name: { name: "mosquitto-0:2.0.17-1.el8sat.x86_64 as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.x86_64", }, product_reference: "mosquitto-0:2.0.17-1.el8sat.x86_64", relates_to_product_reference: "8Base-satellite-6.14", }, { category: "default_component_of", full_product_name: { name: "mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64 as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", }, product_reference: "mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", relates_to_product_reference: "8Base-satellite-6.14", }, { category: "default_component_of", full_product_name: { name: "mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64 as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", }, product_reference: "mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", relates_to_product_reference: "8Base-satellite-6.14", }, { category: "default_component_of", full_product_name: { name: "puppet-agent-0:7.27.0-1.el8sat.src as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.src", }, product_reference: "puppet-agent-0:7.27.0-1.el8sat.src", relates_to_product_reference: "8Base-satellite-6.14", }, { category: "default_component_of", full_product_name: { name: "puppet-agent-0:7.27.0-1.el8sat.x86_64 as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.x86_64", }, product_reference: "puppet-agent-0:7.27.0-1.el8sat.x86_64", relates_to_product_reference: "8Base-satellite-6.14", }, { category: "default_component_of", full_product_name: { name: "puppetserver-0:7.14.0-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.noarch", }, product_reference: "puppetserver-0:7.14.0-1.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.14", }, { category: "default_component_of", full_product_name: { name: "puppetserver-0:7.14.0-1.el8sat.src as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.src", }, product_reference: "puppetserver-0:7.14.0-1.el8sat.src", relates_to_product_reference: "8Base-satellite-6.14", }, { category: "default_component_of", full_product_name: { name: "python-pulp-container-0:2.14.11-1.el8pc.src as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14:python-pulp-container-0:2.14.11-1.el8pc.src", }, product_reference: "python-pulp-container-0:2.14.11-1.el8pc.src", relates_to_product_reference: "8Base-satellite-6.14", }, { category: "default_component_of", full_product_name: { name: "python39-pulp-container-0:2.14.11-1.el8pc.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14:python39-pulp-container-0:2.14.11-1.el8pc.noarch", }, product_reference: "python39-pulp-container-0:2.14.11-1.el8pc.noarch", relates_to_product_reference: "8Base-satellite-6.14", }, { category: "default_component_of", full_product_name: { name: "rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.noarch", }, product_reference: "rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.14", }, { category: "default_component_of", full_product_name: { name: "rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.src as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.src", }, product_reference: "rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.src", relates_to_product_reference: "8Base-satellite-6.14", }, { category: "default_component_of", full_product_name: { name: "rubygem-google-protobuf-0:3.24.3-1.el8sat.src as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.src", }, product_reference: "rubygem-google-protobuf-0:3.24.3-1.el8sat.src", relates_to_product_reference: "8Base-satellite-6.14", }, { category: "default_component_of", full_product_name: { name: "rubygem-google-protobuf-0:3.24.3-1.el8sat.x86_64 as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.x86_64", }, product_reference: "rubygem-google-protobuf-0:3.24.3-1.el8sat.x86_64", relates_to_product_reference: "8Base-satellite-6.14", }, { category: "default_component_of", full_product_name: { name: "rubygem-google-protobuf-debuginfo-0:3.24.3-1.el8sat.x86_64 as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14:rubygem-google-protobuf-debuginfo-0:3.24.3-1.el8sat.x86_64", }, product_reference: "rubygem-google-protobuf-debuginfo-0:3.24.3-1.el8sat.x86_64", relates_to_product_reference: "8Base-satellite-6.14", }, { category: "default_component_of", full_product_name: { name: "rubygem-google-protobuf-debugsource-0:3.24.3-1.el8sat.x86_64 as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14:rubygem-google-protobuf-debugsource-0:3.24.3-1.el8sat.x86_64", }, product_reference: "rubygem-google-protobuf-debugsource-0:3.24.3-1.el8sat.x86_64", relates_to_product_reference: "8Base-satellite-6.14", }, { category: "default_component_of", full_product_name: { name: "rubygem-grpc-0:1.58.0-1.el8sat.src as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.src", }, product_reference: "rubygem-grpc-0:1.58.0-1.el8sat.src", relates_to_product_reference: "8Base-satellite-6.14", }, { category: "default_component_of", full_product_name: { name: "rubygem-grpc-0:1.58.0-1.el8sat.x86_64 as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.x86_64", }, product_reference: "rubygem-grpc-0:1.58.0-1.el8sat.x86_64", relates_to_product_reference: "8Base-satellite-6.14", }, { category: "default_component_of", full_product_name: { name: "rubygem-kafo-0:7.2.0-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.noarch", }, product_reference: "rubygem-kafo-0:7.2.0-1.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.14", }, { category: "default_component_of", full_product_name: { name: "rubygem-kafo-0:7.2.0-1.el8sat.src as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.src", }, product_reference: "rubygem-kafo-0:7.2.0-1.el8sat.src", relates_to_product_reference: "8Base-satellite-6.14", }, { category: "default_component_of", full_product_name: { name: "rubygem-katello-0:4.9.0.21-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.noarch", }, product_reference: "rubygem-katello-0:4.9.0.21-1.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.14", }, { category: "default_component_of", full_product_name: { name: "rubygem-katello-0:4.9.0.21-1.el8sat.src as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.src", }, product_reference: "rubygem-katello-0:4.9.0.21-1.el8sat.src", relates_to_product_reference: "8Base-satellite-6.14", }, { category: "default_component_of", full_product_name: { name: "rubygem-puma-0:6.3.1-1.el8sat.src as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.src", }, product_reference: "rubygem-puma-0:6.3.1-1.el8sat.src", relates_to_product_reference: "8Base-satellite-6.14", }, { category: "default_component_of", full_product_name: { name: "rubygem-puma-0:6.3.1-1.el8sat.x86_64 as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.x86_64", }, product_reference: "rubygem-puma-0:6.3.1-1.el8sat.x86_64", relates_to_product_reference: "8Base-satellite-6.14", }, { category: "default_component_of", full_product_name: { name: "rubygem-puma-debuginfo-0:6.3.1-1.el8sat.x86_64 as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14:rubygem-puma-debuginfo-0:6.3.1-1.el8sat.x86_64", }, product_reference: "rubygem-puma-debuginfo-0:6.3.1-1.el8sat.x86_64", relates_to_product_reference: "8Base-satellite-6.14", }, { category: "default_component_of", full_product_name: { name: "rubygem-puma-debugsource-0:6.3.1-1.el8sat.x86_64 as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14:rubygem-puma-debugsource-0:6.3.1-1.el8sat.x86_64", }, product_reference: "rubygem-puma-debugsource-0:6.3.1-1.el8sat.x86_64", relates_to_product_reference: "8Base-satellite-6.14", }, { category: "default_component_of", full_product_name: { name: "rubygem-sidekiq-0:6.5.12-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.noarch", }, product_reference: "rubygem-sidekiq-0:6.5.12-1.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.14", }, { category: "default_component_of", full_product_name: { name: "rubygem-sidekiq-0:6.5.12-1.el8sat.src as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.src", }, product_reference: "rubygem-sidekiq-0:6.5.12-1.el8sat.src", relates_to_product_reference: "8Base-satellite-6.14", }, { category: "default_component_of", full_product_name: { name: "satellite-0:6.14.2-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.noarch", }, product_reference: "satellite-0:6.14.2-1.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.14", }, { category: "default_component_of", full_product_name: { name: "satellite-0:6.14.2-1.el8sat.src as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.src", }, product_reference: "satellite-0:6.14.2-1.el8sat.src", relates_to_product_reference: "8Base-satellite-6.14", }, { category: "default_component_of", full_product_name: { name: "satellite-capsule-0:6.14.2-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14:satellite-capsule-0:6.14.2-1.el8sat.noarch", }, product_reference: "satellite-capsule-0:6.14.2-1.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.14", }, { category: "default_component_of", full_product_name: { name: "satellite-cli-0:6.14.2-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14:satellite-cli-0:6.14.2-1.el8sat.noarch", }, product_reference: "satellite-cli-0:6.14.2-1.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.14", }, { category: "default_component_of", full_product_name: { name: "satellite-common-0:6.14.2-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14:satellite-common-0:6.14.2-1.el8sat.noarch", }, product_reference: "satellite-common-0:6.14.2-1.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.14", }, { category: "default_component_of", full_product_name: { name: "satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.src as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.src", }, product_reference: "satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.src", relates_to_product_reference: "8Base-satellite-6.14", }, { category: "default_component_of", full_product_name: { name: "satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.x86_64 as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.x86_64", }, product_reference: "satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.x86_64", relates_to_product_reference: "8Base-satellite-6.14", }, ], }, vulnerabilities: [ { cve: "CVE-2023-0809", cwe: { id: "CWE-401", name: "Missing Release of Memory after Effective Lifetime", }, discovery_date: "2023-09-01T00:00:00+00:00", flags: [ { label: "vulnerable_code_not_present", product_ids: [ "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-capsule:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14-capsule:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14-capsule:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-utils:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-utils:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.src", "8Base-satellite-6.14:candlepin-selinux-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debuginfo-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debugsource-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debuginfo-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debugsource-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.src", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.src", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.x86_64", ], }, ], ids: [ { system_name: "Red Hat Bugzilla ID", text: "2236882", }, ], notes: [ { category: "description", text: "A memory leak vulnerability was found in Eclipse Mosquitto. This issue is triggered by malicious initial packets or certain client actions and may allow a remote attacker to the deplete system resources causing memory exhaustion, leading to a disruption in services and a denial of service condition.", title: "Vulnerability description", }, { category: "summary", text: "mosquitto: memory leak leads to unresponsive broker", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", ], known_not_affected: [ "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-capsule:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14-capsule:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14-capsule:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-utils:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-utils:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.src", "8Base-satellite-6.14:candlepin-selinux-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debuginfo-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debugsource-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debuginfo-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debugsource-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.src", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.src", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2023-0809", }, { category: "external", summary: "RHBZ#2236882", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2236882", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2023-0809", url: "https://www.cve.org/CVERecord?id=CVE-2023-0809", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2023-0809", url: "https://nvd.nist.gov/vuln/detail/CVE-2023-0809", }, { category: "external", summary: "https://github.com/eclipse/mosquitto/commit/6113eac95a9df634fbc858be542c4a0456bfe7b9", url: "https://github.com/eclipse/mosquitto/commit/6113eac95a9df634fbc858be542c4a0456bfe7b9", }, ], release_date: "2023-09-01T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-02-13T14:45:57+00:00", details: "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:0797", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-capsule:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14-capsule:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14-capsule:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-utils:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-utils:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.src", "8Base-satellite-6.14:candlepin-selinux-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debuginfo-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debugsource-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debuginfo-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debugsource-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.src", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.src", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "mosquitto: memory leak leads to unresponsive broker", }, { cve: "CVE-2023-3592", cwe: { id: "CWE-401", name: "Missing Release of Memory after Effective Lifetime", }, discovery_date: "2023-09-01T00:00:00+00:00", flags: [ { label: "vulnerable_code_not_present", product_ids: [ "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-capsule:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14-capsule:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14-capsule:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-utils:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-utils:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.src", "8Base-satellite-6.14:candlepin-selinux-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debuginfo-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debugsource-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debuginfo-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debugsource-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.src", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.src", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.x86_64", ], }, ], ids: [ { system_name: "Red Hat Bugzilla ID", text: "2236882", }, ], notes: [ { category: "description", text: "A memory leak vulnerability was found in Eclipse Mosquitto. This issue is triggered by malicious initial packets or certain client actions and may allow a remote attacker to the deplete system resources causing memory exhaustion, leading to a disruption in services and a denial of service condition.", title: "Vulnerability description", }, { category: "summary", text: "mosquitto: memory leak leads to unresponsive broker", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", ], known_not_affected: [ "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-capsule:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14-capsule:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14-capsule:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-utils:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-utils:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.src", "8Base-satellite-6.14:candlepin-selinux-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debuginfo-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debugsource-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debuginfo-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debugsource-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.src", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.src", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2023-3592", }, { category: "external", summary: "RHBZ#2236882", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2236882", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2023-3592", url: "https://www.cve.org/CVERecord?id=CVE-2023-3592", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2023-3592", url: "https://nvd.nist.gov/vuln/detail/CVE-2023-3592", }, { category: "external", summary: "https://github.com/eclipse/mosquitto/commit/6113eac95a9df634fbc858be542c4a0456bfe7b9", url: "https://github.com/eclipse/mosquitto/commit/6113eac95a9df634fbc858be542c4a0456bfe7b9", }, ], release_date: "2023-09-01T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-02-13T14:45:57+00:00", details: "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:0797", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-capsule:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14-capsule:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14-capsule:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-utils:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-utils:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.src", "8Base-satellite-6.14:candlepin-selinux-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debuginfo-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debugsource-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debuginfo-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debugsource-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.src", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.src", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "mosquitto: memory leak leads to unresponsive broker", }, { cve: "CVE-2023-4785", cwe: { id: "CWE-248", name: "Uncaught Exception", }, discovery_date: "2023-09-14T00:00:00+00:00", flags: [ { label: "vulnerable_code_not_present", product_ids: [ "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-capsule:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14-capsule:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14-capsule:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-utils:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-utils:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.src", "8Base-satellite-6.14:candlepin-selinux-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debuginfo-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debugsource-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debuginfo-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debugsource-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.src", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.src", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.x86_64", ], }, ], ids: [ { system_name: "Red Hat Bugzilla ID", text: "2239017", }, ], notes: [ { category: "description", text: "A flaw was found in gRPC. Lack of error handling in the TCP server in Google's gRPC, starting in version 1.23 on POSIX-compatible platforms (for example, Linux), allows an attacker to cause a denial of service by initiating a significant number of connections with the server. Note that gRPC C++, Python, and Ruby are affected, but gRPC Java and Go are NOT affected.", title: "Vulnerability description", }, { category: "summary", text: "gRPC: file descriptor exhaustion leads to denial of service", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.x86_64", ], known_not_affected: [ "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-capsule:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14-capsule:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14-capsule:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-utils:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-utils:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.src", "8Base-satellite-6.14:candlepin-selinux-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debuginfo-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debugsource-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debuginfo-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debugsource-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.src", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.src", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2023-4785", }, { category: "external", summary: "RHBZ#2239017", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2239017", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2023-4785", url: "https://www.cve.org/CVERecord?id=CVE-2023-4785", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2023-4785", url: "https://nvd.nist.gov/vuln/detail/CVE-2023-4785", }, { category: "external", summary: "https://github.com/advisories/GHSA-p25m-jpj4-qcrr", url: "https://github.com/advisories/GHSA-p25m-jpj4-qcrr", }, { category: "external", summary: "https://github.com/grpc/grpc/pull/33656", url: "https://github.com/grpc/grpc/pull/33656", }, { category: "external", summary: "https://github.com/grpc/grpc/pull/33667", url: "https://github.com/grpc/grpc/pull/33667", }, { category: "external", summary: "https://github.com/grpc/grpc/pull/33669", url: "https://github.com/grpc/grpc/pull/33669", }, { category: "external", summary: "https://github.com/grpc/grpc/pull/33670", url: "https://github.com/grpc/grpc/pull/33670", }, { category: "external", summary: "https://github.com/grpc/grpc/pull/33672", url: "https://github.com/grpc/grpc/pull/33672", }, ], release_date: "2023-09-14T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-02-13T14:45:57+00:00", details: "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:0797", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-capsule:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14-capsule:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14-capsule:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-utils:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-utils:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.src", "8Base-satellite-6.14:candlepin-selinux-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debuginfo-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debugsource-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debuginfo-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debugsource-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.src", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.src", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "gRPC: file descriptor exhaustion leads to denial of service", }, { cve: "CVE-2023-26049", cwe: { id: "CWE-1286", name: "Improper Validation of Syntactic Correctness of Input", }, discovery_date: "2023-08-30T00:00:00+00:00", flags: [ { label: "vulnerable_code_not_present", product_ids: [ "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-capsule:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14-capsule:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-utils:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-utils:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.src", "8Base-satellite-6.14:candlepin-selinux-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debuginfo-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debugsource-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debuginfo-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debugsource-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.src", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.src", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.x86_64", ], }, ], ids: [ { system_name: "Red Hat Bugzilla ID", text: "2236341", }, ], notes: [ { category: "description", text: "A flaw was found in the jetty-server package. Nonstandard cookie parsing in Jetty may allow an attacker to smuggle cookies within other cookies or otherwise perform unintended behavior by tampering with the cookie parsing mechanism.", title: "Vulnerability description", }, { category: "summary", text: "jetty-server: Cookie parsing of quoted values can exfiltrate values from other cookies", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.src", ], known_not_affected: [ "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-capsule:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14-capsule:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-utils:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-utils:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.src", "8Base-satellite-6.14:candlepin-selinux-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debuginfo-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debugsource-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debuginfo-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debugsource-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.src", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.src", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2023-26049", }, { category: "external", summary: "RHBZ#2236341", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2236341", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2023-26049", url: "https://www.cve.org/CVERecord?id=CVE-2023-26049", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2023-26049", url: "https://nvd.nist.gov/vuln/detail/CVE-2023-26049", }, { category: "external", summary: "https://github.com/eclipse/jetty.project/security/advisories/GHSA-p26g-97m4-6q7c", url: "https://github.com/eclipse/jetty.project/security/advisories/GHSA-p26g-97m4-6q7c", }, ], release_date: "2023-04-18T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-02-13T14:45:57+00:00", details: "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.src", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:0797", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5.3, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", version: "3.1", }, products: [ "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-capsule:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14-capsule:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14-capsule:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-utils:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-utils:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.src", "8Base-satellite-6.14:candlepin-selinux-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debuginfo-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debugsource-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debuginfo-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debugsource-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.src", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.src", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "jetty-server: Cookie parsing of quoted values can exfiltrate values from other cookies", }, { cve: "CVE-2023-26141", cwe: { id: "CWE-400", name: "Uncontrolled Resource Consumption", }, discovery_date: "2023-09-14T00:00:00+00:00", flags: [ { label: "vulnerable_code_not_present", product_ids: [ "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-capsule:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14-capsule:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14-capsule:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-utils:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-utils:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.src", "8Base-satellite-6.14:candlepin-selinux-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debuginfo-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debugsource-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debuginfo-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debugsource-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.src", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.x86_64", ], }, ], ids: [ { system_name: "Red Hat Bugzilla ID", text: "2239010", }, ], notes: [ { category: "description", text: "A denial of service vulnerability was found in Sidekiq. This flaw allows an attacker to manipulate the localStorage value in the dashboard-charts.js file and cause excessive polling requests.", title: "Vulnerability description", }, { category: "summary", text: "sidekiq: DoS in dashboard-charts", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.src", ], known_not_affected: [ "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-capsule:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14-capsule:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14-capsule:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-utils:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-utils:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.src", "8Base-satellite-6.14:candlepin-selinux-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debuginfo-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debugsource-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debuginfo-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debugsource-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.src", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2023-26141", }, { category: "external", summary: "RHBZ#2239010", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2239010", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2023-26141", url: "https://www.cve.org/CVERecord?id=CVE-2023-26141", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2023-26141", url: "https://nvd.nist.gov/vuln/detail/CVE-2023-26141", }, { category: "external", summary: "https://github.com/sidekiq/sidekiq/commit/62c90d7c5a7d8a378d79909859d87c2e0702bf89", url: "https://github.com/sidekiq/sidekiq/commit/62c90d7c5a7d8a378d79909859d87c2e0702bf89", }, ], release_date: "2023-09-14T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-02-13T14:45:57+00:00", details: "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.src", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:0797", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-capsule:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14-capsule:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14-capsule:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-utils:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-utils:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.src", "8Base-satellite-6.14:candlepin-selinux-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debuginfo-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debugsource-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debuginfo-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debugsource-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.src", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.src", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "sidekiq: DoS in dashboard-charts", }, { cve: "CVE-2023-28366", cwe: { id: "CWE-401", name: "Missing Release of Memory after Effective Lifetime", }, discovery_date: "2023-09-01T00:00:00+00:00", flags: [ { label: "vulnerable_code_not_present", product_ids: [ "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-capsule:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14-capsule:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14-capsule:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-utils:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-utils:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.src", "8Base-satellite-6.14:candlepin-selinux-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debuginfo-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debugsource-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debuginfo-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debugsource-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.src", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.src", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.x86_64", ], }, ], ids: [ { system_name: "Red Hat Bugzilla ID", text: "2236882", }, ], notes: [ { category: "description", text: "A memory leak vulnerability was found in Eclipse Mosquitto. This issue is triggered by malicious initial packets or certain client actions and may allow a remote attacker to the deplete system resources causing memory exhaustion, leading to a disruption in services and a denial of service condition.", title: "Vulnerability description", }, { category: "summary", text: "mosquitto: memory leak leads to unresponsive broker", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", ], known_not_affected: [ "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-capsule:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14-capsule:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14-capsule:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-utils:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-utils:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.src", "8Base-satellite-6.14:candlepin-selinux-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debuginfo-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debugsource-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debuginfo-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debugsource-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.src", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.src", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2023-28366", }, { category: "external", summary: "RHBZ#2236882", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2236882", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2023-28366", url: "https://www.cve.org/CVERecord?id=CVE-2023-28366", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2023-28366", url: "https://nvd.nist.gov/vuln/detail/CVE-2023-28366", }, { category: "external", summary: "https://github.com/eclipse/mosquitto/commit/6113eac95a9df634fbc858be542c4a0456bfe7b9", url: "https://github.com/eclipse/mosquitto/commit/6113eac95a9df634fbc858be542c4a0456bfe7b9", }, ], release_date: "2023-09-01T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-02-13T14:45:57+00:00", details: "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:0797", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-capsule:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14-capsule:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14-capsule:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-utils:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-utils:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.src", "8Base-satellite-6.14:candlepin-selinux-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debuginfo-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debugsource-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debuginfo-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debugsource-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.src", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.src", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "mosquitto: memory leak leads to unresponsive broker", }, { cve: "CVE-2023-36479", cwe: { id: "CWE-149", name: "Improper Neutralization of Quoting Syntax", }, discovery_date: "2023-09-19T00:00:00+00:00", flags: [ { label: "vulnerable_code_not_present", product_ids: [ "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-capsule:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14-capsule:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14-capsule:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-utils:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-utils:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debuginfo-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debugsource-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debuginfo-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debugsource-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.src", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.src", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.x86_64", ], }, ], ids: [ { system_name: "Red Hat Bugzilla ID", text: "2239630", }, ], notes: [ { category: "description", text: "A flaw was found in Jetty's CGI servlet which permits incorrect command execution in specific circumstances such as requests with certain characters in requested filenames. This issue could allow an attacker to run permitted commands other than the one requested.", title: "Vulnerability description", }, { category: "summary", text: "jetty: Improper addition of quotation marks to user inputs in CgiServlet", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.src", "8Base-satellite-6.14:candlepin-selinux-0:4.3.11-1.el8sat.noarch", ], known_not_affected: [ "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-capsule:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14-capsule:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14-capsule:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-utils:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-utils:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debuginfo-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debugsource-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debuginfo-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debugsource-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.src", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.src", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2023-36479", }, { category: "external", summary: "RHBZ#2239630", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2239630", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2023-36479", url: "https://www.cve.org/CVERecord?id=CVE-2023-36479", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2023-36479", url: "https://nvd.nist.gov/vuln/detail/CVE-2023-36479", }, ], release_date: "2023-09-19T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-02-13T14:45:57+00:00", details: "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.src", "8Base-satellite-6.14:candlepin-selinux-0:4.3.11-1.el8sat.noarch", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:0797", }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 3.5, baseSeverity: "LOW", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:N/I:L/A:N", version: "3.1", }, products: [ "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-capsule:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14-capsule:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14-capsule:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-utils:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-utils:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.src", "8Base-satellite-6.14:candlepin-selinux-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debuginfo-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debugsource-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debuginfo-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debugsource-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.src", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.src", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.x86_64", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "jetty: Improper addition of quotation marks to user inputs in CgiServlet", }, { acknowledgments: [ { names: [ "Jay Satiro", ], }, ], cve: "CVE-2023-38545", cwe: { id: "CWE-119", name: "Improper Restriction of Operations within the Bounds of a Memory Buffer", }, discovery_date: "2023-10-03T00:00:00+00:00", flags: [ { label: "vulnerable_code_not_present", product_ids: [ "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-capsule:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14-capsule:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14-capsule:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-utils:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-utils:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.src", "8Base-satellite-6.14:candlepin-selinux-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debuginfo-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debugsource-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debuginfo-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debugsource-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.src", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.src", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.x86_64", ], }, ], ids: [ { system_name: "Red Hat Bugzilla ID", text: "2241933", }, ], notes: [ { category: "description", text: "A heap-based buffer overflow flaw was found in the SOCKS5 proxy handshake in the Curl package. If Curl is unable to resolve the address itself, it passes the hostname to the SOCKS5 proxy. However, the maximum length of the hostname that can be passed is 255 bytes. If the hostname is longer, then Curl switches to the local name resolving and passes the resolved address only to the proxy. The local variable that instructs Curl to \"let the host resolve the name\" could obtain the wrong value during a slow SOCKS5 handshake, resulting in the too-long hostname being copied to the target buffer instead of the resolved address, which was not the intended behavior.", title: "Vulnerability description", }, { category: "summary", text: "curl: heap based buffer overflow in the SOCKS5 proxy handshake", title: "Vulnerability summary", }, { category: "other", text: "This flaw does not affect the versions of curl as shipped with Red Hat Enterprise Linux 6, 7, and 8.\n\nAn overflow is only possible in applications that do not set `CURLOPT_BUFFERSIZE`, or set it smaller than approximately 65kB. Since the curl tool sets `CURLOPT_BUFFERSIZE` to 100kB by default, it is not vulnerable unless rate limiting was set by the user to a size smaller than 65kB.\n\nKnowledgebase article:\n\nhttps://access.redhat.com/solutions/7045099", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.x86_64", ], known_not_affected: [ "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-capsule:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14-capsule:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14-capsule:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-utils:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-utils:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.src", "8Base-satellite-6.14:candlepin-selinux-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debuginfo-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debugsource-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debuginfo-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debugsource-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.src", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.src", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2023-38545", }, { category: "external", summary: "RHBZ#2241933", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2241933", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2023-38545", url: "https://www.cve.org/CVERecord?id=CVE-2023-38545", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2023-38545", url: "https://nvd.nist.gov/vuln/detail/CVE-2023-38545", }, { category: "external", summary: "https://curl.se/docs/CVE-2023-38545.html", url: "https://curl.se/docs/CVE-2023-38545.html", }, ], release_date: "2023-10-11T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-02-13T14:45:57+00:00", details: "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:0797", }, { category: "workaround", details: "To avoid this issue, we recommend you do not use `CURLPROXY_SOCKS5_HOSTNAME` proxies with curl. Also do not set a proxy environment variable to socks5h://", product_ids: [ "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-capsule:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14-capsule:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14-capsule:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-utils:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-utils:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.src", "8Base-satellite-6.14:candlepin-selinux-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debuginfo-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debugsource-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debuginfo-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debugsource-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.src", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.src", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.1, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-capsule:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14-capsule:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14-capsule:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-utils:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-utils:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.src", "8Base-satellite-6.14:candlepin-selinux-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debuginfo-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debugsource-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debuginfo-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debugsource-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.src", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.src", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.x86_64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "curl: heap based buffer overflow in the SOCKS5 proxy handshake", }, { cve: "CVE-2023-40167", cwe: { id: "CWE-130", name: "Improper Handling of Length Parameter Inconsistency", }, discovery_date: "2023-09-19T00:00:00+00:00", flags: [ { label: "vulnerable_code_not_present", product_ids: [ "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-capsule:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14-capsule:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14-capsule:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-utils:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-utils:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debuginfo-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debugsource-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debuginfo-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debugsource-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.src", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.src", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.x86_64", ], }, ], ids: [ { system_name: "Red Hat Bugzilla ID", text: "2239634", }, ], notes: [ { category: "description", text: "A flaw was found in Jetty that permits a plus sign (+) preceding the content-length value in a HTTP/1 header field, which is non-standard and more permissive than RFC. This issue could allow an attacker to request smuggling in conjunction with a server that does not close connections after 400 responses.", title: "Vulnerability description", }, { category: "summary", text: "jetty: Improper validation of HTTP/1 content-length", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.src", "8Base-satellite-6.14:candlepin-selinux-0:4.3.11-1.el8sat.noarch", ], known_not_affected: [ "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-capsule:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14-capsule:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14-capsule:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-utils:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-utils:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debuginfo-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debugsource-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debuginfo-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debugsource-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.src", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.src", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2023-40167", }, { category: "external", summary: "RHBZ#2239634", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2239634", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2023-40167", url: "https://www.cve.org/CVERecord?id=CVE-2023-40167", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2023-40167", url: "https://nvd.nist.gov/vuln/detail/CVE-2023-40167", }, { category: "external", summary: "https://github.com/eclipse/jetty.project/security/advisories/GHSA-hmr7-m48g-48f6", url: "https://github.com/eclipse/jetty.project/security/advisories/GHSA-hmr7-m48g-48f6", }, { category: "external", summary: "https://www.rfc-editor.org/rfc/rfc9110#section-8.6", url: "https://www.rfc-editor.org/rfc/rfc9110#section-8.6", }, ], release_date: "2023-09-19T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-02-13T14:45:57+00:00", details: "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.src", "8Base-satellite-6.14:candlepin-selinux-0:4.3.11-1.el8sat.noarch", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:0797", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5.3, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", version: "3.1", }, products: [ "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-capsule:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14-capsule:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14-capsule:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-utils:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-utils:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.src", "8Base-satellite-6.14:candlepin-selinux-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debuginfo-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debugsource-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debuginfo-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debugsource-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.src", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.src", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "jetty: Improper validation of HTTP/1 content-length", }, { cve: "CVE-2023-40175", cwe: { id: "CWE-444", name: "Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling')", }, discovery_date: "2023-08-18T00:00:00+00:00", flags: [ { label: "vulnerable_code_not_present", product_ids: [ "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-capsule:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14-capsule:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14-capsule:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-utils:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-utils:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.src", "8Base-satellite-6.14:candlepin-selinux-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debuginfo-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debugsource-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.src", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.src", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.src", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.x86_64", ], }, ], ids: [ { system_name: "Red Hat Bugzilla ID", text: "2232729", }, ], notes: [ { category: "description", text: "An HTTP request smuggling attack vulnerability was found in Rubygem Puma. This flaw allows an attacker to gain unauthorized access to sensitive data due to an inconsistent interpretation of HTTP requests.", title: "Vulnerability description", }, { category: "summary", text: "rubygem-puma: HTTP request smuggling when parsing chunked transfer encoding bodies and zero-length content-length headers", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debuginfo-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debugsource-0:6.3.1-1.el8sat.x86_64", ], known_not_affected: [ "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-capsule:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14-capsule:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14-capsule:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-utils:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-utils:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.src", "8Base-satellite-6.14:candlepin-selinux-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debuginfo-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debugsource-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.src", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.src", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.src", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2023-40175", }, { category: "external", summary: "RHBZ#2232729", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2232729", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2023-40175", url: "https://www.cve.org/CVERecord?id=CVE-2023-40175", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2023-40175", url: "https://nvd.nist.gov/vuln/detail/CVE-2023-40175", }, { category: "external", summary: "https://github.com/puma/puma/security/advisories/GHSA-68xg-gqqm-vgj8", url: "https://github.com/puma/puma/security/advisories/GHSA-68xg-gqqm-vgj8", }, ], release_date: "2023-08-18T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-02-13T14:45:57+00:00", details: "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debuginfo-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debugsource-0:6.3.1-1.el8sat.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:0797", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 7.3, baseSeverity: "HIGH", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", version: "3.1", }, products: [ "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-capsule:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14-capsule:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14-capsule:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-utils:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-utils:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.src", "8Base-satellite-6.14:candlepin-selinux-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debuginfo-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debugsource-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debuginfo-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debugsource-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.src", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.src", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "rubygem-puma: HTTP request smuggling when parsing chunked transfer encoding bodies and zero-length content-length headers", }, ], }
rhsa-2024:1061
Vulnerability from csaf_redhat
Published
2024-02-29 20:37
Modified
2025-04-09 22:22
Summary
Red Hat Security Advisory: Red Hat Satellite 6 security and bug fix update
Notes
Topic
An update is now available for Red Hat Satellite 6.13 for RHEL 8.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat Satellite is a system management solution that allows organizations to
configure and maintain their systems without the necessity to provide public
Internet access to their servers or other client systems. It performs
provisioning and configuration management of predefined standard operating
environments.
Security Fix(es):
* satellite: Blind SSRF via Referer header (CVE-2022-4130)
* mosquitto: memory leak leads to unresponsive broker (CVE-2023-0809, CVE-2023-28366, CVE-2023-3592)
* foreman: World readable file containing secrets (CVE-2023-4886)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Bug Fix(es):
* Long running postgres threads during content-export (BZ#2257299)
* After upstream repo switched to zst compression, Satellite 6.12.5.1 unable to sync (BZ#2257300)
* Actions::ForemanLeapp::PreupgradeJob fails with null value in column "preupgrade_report_id" violates not-null constraint when run with non-admin user (BZ#2257302)
* Puppet reports without any messages don't get an origin (BZ#2257314)
* Provisioning vm host fails with error "Failed to attach ISO image to CDROM drive of instance client.example.com: InvalidPowerState: The attempted operation cannot be performed in the current state (Powered on)". (BZ#2257316)
* [Improvement] RefreshRepos step in Capsule Sync to refresh just repos to sync (BZ#2260526)
* Support Satellite Clone running on Python 3.12 (BZ#2264354)
* Support Satellite Ansible Collection running on Python 3.12 (BZ#2264918)
* Unable to sync library/busybox from gcr.io (BZ#2265149)
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Moderate", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "An update is now available for Red Hat Satellite 6.13 for RHEL 8.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", title: "Topic", }, { category: "general", text: "Red Hat Satellite is a system management solution that allows organizations to\nconfigure and maintain their systems without the necessity to provide public\nInternet access to their servers or other client systems. It performs\nprovisioning and configuration management of predefined standard operating\nenvironments.\n\nSecurity Fix(es):\n\n* satellite: Blind SSRF via Referer header (CVE-2022-4130)\n\n* mosquitto: memory leak leads to unresponsive broker (CVE-2023-0809, CVE-2023-28366, CVE-2023-3592)\n\n* foreman: World readable file containing secrets (CVE-2023-4886)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nBug Fix(es):\n\n* Long running postgres threads during content-export (BZ#2257299)\n\n* After upstream repo switched to zst compression, Satellite 6.12.5.1 unable to sync (BZ#2257300)\n\n* Actions::ForemanLeapp::PreupgradeJob fails with null value in column \"preupgrade_report_id\" violates not-null constraint when run with non-admin user (BZ#2257302)\n\n* Puppet reports without any messages don't get an origin (BZ#2257314)\n\n* Provisioning vm host fails with error \"Failed to attach ISO image to CDROM drive of instance client.example.com: InvalidPowerState: The attempted operation cannot be performed in the current state (Powered on)\". (BZ#2257316)\n\n* [Improvement] RefreshRepos step in Capsule Sync to refresh just repos to sync (BZ#2260526)\n\n* Support Satellite Clone running on Python 3.12 (BZ#2264354)\n\n* Support Satellite Ansible Collection running on Python 3.12 (BZ#2264918)\n\n* Unable to sync library/busybox from gcr.io (BZ#2265149)", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2024:1061", url: "https://access.redhat.com/errata/RHSA-2024:1061", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#moderate", url: "https://access.redhat.com/security/updates/classification/#moderate", }, { category: "external", summary: "https://access.redhat.com/documentation/en-us/red_hat_satellite/6.13/html/upgrading_and_updating_red_hat_satellite/index", url: "https://access.redhat.com/documentation/en-us/red_hat_satellite/6.13/html/upgrading_and_updating_red_hat_satellite/index", }, { category: "external", summary: "https://access.redhat.com/security/vulnerabilities/RHSB-2023-003", url: "https://access.redhat.com/security/vulnerabilities/RHSB-2023-003", }, { category: "external", summary: "2145254", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2145254", }, { category: "external", summary: "2230135", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2230135", }, { category: "external", summary: "2236882", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2236882", }, { category: "external", summary: "2257299", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2257299", }, { category: "external", summary: "2257300", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2257300", }, { category: "external", summary: "2257302", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2257302", }, { category: "external", summary: "2257314", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2257314", }, { category: "external", summary: "2257316", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2257316", }, { category: "external", summary: "2260526", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2260526", }, { category: "external", summary: "2264354", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2264354", }, { category: "external", summary: "2264918", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2264918", }, { category: "external", summary: "2265149", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2265149", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_1061.json", }, ], title: "Red Hat Security Advisory: Red Hat Satellite 6 security and bug fix update", tracking: { current_release_date: "2025-04-09T22:22:35+00:00", generator: { date: "2025-04-09T22:22:35+00:00", engine: { name: "Red Hat SDEngine", version: "4.4.2", }, }, id: "RHSA-2024:1061", initial_release_date: "2024-02-29T20:37:45+00:00", revision_history: [ { date: "2024-02-29T20:37:45+00:00", number: "1", summary: "Initial version", }, { date: "2024-02-29T20:37:45+00:00", number: "2", summary: "Last updated version", }, { date: "2025-04-09T22:22:35+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat Satellite 6.13 for RHEL 8", product: { name: "Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13", product_identification_helper: { cpe: "cpe:/a:redhat:satellite:6.13::el8", }, }, }, { category: "product_name", name: "Red Hat Satellite 6.13 for RHEL 8", product: { name: "Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13-capsule", product_identification_helper: { cpe: "cpe:/a:redhat:satellite_capsule:6.13::el8", }, }, }, { category: "product_name", name: "Red Hat Satellite 6.13 for RHEL 8", product: { name: "Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13-utils", product_identification_helper: { cpe: "cpe:/a:redhat:satellite_utils:6.13::el8", }, }, }, { category: "product_name", name: "Red Hat Satellite 6.13 for RHEL 8", product: { name: "Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13-maintenance", product_identification_helper: { cpe: "cpe:/a:redhat:satellite_maintenance:6.13::el8", }, }, }, ], category: "product_family", name: "Red Hat Satellite 6", }, { branches: [ { category: "product_version", name: "createrepo_c-0:1.0.2-2.el8pc.src", product: { name: "createrepo_c-0:1.0.2-2.el8pc.src", product_id: "createrepo_c-0:1.0.2-2.el8pc.src", product_identification_helper: { purl: "pkg:rpm/redhat/createrepo_c@1.0.2-2.el8pc?arch=src", }, }, }, { category: "product_version", name: "foreman-0:3.5.1.24-1.el8sat.src", product: { name: "foreman-0:3.5.1.24-1.el8sat.src", product_id: "foreman-0:3.5.1.24-1.el8sat.src", product_identification_helper: { purl: "pkg:rpm/redhat/foreman@3.5.1.24-1.el8sat?arch=src", }, }, }, { category: "product_version", name: "foreman-installer-1:3.5.2.7-1.el8sat.src", product: { name: "foreman-installer-1:3.5.2.7-1.el8sat.src", product_id: "foreman-installer-1:3.5.2.7-1.el8sat.src", product_identification_helper: { purl: "pkg:rpm/redhat/foreman-installer@3.5.2.7-1.el8sat?arch=src&epoch=1", }, }, }, { category: "product_version", name: "mosquitto-0:2.0.17-1.el8sat.src", product: { name: "mosquitto-0:2.0.17-1.el8sat.src", product_id: "mosquitto-0:2.0.17-1.el8sat.src", product_identification_helper: { purl: "pkg:rpm/redhat/mosquitto@2.0.17-1.el8sat?arch=src", }, }, }, { category: "product_version", name: "python-pulp-rpm-0:3.18.19-2.el8pc.src", product: { name: "python-pulp-rpm-0:3.18.19-2.el8pc.src", product_id: "python-pulp-rpm-0:3.18.19-2.el8pc.src", product_identification_helper: { purl: "pkg:rpm/redhat/python-pulp-rpm@3.18.19-2.el8pc?arch=src", }, }, }, { category: "product_version", name: "rubygem-foreman_bootdisk-0:21.0.5-1.el8sat.src", product: { name: "rubygem-foreman_bootdisk-0:21.0.5-1.el8sat.src", product_id: "rubygem-foreman_bootdisk-0:21.0.5-1.el8sat.src", product_identification_helper: { purl: "pkg:rpm/redhat/rubygem-foreman_bootdisk@21.0.5-1.el8sat?arch=src", }, }, }, { category: "product_version", name: "rubygem-foreman_leapp-0:0.1.13-2.el8sat.src", product: { name: "rubygem-foreman_leapp-0:0.1.13-2.el8sat.src", product_id: "rubygem-foreman_leapp-0:0.1.13-2.el8sat.src", product_identification_helper: { purl: "pkg:rpm/redhat/rubygem-foreman_leapp@0.1.13-2.el8sat?arch=src", }, }, }, { category: "product_version", name: "rubygem-katello-0:4.7.0.36-1.el8sat.src", product: { name: "rubygem-katello-0:4.7.0.36-1.el8sat.src", product_id: "rubygem-katello-0:4.7.0.36-1.el8sat.src", product_identification_helper: { purl: "pkg:rpm/redhat/rubygem-katello@4.7.0.36-1.el8sat?arch=src", }, }, }, { category: "product_version", name: "satellite-0:6.13.7-1.el8sat.src", product: { name: "satellite-0:6.13.7-1.el8sat.src", product_id: "satellite-0:6.13.7-1.el8sat.src", product_identification_helper: { purl: "pkg:rpm/redhat/satellite@6.13.7-1.el8sat?arch=src", }, }, }, { category: "product_version", name: "ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.src", product: { name: "ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.src", product_id: "ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.src", product_identification_helper: { purl: "pkg:rpm/redhat/ansible-collection-redhat-satellite@3.9.0-3.el8sat?arch=src", }, }, }, { category: "product_version", name: "python-pulp-container-0:2.14.11-1.el8pc.src", product: { name: "python-pulp-container-0:2.14.11-1.el8pc.src", product_id: "python-pulp-container-0:2.14.11-1.el8pc.src", product_identification_helper: { purl: "pkg:rpm/redhat/python-pulp-container@2.14.11-1.el8pc?arch=src", }, }, }, { category: "product_version", name: "satellite-clone-0:3.5.0-1.el8sat.src", product: { name: "satellite-clone-0:3.5.0-1.el8sat.src", product_id: "satellite-clone-0:3.5.0-1.el8sat.src", product_identification_helper: { purl: "pkg:rpm/redhat/satellite-clone@3.5.0-1.el8sat?arch=src", }, }, }, ], category: "architecture", name: "src", }, { branches: [ { category: "product_version", name: "createrepo_c-0:1.0.2-2.el8pc.x86_64", product: { name: "createrepo_c-0:1.0.2-2.el8pc.x86_64", product_id: "createrepo_c-0:1.0.2-2.el8pc.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/createrepo_c@1.0.2-2.el8pc?arch=x86_64", }, }, }, { category: "product_version", name: "createrepo_c-libs-0:1.0.2-2.el8pc.x86_64", product: { name: "createrepo_c-libs-0:1.0.2-2.el8pc.x86_64", product_id: "createrepo_c-libs-0:1.0.2-2.el8pc.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/createrepo_c-libs@1.0.2-2.el8pc?arch=x86_64", }, }, }, { category: "product_version", name: "python3-createrepo_c-0:1.0.2-2.el8pc.x86_64", product: { name: "python3-createrepo_c-0:1.0.2-2.el8pc.x86_64", product_id: "python3-createrepo_c-0:1.0.2-2.el8pc.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/python3-createrepo_c@1.0.2-2.el8pc?arch=x86_64", }, }, }, { category: "product_version", name: "python39-createrepo_c-0:1.0.2-2.el8pc.x86_64", product: { name: "python39-createrepo_c-0:1.0.2-2.el8pc.x86_64", product_id: "python39-createrepo_c-0:1.0.2-2.el8pc.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/python39-createrepo_c@1.0.2-2.el8pc?arch=x86_64", }, }, }, { category: "product_version", name: "createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64", product: { name: "createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64", product_id: "createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/createrepo_c-debugsource@1.0.2-2.el8pc?arch=x86_64", }, }, }, { category: "product_version", name: "createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", product: { name: "createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", product_id: "createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/createrepo_c-debuginfo@1.0.2-2.el8pc?arch=x86_64", }, }, }, { category: "product_version", name: "createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64", product: { name: "createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64", product_id: "createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/createrepo_c-libs-debuginfo@1.0.2-2.el8pc?arch=x86_64", }, }, }, { category: "product_version", name: "python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", product: { name: "python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", product_id: "python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/python3-createrepo_c-debuginfo@1.0.2-2.el8pc?arch=x86_64", }, }, }, { category: "product_version", name: "python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", product: { name: "python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", product_id: "python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/python39-createrepo_c-debuginfo@1.0.2-2.el8pc?arch=x86_64", }, }, }, { category: "product_version", name: "mosquitto-0:2.0.17-1.el8sat.x86_64", product: { name: "mosquitto-0:2.0.17-1.el8sat.x86_64", product_id: "mosquitto-0:2.0.17-1.el8sat.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mosquitto@2.0.17-1.el8sat?arch=x86_64", }, }, }, { category: "product_version", name: "mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", product: { name: "mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", product_id: "mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mosquitto-debugsource@2.0.17-1.el8sat?arch=x86_64", }, }, }, { category: "product_version", name: "mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", product: { name: "mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", product_id: "mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mosquitto-debuginfo@2.0.17-1.el8sat?arch=x86_64", }, }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_version", name: "foreman-debug-0:3.5.1.24-1.el8sat.noarch", product: { name: "foreman-debug-0:3.5.1.24-1.el8sat.noarch", product_id: "foreman-debug-0:3.5.1.24-1.el8sat.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/foreman-debug@3.5.1.24-1.el8sat?arch=noarch", }, }, }, { category: "product_version", name: "foreman-0:3.5.1.24-1.el8sat.noarch", product: { name: "foreman-0:3.5.1.24-1.el8sat.noarch", product_id: "foreman-0:3.5.1.24-1.el8sat.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/foreman@3.5.1.24-1.el8sat?arch=noarch", }, }, }, { category: "product_version", name: "foreman-cli-0:3.5.1.24-1.el8sat.noarch", product: { name: "foreman-cli-0:3.5.1.24-1.el8sat.noarch", product_id: "foreman-cli-0:3.5.1.24-1.el8sat.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/foreman-cli@3.5.1.24-1.el8sat?arch=noarch", }, }, }, { category: "product_version", name: "foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch", product: { name: "foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch", product_id: "foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/foreman-dynflow-sidekiq@3.5.1.24-1.el8sat?arch=noarch", }, }, }, { category: "product_version", name: "foreman-ec2-0:3.5.1.24-1.el8sat.noarch", product: { name: "foreman-ec2-0:3.5.1.24-1.el8sat.noarch", product_id: "foreman-ec2-0:3.5.1.24-1.el8sat.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/foreman-ec2@3.5.1.24-1.el8sat?arch=noarch", }, }, }, { category: "product_version", name: "foreman-journald-0:3.5.1.24-1.el8sat.noarch", product: { name: "foreman-journald-0:3.5.1.24-1.el8sat.noarch", product_id: "foreman-journald-0:3.5.1.24-1.el8sat.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/foreman-journald@3.5.1.24-1.el8sat?arch=noarch", }, }, }, { category: "product_version", name: "foreman-libvirt-0:3.5.1.24-1.el8sat.noarch", product: { name: "foreman-libvirt-0:3.5.1.24-1.el8sat.noarch", product_id: "foreman-libvirt-0:3.5.1.24-1.el8sat.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/foreman-libvirt@3.5.1.24-1.el8sat?arch=noarch", }, }, }, { category: "product_version", name: "foreman-openstack-0:3.5.1.24-1.el8sat.noarch", product: { name: "foreman-openstack-0:3.5.1.24-1.el8sat.noarch", product_id: "foreman-openstack-0:3.5.1.24-1.el8sat.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/foreman-openstack@3.5.1.24-1.el8sat?arch=noarch", }, }, }, { category: "product_version", name: "foreman-ovirt-0:3.5.1.24-1.el8sat.noarch", product: { name: "foreman-ovirt-0:3.5.1.24-1.el8sat.noarch", product_id: "foreman-ovirt-0:3.5.1.24-1.el8sat.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/foreman-ovirt@3.5.1.24-1.el8sat?arch=noarch", }, }, }, { category: "product_version", name: "foreman-postgresql-0:3.5.1.24-1.el8sat.noarch", product: { name: "foreman-postgresql-0:3.5.1.24-1.el8sat.noarch", product_id: "foreman-postgresql-0:3.5.1.24-1.el8sat.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/foreman-postgresql@3.5.1.24-1.el8sat?arch=noarch", }, }, }, { category: "product_version", name: "foreman-service-0:3.5.1.24-1.el8sat.noarch", product: { name: "foreman-service-0:3.5.1.24-1.el8sat.noarch", product_id: "foreman-service-0:3.5.1.24-1.el8sat.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/foreman-service@3.5.1.24-1.el8sat?arch=noarch", }, }, }, { category: "product_version", name: "foreman-telemetry-0:3.5.1.24-1.el8sat.noarch", product: { name: "foreman-telemetry-0:3.5.1.24-1.el8sat.noarch", product_id: "foreman-telemetry-0:3.5.1.24-1.el8sat.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/foreman-telemetry@3.5.1.24-1.el8sat?arch=noarch", }, }, }, { category: "product_version", name: "foreman-vmware-0:3.5.1.24-1.el8sat.noarch", product: { name: "foreman-vmware-0:3.5.1.24-1.el8sat.noarch", product_id: "foreman-vmware-0:3.5.1.24-1.el8sat.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/foreman-vmware@3.5.1.24-1.el8sat?arch=noarch", }, }, }, { category: "product_version", name: "foreman-installer-1:3.5.2.7-1.el8sat.noarch", product: { name: "foreman-installer-1:3.5.2.7-1.el8sat.noarch", product_id: "foreman-installer-1:3.5.2.7-1.el8sat.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/foreman-installer@3.5.2.7-1.el8sat?arch=noarch&epoch=1", }, }, }, { category: "product_version", name: "foreman-installer-katello-1:3.5.2.7-1.el8sat.noarch", product: { name: "foreman-installer-katello-1:3.5.2.7-1.el8sat.noarch", product_id: "foreman-installer-katello-1:3.5.2.7-1.el8sat.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/foreman-installer-katello@3.5.2.7-1.el8sat?arch=noarch&epoch=1", }, }, }, { category: "product_version", name: "python39-pulp-rpm-0:3.18.19-2.el8pc.noarch", product: { name: "python39-pulp-rpm-0:3.18.19-2.el8pc.noarch", product_id: "python39-pulp-rpm-0:3.18.19-2.el8pc.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/python39-pulp-rpm@3.18.19-2.el8pc?arch=noarch", }, }, }, { category: "product_version", name: "rubygem-foreman_bootdisk-0:21.0.5-1.el8sat.noarch", product: { name: "rubygem-foreman_bootdisk-0:21.0.5-1.el8sat.noarch", product_id: "rubygem-foreman_bootdisk-0:21.0.5-1.el8sat.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/rubygem-foreman_bootdisk@21.0.5-1.el8sat?arch=noarch", }, }, }, { category: "product_version", name: "rubygem-foreman_leapp-0:0.1.13-2.el8sat.noarch", product: { name: "rubygem-foreman_leapp-0:0.1.13-2.el8sat.noarch", product_id: "rubygem-foreman_leapp-0:0.1.13-2.el8sat.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/rubygem-foreman_leapp@0.1.13-2.el8sat?arch=noarch", }, }, }, { category: "product_version", name: "rubygem-katello-0:4.7.0.36-1.el8sat.noarch", product: { name: "rubygem-katello-0:4.7.0.36-1.el8sat.noarch", product_id: "rubygem-katello-0:4.7.0.36-1.el8sat.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/rubygem-katello@4.7.0.36-1.el8sat?arch=noarch", }, }, }, { category: "product_version", name: "satellite-capsule-0:6.13.7-1.el8sat.noarch", product: { name: "satellite-capsule-0:6.13.7-1.el8sat.noarch", product_id: "satellite-capsule-0:6.13.7-1.el8sat.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/satellite-capsule@6.13.7-1.el8sat?arch=noarch", }, }, }, { category: "product_version", name: "satellite-common-0:6.13.7-1.el8sat.noarch", product: { name: "satellite-common-0:6.13.7-1.el8sat.noarch", product_id: "satellite-common-0:6.13.7-1.el8sat.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/satellite-common@6.13.7-1.el8sat?arch=noarch", }, }, }, { category: "product_version", name: "satellite-0:6.13.7-1.el8sat.noarch", product: { name: "satellite-0:6.13.7-1.el8sat.noarch", product_id: "satellite-0:6.13.7-1.el8sat.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/satellite@6.13.7-1.el8sat?arch=noarch", }, }, }, { category: "product_version", name: "satellite-cli-0:6.13.7-1.el8sat.noarch", product: { name: "satellite-cli-0:6.13.7-1.el8sat.noarch", product_id: "satellite-cli-0:6.13.7-1.el8sat.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/satellite-cli@6.13.7-1.el8sat?arch=noarch", }, }, }, { category: "product_version", name: "ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.noarch", product: { name: "ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.noarch", product_id: "ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/ansible-collection-redhat-satellite@3.9.0-3.el8sat?arch=noarch", }, }, }, { category: "product_version", name: "python39-pulp-container-0:2.14.11-1.el8pc.noarch", product: { name: "python39-pulp-container-0:2.14.11-1.el8pc.noarch", product_id: "python39-pulp-container-0:2.14.11-1.el8pc.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/python39-pulp-container@2.14.11-1.el8pc?arch=noarch", }, }, }, { category: "product_version", name: "satellite-clone-0:3.5.0-1.el8sat.noarch", product: { name: "satellite-clone-0:3.5.0-1.el8sat.noarch", product_id: "satellite-clone-0:3.5.0-1.el8sat.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/satellite-clone@3.5.0-1.el8sat?arch=noarch", }, }, }, ], category: "architecture", name: "noarch", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13-capsule:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.noarch", }, product_reference: "ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.13-capsule", }, { category: "default_component_of", full_product_name: { name: "ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.src as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13-capsule:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.src", }, product_reference: "ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.src", relates_to_product_reference: "8Base-satellite-6.13-capsule", }, { category: "default_component_of", full_product_name: { name: "createrepo_c-0:1.0.2-2.el8pc.src as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13-capsule:createrepo_c-0:1.0.2-2.el8pc.src", }, product_reference: "createrepo_c-0:1.0.2-2.el8pc.src", relates_to_product_reference: "8Base-satellite-6.13-capsule", }, { category: "default_component_of", full_product_name: { name: "createrepo_c-0:1.0.2-2.el8pc.x86_64 as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13-capsule:createrepo_c-0:1.0.2-2.el8pc.x86_64", }, product_reference: "createrepo_c-0:1.0.2-2.el8pc.x86_64", relates_to_product_reference: "8Base-satellite-6.13-capsule", }, { category: "default_component_of", full_product_name: { name: "createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64 as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13-capsule:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", }, product_reference: "createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", relates_to_product_reference: "8Base-satellite-6.13-capsule", }, { category: "default_component_of", full_product_name: { name: "createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64 as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13-capsule:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64", }, product_reference: "createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64", relates_to_product_reference: "8Base-satellite-6.13-capsule", }, { category: "default_component_of", full_product_name: { name: "createrepo_c-libs-0:1.0.2-2.el8pc.x86_64 as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13-capsule:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64", }, product_reference: "createrepo_c-libs-0:1.0.2-2.el8pc.x86_64", relates_to_product_reference: "8Base-satellite-6.13-capsule", }, { category: "default_component_of", full_product_name: { name: "createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64 as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13-capsule:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64", }, product_reference: "createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64", relates_to_product_reference: "8Base-satellite-6.13-capsule", }, { category: "default_component_of", full_product_name: { name: "foreman-0:3.5.1.24-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13-capsule:foreman-0:3.5.1.24-1.el8sat.noarch", }, product_reference: "foreman-0:3.5.1.24-1.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.13-capsule", }, { category: "default_component_of", full_product_name: { name: "foreman-0:3.5.1.24-1.el8sat.src as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13-capsule:foreman-0:3.5.1.24-1.el8sat.src", }, product_reference: "foreman-0:3.5.1.24-1.el8sat.src", relates_to_product_reference: "8Base-satellite-6.13-capsule", }, { category: "default_component_of", full_product_name: { name: "foreman-cli-0:3.5.1.24-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13-capsule:foreman-cli-0:3.5.1.24-1.el8sat.noarch", }, product_reference: "foreman-cli-0:3.5.1.24-1.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.13-capsule", }, { category: "default_component_of", full_product_name: { name: "foreman-debug-0:3.5.1.24-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13-capsule:foreman-debug-0:3.5.1.24-1.el8sat.noarch", }, product_reference: "foreman-debug-0:3.5.1.24-1.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.13-capsule", }, { category: "default_component_of", full_product_name: { name: "foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13-capsule:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch", }, product_reference: "foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.13-capsule", }, { category: "default_component_of", full_product_name: { name: "foreman-ec2-0:3.5.1.24-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13-capsule:foreman-ec2-0:3.5.1.24-1.el8sat.noarch", }, product_reference: "foreman-ec2-0:3.5.1.24-1.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.13-capsule", }, { category: "default_component_of", full_product_name: { name: "foreman-installer-1:3.5.2.7-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13-capsule:foreman-installer-1:3.5.2.7-1.el8sat.noarch", }, product_reference: "foreman-installer-1:3.5.2.7-1.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.13-capsule", }, { category: "default_component_of", full_product_name: { name: "foreman-installer-1:3.5.2.7-1.el8sat.src as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13-capsule:foreman-installer-1:3.5.2.7-1.el8sat.src", }, product_reference: "foreman-installer-1:3.5.2.7-1.el8sat.src", relates_to_product_reference: "8Base-satellite-6.13-capsule", }, { category: "default_component_of", full_product_name: { name: "foreman-installer-katello-1:3.5.2.7-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13-capsule:foreman-installer-katello-1:3.5.2.7-1.el8sat.noarch", }, product_reference: "foreman-installer-katello-1:3.5.2.7-1.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.13-capsule", }, { category: "default_component_of", full_product_name: { name: "foreman-journald-0:3.5.1.24-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13-capsule:foreman-journald-0:3.5.1.24-1.el8sat.noarch", }, product_reference: "foreman-journald-0:3.5.1.24-1.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.13-capsule", }, { category: "default_component_of", full_product_name: { name: "foreman-libvirt-0:3.5.1.24-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13-capsule:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch", }, product_reference: "foreman-libvirt-0:3.5.1.24-1.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.13-capsule", }, { category: "default_component_of", full_product_name: { name: "foreman-openstack-0:3.5.1.24-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13-capsule:foreman-openstack-0:3.5.1.24-1.el8sat.noarch", }, product_reference: "foreman-openstack-0:3.5.1.24-1.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.13-capsule", }, { category: "default_component_of", full_product_name: { name: "foreman-ovirt-0:3.5.1.24-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13-capsule:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch", }, product_reference: "foreman-ovirt-0:3.5.1.24-1.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.13-capsule", }, { category: "default_component_of", full_product_name: { name: "foreman-postgresql-0:3.5.1.24-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13-capsule:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch", }, product_reference: "foreman-postgresql-0:3.5.1.24-1.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.13-capsule", }, { category: "default_component_of", full_product_name: { name: "foreman-service-0:3.5.1.24-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13-capsule:foreman-service-0:3.5.1.24-1.el8sat.noarch", }, product_reference: "foreman-service-0:3.5.1.24-1.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.13-capsule", }, { category: "default_component_of", full_product_name: { name: "foreman-telemetry-0:3.5.1.24-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13-capsule:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch", }, product_reference: "foreman-telemetry-0:3.5.1.24-1.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.13-capsule", }, { category: "default_component_of", full_product_name: { name: "foreman-vmware-0:3.5.1.24-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13-capsule:foreman-vmware-0:3.5.1.24-1.el8sat.noarch", }, product_reference: "foreman-vmware-0:3.5.1.24-1.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.13-capsule", }, { category: "default_component_of", full_product_name: { name: "mosquitto-0:2.0.17-1.el8sat.src as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13-capsule:mosquitto-0:2.0.17-1.el8sat.src", }, product_reference: "mosquitto-0:2.0.17-1.el8sat.src", relates_to_product_reference: "8Base-satellite-6.13-capsule", }, { category: "default_component_of", full_product_name: { name: "mosquitto-0:2.0.17-1.el8sat.x86_64 as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64", }, product_reference: "mosquitto-0:2.0.17-1.el8sat.x86_64", relates_to_product_reference: "8Base-satellite-6.13-capsule", }, { category: "default_component_of", full_product_name: { name: "mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64 as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", }, product_reference: "mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", relates_to_product_reference: "8Base-satellite-6.13-capsule", }, { category: "default_component_of", full_product_name: { name: "mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64 as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", }, product_reference: "mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", relates_to_product_reference: "8Base-satellite-6.13-capsule", }, { category: "default_component_of", full_product_name: { name: "python-pulp-container-0:2.14.11-1.el8pc.src as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13-capsule:python-pulp-container-0:2.14.11-1.el8pc.src", }, product_reference: "python-pulp-container-0:2.14.11-1.el8pc.src", relates_to_product_reference: "8Base-satellite-6.13-capsule", }, { category: "default_component_of", full_product_name: { name: "python-pulp-rpm-0:3.18.19-2.el8pc.src as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13-capsule:python-pulp-rpm-0:3.18.19-2.el8pc.src", }, product_reference: "python-pulp-rpm-0:3.18.19-2.el8pc.src", relates_to_product_reference: "8Base-satellite-6.13-capsule", }, { category: "default_component_of", full_product_name: { name: "python3-createrepo_c-0:1.0.2-2.el8pc.x86_64 as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13-capsule:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64", }, product_reference: "python3-createrepo_c-0:1.0.2-2.el8pc.x86_64", relates_to_product_reference: "8Base-satellite-6.13-capsule", }, { category: "default_component_of", full_product_name: { name: "python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64 as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13-capsule:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", }, product_reference: "python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", relates_to_product_reference: "8Base-satellite-6.13-capsule", }, { category: "default_component_of", full_product_name: { name: "python39-createrepo_c-0:1.0.2-2.el8pc.x86_64 as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13-capsule:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64", }, product_reference: "python39-createrepo_c-0:1.0.2-2.el8pc.x86_64", relates_to_product_reference: "8Base-satellite-6.13-capsule", }, { category: "default_component_of", full_product_name: { name: "python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64 as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13-capsule:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", }, product_reference: "python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", relates_to_product_reference: "8Base-satellite-6.13-capsule", }, { category: "default_component_of", full_product_name: { name: "python39-pulp-container-0:2.14.11-1.el8pc.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch", }, product_reference: "python39-pulp-container-0:2.14.11-1.el8pc.noarch", relates_to_product_reference: "8Base-satellite-6.13-capsule", }, { category: "default_component_of", full_product_name: { name: "python39-pulp-rpm-0:3.18.19-2.el8pc.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13-capsule:python39-pulp-rpm-0:3.18.19-2.el8pc.noarch", }, product_reference: "python39-pulp-rpm-0:3.18.19-2.el8pc.noarch", relates_to_product_reference: "8Base-satellite-6.13-capsule", }, { category: "default_component_of", full_product_name: { name: "satellite-0:6.13.7-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13-capsule:satellite-0:6.13.7-1.el8sat.noarch", }, product_reference: "satellite-0:6.13.7-1.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.13-capsule", }, { category: "default_component_of", full_product_name: { name: "satellite-0:6.13.7-1.el8sat.src as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13-capsule:satellite-0:6.13.7-1.el8sat.src", }, product_reference: "satellite-0:6.13.7-1.el8sat.src", relates_to_product_reference: "8Base-satellite-6.13-capsule", }, { category: "default_component_of", full_product_name: { name: "satellite-capsule-0:6.13.7-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13-capsule:satellite-capsule-0:6.13.7-1.el8sat.noarch", }, product_reference: "satellite-capsule-0:6.13.7-1.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.13-capsule", }, { category: "default_component_of", full_product_name: { name: "satellite-cli-0:6.13.7-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13-capsule:satellite-cli-0:6.13.7-1.el8sat.noarch", }, product_reference: "satellite-cli-0:6.13.7-1.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.13-capsule", }, { category: "default_component_of", full_product_name: { name: "satellite-common-0:6.13.7-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13-capsule:satellite-common-0:6.13.7-1.el8sat.noarch", }, product_reference: "satellite-common-0:6.13.7-1.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.13-capsule", }, { category: "default_component_of", full_product_name: { name: "satellite-clone-0:3.5.0-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13-maintenance:satellite-clone-0:3.5.0-1.el8sat.noarch", }, product_reference: "satellite-clone-0:3.5.0-1.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.13-maintenance", }, { category: "default_component_of", full_product_name: { name: "satellite-clone-0:3.5.0-1.el8sat.src as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13-maintenance:satellite-clone-0:3.5.0-1.el8sat.src", }, product_reference: "satellite-clone-0:3.5.0-1.el8sat.src", relates_to_product_reference: "8Base-satellite-6.13-maintenance", }, { category: "default_component_of", full_product_name: { name: "foreman-0:3.5.1.24-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13-utils:foreman-0:3.5.1.24-1.el8sat.noarch", }, product_reference: "foreman-0:3.5.1.24-1.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.13-utils", }, { category: "default_component_of", full_product_name: { name: "foreman-0:3.5.1.24-1.el8sat.src as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13-utils:foreman-0:3.5.1.24-1.el8sat.src", }, product_reference: "foreman-0:3.5.1.24-1.el8sat.src", relates_to_product_reference: "8Base-satellite-6.13-utils", }, { category: "default_component_of", full_product_name: { name: "foreman-cli-0:3.5.1.24-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13-utils:foreman-cli-0:3.5.1.24-1.el8sat.noarch", }, product_reference: "foreman-cli-0:3.5.1.24-1.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.13-utils", }, { category: "default_component_of", full_product_name: { name: "foreman-debug-0:3.5.1.24-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13-utils:foreman-debug-0:3.5.1.24-1.el8sat.noarch", }, product_reference: "foreman-debug-0:3.5.1.24-1.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.13-utils", }, { category: "default_component_of", full_product_name: { name: "foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13-utils:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch", }, product_reference: "foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.13-utils", }, { category: "default_component_of", full_product_name: { name: "foreman-ec2-0:3.5.1.24-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13-utils:foreman-ec2-0:3.5.1.24-1.el8sat.noarch", }, product_reference: "foreman-ec2-0:3.5.1.24-1.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.13-utils", }, { category: "default_component_of", full_product_name: { name: "foreman-journald-0:3.5.1.24-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13-utils:foreman-journald-0:3.5.1.24-1.el8sat.noarch", }, product_reference: "foreman-journald-0:3.5.1.24-1.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.13-utils", }, { category: "default_component_of", full_product_name: { name: "foreman-libvirt-0:3.5.1.24-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13-utils:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch", }, product_reference: "foreman-libvirt-0:3.5.1.24-1.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.13-utils", }, { category: "default_component_of", full_product_name: { name: "foreman-openstack-0:3.5.1.24-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13-utils:foreman-openstack-0:3.5.1.24-1.el8sat.noarch", }, product_reference: "foreman-openstack-0:3.5.1.24-1.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.13-utils", }, { category: "default_component_of", full_product_name: { name: "foreman-ovirt-0:3.5.1.24-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13-utils:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch", }, product_reference: "foreman-ovirt-0:3.5.1.24-1.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.13-utils", }, { category: "default_component_of", full_product_name: { name: "foreman-postgresql-0:3.5.1.24-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13-utils:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch", }, product_reference: "foreman-postgresql-0:3.5.1.24-1.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.13-utils", }, { category: "default_component_of", full_product_name: { name: "foreman-service-0:3.5.1.24-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13-utils:foreman-service-0:3.5.1.24-1.el8sat.noarch", }, product_reference: "foreman-service-0:3.5.1.24-1.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.13-utils", }, { category: "default_component_of", full_product_name: { name: "foreman-telemetry-0:3.5.1.24-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13-utils:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch", }, product_reference: "foreman-telemetry-0:3.5.1.24-1.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.13-utils", }, { category: "default_component_of", full_product_name: { name: "foreman-vmware-0:3.5.1.24-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13-utils:foreman-vmware-0:3.5.1.24-1.el8sat.noarch", }, product_reference: "foreman-vmware-0:3.5.1.24-1.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.13-utils", }, { category: "default_component_of", full_product_name: { name: "satellite-0:6.13.7-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13-utils:satellite-0:6.13.7-1.el8sat.noarch", }, product_reference: "satellite-0:6.13.7-1.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.13-utils", }, { category: "default_component_of", full_product_name: { name: "satellite-0:6.13.7-1.el8sat.src as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13-utils:satellite-0:6.13.7-1.el8sat.src", }, product_reference: "satellite-0:6.13.7-1.el8sat.src", relates_to_product_reference: "8Base-satellite-6.13-utils", }, { category: "default_component_of", full_product_name: { name: "satellite-capsule-0:6.13.7-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13-utils:satellite-capsule-0:6.13.7-1.el8sat.noarch", }, product_reference: "satellite-capsule-0:6.13.7-1.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.13-utils", }, { category: "default_component_of", full_product_name: { name: "satellite-cli-0:6.13.7-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13-utils:satellite-cli-0:6.13.7-1.el8sat.noarch", }, product_reference: "satellite-cli-0:6.13.7-1.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.13-utils", }, { category: "default_component_of", full_product_name: { name: "satellite-common-0:6.13.7-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13-utils:satellite-common-0:6.13.7-1.el8sat.noarch", }, product_reference: "satellite-common-0:6.13.7-1.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.13-utils", }, { category: "default_component_of", full_product_name: { name: "ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.noarch", }, product_reference: "ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.13", }, { category: "default_component_of", full_product_name: { name: "ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.src as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.src", }, product_reference: "ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.src", relates_to_product_reference: "8Base-satellite-6.13", }, { category: "default_component_of", full_product_name: { name: "createrepo_c-0:1.0.2-2.el8pc.src as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13:createrepo_c-0:1.0.2-2.el8pc.src", }, product_reference: "createrepo_c-0:1.0.2-2.el8pc.src", relates_to_product_reference: "8Base-satellite-6.13", }, { category: "default_component_of", full_product_name: { name: "createrepo_c-0:1.0.2-2.el8pc.x86_64 as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13:createrepo_c-0:1.0.2-2.el8pc.x86_64", }, product_reference: "createrepo_c-0:1.0.2-2.el8pc.x86_64", relates_to_product_reference: "8Base-satellite-6.13", }, { category: "default_component_of", full_product_name: { name: "createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64 as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", }, product_reference: "createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", relates_to_product_reference: "8Base-satellite-6.13", }, { category: "default_component_of", full_product_name: { name: "createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64 as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64", }, product_reference: "createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64", relates_to_product_reference: "8Base-satellite-6.13", }, { category: "default_component_of", full_product_name: { name: "createrepo_c-libs-0:1.0.2-2.el8pc.x86_64 as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64", }, product_reference: "createrepo_c-libs-0:1.0.2-2.el8pc.x86_64", relates_to_product_reference: "8Base-satellite-6.13", }, { category: "default_component_of", full_product_name: { name: "createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64 as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64", }, product_reference: "createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64", relates_to_product_reference: "8Base-satellite-6.13", }, { category: "default_component_of", full_product_name: { name: "foreman-0:3.5.1.24-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13:foreman-0:3.5.1.24-1.el8sat.noarch", }, product_reference: "foreman-0:3.5.1.24-1.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.13", }, { category: "default_component_of", full_product_name: { name: "foreman-0:3.5.1.24-1.el8sat.src as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13:foreman-0:3.5.1.24-1.el8sat.src", }, product_reference: "foreman-0:3.5.1.24-1.el8sat.src", relates_to_product_reference: "8Base-satellite-6.13", }, { category: "default_component_of", full_product_name: { name: "foreman-cli-0:3.5.1.24-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13:foreman-cli-0:3.5.1.24-1.el8sat.noarch", }, product_reference: "foreman-cli-0:3.5.1.24-1.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.13", }, { category: "default_component_of", full_product_name: { name: "foreman-debug-0:3.5.1.24-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13:foreman-debug-0:3.5.1.24-1.el8sat.noarch", }, product_reference: "foreman-debug-0:3.5.1.24-1.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.13", }, { category: "default_component_of", full_product_name: { name: "foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch", }, product_reference: "foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.13", }, { category: "default_component_of", full_product_name: { name: "foreman-ec2-0:3.5.1.24-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13:foreman-ec2-0:3.5.1.24-1.el8sat.noarch", }, product_reference: "foreman-ec2-0:3.5.1.24-1.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.13", }, { category: "default_component_of", full_product_name: { name: "foreman-installer-1:3.5.2.7-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13:foreman-installer-1:3.5.2.7-1.el8sat.noarch", }, product_reference: "foreman-installer-1:3.5.2.7-1.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.13", }, { category: "default_component_of", full_product_name: { name: "foreman-installer-1:3.5.2.7-1.el8sat.src as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13:foreman-installer-1:3.5.2.7-1.el8sat.src", }, product_reference: "foreman-installer-1:3.5.2.7-1.el8sat.src", relates_to_product_reference: "8Base-satellite-6.13", }, { category: "default_component_of", full_product_name: { name: "foreman-installer-katello-1:3.5.2.7-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13:foreman-installer-katello-1:3.5.2.7-1.el8sat.noarch", }, product_reference: "foreman-installer-katello-1:3.5.2.7-1.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.13", }, { category: "default_component_of", full_product_name: { name: "foreman-journald-0:3.5.1.24-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13:foreman-journald-0:3.5.1.24-1.el8sat.noarch", }, product_reference: "foreman-journald-0:3.5.1.24-1.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.13", }, { category: "default_component_of", full_product_name: { name: "foreman-libvirt-0:3.5.1.24-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch", }, product_reference: "foreman-libvirt-0:3.5.1.24-1.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.13", }, { category: "default_component_of", full_product_name: { name: "foreman-openstack-0:3.5.1.24-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13:foreman-openstack-0:3.5.1.24-1.el8sat.noarch", }, product_reference: "foreman-openstack-0:3.5.1.24-1.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.13", }, { category: "default_component_of", full_product_name: { name: "foreman-ovirt-0:3.5.1.24-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch", }, product_reference: "foreman-ovirt-0:3.5.1.24-1.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.13", }, { category: "default_component_of", full_product_name: { name: "foreman-postgresql-0:3.5.1.24-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch", }, product_reference: "foreman-postgresql-0:3.5.1.24-1.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.13", }, { category: "default_component_of", full_product_name: { name: "foreman-service-0:3.5.1.24-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13:foreman-service-0:3.5.1.24-1.el8sat.noarch", }, product_reference: "foreman-service-0:3.5.1.24-1.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.13", }, { category: "default_component_of", full_product_name: { name: "foreman-telemetry-0:3.5.1.24-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch", }, product_reference: "foreman-telemetry-0:3.5.1.24-1.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.13", }, { category: "default_component_of", full_product_name: { name: "foreman-vmware-0:3.5.1.24-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13:foreman-vmware-0:3.5.1.24-1.el8sat.noarch", }, product_reference: "foreman-vmware-0:3.5.1.24-1.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.13", }, { category: "default_component_of", full_product_name: { name: "mosquitto-0:2.0.17-1.el8sat.src as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13:mosquitto-0:2.0.17-1.el8sat.src", }, product_reference: "mosquitto-0:2.0.17-1.el8sat.src", relates_to_product_reference: "8Base-satellite-6.13", }, { category: "default_component_of", full_product_name: { name: "mosquitto-0:2.0.17-1.el8sat.x86_64 as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13:mosquitto-0:2.0.17-1.el8sat.x86_64", }, product_reference: "mosquitto-0:2.0.17-1.el8sat.x86_64", relates_to_product_reference: "8Base-satellite-6.13", }, { category: "default_component_of", full_product_name: { name: "mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64 as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", }, product_reference: "mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", relates_to_product_reference: "8Base-satellite-6.13", }, { category: "default_component_of", full_product_name: { name: "mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64 as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", }, product_reference: "mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", relates_to_product_reference: "8Base-satellite-6.13", }, { category: "default_component_of", full_product_name: { name: "python-pulp-container-0:2.14.11-1.el8pc.src as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13:python-pulp-container-0:2.14.11-1.el8pc.src", }, product_reference: "python-pulp-container-0:2.14.11-1.el8pc.src", relates_to_product_reference: "8Base-satellite-6.13", }, { category: "default_component_of", full_product_name: { name: "python-pulp-rpm-0:3.18.19-2.el8pc.src as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13:python-pulp-rpm-0:3.18.19-2.el8pc.src", }, product_reference: "python-pulp-rpm-0:3.18.19-2.el8pc.src", relates_to_product_reference: "8Base-satellite-6.13", }, { category: "default_component_of", full_product_name: { name: "python3-createrepo_c-0:1.0.2-2.el8pc.x86_64 as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64", }, product_reference: "python3-createrepo_c-0:1.0.2-2.el8pc.x86_64", relates_to_product_reference: "8Base-satellite-6.13", }, { category: "default_component_of", full_product_name: { name: "python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64 as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", }, product_reference: "python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", relates_to_product_reference: "8Base-satellite-6.13", }, { category: "default_component_of", full_product_name: { name: "python39-createrepo_c-0:1.0.2-2.el8pc.x86_64 as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64", }, product_reference: "python39-createrepo_c-0:1.0.2-2.el8pc.x86_64", relates_to_product_reference: "8Base-satellite-6.13", }, { category: "default_component_of", full_product_name: { name: "python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64 as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", }, product_reference: "python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", relates_to_product_reference: "8Base-satellite-6.13", }, { category: "default_component_of", full_product_name: { name: "python39-pulp-container-0:2.14.11-1.el8pc.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13:python39-pulp-container-0:2.14.11-1.el8pc.noarch", }, product_reference: "python39-pulp-container-0:2.14.11-1.el8pc.noarch", relates_to_product_reference: "8Base-satellite-6.13", }, { category: "default_component_of", full_product_name: { name: "python39-pulp-rpm-0:3.18.19-2.el8pc.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13:python39-pulp-rpm-0:3.18.19-2.el8pc.noarch", }, product_reference: "python39-pulp-rpm-0:3.18.19-2.el8pc.noarch", relates_to_product_reference: "8Base-satellite-6.13", }, { category: "default_component_of", full_product_name: { name: "rubygem-foreman_bootdisk-0:21.0.5-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13:rubygem-foreman_bootdisk-0:21.0.5-1.el8sat.noarch", }, product_reference: "rubygem-foreman_bootdisk-0:21.0.5-1.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.13", }, { category: "default_component_of", full_product_name: { name: "rubygem-foreman_bootdisk-0:21.0.5-1.el8sat.src as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13:rubygem-foreman_bootdisk-0:21.0.5-1.el8sat.src", }, product_reference: "rubygem-foreman_bootdisk-0:21.0.5-1.el8sat.src", relates_to_product_reference: "8Base-satellite-6.13", }, { category: "default_component_of", full_product_name: { name: "rubygem-foreman_leapp-0:0.1.13-2.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13:rubygem-foreman_leapp-0:0.1.13-2.el8sat.noarch", }, product_reference: "rubygem-foreman_leapp-0:0.1.13-2.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.13", }, { category: "default_component_of", full_product_name: { name: "rubygem-foreman_leapp-0:0.1.13-2.el8sat.src as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13:rubygem-foreman_leapp-0:0.1.13-2.el8sat.src", }, product_reference: "rubygem-foreman_leapp-0:0.1.13-2.el8sat.src", relates_to_product_reference: "8Base-satellite-6.13", }, { category: "default_component_of", full_product_name: { name: "rubygem-katello-0:4.7.0.36-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13:rubygem-katello-0:4.7.0.36-1.el8sat.noarch", }, product_reference: "rubygem-katello-0:4.7.0.36-1.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.13", }, { category: "default_component_of", full_product_name: { name: "rubygem-katello-0:4.7.0.36-1.el8sat.src as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13:rubygem-katello-0:4.7.0.36-1.el8sat.src", }, product_reference: "rubygem-katello-0:4.7.0.36-1.el8sat.src", relates_to_product_reference: "8Base-satellite-6.13", }, { category: "default_component_of", full_product_name: { name: "satellite-0:6.13.7-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13:satellite-0:6.13.7-1.el8sat.noarch", }, product_reference: "satellite-0:6.13.7-1.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.13", }, { category: "default_component_of", full_product_name: { name: "satellite-0:6.13.7-1.el8sat.src as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13:satellite-0:6.13.7-1.el8sat.src", }, product_reference: "satellite-0:6.13.7-1.el8sat.src", relates_to_product_reference: "8Base-satellite-6.13", }, { category: "default_component_of", full_product_name: { name: "satellite-capsule-0:6.13.7-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13:satellite-capsule-0:6.13.7-1.el8sat.noarch", }, product_reference: "satellite-capsule-0:6.13.7-1.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.13", }, { category: "default_component_of", full_product_name: { name: "satellite-cli-0:6.13.7-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13:satellite-cli-0:6.13.7-1.el8sat.noarch", }, product_reference: "satellite-cli-0:6.13.7-1.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.13", }, { category: "default_component_of", full_product_name: { name: "satellite-common-0:6.13.7-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13:satellite-common-0:6.13.7-1.el8sat.noarch", }, product_reference: "satellite-common-0:6.13.7-1.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.13", }, ], }, vulnerabilities: [ { acknowledgments: [ { names: [ "Fernando Velazquez", ], organization: "Red Hat", summary: "This issue was discovered by Red Hat.", }, ], cve: "CVE-2022-4130", cwe: { id: "CWE-918", name: "Server-Side Request Forgery (SSRF)", }, discovery_date: "2022-11-23T00:00:00+00:00", flags: [ { label: "vulnerable_code_not_present", product_ids: [ "8Base-satellite-6.13-capsule:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.noarch", "8Base-satellite-6.13-capsule:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.src", "8Base-satellite-6.13-capsule:createrepo_c-0:1.0.2-2.el8pc.src", "8Base-satellite-6.13-capsule:createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:foreman-cli-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-debug-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-ec2-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-installer-1:3.5.2.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-installer-1:3.5.2.7-1.el8sat.src", "8Base-satellite-6.13-capsule:foreman-installer-katello-1:3.5.2.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-journald-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-openstack-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-service-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-vmware-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.13-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13-capsule:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.13-capsule:python-pulp-rpm-0:3.18.19-2.el8pc.src", "8Base-satellite-6.13-capsule:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.13-capsule:python39-pulp-rpm-0:3.18.19-2.el8pc.noarch", "8Base-satellite-6.13-capsule:satellite-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:satellite-0:6.13.7-1.el8sat.src", "8Base-satellite-6.13-capsule:satellite-capsule-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:satellite-cli-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:satellite-common-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-maintenance:satellite-clone-0:3.5.0-1.el8sat.noarch", "8Base-satellite-6.13-maintenance:satellite-clone-0:3.5.0-1.el8sat.src", "8Base-satellite-6.13-utils:foreman-cli-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-debug-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-ec2-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-journald-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-openstack-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-service-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-vmware-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:satellite-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-utils:satellite-0:6.13.7-1.el8sat.src", "8Base-satellite-6.13-utils:satellite-capsule-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-utils:satellite-cli-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-utils:satellite-common-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.noarch", "8Base-satellite-6.13:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.src", "8Base-satellite-6.13:createrepo_c-0:1.0.2-2.el8pc.src", "8Base-satellite-6.13:createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:foreman-cli-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-debug-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-ec2-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-installer-1:3.5.2.7-1.el8sat.noarch", "8Base-satellite-6.13:foreman-installer-1:3.5.2.7-1.el8sat.src", "8Base-satellite-6.13:foreman-installer-katello-1:3.5.2.7-1.el8sat.noarch", "8Base-satellite-6.13:foreman-journald-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-openstack-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-service-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-vmware-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.13:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.13:python-pulp-rpm-0:3.18.19-2.el8pc.src", "8Base-satellite-6.13:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.13:python39-pulp-rpm-0:3.18.19-2.el8pc.noarch", "8Base-satellite-6.13:rubygem-foreman_bootdisk-0:21.0.5-1.el8sat.noarch", "8Base-satellite-6.13:rubygem-foreman_bootdisk-0:21.0.5-1.el8sat.src", "8Base-satellite-6.13:rubygem-foreman_leapp-0:0.1.13-2.el8sat.noarch", "8Base-satellite-6.13:rubygem-foreman_leapp-0:0.1.13-2.el8sat.src", "8Base-satellite-6.13:rubygem-katello-0:4.7.0.36-1.el8sat.noarch", "8Base-satellite-6.13:rubygem-katello-0:4.7.0.36-1.el8sat.src", "8Base-satellite-6.13:satellite-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13:satellite-0:6.13.7-1.el8sat.src", "8Base-satellite-6.13:satellite-capsule-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13:satellite-cli-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13:satellite-common-0:6.13.7-1.el8sat.noarch", ], }, ], ids: [ { system_name: "Red Hat Bugzilla ID", text: "2145254", }, ], notes: [ { category: "description", text: "A blind site-to-site request forgery vulnerability was found in Satellite server. It is possible to trigger an external interaction to an attacker's server by modifying the Referer header in an HTTP request of specific resources in the server.", title: "Vulnerability description", }, { category: "summary", text: "satellite: Blind SSRF via Referer header", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "8Base-satellite-6.13-capsule:foreman-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-0:3.5.1.24-1.el8sat.src", "8Base-satellite-6.13-utils:foreman-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-0:3.5.1.24-1.el8sat.src", "8Base-satellite-6.13:foreman-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-0:3.5.1.24-1.el8sat.src", ], known_not_affected: [ "8Base-satellite-6.13-capsule:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.noarch", "8Base-satellite-6.13-capsule:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.src", "8Base-satellite-6.13-capsule:createrepo_c-0:1.0.2-2.el8pc.src", "8Base-satellite-6.13-capsule:createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:foreman-cli-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-debug-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-ec2-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-installer-1:3.5.2.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-installer-1:3.5.2.7-1.el8sat.src", "8Base-satellite-6.13-capsule:foreman-installer-katello-1:3.5.2.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-journald-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-openstack-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-service-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-vmware-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.13-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13-capsule:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.13-capsule:python-pulp-rpm-0:3.18.19-2.el8pc.src", "8Base-satellite-6.13-capsule:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.13-capsule:python39-pulp-rpm-0:3.18.19-2.el8pc.noarch", "8Base-satellite-6.13-capsule:satellite-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:satellite-0:6.13.7-1.el8sat.src", "8Base-satellite-6.13-capsule:satellite-capsule-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:satellite-cli-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:satellite-common-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-maintenance:satellite-clone-0:3.5.0-1.el8sat.noarch", "8Base-satellite-6.13-maintenance:satellite-clone-0:3.5.0-1.el8sat.src", "8Base-satellite-6.13-utils:foreman-cli-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-debug-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-ec2-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-journald-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-openstack-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-service-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-vmware-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:satellite-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-utils:satellite-0:6.13.7-1.el8sat.src", "8Base-satellite-6.13-utils:satellite-capsule-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-utils:satellite-cli-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-utils:satellite-common-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.noarch", "8Base-satellite-6.13:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.src", "8Base-satellite-6.13:createrepo_c-0:1.0.2-2.el8pc.src", "8Base-satellite-6.13:createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:foreman-cli-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-debug-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-ec2-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-installer-1:3.5.2.7-1.el8sat.noarch", "8Base-satellite-6.13:foreman-installer-1:3.5.2.7-1.el8sat.src", "8Base-satellite-6.13:foreman-installer-katello-1:3.5.2.7-1.el8sat.noarch", "8Base-satellite-6.13:foreman-journald-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-openstack-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-service-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-vmware-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.13:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.13:python-pulp-rpm-0:3.18.19-2.el8pc.src", "8Base-satellite-6.13:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.13:python39-pulp-rpm-0:3.18.19-2.el8pc.noarch", "8Base-satellite-6.13:rubygem-foreman_bootdisk-0:21.0.5-1.el8sat.noarch", "8Base-satellite-6.13:rubygem-foreman_bootdisk-0:21.0.5-1.el8sat.src", "8Base-satellite-6.13:rubygem-foreman_leapp-0:0.1.13-2.el8sat.noarch", "8Base-satellite-6.13:rubygem-foreman_leapp-0:0.1.13-2.el8sat.src", "8Base-satellite-6.13:rubygem-katello-0:4.7.0.36-1.el8sat.noarch", "8Base-satellite-6.13:rubygem-katello-0:4.7.0.36-1.el8sat.src", "8Base-satellite-6.13:satellite-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13:satellite-0:6.13.7-1.el8sat.src", "8Base-satellite-6.13:satellite-capsule-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13:satellite-cli-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13:satellite-common-0:6.13.7-1.el8sat.noarch", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2022-4130", }, { category: "external", summary: "RHBZ#2145254", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2145254", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2022-4130", url: "https://www.cve.org/CVERecord?id=CVE-2022-4130", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2022-4130", url: "https://nvd.nist.gov/vuln/detail/CVE-2022-4130", }, ], release_date: "2023-01-16T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-02-29T20:37:45+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor detailed instructions how to apply this update, refer to:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_satellite/6.6/html/upgrading_and_updating_red_hat_satellite/updating_satellite_server_capsule_server_and_content_hosts", product_ids: [ "8Base-satellite-6.13-capsule:foreman-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-0:3.5.1.24-1.el8sat.src", "8Base-satellite-6.13-utils:foreman-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-0:3.5.1.24-1.el8sat.src", "8Base-satellite-6.13:foreman-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-0:3.5.1.24-1.el8sat.src", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:1061", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 3.5, baseSeverity: "LOW", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:L/I:L/A:N", version: "3.1", }, products: [ "8Base-satellite-6.13-capsule:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.noarch", "8Base-satellite-6.13-capsule:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.src", "8Base-satellite-6.13-capsule:createrepo_c-0:1.0.2-2.el8pc.src", "8Base-satellite-6.13-capsule:createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:foreman-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-0:3.5.1.24-1.el8sat.src", "8Base-satellite-6.13-capsule:foreman-cli-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-debug-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-ec2-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-installer-1:3.5.2.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-installer-1:3.5.2.7-1.el8sat.src", "8Base-satellite-6.13-capsule:foreman-installer-katello-1:3.5.2.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-journald-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-openstack-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-service-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-vmware-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.13-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13-capsule:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.13-capsule:python-pulp-rpm-0:3.18.19-2.el8pc.src", "8Base-satellite-6.13-capsule:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.13-capsule:python39-pulp-rpm-0:3.18.19-2.el8pc.noarch", "8Base-satellite-6.13-capsule:satellite-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:satellite-0:6.13.7-1.el8sat.src", "8Base-satellite-6.13-capsule:satellite-capsule-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:satellite-cli-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:satellite-common-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-maintenance:satellite-clone-0:3.5.0-1.el8sat.noarch", "8Base-satellite-6.13-maintenance:satellite-clone-0:3.5.0-1.el8sat.src", "8Base-satellite-6.13-utils:foreman-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-0:3.5.1.24-1.el8sat.src", "8Base-satellite-6.13-utils:foreman-cli-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-debug-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-ec2-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-journald-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-openstack-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-service-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-vmware-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:satellite-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-utils:satellite-0:6.13.7-1.el8sat.src", "8Base-satellite-6.13-utils:satellite-capsule-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-utils:satellite-cli-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-utils:satellite-common-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.noarch", "8Base-satellite-6.13:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.src", "8Base-satellite-6.13:createrepo_c-0:1.0.2-2.el8pc.src", "8Base-satellite-6.13:createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:foreman-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-0:3.5.1.24-1.el8sat.src", "8Base-satellite-6.13:foreman-cli-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-debug-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-ec2-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-installer-1:3.5.2.7-1.el8sat.noarch", "8Base-satellite-6.13:foreman-installer-1:3.5.2.7-1.el8sat.src", "8Base-satellite-6.13:foreman-installer-katello-1:3.5.2.7-1.el8sat.noarch", "8Base-satellite-6.13:foreman-journald-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-openstack-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-service-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-vmware-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.13:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.13:python-pulp-rpm-0:3.18.19-2.el8pc.src", "8Base-satellite-6.13:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.13:python39-pulp-rpm-0:3.18.19-2.el8pc.noarch", "8Base-satellite-6.13:rubygem-foreman_bootdisk-0:21.0.5-1.el8sat.noarch", "8Base-satellite-6.13:rubygem-foreman_bootdisk-0:21.0.5-1.el8sat.src", "8Base-satellite-6.13:rubygem-foreman_leapp-0:0.1.13-2.el8sat.noarch", "8Base-satellite-6.13:rubygem-foreman_leapp-0:0.1.13-2.el8sat.src", "8Base-satellite-6.13:rubygem-katello-0:4.7.0.36-1.el8sat.noarch", "8Base-satellite-6.13:rubygem-katello-0:4.7.0.36-1.el8sat.src", "8Base-satellite-6.13:satellite-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13:satellite-0:6.13.7-1.el8sat.src", "8Base-satellite-6.13:satellite-capsule-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13:satellite-cli-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13:satellite-common-0:6.13.7-1.el8sat.noarch", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "satellite: Blind SSRF via Referer header", }, { cve: "CVE-2023-0809", cwe: { id: "CWE-401", name: "Missing Release of Memory after Effective Lifetime", }, discovery_date: "2023-09-01T00:00:00+00:00", flags: [ { label: "vulnerable_code_not_present", product_ids: [ "8Base-satellite-6.13-capsule:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.noarch", "8Base-satellite-6.13-capsule:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.src", "8Base-satellite-6.13-capsule:createrepo_c-0:1.0.2-2.el8pc.src", "8Base-satellite-6.13-capsule:createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:foreman-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-0:3.5.1.24-1.el8sat.src", "8Base-satellite-6.13-capsule:foreman-cli-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-debug-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-ec2-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-installer-1:3.5.2.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-installer-1:3.5.2.7-1.el8sat.src", "8Base-satellite-6.13-capsule:foreman-installer-katello-1:3.5.2.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-journald-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-openstack-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-service-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-vmware-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.13-capsule:python-pulp-rpm-0:3.18.19-2.el8pc.src", "8Base-satellite-6.13-capsule:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.13-capsule:python39-pulp-rpm-0:3.18.19-2.el8pc.noarch", "8Base-satellite-6.13-capsule:satellite-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:satellite-0:6.13.7-1.el8sat.src", "8Base-satellite-6.13-capsule:satellite-capsule-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:satellite-cli-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:satellite-common-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-maintenance:satellite-clone-0:3.5.0-1.el8sat.noarch", "8Base-satellite-6.13-maintenance:satellite-clone-0:3.5.0-1.el8sat.src", "8Base-satellite-6.13-utils:foreman-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-0:3.5.1.24-1.el8sat.src", "8Base-satellite-6.13-utils:foreman-cli-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-debug-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-ec2-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-journald-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-openstack-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-service-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-vmware-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:satellite-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-utils:satellite-0:6.13.7-1.el8sat.src", "8Base-satellite-6.13-utils:satellite-capsule-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-utils:satellite-cli-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-utils:satellite-common-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.noarch", "8Base-satellite-6.13:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.src", "8Base-satellite-6.13:createrepo_c-0:1.0.2-2.el8pc.src", "8Base-satellite-6.13:createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:foreman-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-0:3.5.1.24-1.el8sat.src", "8Base-satellite-6.13:foreman-cli-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-debug-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-ec2-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-installer-1:3.5.2.7-1.el8sat.noarch", "8Base-satellite-6.13:foreman-installer-1:3.5.2.7-1.el8sat.src", "8Base-satellite-6.13:foreman-installer-katello-1:3.5.2.7-1.el8sat.noarch", "8Base-satellite-6.13:foreman-journald-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-openstack-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-service-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-vmware-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.13:python-pulp-rpm-0:3.18.19-2.el8pc.src", "8Base-satellite-6.13:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.13:python39-pulp-rpm-0:3.18.19-2.el8pc.noarch", "8Base-satellite-6.13:rubygem-foreman_bootdisk-0:21.0.5-1.el8sat.noarch", "8Base-satellite-6.13:rubygem-foreman_bootdisk-0:21.0.5-1.el8sat.src", "8Base-satellite-6.13:rubygem-foreman_leapp-0:0.1.13-2.el8sat.noarch", "8Base-satellite-6.13:rubygem-foreman_leapp-0:0.1.13-2.el8sat.src", "8Base-satellite-6.13:rubygem-katello-0:4.7.0.36-1.el8sat.noarch", "8Base-satellite-6.13:rubygem-katello-0:4.7.0.36-1.el8sat.src", "8Base-satellite-6.13:satellite-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13:satellite-0:6.13.7-1.el8sat.src", "8Base-satellite-6.13:satellite-capsule-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13:satellite-cli-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13:satellite-common-0:6.13.7-1.el8sat.noarch", ], }, ], ids: [ { system_name: "Red Hat Bugzilla ID", text: "2236882", }, ], notes: [ { category: "description", text: "A memory leak vulnerability was found in Eclipse Mosquitto. This issue is triggered by malicious initial packets or certain client actions and may allow a remote attacker to the deplete system resources causing memory exhaustion, leading to a disruption in services and a denial of service condition.", title: "Vulnerability description", }, { category: "summary", text: "mosquitto: memory leak leads to unresponsive broker", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "8Base-satellite-6.13-capsule:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.13-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.13:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", ], known_not_affected: [ "8Base-satellite-6.13-capsule:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.noarch", "8Base-satellite-6.13-capsule:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.src", "8Base-satellite-6.13-capsule:createrepo_c-0:1.0.2-2.el8pc.src", "8Base-satellite-6.13-capsule:createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:foreman-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-0:3.5.1.24-1.el8sat.src", "8Base-satellite-6.13-capsule:foreman-cli-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-debug-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-ec2-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-installer-1:3.5.2.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-installer-1:3.5.2.7-1.el8sat.src", "8Base-satellite-6.13-capsule:foreman-installer-katello-1:3.5.2.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-journald-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-openstack-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-service-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-vmware-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.13-capsule:python-pulp-rpm-0:3.18.19-2.el8pc.src", "8Base-satellite-6.13-capsule:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.13-capsule:python39-pulp-rpm-0:3.18.19-2.el8pc.noarch", "8Base-satellite-6.13-capsule:satellite-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:satellite-0:6.13.7-1.el8sat.src", "8Base-satellite-6.13-capsule:satellite-capsule-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:satellite-cli-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:satellite-common-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-maintenance:satellite-clone-0:3.5.0-1.el8sat.noarch", "8Base-satellite-6.13-maintenance:satellite-clone-0:3.5.0-1.el8sat.src", "8Base-satellite-6.13-utils:foreman-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-0:3.5.1.24-1.el8sat.src", "8Base-satellite-6.13-utils:foreman-cli-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-debug-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-ec2-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-journald-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-openstack-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-service-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-vmware-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:satellite-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-utils:satellite-0:6.13.7-1.el8sat.src", "8Base-satellite-6.13-utils:satellite-capsule-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-utils:satellite-cli-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-utils:satellite-common-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.noarch", "8Base-satellite-6.13:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.src", "8Base-satellite-6.13:createrepo_c-0:1.0.2-2.el8pc.src", "8Base-satellite-6.13:createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:foreman-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-0:3.5.1.24-1.el8sat.src", "8Base-satellite-6.13:foreman-cli-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-debug-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-ec2-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-installer-1:3.5.2.7-1.el8sat.noarch", "8Base-satellite-6.13:foreman-installer-1:3.5.2.7-1.el8sat.src", "8Base-satellite-6.13:foreman-installer-katello-1:3.5.2.7-1.el8sat.noarch", "8Base-satellite-6.13:foreman-journald-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-openstack-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-service-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-vmware-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.13:python-pulp-rpm-0:3.18.19-2.el8pc.src", "8Base-satellite-6.13:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.13:python39-pulp-rpm-0:3.18.19-2.el8pc.noarch", "8Base-satellite-6.13:rubygem-foreman_bootdisk-0:21.0.5-1.el8sat.noarch", "8Base-satellite-6.13:rubygem-foreman_bootdisk-0:21.0.5-1.el8sat.src", "8Base-satellite-6.13:rubygem-foreman_leapp-0:0.1.13-2.el8sat.noarch", "8Base-satellite-6.13:rubygem-foreman_leapp-0:0.1.13-2.el8sat.src", "8Base-satellite-6.13:rubygem-katello-0:4.7.0.36-1.el8sat.noarch", "8Base-satellite-6.13:rubygem-katello-0:4.7.0.36-1.el8sat.src", "8Base-satellite-6.13:satellite-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13:satellite-0:6.13.7-1.el8sat.src", "8Base-satellite-6.13:satellite-capsule-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13:satellite-cli-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13:satellite-common-0:6.13.7-1.el8sat.noarch", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2023-0809", }, { category: "external", summary: "RHBZ#2236882", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2236882", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2023-0809", url: "https://www.cve.org/CVERecord?id=CVE-2023-0809", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2023-0809", url: "https://nvd.nist.gov/vuln/detail/CVE-2023-0809", }, { category: "external", summary: "https://github.com/eclipse/mosquitto/commit/6113eac95a9df634fbc858be542c4a0456bfe7b9", url: "https://github.com/eclipse/mosquitto/commit/6113eac95a9df634fbc858be542c4a0456bfe7b9", }, ], release_date: "2023-09-01T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-02-29T20:37:45+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor detailed instructions how to apply this update, refer to:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_satellite/6.6/html/upgrading_and_updating_red_hat_satellite/updating_satellite_server_capsule_server_and_content_hosts", product_ids: [ "8Base-satellite-6.13-capsule:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.13-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.13:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:1061", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "8Base-satellite-6.13-capsule:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.noarch", "8Base-satellite-6.13-capsule:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.src", "8Base-satellite-6.13-capsule:createrepo_c-0:1.0.2-2.el8pc.src", "8Base-satellite-6.13-capsule:createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:foreman-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-0:3.5.1.24-1.el8sat.src", "8Base-satellite-6.13-capsule:foreman-cli-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-debug-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-ec2-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-installer-1:3.5.2.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-installer-1:3.5.2.7-1.el8sat.src", "8Base-satellite-6.13-capsule:foreman-installer-katello-1:3.5.2.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-journald-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-openstack-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-service-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-vmware-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.13-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13-capsule:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.13-capsule:python-pulp-rpm-0:3.18.19-2.el8pc.src", "8Base-satellite-6.13-capsule:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.13-capsule:python39-pulp-rpm-0:3.18.19-2.el8pc.noarch", "8Base-satellite-6.13-capsule:satellite-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:satellite-0:6.13.7-1.el8sat.src", "8Base-satellite-6.13-capsule:satellite-capsule-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:satellite-cli-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:satellite-common-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-maintenance:satellite-clone-0:3.5.0-1.el8sat.noarch", "8Base-satellite-6.13-maintenance:satellite-clone-0:3.5.0-1.el8sat.src", "8Base-satellite-6.13-utils:foreman-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-0:3.5.1.24-1.el8sat.src", "8Base-satellite-6.13-utils:foreman-cli-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-debug-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-ec2-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-journald-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-openstack-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-service-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-vmware-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:satellite-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-utils:satellite-0:6.13.7-1.el8sat.src", "8Base-satellite-6.13-utils:satellite-capsule-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-utils:satellite-cli-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-utils:satellite-common-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.noarch", "8Base-satellite-6.13:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.src", "8Base-satellite-6.13:createrepo_c-0:1.0.2-2.el8pc.src", "8Base-satellite-6.13:createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:foreman-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-0:3.5.1.24-1.el8sat.src", "8Base-satellite-6.13:foreman-cli-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-debug-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-ec2-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-installer-1:3.5.2.7-1.el8sat.noarch", "8Base-satellite-6.13:foreman-installer-1:3.5.2.7-1.el8sat.src", "8Base-satellite-6.13:foreman-installer-katello-1:3.5.2.7-1.el8sat.noarch", "8Base-satellite-6.13:foreman-journald-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-openstack-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-service-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-vmware-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.13:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.13:python-pulp-rpm-0:3.18.19-2.el8pc.src", "8Base-satellite-6.13:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.13:python39-pulp-rpm-0:3.18.19-2.el8pc.noarch", "8Base-satellite-6.13:rubygem-foreman_bootdisk-0:21.0.5-1.el8sat.noarch", "8Base-satellite-6.13:rubygem-foreman_bootdisk-0:21.0.5-1.el8sat.src", "8Base-satellite-6.13:rubygem-foreman_leapp-0:0.1.13-2.el8sat.noarch", "8Base-satellite-6.13:rubygem-foreman_leapp-0:0.1.13-2.el8sat.src", "8Base-satellite-6.13:rubygem-katello-0:4.7.0.36-1.el8sat.noarch", "8Base-satellite-6.13:rubygem-katello-0:4.7.0.36-1.el8sat.src", "8Base-satellite-6.13:satellite-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13:satellite-0:6.13.7-1.el8sat.src", "8Base-satellite-6.13:satellite-capsule-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13:satellite-cli-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13:satellite-common-0:6.13.7-1.el8sat.noarch", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "mosquitto: memory leak leads to unresponsive broker", }, { cve: "CVE-2023-3592", cwe: { id: "CWE-401", name: "Missing Release of Memory after Effective Lifetime", }, discovery_date: "2023-09-01T00:00:00+00:00", flags: [ { label: "vulnerable_code_not_present", product_ids: [ "8Base-satellite-6.13-capsule:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.noarch", "8Base-satellite-6.13-capsule:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.src", "8Base-satellite-6.13-capsule:createrepo_c-0:1.0.2-2.el8pc.src", "8Base-satellite-6.13-capsule:createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:foreman-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-0:3.5.1.24-1.el8sat.src", "8Base-satellite-6.13-capsule:foreman-cli-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-debug-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-ec2-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-installer-1:3.5.2.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-installer-1:3.5.2.7-1.el8sat.src", "8Base-satellite-6.13-capsule:foreman-installer-katello-1:3.5.2.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-journald-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-openstack-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-service-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-vmware-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.13-capsule:python-pulp-rpm-0:3.18.19-2.el8pc.src", "8Base-satellite-6.13-capsule:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.13-capsule:python39-pulp-rpm-0:3.18.19-2.el8pc.noarch", "8Base-satellite-6.13-capsule:satellite-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:satellite-0:6.13.7-1.el8sat.src", "8Base-satellite-6.13-capsule:satellite-capsule-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:satellite-cli-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:satellite-common-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-maintenance:satellite-clone-0:3.5.0-1.el8sat.noarch", "8Base-satellite-6.13-maintenance:satellite-clone-0:3.5.0-1.el8sat.src", "8Base-satellite-6.13-utils:foreman-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-0:3.5.1.24-1.el8sat.src", "8Base-satellite-6.13-utils:foreman-cli-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-debug-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-ec2-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-journald-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-openstack-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-service-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-vmware-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:satellite-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-utils:satellite-0:6.13.7-1.el8sat.src", "8Base-satellite-6.13-utils:satellite-capsule-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-utils:satellite-cli-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-utils:satellite-common-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.noarch", "8Base-satellite-6.13:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.src", "8Base-satellite-6.13:createrepo_c-0:1.0.2-2.el8pc.src", "8Base-satellite-6.13:createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:foreman-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-0:3.5.1.24-1.el8sat.src", "8Base-satellite-6.13:foreman-cli-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-debug-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-ec2-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-installer-1:3.5.2.7-1.el8sat.noarch", "8Base-satellite-6.13:foreman-installer-1:3.5.2.7-1.el8sat.src", "8Base-satellite-6.13:foreman-installer-katello-1:3.5.2.7-1.el8sat.noarch", "8Base-satellite-6.13:foreman-journald-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-openstack-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-service-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-vmware-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.13:python-pulp-rpm-0:3.18.19-2.el8pc.src", "8Base-satellite-6.13:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.13:python39-pulp-rpm-0:3.18.19-2.el8pc.noarch", "8Base-satellite-6.13:rubygem-foreman_bootdisk-0:21.0.5-1.el8sat.noarch", "8Base-satellite-6.13:rubygem-foreman_bootdisk-0:21.0.5-1.el8sat.src", "8Base-satellite-6.13:rubygem-foreman_leapp-0:0.1.13-2.el8sat.noarch", "8Base-satellite-6.13:rubygem-foreman_leapp-0:0.1.13-2.el8sat.src", "8Base-satellite-6.13:rubygem-katello-0:4.7.0.36-1.el8sat.noarch", "8Base-satellite-6.13:rubygem-katello-0:4.7.0.36-1.el8sat.src", "8Base-satellite-6.13:satellite-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13:satellite-0:6.13.7-1.el8sat.src", "8Base-satellite-6.13:satellite-capsule-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13:satellite-cli-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13:satellite-common-0:6.13.7-1.el8sat.noarch", ], }, ], ids: [ { system_name: "Red Hat Bugzilla ID", text: "2236882", }, ], notes: [ { category: "description", text: "A memory leak vulnerability was found in Eclipse Mosquitto. This issue is triggered by malicious initial packets or certain client actions and may allow a remote attacker to the deplete system resources causing memory exhaustion, leading to a disruption in services and a denial of service condition.", title: "Vulnerability description", }, { category: "summary", text: "mosquitto: memory leak leads to unresponsive broker", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "8Base-satellite-6.13-capsule:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.13-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.13:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", ], known_not_affected: [ "8Base-satellite-6.13-capsule:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.noarch", "8Base-satellite-6.13-capsule:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.src", "8Base-satellite-6.13-capsule:createrepo_c-0:1.0.2-2.el8pc.src", "8Base-satellite-6.13-capsule:createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:foreman-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-0:3.5.1.24-1.el8sat.src", "8Base-satellite-6.13-capsule:foreman-cli-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-debug-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-ec2-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-installer-1:3.5.2.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-installer-1:3.5.2.7-1.el8sat.src", "8Base-satellite-6.13-capsule:foreman-installer-katello-1:3.5.2.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-journald-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-openstack-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-service-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-vmware-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.13-capsule:python-pulp-rpm-0:3.18.19-2.el8pc.src", "8Base-satellite-6.13-capsule:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.13-capsule:python39-pulp-rpm-0:3.18.19-2.el8pc.noarch", "8Base-satellite-6.13-capsule:satellite-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:satellite-0:6.13.7-1.el8sat.src", "8Base-satellite-6.13-capsule:satellite-capsule-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:satellite-cli-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:satellite-common-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-maintenance:satellite-clone-0:3.5.0-1.el8sat.noarch", "8Base-satellite-6.13-maintenance:satellite-clone-0:3.5.0-1.el8sat.src", "8Base-satellite-6.13-utils:foreman-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-0:3.5.1.24-1.el8sat.src", "8Base-satellite-6.13-utils:foreman-cli-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-debug-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-ec2-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-journald-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-openstack-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-service-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-vmware-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:satellite-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-utils:satellite-0:6.13.7-1.el8sat.src", "8Base-satellite-6.13-utils:satellite-capsule-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-utils:satellite-cli-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-utils:satellite-common-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.noarch", "8Base-satellite-6.13:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.src", "8Base-satellite-6.13:createrepo_c-0:1.0.2-2.el8pc.src", "8Base-satellite-6.13:createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:foreman-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-0:3.5.1.24-1.el8sat.src", "8Base-satellite-6.13:foreman-cli-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-debug-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-ec2-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-installer-1:3.5.2.7-1.el8sat.noarch", "8Base-satellite-6.13:foreman-installer-1:3.5.2.7-1.el8sat.src", "8Base-satellite-6.13:foreman-installer-katello-1:3.5.2.7-1.el8sat.noarch", "8Base-satellite-6.13:foreman-journald-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-openstack-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-service-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-vmware-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.13:python-pulp-rpm-0:3.18.19-2.el8pc.src", "8Base-satellite-6.13:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.13:python39-pulp-rpm-0:3.18.19-2.el8pc.noarch", "8Base-satellite-6.13:rubygem-foreman_bootdisk-0:21.0.5-1.el8sat.noarch", "8Base-satellite-6.13:rubygem-foreman_bootdisk-0:21.0.5-1.el8sat.src", "8Base-satellite-6.13:rubygem-foreman_leapp-0:0.1.13-2.el8sat.noarch", "8Base-satellite-6.13:rubygem-foreman_leapp-0:0.1.13-2.el8sat.src", "8Base-satellite-6.13:rubygem-katello-0:4.7.0.36-1.el8sat.noarch", "8Base-satellite-6.13:rubygem-katello-0:4.7.0.36-1.el8sat.src", "8Base-satellite-6.13:satellite-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13:satellite-0:6.13.7-1.el8sat.src", "8Base-satellite-6.13:satellite-capsule-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13:satellite-cli-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13:satellite-common-0:6.13.7-1.el8sat.noarch", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2023-3592", }, { category: "external", summary: "RHBZ#2236882", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2236882", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2023-3592", url: "https://www.cve.org/CVERecord?id=CVE-2023-3592", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2023-3592", url: "https://nvd.nist.gov/vuln/detail/CVE-2023-3592", }, { category: "external", summary: "https://github.com/eclipse/mosquitto/commit/6113eac95a9df634fbc858be542c4a0456bfe7b9", url: "https://github.com/eclipse/mosquitto/commit/6113eac95a9df634fbc858be542c4a0456bfe7b9", }, ], release_date: "2023-09-01T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-02-29T20:37:45+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor detailed instructions how to apply this update, refer to:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_satellite/6.6/html/upgrading_and_updating_red_hat_satellite/updating_satellite_server_capsule_server_and_content_hosts", product_ids: [ "8Base-satellite-6.13-capsule:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.13-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.13:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:1061", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "8Base-satellite-6.13-capsule:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.noarch", "8Base-satellite-6.13-capsule:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.src", "8Base-satellite-6.13-capsule:createrepo_c-0:1.0.2-2.el8pc.src", "8Base-satellite-6.13-capsule:createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:foreman-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-0:3.5.1.24-1.el8sat.src", "8Base-satellite-6.13-capsule:foreman-cli-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-debug-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-ec2-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-installer-1:3.5.2.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-installer-1:3.5.2.7-1.el8sat.src", "8Base-satellite-6.13-capsule:foreman-installer-katello-1:3.5.2.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-journald-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-openstack-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-service-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-vmware-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.13-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13-capsule:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.13-capsule:python-pulp-rpm-0:3.18.19-2.el8pc.src", "8Base-satellite-6.13-capsule:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.13-capsule:python39-pulp-rpm-0:3.18.19-2.el8pc.noarch", "8Base-satellite-6.13-capsule:satellite-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:satellite-0:6.13.7-1.el8sat.src", "8Base-satellite-6.13-capsule:satellite-capsule-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:satellite-cli-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:satellite-common-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-maintenance:satellite-clone-0:3.5.0-1.el8sat.noarch", "8Base-satellite-6.13-maintenance:satellite-clone-0:3.5.0-1.el8sat.src", "8Base-satellite-6.13-utils:foreman-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-0:3.5.1.24-1.el8sat.src", "8Base-satellite-6.13-utils:foreman-cli-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-debug-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-ec2-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-journald-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-openstack-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-service-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-vmware-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:satellite-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-utils:satellite-0:6.13.7-1.el8sat.src", "8Base-satellite-6.13-utils:satellite-capsule-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-utils:satellite-cli-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-utils:satellite-common-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.noarch", "8Base-satellite-6.13:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.src", "8Base-satellite-6.13:createrepo_c-0:1.0.2-2.el8pc.src", "8Base-satellite-6.13:createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:foreman-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-0:3.5.1.24-1.el8sat.src", "8Base-satellite-6.13:foreman-cli-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-debug-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-ec2-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-installer-1:3.5.2.7-1.el8sat.noarch", "8Base-satellite-6.13:foreman-installer-1:3.5.2.7-1.el8sat.src", "8Base-satellite-6.13:foreman-installer-katello-1:3.5.2.7-1.el8sat.noarch", "8Base-satellite-6.13:foreman-journald-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-openstack-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-service-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-vmware-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.13:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.13:python-pulp-rpm-0:3.18.19-2.el8pc.src", "8Base-satellite-6.13:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.13:python39-pulp-rpm-0:3.18.19-2.el8pc.noarch", "8Base-satellite-6.13:rubygem-foreman_bootdisk-0:21.0.5-1.el8sat.noarch", "8Base-satellite-6.13:rubygem-foreman_bootdisk-0:21.0.5-1.el8sat.src", "8Base-satellite-6.13:rubygem-foreman_leapp-0:0.1.13-2.el8sat.noarch", "8Base-satellite-6.13:rubygem-foreman_leapp-0:0.1.13-2.el8sat.src", "8Base-satellite-6.13:rubygem-katello-0:4.7.0.36-1.el8sat.noarch", "8Base-satellite-6.13:rubygem-katello-0:4.7.0.36-1.el8sat.src", "8Base-satellite-6.13:satellite-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13:satellite-0:6.13.7-1.el8sat.src", "8Base-satellite-6.13:satellite-capsule-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13:satellite-cli-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13:satellite-common-0:6.13.7-1.el8sat.noarch", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "mosquitto: memory leak leads to unresponsive broker", }, { cve: "CVE-2023-4886", cwe: { id: "CWE-200", name: "Exposure of Sensitive Information to an Unauthorized Actor", }, discovery_date: "2023-08-08T00:00:00+00:00", flags: [ { label: "vulnerable_code_not_present", product_ids: [ "8Base-satellite-6.13-capsule:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.noarch", "8Base-satellite-6.13-capsule:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.src", "8Base-satellite-6.13-capsule:createrepo_c-0:1.0.2-2.el8pc.src", "8Base-satellite-6.13-capsule:createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:foreman-installer-1:3.5.2.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-installer-1:3.5.2.7-1.el8sat.src", "8Base-satellite-6.13-capsule:foreman-installer-katello-1:3.5.2.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.13-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13-capsule:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.13-capsule:python-pulp-rpm-0:3.18.19-2.el8pc.src", "8Base-satellite-6.13-capsule:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.13-capsule:python39-pulp-rpm-0:3.18.19-2.el8pc.noarch", "8Base-satellite-6.13-capsule:satellite-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:satellite-0:6.13.7-1.el8sat.src", "8Base-satellite-6.13-capsule:satellite-capsule-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:satellite-cli-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:satellite-common-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-maintenance:satellite-clone-0:3.5.0-1.el8sat.noarch", "8Base-satellite-6.13-maintenance:satellite-clone-0:3.5.0-1.el8sat.src", "8Base-satellite-6.13-utils:satellite-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-utils:satellite-0:6.13.7-1.el8sat.src", "8Base-satellite-6.13-utils:satellite-capsule-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-utils:satellite-cli-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-utils:satellite-common-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.noarch", "8Base-satellite-6.13:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.src", "8Base-satellite-6.13:createrepo_c-0:1.0.2-2.el8pc.src", "8Base-satellite-6.13:createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:foreman-installer-1:3.5.2.7-1.el8sat.noarch", "8Base-satellite-6.13:foreman-installer-1:3.5.2.7-1.el8sat.src", "8Base-satellite-6.13:foreman-installer-katello-1:3.5.2.7-1.el8sat.noarch", "8Base-satellite-6.13:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.13:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.13:python-pulp-rpm-0:3.18.19-2.el8pc.src", "8Base-satellite-6.13:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.13:python39-pulp-rpm-0:3.18.19-2.el8pc.noarch", "8Base-satellite-6.13:rubygem-foreman_bootdisk-0:21.0.5-1.el8sat.noarch", "8Base-satellite-6.13:rubygem-foreman_bootdisk-0:21.0.5-1.el8sat.src", "8Base-satellite-6.13:rubygem-foreman_leapp-0:0.1.13-2.el8sat.noarch", "8Base-satellite-6.13:rubygem-foreman_leapp-0:0.1.13-2.el8sat.src", "8Base-satellite-6.13:rubygem-katello-0:4.7.0.36-1.el8sat.noarch", "8Base-satellite-6.13:rubygem-katello-0:4.7.0.36-1.el8sat.src", "8Base-satellite-6.13:satellite-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13:satellite-0:6.13.7-1.el8sat.src", "8Base-satellite-6.13:satellite-capsule-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13:satellite-cli-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13:satellite-common-0:6.13.7-1.el8sat.noarch", ], }, ], ids: [ { system_name: "Red Hat Bugzilla ID", text: "2230135", }, ], notes: [ { category: "description", text: "A sensitive information exposure vulnerability was found in foreman. Contents of tomcat's server.xml file, which contain passwords to candlepin's keystore and truststore, were found to be world readable.", title: "Vulnerability description", }, { category: "summary", text: "foreman: World readable file containing secrets", title: "Vulnerability summary", }, { category: "other", text: "This flaw has a limited impact on security, as candlepin's individual stores' privileges are limited to root and tomcat only. Therefore, the impact is limited to highly privileged users.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "8Base-satellite-6.13-capsule:foreman-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-0:3.5.1.24-1.el8sat.src", "8Base-satellite-6.13-capsule:foreman-cli-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-debug-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-ec2-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-journald-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-openstack-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-service-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-vmware-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-0:3.5.1.24-1.el8sat.src", "8Base-satellite-6.13-utils:foreman-cli-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-debug-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-ec2-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-journald-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-openstack-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-service-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-vmware-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-0:3.5.1.24-1.el8sat.src", "8Base-satellite-6.13:foreman-cli-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-debug-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-ec2-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-journald-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-openstack-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-service-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-vmware-0:3.5.1.24-1.el8sat.noarch", ], known_not_affected: [ "8Base-satellite-6.13-capsule:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.noarch", "8Base-satellite-6.13-capsule:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.src", "8Base-satellite-6.13-capsule:createrepo_c-0:1.0.2-2.el8pc.src", "8Base-satellite-6.13-capsule:createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:foreman-installer-1:3.5.2.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-installer-1:3.5.2.7-1.el8sat.src", "8Base-satellite-6.13-capsule:foreman-installer-katello-1:3.5.2.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.13-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13-capsule:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.13-capsule:python-pulp-rpm-0:3.18.19-2.el8pc.src", "8Base-satellite-6.13-capsule:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.13-capsule:python39-pulp-rpm-0:3.18.19-2.el8pc.noarch", "8Base-satellite-6.13-capsule:satellite-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:satellite-0:6.13.7-1.el8sat.src", "8Base-satellite-6.13-capsule:satellite-capsule-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:satellite-cli-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:satellite-common-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-maintenance:satellite-clone-0:3.5.0-1.el8sat.noarch", "8Base-satellite-6.13-maintenance:satellite-clone-0:3.5.0-1.el8sat.src", "8Base-satellite-6.13-utils:satellite-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-utils:satellite-0:6.13.7-1.el8sat.src", "8Base-satellite-6.13-utils:satellite-capsule-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-utils:satellite-cli-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-utils:satellite-common-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.noarch", "8Base-satellite-6.13:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.src", "8Base-satellite-6.13:createrepo_c-0:1.0.2-2.el8pc.src", "8Base-satellite-6.13:createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:foreman-installer-1:3.5.2.7-1.el8sat.noarch", "8Base-satellite-6.13:foreman-installer-1:3.5.2.7-1.el8sat.src", "8Base-satellite-6.13:foreman-installer-katello-1:3.5.2.7-1.el8sat.noarch", "8Base-satellite-6.13:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.13:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.13:python-pulp-rpm-0:3.18.19-2.el8pc.src", "8Base-satellite-6.13:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.13:python39-pulp-rpm-0:3.18.19-2.el8pc.noarch", "8Base-satellite-6.13:rubygem-foreman_bootdisk-0:21.0.5-1.el8sat.noarch", "8Base-satellite-6.13:rubygem-foreman_bootdisk-0:21.0.5-1.el8sat.src", "8Base-satellite-6.13:rubygem-foreman_leapp-0:0.1.13-2.el8sat.noarch", "8Base-satellite-6.13:rubygem-foreman_leapp-0:0.1.13-2.el8sat.src", "8Base-satellite-6.13:rubygem-katello-0:4.7.0.36-1.el8sat.noarch", "8Base-satellite-6.13:rubygem-katello-0:4.7.0.36-1.el8sat.src", "8Base-satellite-6.13:satellite-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13:satellite-0:6.13.7-1.el8sat.src", "8Base-satellite-6.13:satellite-capsule-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13:satellite-cli-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13:satellite-common-0:6.13.7-1.el8sat.noarch", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2023-4886", }, { category: "external", summary: "RHBZ#2230135", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2230135", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2023-4886", url: "https://www.cve.org/CVERecord?id=CVE-2023-4886", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2023-4886", url: "https://nvd.nist.gov/vuln/detail/CVE-2023-4886", }, ], release_date: "2023-10-03T14:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-02-29T20:37:45+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor detailed instructions how to apply this update, refer to:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_satellite/6.6/html/upgrading_and_updating_red_hat_satellite/updating_satellite_server_capsule_server_and_content_hosts", product_ids: [ "8Base-satellite-6.13-capsule:foreman-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-0:3.5.1.24-1.el8sat.src", "8Base-satellite-6.13-capsule:foreman-cli-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-debug-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-ec2-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-journald-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-openstack-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-service-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-vmware-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-0:3.5.1.24-1.el8sat.src", "8Base-satellite-6.13-utils:foreman-cli-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-debug-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-ec2-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-journald-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-openstack-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-service-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-vmware-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-0:3.5.1.24-1.el8sat.src", "8Base-satellite-6.13:foreman-cli-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-debug-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-ec2-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-journald-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-openstack-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-service-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-vmware-0:3.5.1.24-1.el8sat.noarch", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:1061", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 6.7, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "8Base-satellite-6.13-capsule:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.noarch", "8Base-satellite-6.13-capsule:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.src", "8Base-satellite-6.13-capsule:createrepo_c-0:1.0.2-2.el8pc.src", "8Base-satellite-6.13-capsule:createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:foreman-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-0:3.5.1.24-1.el8sat.src", "8Base-satellite-6.13-capsule:foreman-cli-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-debug-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-ec2-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-installer-1:3.5.2.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-installer-1:3.5.2.7-1.el8sat.src", "8Base-satellite-6.13-capsule:foreman-installer-katello-1:3.5.2.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-journald-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-openstack-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-service-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-vmware-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.13-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13-capsule:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.13-capsule:python-pulp-rpm-0:3.18.19-2.el8pc.src", "8Base-satellite-6.13-capsule:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.13-capsule:python39-pulp-rpm-0:3.18.19-2.el8pc.noarch", "8Base-satellite-6.13-capsule:satellite-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:satellite-0:6.13.7-1.el8sat.src", "8Base-satellite-6.13-capsule:satellite-capsule-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:satellite-cli-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:satellite-common-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-maintenance:satellite-clone-0:3.5.0-1.el8sat.noarch", "8Base-satellite-6.13-maintenance:satellite-clone-0:3.5.0-1.el8sat.src", "8Base-satellite-6.13-utils:foreman-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-0:3.5.1.24-1.el8sat.src", "8Base-satellite-6.13-utils:foreman-cli-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-debug-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-ec2-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-journald-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-openstack-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-service-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-vmware-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:satellite-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-utils:satellite-0:6.13.7-1.el8sat.src", "8Base-satellite-6.13-utils:satellite-capsule-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-utils:satellite-cli-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-utils:satellite-common-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.noarch", "8Base-satellite-6.13:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.src", "8Base-satellite-6.13:createrepo_c-0:1.0.2-2.el8pc.src", "8Base-satellite-6.13:createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:foreman-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-0:3.5.1.24-1.el8sat.src", "8Base-satellite-6.13:foreman-cli-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-debug-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-ec2-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-installer-1:3.5.2.7-1.el8sat.noarch", "8Base-satellite-6.13:foreman-installer-1:3.5.2.7-1.el8sat.src", "8Base-satellite-6.13:foreman-installer-katello-1:3.5.2.7-1.el8sat.noarch", "8Base-satellite-6.13:foreman-journald-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-openstack-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-service-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-vmware-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.13:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.13:python-pulp-rpm-0:3.18.19-2.el8pc.src", "8Base-satellite-6.13:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.13:python39-pulp-rpm-0:3.18.19-2.el8pc.noarch", "8Base-satellite-6.13:rubygem-foreman_bootdisk-0:21.0.5-1.el8sat.noarch", "8Base-satellite-6.13:rubygem-foreman_bootdisk-0:21.0.5-1.el8sat.src", "8Base-satellite-6.13:rubygem-foreman_leapp-0:0.1.13-2.el8sat.noarch", "8Base-satellite-6.13:rubygem-foreman_leapp-0:0.1.13-2.el8sat.src", "8Base-satellite-6.13:rubygem-katello-0:4.7.0.36-1.el8sat.noarch", "8Base-satellite-6.13:rubygem-katello-0:4.7.0.36-1.el8sat.src", "8Base-satellite-6.13:satellite-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13:satellite-0:6.13.7-1.el8sat.src", "8Base-satellite-6.13:satellite-capsule-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13:satellite-cli-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13:satellite-common-0:6.13.7-1.el8sat.noarch", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "foreman: World readable file containing secrets", }, { cve: "CVE-2023-28366", cwe: { id: "CWE-401", name: "Missing Release of Memory after Effective Lifetime", }, discovery_date: "2023-09-01T00:00:00+00:00", flags: [ { label: "vulnerable_code_not_present", product_ids: [ "8Base-satellite-6.13-capsule:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.noarch", "8Base-satellite-6.13-capsule:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.src", "8Base-satellite-6.13-capsule:createrepo_c-0:1.0.2-2.el8pc.src", "8Base-satellite-6.13-capsule:createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:foreman-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-0:3.5.1.24-1.el8sat.src", "8Base-satellite-6.13-capsule:foreman-cli-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-debug-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-ec2-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-installer-1:3.5.2.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-installer-1:3.5.2.7-1.el8sat.src", "8Base-satellite-6.13-capsule:foreman-installer-katello-1:3.5.2.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-journald-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-openstack-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-service-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-vmware-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.13-capsule:python-pulp-rpm-0:3.18.19-2.el8pc.src", "8Base-satellite-6.13-capsule:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.13-capsule:python39-pulp-rpm-0:3.18.19-2.el8pc.noarch", "8Base-satellite-6.13-capsule:satellite-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:satellite-0:6.13.7-1.el8sat.src", "8Base-satellite-6.13-capsule:satellite-capsule-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:satellite-cli-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:satellite-common-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-maintenance:satellite-clone-0:3.5.0-1.el8sat.noarch", "8Base-satellite-6.13-maintenance:satellite-clone-0:3.5.0-1.el8sat.src", "8Base-satellite-6.13-utils:foreman-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-0:3.5.1.24-1.el8sat.src", "8Base-satellite-6.13-utils:foreman-cli-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-debug-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-ec2-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-journald-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-openstack-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-service-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-vmware-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:satellite-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-utils:satellite-0:6.13.7-1.el8sat.src", "8Base-satellite-6.13-utils:satellite-capsule-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-utils:satellite-cli-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-utils:satellite-common-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.noarch", "8Base-satellite-6.13:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.src", "8Base-satellite-6.13:createrepo_c-0:1.0.2-2.el8pc.src", "8Base-satellite-6.13:createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:foreman-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-0:3.5.1.24-1.el8sat.src", "8Base-satellite-6.13:foreman-cli-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-debug-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-ec2-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-installer-1:3.5.2.7-1.el8sat.noarch", "8Base-satellite-6.13:foreman-installer-1:3.5.2.7-1.el8sat.src", "8Base-satellite-6.13:foreman-installer-katello-1:3.5.2.7-1.el8sat.noarch", "8Base-satellite-6.13:foreman-journald-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-openstack-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-service-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-vmware-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.13:python-pulp-rpm-0:3.18.19-2.el8pc.src", "8Base-satellite-6.13:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.13:python39-pulp-rpm-0:3.18.19-2.el8pc.noarch", "8Base-satellite-6.13:rubygem-foreman_bootdisk-0:21.0.5-1.el8sat.noarch", "8Base-satellite-6.13:rubygem-foreman_bootdisk-0:21.0.5-1.el8sat.src", "8Base-satellite-6.13:rubygem-foreman_leapp-0:0.1.13-2.el8sat.noarch", "8Base-satellite-6.13:rubygem-foreman_leapp-0:0.1.13-2.el8sat.src", "8Base-satellite-6.13:rubygem-katello-0:4.7.0.36-1.el8sat.noarch", "8Base-satellite-6.13:rubygem-katello-0:4.7.0.36-1.el8sat.src", "8Base-satellite-6.13:satellite-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13:satellite-0:6.13.7-1.el8sat.src", "8Base-satellite-6.13:satellite-capsule-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13:satellite-cli-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13:satellite-common-0:6.13.7-1.el8sat.noarch", ], }, ], ids: [ { system_name: "Red Hat Bugzilla ID", text: "2236882", }, ], notes: [ { category: "description", text: "A memory leak vulnerability was found in Eclipse Mosquitto. This issue is triggered by malicious initial packets or certain client actions and may allow a remote attacker to the deplete system resources causing memory exhaustion, leading to a disruption in services and a denial of service condition.", title: "Vulnerability description", }, { category: "summary", text: "mosquitto: memory leak leads to unresponsive broker", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "8Base-satellite-6.13-capsule:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.13-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.13:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", ], known_not_affected: [ "8Base-satellite-6.13-capsule:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.noarch", "8Base-satellite-6.13-capsule:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.src", "8Base-satellite-6.13-capsule:createrepo_c-0:1.0.2-2.el8pc.src", "8Base-satellite-6.13-capsule:createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:foreman-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-0:3.5.1.24-1.el8sat.src", "8Base-satellite-6.13-capsule:foreman-cli-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-debug-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-ec2-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-installer-1:3.5.2.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-installer-1:3.5.2.7-1.el8sat.src", "8Base-satellite-6.13-capsule:foreman-installer-katello-1:3.5.2.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-journald-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-openstack-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-service-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-vmware-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.13-capsule:python-pulp-rpm-0:3.18.19-2.el8pc.src", "8Base-satellite-6.13-capsule:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.13-capsule:python39-pulp-rpm-0:3.18.19-2.el8pc.noarch", "8Base-satellite-6.13-capsule:satellite-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:satellite-0:6.13.7-1.el8sat.src", "8Base-satellite-6.13-capsule:satellite-capsule-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:satellite-cli-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:satellite-common-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-maintenance:satellite-clone-0:3.5.0-1.el8sat.noarch", "8Base-satellite-6.13-maintenance:satellite-clone-0:3.5.0-1.el8sat.src", "8Base-satellite-6.13-utils:foreman-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-0:3.5.1.24-1.el8sat.src", "8Base-satellite-6.13-utils:foreman-cli-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-debug-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-ec2-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-journald-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-openstack-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-service-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-vmware-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:satellite-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-utils:satellite-0:6.13.7-1.el8sat.src", "8Base-satellite-6.13-utils:satellite-capsule-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-utils:satellite-cli-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-utils:satellite-common-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.noarch", "8Base-satellite-6.13:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.src", "8Base-satellite-6.13:createrepo_c-0:1.0.2-2.el8pc.src", "8Base-satellite-6.13:createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:foreman-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-0:3.5.1.24-1.el8sat.src", "8Base-satellite-6.13:foreman-cli-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-debug-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-ec2-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-installer-1:3.5.2.7-1.el8sat.noarch", "8Base-satellite-6.13:foreman-installer-1:3.5.2.7-1.el8sat.src", "8Base-satellite-6.13:foreman-installer-katello-1:3.5.2.7-1.el8sat.noarch", "8Base-satellite-6.13:foreman-journald-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-openstack-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-service-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-vmware-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.13:python-pulp-rpm-0:3.18.19-2.el8pc.src", "8Base-satellite-6.13:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.13:python39-pulp-rpm-0:3.18.19-2.el8pc.noarch", "8Base-satellite-6.13:rubygem-foreman_bootdisk-0:21.0.5-1.el8sat.noarch", "8Base-satellite-6.13:rubygem-foreman_bootdisk-0:21.0.5-1.el8sat.src", "8Base-satellite-6.13:rubygem-foreman_leapp-0:0.1.13-2.el8sat.noarch", "8Base-satellite-6.13:rubygem-foreman_leapp-0:0.1.13-2.el8sat.src", "8Base-satellite-6.13:rubygem-katello-0:4.7.0.36-1.el8sat.noarch", "8Base-satellite-6.13:rubygem-katello-0:4.7.0.36-1.el8sat.src", "8Base-satellite-6.13:satellite-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13:satellite-0:6.13.7-1.el8sat.src", "8Base-satellite-6.13:satellite-capsule-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13:satellite-cli-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13:satellite-common-0:6.13.7-1.el8sat.noarch", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2023-28366", }, { category: "external", summary: "RHBZ#2236882", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2236882", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2023-28366", url: "https://www.cve.org/CVERecord?id=CVE-2023-28366", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2023-28366", url: "https://nvd.nist.gov/vuln/detail/CVE-2023-28366", }, { category: "external", summary: "https://github.com/eclipse/mosquitto/commit/6113eac95a9df634fbc858be542c4a0456bfe7b9", url: "https://github.com/eclipse/mosquitto/commit/6113eac95a9df634fbc858be542c4a0456bfe7b9", }, ], release_date: "2023-09-01T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-02-29T20:37:45+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor detailed instructions how to apply this update, refer to:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_satellite/6.6/html/upgrading_and_updating_red_hat_satellite/updating_satellite_server_capsule_server_and_content_hosts", product_ids: [ "8Base-satellite-6.13-capsule:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.13-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.13:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:1061", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "8Base-satellite-6.13-capsule:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.noarch", "8Base-satellite-6.13-capsule:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.src", "8Base-satellite-6.13-capsule:createrepo_c-0:1.0.2-2.el8pc.src", "8Base-satellite-6.13-capsule:createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:foreman-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-0:3.5.1.24-1.el8sat.src", "8Base-satellite-6.13-capsule:foreman-cli-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-debug-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-ec2-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-installer-1:3.5.2.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-installer-1:3.5.2.7-1.el8sat.src", "8Base-satellite-6.13-capsule:foreman-installer-katello-1:3.5.2.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-journald-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-openstack-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-service-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-vmware-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.13-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13-capsule:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.13-capsule:python-pulp-rpm-0:3.18.19-2.el8pc.src", "8Base-satellite-6.13-capsule:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.13-capsule:python39-pulp-rpm-0:3.18.19-2.el8pc.noarch", "8Base-satellite-6.13-capsule:satellite-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:satellite-0:6.13.7-1.el8sat.src", "8Base-satellite-6.13-capsule:satellite-capsule-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:satellite-cli-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:satellite-common-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-maintenance:satellite-clone-0:3.5.0-1.el8sat.noarch", "8Base-satellite-6.13-maintenance:satellite-clone-0:3.5.0-1.el8sat.src", "8Base-satellite-6.13-utils:foreman-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-0:3.5.1.24-1.el8sat.src", "8Base-satellite-6.13-utils:foreman-cli-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-debug-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-ec2-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-journald-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-openstack-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-service-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-vmware-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:satellite-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-utils:satellite-0:6.13.7-1.el8sat.src", "8Base-satellite-6.13-utils:satellite-capsule-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-utils:satellite-cli-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-utils:satellite-common-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.noarch", "8Base-satellite-6.13:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.src", "8Base-satellite-6.13:createrepo_c-0:1.0.2-2.el8pc.src", "8Base-satellite-6.13:createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:foreman-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-0:3.5.1.24-1.el8sat.src", "8Base-satellite-6.13:foreman-cli-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-debug-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-ec2-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-installer-1:3.5.2.7-1.el8sat.noarch", "8Base-satellite-6.13:foreman-installer-1:3.5.2.7-1.el8sat.src", "8Base-satellite-6.13:foreman-installer-katello-1:3.5.2.7-1.el8sat.noarch", "8Base-satellite-6.13:foreman-journald-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-openstack-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-service-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-vmware-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.13:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.13:python-pulp-rpm-0:3.18.19-2.el8pc.src", "8Base-satellite-6.13:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.13:python39-pulp-rpm-0:3.18.19-2.el8pc.noarch", "8Base-satellite-6.13:rubygem-foreman_bootdisk-0:21.0.5-1.el8sat.noarch", "8Base-satellite-6.13:rubygem-foreman_bootdisk-0:21.0.5-1.el8sat.src", "8Base-satellite-6.13:rubygem-foreman_leapp-0:0.1.13-2.el8sat.noarch", "8Base-satellite-6.13:rubygem-foreman_leapp-0:0.1.13-2.el8sat.src", "8Base-satellite-6.13:rubygem-katello-0:4.7.0.36-1.el8sat.noarch", "8Base-satellite-6.13:rubygem-katello-0:4.7.0.36-1.el8sat.src", "8Base-satellite-6.13:satellite-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13:satellite-0:6.13.7-1.el8sat.src", "8Base-satellite-6.13:satellite-capsule-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13:satellite-cli-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13:satellite-common-0:6.13.7-1.el8sat.noarch", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "mosquitto: memory leak leads to unresponsive broker", }, ], }
RHSA-2024:1061
Vulnerability from csaf_redhat
Published
2024-02-29 20:37
Modified
2025-04-09 22:22
Summary
Red Hat Security Advisory: Red Hat Satellite 6 security and bug fix update
Notes
Topic
An update is now available for Red Hat Satellite 6.13 for RHEL 8.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat Satellite is a system management solution that allows organizations to
configure and maintain their systems without the necessity to provide public
Internet access to their servers or other client systems. It performs
provisioning and configuration management of predefined standard operating
environments.
Security Fix(es):
* satellite: Blind SSRF via Referer header (CVE-2022-4130)
* mosquitto: memory leak leads to unresponsive broker (CVE-2023-0809, CVE-2023-28366, CVE-2023-3592)
* foreman: World readable file containing secrets (CVE-2023-4886)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Bug Fix(es):
* Long running postgres threads during content-export (BZ#2257299)
* After upstream repo switched to zst compression, Satellite 6.12.5.1 unable to sync (BZ#2257300)
* Actions::ForemanLeapp::PreupgradeJob fails with null value in column "preupgrade_report_id" violates not-null constraint when run with non-admin user (BZ#2257302)
* Puppet reports without any messages don't get an origin (BZ#2257314)
* Provisioning vm host fails with error "Failed to attach ISO image to CDROM drive of instance client.example.com: InvalidPowerState: The attempted operation cannot be performed in the current state (Powered on)". (BZ#2257316)
* [Improvement] RefreshRepos step in Capsule Sync to refresh just repos to sync (BZ#2260526)
* Support Satellite Clone running on Python 3.12 (BZ#2264354)
* Support Satellite Ansible Collection running on Python 3.12 (BZ#2264918)
* Unable to sync library/busybox from gcr.io (BZ#2265149)
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Moderate", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "An update is now available for Red Hat Satellite 6.13 for RHEL 8.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", title: "Topic", }, { category: "general", text: "Red Hat Satellite is a system management solution that allows organizations to\nconfigure and maintain their systems without the necessity to provide public\nInternet access to their servers or other client systems. It performs\nprovisioning and configuration management of predefined standard operating\nenvironments.\n\nSecurity Fix(es):\n\n* satellite: Blind SSRF via Referer header (CVE-2022-4130)\n\n* mosquitto: memory leak leads to unresponsive broker (CVE-2023-0809, CVE-2023-28366, CVE-2023-3592)\n\n* foreman: World readable file containing secrets (CVE-2023-4886)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nBug Fix(es):\n\n* Long running postgres threads during content-export (BZ#2257299)\n\n* After upstream repo switched to zst compression, Satellite 6.12.5.1 unable to sync (BZ#2257300)\n\n* Actions::ForemanLeapp::PreupgradeJob fails with null value in column \"preupgrade_report_id\" violates not-null constraint when run with non-admin user (BZ#2257302)\n\n* Puppet reports without any messages don't get an origin (BZ#2257314)\n\n* Provisioning vm host fails with error \"Failed to attach ISO image to CDROM drive of instance client.example.com: InvalidPowerState: The attempted operation cannot be performed in the current state (Powered on)\". (BZ#2257316)\n\n* [Improvement] RefreshRepos step in Capsule Sync to refresh just repos to sync (BZ#2260526)\n\n* Support Satellite Clone running on Python 3.12 (BZ#2264354)\n\n* Support Satellite Ansible Collection running on Python 3.12 (BZ#2264918)\n\n* Unable to sync library/busybox from gcr.io (BZ#2265149)", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2024:1061", url: "https://access.redhat.com/errata/RHSA-2024:1061", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#moderate", url: "https://access.redhat.com/security/updates/classification/#moderate", }, { category: "external", summary: "https://access.redhat.com/documentation/en-us/red_hat_satellite/6.13/html/upgrading_and_updating_red_hat_satellite/index", url: "https://access.redhat.com/documentation/en-us/red_hat_satellite/6.13/html/upgrading_and_updating_red_hat_satellite/index", }, { category: "external", summary: "https://access.redhat.com/security/vulnerabilities/RHSB-2023-003", url: "https://access.redhat.com/security/vulnerabilities/RHSB-2023-003", }, { category: "external", summary: "2145254", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2145254", }, { category: "external", summary: "2230135", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2230135", }, { category: "external", summary: "2236882", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2236882", }, { category: "external", summary: "2257299", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2257299", }, { category: "external", summary: "2257300", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2257300", }, { category: "external", summary: "2257302", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2257302", }, { category: "external", summary: "2257314", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2257314", }, { category: "external", summary: "2257316", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2257316", }, { category: "external", summary: "2260526", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2260526", }, { category: "external", summary: "2264354", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2264354", }, { category: "external", summary: "2264918", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2264918", }, { category: "external", summary: "2265149", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2265149", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_1061.json", }, ], title: "Red Hat Security Advisory: Red Hat Satellite 6 security and bug fix update", tracking: { current_release_date: "2025-04-09T22:22:35+00:00", generator: { date: "2025-04-09T22:22:35+00:00", engine: { name: "Red Hat SDEngine", version: "4.4.2", }, }, id: "RHSA-2024:1061", initial_release_date: "2024-02-29T20:37:45+00:00", revision_history: [ { date: "2024-02-29T20:37:45+00:00", number: "1", summary: "Initial version", }, { date: "2024-02-29T20:37:45+00:00", number: "2", summary: "Last updated version", }, { date: "2025-04-09T22:22:35+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat Satellite 6.13 for RHEL 8", product: { name: "Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13", product_identification_helper: { cpe: "cpe:/a:redhat:satellite:6.13::el8", }, }, }, { category: "product_name", name: "Red Hat Satellite 6.13 for RHEL 8", product: { name: "Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13-capsule", product_identification_helper: { cpe: "cpe:/a:redhat:satellite_capsule:6.13::el8", }, }, }, { category: "product_name", name: "Red Hat Satellite 6.13 for RHEL 8", product: { name: "Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13-utils", product_identification_helper: { cpe: "cpe:/a:redhat:satellite_utils:6.13::el8", }, }, }, { category: "product_name", name: "Red Hat Satellite 6.13 for RHEL 8", product: { name: "Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13-maintenance", product_identification_helper: { cpe: "cpe:/a:redhat:satellite_maintenance:6.13::el8", }, }, }, ], category: "product_family", name: "Red Hat Satellite 6", }, { branches: [ { category: "product_version", name: "createrepo_c-0:1.0.2-2.el8pc.src", product: { name: "createrepo_c-0:1.0.2-2.el8pc.src", product_id: "createrepo_c-0:1.0.2-2.el8pc.src", product_identification_helper: { purl: "pkg:rpm/redhat/createrepo_c@1.0.2-2.el8pc?arch=src", }, }, }, { category: "product_version", name: "foreman-0:3.5.1.24-1.el8sat.src", product: { name: "foreman-0:3.5.1.24-1.el8sat.src", product_id: "foreman-0:3.5.1.24-1.el8sat.src", product_identification_helper: { purl: "pkg:rpm/redhat/foreman@3.5.1.24-1.el8sat?arch=src", }, }, }, { category: "product_version", name: "foreman-installer-1:3.5.2.7-1.el8sat.src", product: { name: "foreman-installer-1:3.5.2.7-1.el8sat.src", product_id: "foreman-installer-1:3.5.2.7-1.el8sat.src", product_identification_helper: { purl: "pkg:rpm/redhat/foreman-installer@3.5.2.7-1.el8sat?arch=src&epoch=1", }, }, }, { category: "product_version", name: "mosquitto-0:2.0.17-1.el8sat.src", product: { name: "mosquitto-0:2.0.17-1.el8sat.src", product_id: "mosquitto-0:2.0.17-1.el8sat.src", product_identification_helper: { purl: "pkg:rpm/redhat/mosquitto@2.0.17-1.el8sat?arch=src", }, }, }, { category: "product_version", name: "python-pulp-rpm-0:3.18.19-2.el8pc.src", product: { name: "python-pulp-rpm-0:3.18.19-2.el8pc.src", product_id: "python-pulp-rpm-0:3.18.19-2.el8pc.src", product_identification_helper: { purl: "pkg:rpm/redhat/python-pulp-rpm@3.18.19-2.el8pc?arch=src", }, }, }, { category: "product_version", name: "rubygem-foreman_bootdisk-0:21.0.5-1.el8sat.src", product: { name: "rubygem-foreman_bootdisk-0:21.0.5-1.el8sat.src", product_id: "rubygem-foreman_bootdisk-0:21.0.5-1.el8sat.src", product_identification_helper: { purl: "pkg:rpm/redhat/rubygem-foreman_bootdisk@21.0.5-1.el8sat?arch=src", }, }, }, { category: "product_version", name: "rubygem-foreman_leapp-0:0.1.13-2.el8sat.src", product: { name: "rubygem-foreman_leapp-0:0.1.13-2.el8sat.src", product_id: "rubygem-foreman_leapp-0:0.1.13-2.el8sat.src", product_identification_helper: { purl: "pkg:rpm/redhat/rubygem-foreman_leapp@0.1.13-2.el8sat?arch=src", }, }, }, { category: "product_version", name: "rubygem-katello-0:4.7.0.36-1.el8sat.src", product: { name: "rubygem-katello-0:4.7.0.36-1.el8sat.src", product_id: "rubygem-katello-0:4.7.0.36-1.el8sat.src", product_identification_helper: { purl: "pkg:rpm/redhat/rubygem-katello@4.7.0.36-1.el8sat?arch=src", }, }, }, { category: "product_version", name: "satellite-0:6.13.7-1.el8sat.src", product: { name: "satellite-0:6.13.7-1.el8sat.src", product_id: "satellite-0:6.13.7-1.el8sat.src", product_identification_helper: { purl: "pkg:rpm/redhat/satellite@6.13.7-1.el8sat?arch=src", }, }, }, { category: "product_version", name: "ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.src", product: { name: "ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.src", product_id: "ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.src", product_identification_helper: { purl: "pkg:rpm/redhat/ansible-collection-redhat-satellite@3.9.0-3.el8sat?arch=src", }, }, }, { category: "product_version", name: "python-pulp-container-0:2.14.11-1.el8pc.src", product: { name: "python-pulp-container-0:2.14.11-1.el8pc.src", product_id: "python-pulp-container-0:2.14.11-1.el8pc.src", product_identification_helper: { purl: "pkg:rpm/redhat/python-pulp-container@2.14.11-1.el8pc?arch=src", }, }, }, { category: "product_version", name: "satellite-clone-0:3.5.0-1.el8sat.src", product: { name: "satellite-clone-0:3.5.0-1.el8sat.src", product_id: "satellite-clone-0:3.5.0-1.el8sat.src", product_identification_helper: { purl: "pkg:rpm/redhat/satellite-clone@3.5.0-1.el8sat?arch=src", }, }, }, ], category: "architecture", name: "src", }, { branches: [ { category: "product_version", name: "createrepo_c-0:1.0.2-2.el8pc.x86_64", product: { name: "createrepo_c-0:1.0.2-2.el8pc.x86_64", product_id: "createrepo_c-0:1.0.2-2.el8pc.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/createrepo_c@1.0.2-2.el8pc?arch=x86_64", }, }, }, { category: "product_version", name: "createrepo_c-libs-0:1.0.2-2.el8pc.x86_64", product: { name: "createrepo_c-libs-0:1.0.2-2.el8pc.x86_64", product_id: "createrepo_c-libs-0:1.0.2-2.el8pc.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/createrepo_c-libs@1.0.2-2.el8pc?arch=x86_64", }, }, }, { category: "product_version", name: "python3-createrepo_c-0:1.0.2-2.el8pc.x86_64", product: { name: "python3-createrepo_c-0:1.0.2-2.el8pc.x86_64", product_id: "python3-createrepo_c-0:1.0.2-2.el8pc.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/python3-createrepo_c@1.0.2-2.el8pc?arch=x86_64", }, }, }, { category: "product_version", name: "python39-createrepo_c-0:1.0.2-2.el8pc.x86_64", product: { name: "python39-createrepo_c-0:1.0.2-2.el8pc.x86_64", product_id: "python39-createrepo_c-0:1.0.2-2.el8pc.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/python39-createrepo_c@1.0.2-2.el8pc?arch=x86_64", }, }, }, { category: "product_version", name: "createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64", product: { name: "createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64", product_id: "createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/createrepo_c-debugsource@1.0.2-2.el8pc?arch=x86_64", }, }, }, { category: "product_version", name: "createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", product: { name: "createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", product_id: "createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/createrepo_c-debuginfo@1.0.2-2.el8pc?arch=x86_64", }, }, }, { category: "product_version", name: "createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64", product: { name: "createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64", product_id: "createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/createrepo_c-libs-debuginfo@1.0.2-2.el8pc?arch=x86_64", }, }, }, { category: "product_version", name: "python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", product: { name: "python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", product_id: "python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/python3-createrepo_c-debuginfo@1.0.2-2.el8pc?arch=x86_64", }, }, }, { category: "product_version", name: "python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", product: { name: "python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", product_id: "python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/python39-createrepo_c-debuginfo@1.0.2-2.el8pc?arch=x86_64", }, }, }, { category: "product_version", name: "mosquitto-0:2.0.17-1.el8sat.x86_64", product: { name: "mosquitto-0:2.0.17-1.el8sat.x86_64", product_id: "mosquitto-0:2.0.17-1.el8sat.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mosquitto@2.0.17-1.el8sat?arch=x86_64", }, }, }, { category: "product_version", name: "mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", product: { name: "mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", product_id: "mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mosquitto-debugsource@2.0.17-1.el8sat?arch=x86_64", }, }, }, { category: "product_version", name: "mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", product: { name: "mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", product_id: "mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mosquitto-debuginfo@2.0.17-1.el8sat?arch=x86_64", }, }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_version", name: "foreman-debug-0:3.5.1.24-1.el8sat.noarch", product: { name: "foreman-debug-0:3.5.1.24-1.el8sat.noarch", product_id: "foreman-debug-0:3.5.1.24-1.el8sat.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/foreman-debug@3.5.1.24-1.el8sat?arch=noarch", }, }, }, { category: "product_version", name: "foreman-0:3.5.1.24-1.el8sat.noarch", product: { name: "foreman-0:3.5.1.24-1.el8sat.noarch", product_id: "foreman-0:3.5.1.24-1.el8sat.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/foreman@3.5.1.24-1.el8sat?arch=noarch", }, }, }, { category: "product_version", name: "foreman-cli-0:3.5.1.24-1.el8sat.noarch", product: { name: "foreman-cli-0:3.5.1.24-1.el8sat.noarch", product_id: "foreman-cli-0:3.5.1.24-1.el8sat.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/foreman-cli@3.5.1.24-1.el8sat?arch=noarch", }, }, }, { category: "product_version", name: "foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch", product: { name: "foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch", product_id: "foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/foreman-dynflow-sidekiq@3.5.1.24-1.el8sat?arch=noarch", }, }, }, { category: "product_version", name: "foreman-ec2-0:3.5.1.24-1.el8sat.noarch", product: { name: "foreman-ec2-0:3.5.1.24-1.el8sat.noarch", product_id: "foreman-ec2-0:3.5.1.24-1.el8sat.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/foreman-ec2@3.5.1.24-1.el8sat?arch=noarch", }, }, }, { category: "product_version", name: "foreman-journald-0:3.5.1.24-1.el8sat.noarch", product: { name: "foreman-journald-0:3.5.1.24-1.el8sat.noarch", product_id: "foreman-journald-0:3.5.1.24-1.el8sat.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/foreman-journald@3.5.1.24-1.el8sat?arch=noarch", }, }, }, { category: "product_version", name: "foreman-libvirt-0:3.5.1.24-1.el8sat.noarch", product: { name: "foreman-libvirt-0:3.5.1.24-1.el8sat.noarch", product_id: "foreman-libvirt-0:3.5.1.24-1.el8sat.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/foreman-libvirt@3.5.1.24-1.el8sat?arch=noarch", }, }, }, { category: "product_version", name: "foreman-openstack-0:3.5.1.24-1.el8sat.noarch", product: { name: "foreman-openstack-0:3.5.1.24-1.el8sat.noarch", product_id: "foreman-openstack-0:3.5.1.24-1.el8sat.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/foreman-openstack@3.5.1.24-1.el8sat?arch=noarch", }, }, }, { category: "product_version", name: "foreman-ovirt-0:3.5.1.24-1.el8sat.noarch", product: { name: "foreman-ovirt-0:3.5.1.24-1.el8sat.noarch", product_id: "foreman-ovirt-0:3.5.1.24-1.el8sat.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/foreman-ovirt@3.5.1.24-1.el8sat?arch=noarch", }, }, }, { category: "product_version", name: "foreman-postgresql-0:3.5.1.24-1.el8sat.noarch", product: { name: "foreman-postgresql-0:3.5.1.24-1.el8sat.noarch", product_id: "foreman-postgresql-0:3.5.1.24-1.el8sat.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/foreman-postgresql@3.5.1.24-1.el8sat?arch=noarch", }, }, }, { category: "product_version", name: "foreman-service-0:3.5.1.24-1.el8sat.noarch", product: { name: "foreman-service-0:3.5.1.24-1.el8sat.noarch", product_id: "foreman-service-0:3.5.1.24-1.el8sat.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/foreman-service@3.5.1.24-1.el8sat?arch=noarch", }, }, }, { category: "product_version", name: "foreman-telemetry-0:3.5.1.24-1.el8sat.noarch", product: { name: "foreman-telemetry-0:3.5.1.24-1.el8sat.noarch", product_id: "foreman-telemetry-0:3.5.1.24-1.el8sat.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/foreman-telemetry@3.5.1.24-1.el8sat?arch=noarch", }, }, }, { category: "product_version", name: "foreman-vmware-0:3.5.1.24-1.el8sat.noarch", product: { name: "foreman-vmware-0:3.5.1.24-1.el8sat.noarch", product_id: "foreman-vmware-0:3.5.1.24-1.el8sat.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/foreman-vmware@3.5.1.24-1.el8sat?arch=noarch", }, }, }, { category: "product_version", name: "foreman-installer-1:3.5.2.7-1.el8sat.noarch", product: { name: "foreman-installer-1:3.5.2.7-1.el8sat.noarch", product_id: "foreman-installer-1:3.5.2.7-1.el8sat.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/foreman-installer@3.5.2.7-1.el8sat?arch=noarch&epoch=1", }, }, }, { category: "product_version", name: "foreman-installer-katello-1:3.5.2.7-1.el8sat.noarch", product: { name: "foreman-installer-katello-1:3.5.2.7-1.el8sat.noarch", product_id: "foreman-installer-katello-1:3.5.2.7-1.el8sat.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/foreman-installer-katello@3.5.2.7-1.el8sat?arch=noarch&epoch=1", }, }, }, { category: "product_version", name: "python39-pulp-rpm-0:3.18.19-2.el8pc.noarch", product: { name: "python39-pulp-rpm-0:3.18.19-2.el8pc.noarch", product_id: "python39-pulp-rpm-0:3.18.19-2.el8pc.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/python39-pulp-rpm@3.18.19-2.el8pc?arch=noarch", }, }, }, { category: "product_version", name: "rubygem-foreman_bootdisk-0:21.0.5-1.el8sat.noarch", product: { name: "rubygem-foreman_bootdisk-0:21.0.5-1.el8sat.noarch", product_id: "rubygem-foreman_bootdisk-0:21.0.5-1.el8sat.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/rubygem-foreman_bootdisk@21.0.5-1.el8sat?arch=noarch", }, }, }, { category: "product_version", name: "rubygem-foreman_leapp-0:0.1.13-2.el8sat.noarch", product: { name: "rubygem-foreman_leapp-0:0.1.13-2.el8sat.noarch", product_id: "rubygem-foreman_leapp-0:0.1.13-2.el8sat.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/rubygem-foreman_leapp@0.1.13-2.el8sat?arch=noarch", }, }, }, { category: "product_version", name: "rubygem-katello-0:4.7.0.36-1.el8sat.noarch", product: { name: "rubygem-katello-0:4.7.0.36-1.el8sat.noarch", product_id: "rubygem-katello-0:4.7.0.36-1.el8sat.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/rubygem-katello@4.7.0.36-1.el8sat?arch=noarch", }, }, }, { category: "product_version", name: "satellite-capsule-0:6.13.7-1.el8sat.noarch", product: { name: "satellite-capsule-0:6.13.7-1.el8sat.noarch", product_id: "satellite-capsule-0:6.13.7-1.el8sat.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/satellite-capsule@6.13.7-1.el8sat?arch=noarch", }, }, }, { category: "product_version", name: "satellite-common-0:6.13.7-1.el8sat.noarch", product: { name: "satellite-common-0:6.13.7-1.el8sat.noarch", product_id: "satellite-common-0:6.13.7-1.el8sat.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/satellite-common@6.13.7-1.el8sat?arch=noarch", }, }, }, { category: "product_version", name: "satellite-0:6.13.7-1.el8sat.noarch", product: { name: "satellite-0:6.13.7-1.el8sat.noarch", product_id: "satellite-0:6.13.7-1.el8sat.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/satellite@6.13.7-1.el8sat?arch=noarch", }, }, }, { category: "product_version", name: "satellite-cli-0:6.13.7-1.el8sat.noarch", product: { name: "satellite-cli-0:6.13.7-1.el8sat.noarch", product_id: "satellite-cli-0:6.13.7-1.el8sat.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/satellite-cli@6.13.7-1.el8sat?arch=noarch", }, }, }, { category: "product_version", name: "ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.noarch", product: { name: "ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.noarch", product_id: "ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/ansible-collection-redhat-satellite@3.9.0-3.el8sat?arch=noarch", }, }, }, { category: "product_version", name: "python39-pulp-container-0:2.14.11-1.el8pc.noarch", product: { name: "python39-pulp-container-0:2.14.11-1.el8pc.noarch", product_id: "python39-pulp-container-0:2.14.11-1.el8pc.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/python39-pulp-container@2.14.11-1.el8pc?arch=noarch", }, }, }, { category: "product_version", name: "satellite-clone-0:3.5.0-1.el8sat.noarch", product: { name: "satellite-clone-0:3.5.0-1.el8sat.noarch", product_id: "satellite-clone-0:3.5.0-1.el8sat.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/satellite-clone@3.5.0-1.el8sat?arch=noarch", }, }, }, ], category: "architecture", name: "noarch", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13-capsule:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.noarch", }, product_reference: "ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.13-capsule", }, { category: "default_component_of", full_product_name: { name: "ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.src as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13-capsule:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.src", }, product_reference: "ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.src", relates_to_product_reference: "8Base-satellite-6.13-capsule", }, { category: "default_component_of", full_product_name: { name: "createrepo_c-0:1.0.2-2.el8pc.src as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13-capsule:createrepo_c-0:1.0.2-2.el8pc.src", }, product_reference: "createrepo_c-0:1.0.2-2.el8pc.src", relates_to_product_reference: "8Base-satellite-6.13-capsule", }, { category: "default_component_of", full_product_name: { name: "createrepo_c-0:1.0.2-2.el8pc.x86_64 as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13-capsule:createrepo_c-0:1.0.2-2.el8pc.x86_64", }, product_reference: "createrepo_c-0:1.0.2-2.el8pc.x86_64", relates_to_product_reference: "8Base-satellite-6.13-capsule", }, { category: "default_component_of", full_product_name: { name: "createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64 as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13-capsule:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", }, product_reference: "createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", relates_to_product_reference: "8Base-satellite-6.13-capsule", }, { category: "default_component_of", full_product_name: { name: "createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64 as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13-capsule:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64", }, product_reference: "createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64", relates_to_product_reference: "8Base-satellite-6.13-capsule", }, { category: "default_component_of", full_product_name: { name: "createrepo_c-libs-0:1.0.2-2.el8pc.x86_64 as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13-capsule:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64", }, product_reference: "createrepo_c-libs-0:1.0.2-2.el8pc.x86_64", relates_to_product_reference: "8Base-satellite-6.13-capsule", }, { category: "default_component_of", full_product_name: { name: "createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64 as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13-capsule:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64", }, product_reference: "createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64", relates_to_product_reference: "8Base-satellite-6.13-capsule", }, { category: "default_component_of", full_product_name: { name: "foreman-0:3.5.1.24-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13-capsule:foreman-0:3.5.1.24-1.el8sat.noarch", }, product_reference: "foreman-0:3.5.1.24-1.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.13-capsule", }, { category: "default_component_of", full_product_name: { name: "foreman-0:3.5.1.24-1.el8sat.src as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13-capsule:foreman-0:3.5.1.24-1.el8sat.src", }, product_reference: "foreman-0:3.5.1.24-1.el8sat.src", relates_to_product_reference: "8Base-satellite-6.13-capsule", }, { category: "default_component_of", full_product_name: { name: "foreman-cli-0:3.5.1.24-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13-capsule:foreman-cli-0:3.5.1.24-1.el8sat.noarch", }, product_reference: "foreman-cli-0:3.5.1.24-1.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.13-capsule", }, { category: "default_component_of", full_product_name: { name: "foreman-debug-0:3.5.1.24-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13-capsule:foreman-debug-0:3.5.1.24-1.el8sat.noarch", }, product_reference: "foreman-debug-0:3.5.1.24-1.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.13-capsule", }, { category: "default_component_of", full_product_name: { name: "foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13-capsule:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch", }, product_reference: "foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.13-capsule", }, { category: "default_component_of", full_product_name: { name: "foreman-ec2-0:3.5.1.24-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13-capsule:foreman-ec2-0:3.5.1.24-1.el8sat.noarch", }, product_reference: "foreman-ec2-0:3.5.1.24-1.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.13-capsule", }, { category: "default_component_of", full_product_name: { name: "foreman-installer-1:3.5.2.7-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13-capsule:foreman-installer-1:3.5.2.7-1.el8sat.noarch", }, product_reference: "foreman-installer-1:3.5.2.7-1.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.13-capsule", }, { category: "default_component_of", full_product_name: { name: "foreman-installer-1:3.5.2.7-1.el8sat.src as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13-capsule:foreman-installer-1:3.5.2.7-1.el8sat.src", }, product_reference: "foreman-installer-1:3.5.2.7-1.el8sat.src", relates_to_product_reference: "8Base-satellite-6.13-capsule", }, { category: "default_component_of", full_product_name: { name: "foreman-installer-katello-1:3.5.2.7-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13-capsule:foreman-installer-katello-1:3.5.2.7-1.el8sat.noarch", }, product_reference: "foreman-installer-katello-1:3.5.2.7-1.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.13-capsule", }, { category: "default_component_of", full_product_name: { name: "foreman-journald-0:3.5.1.24-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13-capsule:foreman-journald-0:3.5.1.24-1.el8sat.noarch", }, product_reference: "foreman-journald-0:3.5.1.24-1.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.13-capsule", }, { category: "default_component_of", full_product_name: { name: "foreman-libvirt-0:3.5.1.24-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13-capsule:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch", }, product_reference: "foreman-libvirt-0:3.5.1.24-1.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.13-capsule", }, { category: "default_component_of", full_product_name: { name: "foreman-openstack-0:3.5.1.24-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13-capsule:foreman-openstack-0:3.5.1.24-1.el8sat.noarch", }, product_reference: "foreman-openstack-0:3.5.1.24-1.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.13-capsule", }, { category: "default_component_of", full_product_name: { name: "foreman-ovirt-0:3.5.1.24-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13-capsule:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch", }, product_reference: "foreman-ovirt-0:3.5.1.24-1.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.13-capsule", }, { category: "default_component_of", full_product_name: { name: "foreman-postgresql-0:3.5.1.24-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13-capsule:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch", }, product_reference: "foreman-postgresql-0:3.5.1.24-1.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.13-capsule", }, { category: "default_component_of", full_product_name: { name: "foreman-service-0:3.5.1.24-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13-capsule:foreman-service-0:3.5.1.24-1.el8sat.noarch", }, product_reference: "foreman-service-0:3.5.1.24-1.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.13-capsule", }, { category: "default_component_of", full_product_name: { name: "foreman-telemetry-0:3.5.1.24-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13-capsule:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch", }, product_reference: "foreman-telemetry-0:3.5.1.24-1.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.13-capsule", }, { category: "default_component_of", full_product_name: { name: "foreman-vmware-0:3.5.1.24-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13-capsule:foreman-vmware-0:3.5.1.24-1.el8sat.noarch", }, product_reference: "foreman-vmware-0:3.5.1.24-1.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.13-capsule", }, { category: "default_component_of", full_product_name: { name: "mosquitto-0:2.0.17-1.el8sat.src as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13-capsule:mosquitto-0:2.0.17-1.el8sat.src", }, product_reference: "mosquitto-0:2.0.17-1.el8sat.src", relates_to_product_reference: "8Base-satellite-6.13-capsule", }, { category: "default_component_of", full_product_name: { name: "mosquitto-0:2.0.17-1.el8sat.x86_64 as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64", }, product_reference: "mosquitto-0:2.0.17-1.el8sat.x86_64", relates_to_product_reference: "8Base-satellite-6.13-capsule", }, { category: "default_component_of", full_product_name: { name: "mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64 as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", }, product_reference: "mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", relates_to_product_reference: "8Base-satellite-6.13-capsule", }, { category: "default_component_of", full_product_name: { name: "mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64 as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", }, product_reference: "mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", relates_to_product_reference: "8Base-satellite-6.13-capsule", }, { category: "default_component_of", full_product_name: { name: "python-pulp-container-0:2.14.11-1.el8pc.src as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13-capsule:python-pulp-container-0:2.14.11-1.el8pc.src", }, product_reference: "python-pulp-container-0:2.14.11-1.el8pc.src", relates_to_product_reference: "8Base-satellite-6.13-capsule", }, { category: "default_component_of", full_product_name: { name: "python-pulp-rpm-0:3.18.19-2.el8pc.src as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13-capsule:python-pulp-rpm-0:3.18.19-2.el8pc.src", }, product_reference: "python-pulp-rpm-0:3.18.19-2.el8pc.src", relates_to_product_reference: "8Base-satellite-6.13-capsule", }, { category: "default_component_of", full_product_name: { name: "python3-createrepo_c-0:1.0.2-2.el8pc.x86_64 as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13-capsule:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64", }, product_reference: "python3-createrepo_c-0:1.0.2-2.el8pc.x86_64", relates_to_product_reference: "8Base-satellite-6.13-capsule", }, { category: "default_component_of", full_product_name: { name: "python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64 as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13-capsule:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", }, product_reference: "python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", relates_to_product_reference: "8Base-satellite-6.13-capsule", }, { category: "default_component_of", full_product_name: { name: "python39-createrepo_c-0:1.0.2-2.el8pc.x86_64 as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13-capsule:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64", }, product_reference: "python39-createrepo_c-0:1.0.2-2.el8pc.x86_64", relates_to_product_reference: "8Base-satellite-6.13-capsule", }, { category: "default_component_of", full_product_name: { name: "python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64 as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13-capsule:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", }, product_reference: "python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", relates_to_product_reference: "8Base-satellite-6.13-capsule", }, { category: "default_component_of", full_product_name: { name: "python39-pulp-container-0:2.14.11-1.el8pc.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch", }, product_reference: "python39-pulp-container-0:2.14.11-1.el8pc.noarch", relates_to_product_reference: "8Base-satellite-6.13-capsule", }, { category: "default_component_of", full_product_name: { name: "python39-pulp-rpm-0:3.18.19-2.el8pc.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13-capsule:python39-pulp-rpm-0:3.18.19-2.el8pc.noarch", }, product_reference: "python39-pulp-rpm-0:3.18.19-2.el8pc.noarch", relates_to_product_reference: "8Base-satellite-6.13-capsule", }, { category: "default_component_of", full_product_name: { name: "satellite-0:6.13.7-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13-capsule:satellite-0:6.13.7-1.el8sat.noarch", }, product_reference: "satellite-0:6.13.7-1.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.13-capsule", }, { category: "default_component_of", full_product_name: { name: "satellite-0:6.13.7-1.el8sat.src as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13-capsule:satellite-0:6.13.7-1.el8sat.src", }, product_reference: "satellite-0:6.13.7-1.el8sat.src", relates_to_product_reference: "8Base-satellite-6.13-capsule", }, { category: "default_component_of", full_product_name: { name: "satellite-capsule-0:6.13.7-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13-capsule:satellite-capsule-0:6.13.7-1.el8sat.noarch", }, product_reference: "satellite-capsule-0:6.13.7-1.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.13-capsule", }, { category: "default_component_of", full_product_name: { name: "satellite-cli-0:6.13.7-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13-capsule:satellite-cli-0:6.13.7-1.el8sat.noarch", }, product_reference: "satellite-cli-0:6.13.7-1.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.13-capsule", }, { category: "default_component_of", full_product_name: { name: "satellite-common-0:6.13.7-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13-capsule:satellite-common-0:6.13.7-1.el8sat.noarch", }, product_reference: "satellite-common-0:6.13.7-1.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.13-capsule", }, { category: "default_component_of", full_product_name: { name: "satellite-clone-0:3.5.0-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13-maintenance:satellite-clone-0:3.5.0-1.el8sat.noarch", }, product_reference: "satellite-clone-0:3.5.0-1.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.13-maintenance", }, { category: "default_component_of", full_product_name: { name: "satellite-clone-0:3.5.0-1.el8sat.src as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13-maintenance:satellite-clone-0:3.5.0-1.el8sat.src", }, product_reference: "satellite-clone-0:3.5.0-1.el8sat.src", relates_to_product_reference: "8Base-satellite-6.13-maintenance", }, { category: "default_component_of", full_product_name: { name: "foreman-0:3.5.1.24-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13-utils:foreman-0:3.5.1.24-1.el8sat.noarch", }, product_reference: "foreman-0:3.5.1.24-1.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.13-utils", }, { category: "default_component_of", full_product_name: { name: "foreman-0:3.5.1.24-1.el8sat.src as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13-utils:foreman-0:3.5.1.24-1.el8sat.src", }, product_reference: "foreman-0:3.5.1.24-1.el8sat.src", relates_to_product_reference: "8Base-satellite-6.13-utils", }, { category: "default_component_of", full_product_name: { name: "foreman-cli-0:3.5.1.24-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13-utils:foreman-cli-0:3.5.1.24-1.el8sat.noarch", }, product_reference: "foreman-cli-0:3.5.1.24-1.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.13-utils", }, { category: "default_component_of", full_product_name: { name: "foreman-debug-0:3.5.1.24-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13-utils:foreman-debug-0:3.5.1.24-1.el8sat.noarch", }, product_reference: "foreman-debug-0:3.5.1.24-1.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.13-utils", }, { category: "default_component_of", full_product_name: { name: "foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13-utils:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch", }, product_reference: "foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.13-utils", }, { category: "default_component_of", full_product_name: { name: "foreman-ec2-0:3.5.1.24-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13-utils:foreman-ec2-0:3.5.1.24-1.el8sat.noarch", }, product_reference: "foreman-ec2-0:3.5.1.24-1.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.13-utils", }, { category: "default_component_of", full_product_name: { name: "foreman-journald-0:3.5.1.24-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13-utils:foreman-journald-0:3.5.1.24-1.el8sat.noarch", }, product_reference: "foreman-journald-0:3.5.1.24-1.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.13-utils", }, { category: "default_component_of", full_product_name: { name: "foreman-libvirt-0:3.5.1.24-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13-utils:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch", }, product_reference: "foreman-libvirt-0:3.5.1.24-1.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.13-utils", }, { category: "default_component_of", full_product_name: { name: "foreman-openstack-0:3.5.1.24-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13-utils:foreman-openstack-0:3.5.1.24-1.el8sat.noarch", }, product_reference: "foreman-openstack-0:3.5.1.24-1.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.13-utils", }, { category: "default_component_of", full_product_name: { name: "foreman-ovirt-0:3.5.1.24-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13-utils:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch", }, product_reference: "foreman-ovirt-0:3.5.1.24-1.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.13-utils", }, { category: "default_component_of", full_product_name: { name: "foreman-postgresql-0:3.5.1.24-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13-utils:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch", }, product_reference: "foreman-postgresql-0:3.5.1.24-1.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.13-utils", }, { category: "default_component_of", full_product_name: { name: "foreman-service-0:3.5.1.24-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13-utils:foreman-service-0:3.5.1.24-1.el8sat.noarch", }, product_reference: "foreman-service-0:3.5.1.24-1.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.13-utils", }, { category: "default_component_of", full_product_name: { name: "foreman-telemetry-0:3.5.1.24-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13-utils:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch", }, product_reference: "foreman-telemetry-0:3.5.1.24-1.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.13-utils", }, { category: "default_component_of", full_product_name: { name: "foreman-vmware-0:3.5.1.24-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13-utils:foreman-vmware-0:3.5.1.24-1.el8sat.noarch", }, product_reference: "foreman-vmware-0:3.5.1.24-1.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.13-utils", }, { category: "default_component_of", full_product_name: { name: "satellite-0:6.13.7-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13-utils:satellite-0:6.13.7-1.el8sat.noarch", }, product_reference: "satellite-0:6.13.7-1.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.13-utils", }, { category: "default_component_of", full_product_name: { name: "satellite-0:6.13.7-1.el8sat.src as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13-utils:satellite-0:6.13.7-1.el8sat.src", }, product_reference: "satellite-0:6.13.7-1.el8sat.src", relates_to_product_reference: "8Base-satellite-6.13-utils", }, { category: "default_component_of", full_product_name: { name: "satellite-capsule-0:6.13.7-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13-utils:satellite-capsule-0:6.13.7-1.el8sat.noarch", }, product_reference: "satellite-capsule-0:6.13.7-1.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.13-utils", }, { category: "default_component_of", full_product_name: { name: "satellite-cli-0:6.13.7-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13-utils:satellite-cli-0:6.13.7-1.el8sat.noarch", }, product_reference: "satellite-cli-0:6.13.7-1.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.13-utils", }, { category: "default_component_of", full_product_name: { name: "satellite-common-0:6.13.7-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13-utils:satellite-common-0:6.13.7-1.el8sat.noarch", }, product_reference: "satellite-common-0:6.13.7-1.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.13-utils", }, { category: "default_component_of", full_product_name: { name: "ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.noarch", }, product_reference: "ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.13", }, { category: "default_component_of", full_product_name: { name: "ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.src as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.src", }, product_reference: "ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.src", relates_to_product_reference: "8Base-satellite-6.13", }, { category: "default_component_of", full_product_name: { name: "createrepo_c-0:1.0.2-2.el8pc.src as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13:createrepo_c-0:1.0.2-2.el8pc.src", }, product_reference: "createrepo_c-0:1.0.2-2.el8pc.src", relates_to_product_reference: "8Base-satellite-6.13", }, { category: "default_component_of", full_product_name: { name: "createrepo_c-0:1.0.2-2.el8pc.x86_64 as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13:createrepo_c-0:1.0.2-2.el8pc.x86_64", }, product_reference: "createrepo_c-0:1.0.2-2.el8pc.x86_64", relates_to_product_reference: "8Base-satellite-6.13", }, { category: "default_component_of", full_product_name: { name: "createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64 as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", }, product_reference: "createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", relates_to_product_reference: "8Base-satellite-6.13", }, { category: "default_component_of", full_product_name: { name: "createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64 as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64", }, product_reference: "createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64", relates_to_product_reference: "8Base-satellite-6.13", }, { category: "default_component_of", full_product_name: { name: "createrepo_c-libs-0:1.0.2-2.el8pc.x86_64 as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64", }, product_reference: "createrepo_c-libs-0:1.0.2-2.el8pc.x86_64", relates_to_product_reference: "8Base-satellite-6.13", }, { category: "default_component_of", full_product_name: { name: "createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64 as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64", }, product_reference: "createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64", relates_to_product_reference: "8Base-satellite-6.13", }, { category: "default_component_of", full_product_name: { name: "foreman-0:3.5.1.24-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13:foreman-0:3.5.1.24-1.el8sat.noarch", }, product_reference: "foreman-0:3.5.1.24-1.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.13", }, { category: "default_component_of", full_product_name: { name: "foreman-0:3.5.1.24-1.el8sat.src as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13:foreman-0:3.5.1.24-1.el8sat.src", }, product_reference: "foreman-0:3.5.1.24-1.el8sat.src", relates_to_product_reference: "8Base-satellite-6.13", }, { category: "default_component_of", full_product_name: { name: "foreman-cli-0:3.5.1.24-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13:foreman-cli-0:3.5.1.24-1.el8sat.noarch", }, product_reference: "foreman-cli-0:3.5.1.24-1.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.13", }, { category: "default_component_of", full_product_name: { name: "foreman-debug-0:3.5.1.24-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13:foreman-debug-0:3.5.1.24-1.el8sat.noarch", }, product_reference: "foreman-debug-0:3.5.1.24-1.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.13", }, { category: "default_component_of", full_product_name: { name: "foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch", }, product_reference: "foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.13", }, { category: "default_component_of", full_product_name: { name: "foreman-ec2-0:3.5.1.24-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13:foreman-ec2-0:3.5.1.24-1.el8sat.noarch", }, product_reference: "foreman-ec2-0:3.5.1.24-1.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.13", }, { category: "default_component_of", full_product_name: { name: "foreman-installer-1:3.5.2.7-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13:foreman-installer-1:3.5.2.7-1.el8sat.noarch", }, product_reference: "foreman-installer-1:3.5.2.7-1.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.13", }, { category: "default_component_of", full_product_name: { name: "foreman-installer-1:3.5.2.7-1.el8sat.src as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13:foreman-installer-1:3.5.2.7-1.el8sat.src", }, product_reference: "foreman-installer-1:3.5.2.7-1.el8sat.src", relates_to_product_reference: "8Base-satellite-6.13", }, { category: "default_component_of", full_product_name: { name: "foreman-installer-katello-1:3.5.2.7-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13:foreman-installer-katello-1:3.5.2.7-1.el8sat.noarch", }, product_reference: "foreman-installer-katello-1:3.5.2.7-1.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.13", }, { category: "default_component_of", full_product_name: { name: "foreman-journald-0:3.5.1.24-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13:foreman-journald-0:3.5.1.24-1.el8sat.noarch", }, product_reference: "foreman-journald-0:3.5.1.24-1.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.13", }, { category: "default_component_of", full_product_name: { name: "foreman-libvirt-0:3.5.1.24-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch", }, product_reference: "foreman-libvirt-0:3.5.1.24-1.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.13", }, { category: "default_component_of", full_product_name: { name: "foreman-openstack-0:3.5.1.24-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13:foreman-openstack-0:3.5.1.24-1.el8sat.noarch", }, product_reference: "foreman-openstack-0:3.5.1.24-1.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.13", }, { category: "default_component_of", full_product_name: { name: "foreman-ovirt-0:3.5.1.24-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch", }, product_reference: "foreman-ovirt-0:3.5.1.24-1.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.13", }, { category: "default_component_of", full_product_name: { name: "foreman-postgresql-0:3.5.1.24-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch", }, product_reference: "foreman-postgresql-0:3.5.1.24-1.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.13", }, { category: "default_component_of", full_product_name: { name: "foreman-service-0:3.5.1.24-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13:foreman-service-0:3.5.1.24-1.el8sat.noarch", }, product_reference: "foreman-service-0:3.5.1.24-1.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.13", }, { category: "default_component_of", full_product_name: { name: "foreman-telemetry-0:3.5.1.24-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch", }, product_reference: "foreman-telemetry-0:3.5.1.24-1.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.13", }, { category: "default_component_of", full_product_name: { name: "foreman-vmware-0:3.5.1.24-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13:foreman-vmware-0:3.5.1.24-1.el8sat.noarch", }, product_reference: "foreman-vmware-0:3.5.1.24-1.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.13", }, { category: "default_component_of", full_product_name: { name: "mosquitto-0:2.0.17-1.el8sat.src as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13:mosquitto-0:2.0.17-1.el8sat.src", }, product_reference: "mosquitto-0:2.0.17-1.el8sat.src", relates_to_product_reference: "8Base-satellite-6.13", }, { category: "default_component_of", full_product_name: { name: "mosquitto-0:2.0.17-1.el8sat.x86_64 as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13:mosquitto-0:2.0.17-1.el8sat.x86_64", }, product_reference: "mosquitto-0:2.0.17-1.el8sat.x86_64", relates_to_product_reference: "8Base-satellite-6.13", }, { category: "default_component_of", full_product_name: { name: "mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64 as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", }, product_reference: "mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", relates_to_product_reference: "8Base-satellite-6.13", }, { category: "default_component_of", full_product_name: { name: "mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64 as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", }, product_reference: "mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", relates_to_product_reference: "8Base-satellite-6.13", }, { category: "default_component_of", full_product_name: { name: "python-pulp-container-0:2.14.11-1.el8pc.src as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13:python-pulp-container-0:2.14.11-1.el8pc.src", }, product_reference: "python-pulp-container-0:2.14.11-1.el8pc.src", relates_to_product_reference: "8Base-satellite-6.13", }, { category: "default_component_of", full_product_name: { name: "python-pulp-rpm-0:3.18.19-2.el8pc.src as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13:python-pulp-rpm-0:3.18.19-2.el8pc.src", }, product_reference: "python-pulp-rpm-0:3.18.19-2.el8pc.src", relates_to_product_reference: "8Base-satellite-6.13", }, { category: "default_component_of", full_product_name: { name: "python3-createrepo_c-0:1.0.2-2.el8pc.x86_64 as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64", }, product_reference: "python3-createrepo_c-0:1.0.2-2.el8pc.x86_64", relates_to_product_reference: "8Base-satellite-6.13", }, { category: "default_component_of", full_product_name: { name: "python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64 as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", }, product_reference: "python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", relates_to_product_reference: "8Base-satellite-6.13", }, { category: "default_component_of", full_product_name: { name: "python39-createrepo_c-0:1.0.2-2.el8pc.x86_64 as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64", }, product_reference: "python39-createrepo_c-0:1.0.2-2.el8pc.x86_64", relates_to_product_reference: "8Base-satellite-6.13", }, { category: "default_component_of", full_product_name: { name: "python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64 as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", }, product_reference: "python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", relates_to_product_reference: "8Base-satellite-6.13", }, { category: "default_component_of", full_product_name: { name: "python39-pulp-container-0:2.14.11-1.el8pc.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13:python39-pulp-container-0:2.14.11-1.el8pc.noarch", }, product_reference: "python39-pulp-container-0:2.14.11-1.el8pc.noarch", relates_to_product_reference: "8Base-satellite-6.13", }, { category: "default_component_of", full_product_name: { name: "python39-pulp-rpm-0:3.18.19-2.el8pc.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13:python39-pulp-rpm-0:3.18.19-2.el8pc.noarch", }, product_reference: "python39-pulp-rpm-0:3.18.19-2.el8pc.noarch", relates_to_product_reference: "8Base-satellite-6.13", }, { category: "default_component_of", full_product_name: { name: "rubygem-foreman_bootdisk-0:21.0.5-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13:rubygem-foreman_bootdisk-0:21.0.5-1.el8sat.noarch", }, product_reference: "rubygem-foreman_bootdisk-0:21.0.5-1.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.13", }, { category: "default_component_of", full_product_name: { name: "rubygem-foreman_bootdisk-0:21.0.5-1.el8sat.src as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13:rubygem-foreman_bootdisk-0:21.0.5-1.el8sat.src", }, product_reference: "rubygem-foreman_bootdisk-0:21.0.5-1.el8sat.src", relates_to_product_reference: "8Base-satellite-6.13", }, { category: "default_component_of", full_product_name: { name: "rubygem-foreman_leapp-0:0.1.13-2.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13:rubygem-foreman_leapp-0:0.1.13-2.el8sat.noarch", }, product_reference: "rubygem-foreman_leapp-0:0.1.13-2.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.13", }, { category: "default_component_of", full_product_name: { name: "rubygem-foreman_leapp-0:0.1.13-2.el8sat.src as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13:rubygem-foreman_leapp-0:0.1.13-2.el8sat.src", }, product_reference: "rubygem-foreman_leapp-0:0.1.13-2.el8sat.src", relates_to_product_reference: "8Base-satellite-6.13", }, { category: "default_component_of", full_product_name: { name: "rubygem-katello-0:4.7.0.36-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13:rubygem-katello-0:4.7.0.36-1.el8sat.noarch", }, product_reference: "rubygem-katello-0:4.7.0.36-1.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.13", }, { category: "default_component_of", full_product_name: { name: "rubygem-katello-0:4.7.0.36-1.el8sat.src as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13:rubygem-katello-0:4.7.0.36-1.el8sat.src", }, product_reference: "rubygem-katello-0:4.7.0.36-1.el8sat.src", relates_to_product_reference: "8Base-satellite-6.13", }, { category: "default_component_of", full_product_name: { name: "satellite-0:6.13.7-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13:satellite-0:6.13.7-1.el8sat.noarch", }, product_reference: "satellite-0:6.13.7-1.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.13", }, { category: "default_component_of", full_product_name: { name: "satellite-0:6.13.7-1.el8sat.src as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13:satellite-0:6.13.7-1.el8sat.src", }, product_reference: "satellite-0:6.13.7-1.el8sat.src", relates_to_product_reference: "8Base-satellite-6.13", }, { category: "default_component_of", full_product_name: { name: "satellite-capsule-0:6.13.7-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13:satellite-capsule-0:6.13.7-1.el8sat.noarch", }, product_reference: "satellite-capsule-0:6.13.7-1.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.13", }, { category: "default_component_of", full_product_name: { name: "satellite-cli-0:6.13.7-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13:satellite-cli-0:6.13.7-1.el8sat.noarch", }, product_reference: "satellite-cli-0:6.13.7-1.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.13", }, { category: "default_component_of", full_product_name: { name: "satellite-common-0:6.13.7-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", product_id: "8Base-satellite-6.13:satellite-common-0:6.13.7-1.el8sat.noarch", }, product_reference: "satellite-common-0:6.13.7-1.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.13", }, ], }, vulnerabilities: [ { acknowledgments: [ { names: [ "Fernando Velazquez", ], organization: "Red Hat", summary: "This issue was discovered by Red Hat.", }, ], cve: "CVE-2022-4130", cwe: { id: "CWE-918", name: "Server-Side Request Forgery (SSRF)", }, discovery_date: "2022-11-23T00:00:00+00:00", flags: [ { label: "vulnerable_code_not_present", product_ids: [ "8Base-satellite-6.13-capsule:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.noarch", "8Base-satellite-6.13-capsule:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.src", "8Base-satellite-6.13-capsule:createrepo_c-0:1.0.2-2.el8pc.src", "8Base-satellite-6.13-capsule:createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:foreman-cli-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-debug-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-ec2-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-installer-1:3.5.2.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-installer-1:3.5.2.7-1.el8sat.src", "8Base-satellite-6.13-capsule:foreman-installer-katello-1:3.5.2.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-journald-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-openstack-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-service-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-vmware-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.13-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13-capsule:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.13-capsule:python-pulp-rpm-0:3.18.19-2.el8pc.src", "8Base-satellite-6.13-capsule:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.13-capsule:python39-pulp-rpm-0:3.18.19-2.el8pc.noarch", "8Base-satellite-6.13-capsule:satellite-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:satellite-0:6.13.7-1.el8sat.src", "8Base-satellite-6.13-capsule:satellite-capsule-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:satellite-cli-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:satellite-common-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-maintenance:satellite-clone-0:3.5.0-1.el8sat.noarch", "8Base-satellite-6.13-maintenance:satellite-clone-0:3.5.0-1.el8sat.src", "8Base-satellite-6.13-utils:foreman-cli-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-debug-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-ec2-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-journald-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-openstack-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-service-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-vmware-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:satellite-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-utils:satellite-0:6.13.7-1.el8sat.src", "8Base-satellite-6.13-utils:satellite-capsule-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-utils:satellite-cli-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-utils:satellite-common-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.noarch", "8Base-satellite-6.13:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.src", "8Base-satellite-6.13:createrepo_c-0:1.0.2-2.el8pc.src", "8Base-satellite-6.13:createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:foreman-cli-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-debug-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-ec2-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-installer-1:3.5.2.7-1.el8sat.noarch", "8Base-satellite-6.13:foreman-installer-1:3.5.2.7-1.el8sat.src", "8Base-satellite-6.13:foreman-installer-katello-1:3.5.2.7-1.el8sat.noarch", "8Base-satellite-6.13:foreman-journald-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-openstack-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-service-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-vmware-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.13:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.13:python-pulp-rpm-0:3.18.19-2.el8pc.src", "8Base-satellite-6.13:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.13:python39-pulp-rpm-0:3.18.19-2.el8pc.noarch", "8Base-satellite-6.13:rubygem-foreman_bootdisk-0:21.0.5-1.el8sat.noarch", "8Base-satellite-6.13:rubygem-foreman_bootdisk-0:21.0.5-1.el8sat.src", "8Base-satellite-6.13:rubygem-foreman_leapp-0:0.1.13-2.el8sat.noarch", "8Base-satellite-6.13:rubygem-foreman_leapp-0:0.1.13-2.el8sat.src", "8Base-satellite-6.13:rubygem-katello-0:4.7.0.36-1.el8sat.noarch", "8Base-satellite-6.13:rubygem-katello-0:4.7.0.36-1.el8sat.src", "8Base-satellite-6.13:satellite-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13:satellite-0:6.13.7-1.el8sat.src", "8Base-satellite-6.13:satellite-capsule-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13:satellite-cli-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13:satellite-common-0:6.13.7-1.el8sat.noarch", ], }, ], ids: [ { system_name: "Red Hat Bugzilla ID", text: "2145254", }, ], notes: [ { category: "description", text: "A blind site-to-site request forgery vulnerability was found in Satellite server. It is possible to trigger an external interaction to an attacker's server by modifying the Referer header in an HTTP request of specific resources in the server.", title: "Vulnerability description", }, { category: "summary", text: "satellite: Blind SSRF via Referer header", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "8Base-satellite-6.13-capsule:foreman-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-0:3.5.1.24-1.el8sat.src", "8Base-satellite-6.13-utils:foreman-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-0:3.5.1.24-1.el8sat.src", "8Base-satellite-6.13:foreman-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-0:3.5.1.24-1.el8sat.src", ], known_not_affected: [ "8Base-satellite-6.13-capsule:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.noarch", "8Base-satellite-6.13-capsule:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.src", "8Base-satellite-6.13-capsule:createrepo_c-0:1.0.2-2.el8pc.src", "8Base-satellite-6.13-capsule:createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:foreman-cli-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-debug-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-ec2-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-installer-1:3.5.2.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-installer-1:3.5.2.7-1.el8sat.src", "8Base-satellite-6.13-capsule:foreman-installer-katello-1:3.5.2.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-journald-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-openstack-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-service-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-vmware-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.13-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13-capsule:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.13-capsule:python-pulp-rpm-0:3.18.19-2.el8pc.src", "8Base-satellite-6.13-capsule:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.13-capsule:python39-pulp-rpm-0:3.18.19-2.el8pc.noarch", "8Base-satellite-6.13-capsule:satellite-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:satellite-0:6.13.7-1.el8sat.src", "8Base-satellite-6.13-capsule:satellite-capsule-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:satellite-cli-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:satellite-common-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-maintenance:satellite-clone-0:3.5.0-1.el8sat.noarch", "8Base-satellite-6.13-maintenance:satellite-clone-0:3.5.0-1.el8sat.src", "8Base-satellite-6.13-utils:foreman-cli-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-debug-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-ec2-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-journald-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-openstack-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-service-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-vmware-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:satellite-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-utils:satellite-0:6.13.7-1.el8sat.src", "8Base-satellite-6.13-utils:satellite-capsule-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-utils:satellite-cli-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-utils:satellite-common-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.noarch", "8Base-satellite-6.13:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.src", "8Base-satellite-6.13:createrepo_c-0:1.0.2-2.el8pc.src", "8Base-satellite-6.13:createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:foreman-cli-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-debug-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-ec2-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-installer-1:3.5.2.7-1.el8sat.noarch", "8Base-satellite-6.13:foreman-installer-1:3.5.2.7-1.el8sat.src", "8Base-satellite-6.13:foreman-installer-katello-1:3.5.2.7-1.el8sat.noarch", "8Base-satellite-6.13:foreman-journald-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-openstack-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-service-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-vmware-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.13:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.13:python-pulp-rpm-0:3.18.19-2.el8pc.src", "8Base-satellite-6.13:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.13:python39-pulp-rpm-0:3.18.19-2.el8pc.noarch", "8Base-satellite-6.13:rubygem-foreman_bootdisk-0:21.0.5-1.el8sat.noarch", "8Base-satellite-6.13:rubygem-foreman_bootdisk-0:21.0.5-1.el8sat.src", "8Base-satellite-6.13:rubygem-foreman_leapp-0:0.1.13-2.el8sat.noarch", "8Base-satellite-6.13:rubygem-foreman_leapp-0:0.1.13-2.el8sat.src", "8Base-satellite-6.13:rubygem-katello-0:4.7.0.36-1.el8sat.noarch", "8Base-satellite-6.13:rubygem-katello-0:4.7.0.36-1.el8sat.src", "8Base-satellite-6.13:satellite-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13:satellite-0:6.13.7-1.el8sat.src", "8Base-satellite-6.13:satellite-capsule-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13:satellite-cli-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13:satellite-common-0:6.13.7-1.el8sat.noarch", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2022-4130", }, { category: "external", summary: "RHBZ#2145254", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2145254", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2022-4130", url: "https://www.cve.org/CVERecord?id=CVE-2022-4130", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2022-4130", url: "https://nvd.nist.gov/vuln/detail/CVE-2022-4130", }, ], release_date: "2023-01-16T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-02-29T20:37:45+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor detailed instructions how to apply this update, refer to:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_satellite/6.6/html/upgrading_and_updating_red_hat_satellite/updating_satellite_server_capsule_server_and_content_hosts", product_ids: [ "8Base-satellite-6.13-capsule:foreman-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-0:3.5.1.24-1.el8sat.src", "8Base-satellite-6.13-utils:foreman-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-0:3.5.1.24-1.el8sat.src", "8Base-satellite-6.13:foreman-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-0:3.5.1.24-1.el8sat.src", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:1061", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 3.5, baseSeverity: "LOW", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:L/I:L/A:N", version: "3.1", }, products: [ "8Base-satellite-6.13-capsule:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.noarch", "8Base-satellite-6.13-capsule:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.src", "8Base-satellite-6.13-capsule:createrepo_c-0:1.0.2-2.el8pc.src", "8Base-satellite-6.13-capsule:createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:foreman-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-0:3.5.1.24-1.el8sat.src", "8Base-satellite-6.13-capsule:foreman-cli-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-debug-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-ec2-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-installer-1:3.5.2.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-installer-1:3.5.2.7-1.el8sat.src", "8Base-satellite-6.13-capsule:foreman-installer-katello-1:3.5.2.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-journald-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-openstack-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-service-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-vmware-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.13-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13-capsule:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.13-capsule:python-pulp-rpm-0:3.18.19-2.el8pc.src", "8Base-satellite-6.13-capsule:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.13-capsule:python39-pulp-rpm-0:3.18.19-2.el8pc.noarch", "8Base-satellite-6.13-capsule:satellite-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:satellite-0:6.13.7-1.el8sat.src", "8Base-satellite-6.13-capsule:satellite-capsule-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:satellite-cli-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:satellite-common-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-maintenance:satellite-clone-0:3.5.0-1.el8sat.noarch", "8Base-satellite-6.13-maintenance:satellite-clone-0:3.5.0-1.el8sat.src", "8Base-satellite-6.13-utils:foreman-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-0:3.5.1.24-1.el8sat.src", "8Base-satellite-6.13-utils:foreman-cli-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-debug-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-ec2-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-journald-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-openstack-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-service-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-vmware-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:satellite-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-utils:satellite-0:6.13.7-1.el8sat.src", "8Base-satellite-6.13-utils:satellite-capsule-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-utils:satellite-cli-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-utils:satellite-common-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.noarch", "8Base-satellite-6.13:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.src", "8Base-satellite-6.13:createrepo_c-0:1.0.2-2.el8pc.src", "8Base-satellite-6.13:createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:foreman-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-0:3.5.1.24-1.el8sat.src", "8Base-satellite-6.13:foreman-cli-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-debug-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-ec2-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-installer-1:3.5.2.7-1.el8sat.noarch", "8Base-satellite-6.13:foreman-installer-1:3.5.2.7-1.el8sat.src", "8Base-satellite-6.13:foreman-installer-katello-1:3.5.2.7-1.el8sat.noarch", "8Base-satellite-6.13:foreman-journald-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-openstack-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-service-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-vmware-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.13:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.13:python-pulp-rpm-0:3.18.19-2.el8pc.src", "8Base-satellite-6.13:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.13:python39-pulp-rpm-0:3.18.19-2.el8pc.noarch", "8Base-satellite-6.13:rubygem-foreman_bootdisk-0:21.0.5-1.el8sat.noarch", "8Base-satellite-6.13:rubygem-foreman_bootdisk-0:21.0.5-1.el8sat.src", "8Base-satellite-6.13:rubygem-foreman_leapp-0:0.1.13-2.el8sat.noarch", "8Base-satellite-6.13:rubygem-foreman_leapp-0:0.1.13-2.el8sat.src", "8Base-satellite-6.13:rubygem-katello-0:4.7.0.36-1.el8sat.noarch", "8Base-satellite-6.13:rubygem-katello-0:4.7.0.36-1.el8sat.src", "8Base-satellite-6.13:satellite-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13:satellite-0:6.13.7-1.el8sat.src", "8Base-satellite-6.13:satellite-capsule-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13:satellite-cli-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13:satellite-common-0:6.13.7-1.el8sat.noarch", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "satellite: Blind SSRF via Referer header", }, { cve: "CVE-2023-0809", cwe: { id: "CWE-401", name: "Missing Release of Memory after Effective Lifetime", }, discovery_date: "2023-09-01T00:00:00+00:00", flags: [ { label: "vulnerable_code_not_present", product_ids: [ "8Base-satellite-6.13-capsule:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.noarch", "8Base-satellite-6.13-capsule:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.src", "8Base-satellite-6.13-capsule:createrepo_c-0:1.0.2-2.el8pc.src", "8Base-satellite-6.13-capsule:createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:foreman-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-0:3.5.1.24-1.el8sat.src", "8Base-satellite-6.13-capsule:foreman-cli-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-debug-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-ec2-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-installer-1:3.5.2.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-installer-1:3.5.2.7-1.el8sat.src", "8Base-satellite-6.13-capsule:foreman-installer-katello-1:3.5.2.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-journald-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-openstack-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-service-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-vmware-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.13-capsule:python-pulp-rpm-0:3.18.19-2.el8pc.src", "8Base-satellite-6.13-capsule:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.13-capsule:python39-pulp-rpm-0:3.18.19-2.el8pc.noarch", "8Base-satellite-6.13-capsule:satellite-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:satellite-0:6.13.7-1.el8sat.src", "8Base-satellite-6.13-capsule:satellite-capsule-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:satellite-cli-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:satellite-common-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-maintenance:satellite-clone-0:3.5.0-1.el8sat.noarch", "8Base-satellite-6.13-maintenance:satellite-clone-0:3.5.0-1.el8sat.src", "8Base-satellite-6.13-utils:foreman-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-0:3.5.1.24-1.el8sat.src", "8Base-satellite-6.13-utils:foreman-cli-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-debug-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-ec2-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-journald-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-openstack-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-service-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-vmware-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:satellite-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-utils:satellite-0:6.13.7-1.el8sat.src", "8Base-satellite-6.13-utils:satellite-capsule-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-utils:satellite-cli-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-utils:satellite-common-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.noarch", "8Base-satellite-6.13:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.src", "8Base-satellite-6.13:createrepo_c-0:1.0.2-2.el8pc.src", "8Base-satellite-6.13:createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:foreman-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-0:3.5.1.24-1.el8sat.src", "8Base-satellite-6.13:foreman-cli-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-debug-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-ec2-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-installer-1:3.5.2.7-1.el8sat.noarch", "8Base-satellite-6.13:foreman-installer-1:3.5.2.7-1.el8sat.src", "8Base-satellite-6.13:foreman-installer-katello-1:3.5.2.7-1.el8sat.noarch", "8Base-satellite-6.13:foreman-journald-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-openstack-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-service-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-vmware-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.13:python-pulp-rpm-0:3.18.19-2.el8pc.src", "8Base-satellite-6.13:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.13:python39-pulp-rpm-0:3.18.19-2.el8pc.noarch", "8Base-satellite-6.13:rubygem-foreman_bootdisk-0:21.0.5-1.el8sat.noarch", "8Base-satellite-6.13:rubygem-foreman_bootdisk-0:21.0.5-1.el8sat.src", "8Base-satellite-6.13:rubygem-foreman_leapp-0:0.1.13-2.el8sat.noarch", "8Base-satellite-6.13:rubygem-foreman_leapp-0:0.1.13-2.el8sat.src", "8Base-satellite-6.13:rubygem-katello-0:4.7.0.36-1.el8sat.noarch", "8Base-satellite-6.13:rubygem-katello-0:4.7.0.36-1.el8sat.src", "8Base-satellite-6.13:satellite-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13:satellite-0:6.13.7-1.el8sat.src", "8Base-satellite-6.13:satellite-capsule-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13:satellite-cli-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13:satellite-common-0:6.13.7-1.el8sat.noarch", ], }, ], ids: [ { system_name: "Red Hat Bugzilla ID", text: "2236882", }, ], notes: [ { category: "description", text: "A memory leak vulnerability was found in Eclipse Mosquitto. This issue is triggered by malicious initial packets or certain client actions and may allow a remote attacker to the deplete system resources causing memory exhaustion, leading to a disruption in services and a denial of service condition.", title: "Vulnerability description", }, { category: "summary", text: "mosquitto: memory leak leads to unresponsive broker", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "8Base-satellite-6.13-capsule:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.13-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.13:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", ], known_not_affected: [ "8Base-satellite-6.13-capsule:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.noarch", "8Base-satellite-6.13-capsule:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.src", "8Base-satellite-6.13-capsule:createrepo_c-0:1.0.2-2.el8pc.src", "8Base-satellite-6.13-capsule:createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:foreman-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-0:3.5.1.24-1.el8sat.src", "8Base-satellite-6.13-capsule:foreman-cli-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-debug-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-ec2-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-installer-1:3.5.2.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-installer-1:3.5.2.7-1.el8sat.src", "8Base-satellite-6.13-capsule:foreman-installer-katello-1:3.5.2.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-journald-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-openstack-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-service-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-vmware-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.13-capsule:python-pulp-rpm-0:3.18.19-2.el8pc.src", "8Base-satellite-6.13-capsule:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.13-capsule:python39-pulp-rpm-0:3.18.19-2.el8pc.noarch", "8Base-satellite-6.13-capsule:satellite-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:satellite-0:6.13.7-1.el8sat.src", "8Base-satellite-6.13-capsule:satellite-capsule-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:satellite-cli-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:satellite-common-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-maintenance:satellite-clone-0:3.5.0-1.el8sat.noarch", "8Base-satellite-6.13-maintenance:satellite-clone-0:3.5.0-1.el8sat.src", "8Base-satellite-6.13-utils:foreman-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-0:3.5.1.24-1.el8sat.src", "8Base-satellite-6.13-utils:foreman-cli-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-debug-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-ec2-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-journald-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-openstack-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-service-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-vmware-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:satellite-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-utils:satellite-0:6.13.7-1.el8sat.src", "8Base-satellite-6.13-utils:satellite-capsule-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-utils:satellite-cli-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-utils:satellite-common-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.noarch", "8Base-satellite-6.13:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.src", "8Base-satellite-6.13:createrepo_c-0:1.0.2-2.el8pc.src", "8Base-satellite-6.13:createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:foreman-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-0:3.5.1.24-1.el8sat.src", "8Base-satellite-6.13:foreman-cli-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-debug-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-ec2-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-installer-1:3.5.2.7-1.el8sat.noarch", "8Base-satellite-6.13:foreman-installer-1:3.5.2.7-1.el8sat.src", "8Base-satellite-6.13:foreman-installer-katello-1:3.5.2.7-1.el8sat.noarch", "8Base-satellite-6.13:foreman-journald-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-openstack-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-service-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-vmware-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.13:python-pulp-rpm-0:3.18.19-2.el8pc.src", "8Base-satellite-6.13:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.13:python39-pulp-rpm-0:3.18.19-2.el8pc.noarch", "8Base-satellite-6.13:rubygem-foreman_bootdisk-0:21.0.5-1.el8sat.noarch", "8Base-satellite-6.13:rubygem-foreman_bootdisk-0:21.0.5-1.el8sat.src", "8Base-satellite-6.13:rubygem-foreman_leapp-0:0.1.13-2.el8sat.noarch", "8Base-satellite-6.13:rubygem-foreman_leapp-0:0.1.13-2.el8sat.src", "8Base-satellite-6.13:rubygem-katello-0:4.7.0.36-1.el8sat.noarch", "8Base-satellite-6.13:rubygem-katello-0:4.7.0.36-1.el8sat.src", "8Base-satellite-6.13:satellite-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13:satellite-0:6.13.7-1.el8sat.src", "8Base-satellite-6.13:satellite-capsule-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13:satellite-cli-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13:satellite-common-0:6.13.7-1.el8sat.noarch", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2023-0809", }, { category: "external", summary: "RHBZ#2236882", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2236882", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2023-0809", url: "https://www.cve.org/CVERecord?id=CVE-2023-0809", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2023-0809", url: "https://nvd.nist.gov/vuln/detail/CVE-2023-0809", }, { category: "external", summary: "https://github.com/eclipse/mosquitto/commit/6113eac95a9df634fbc858be542c4a0456bfe7b9", url: "https://github.com/eclipse/mosquitto/commit/6113eac95a9df634fbc858be542c4a0456bfe7b9", }, ], release_date: "2023-09-01T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-02-29T20:37:45+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor detailed instructions how to apply this update, refer to:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_satellite/6.6/html/upgrading_and_updating_red_hat_satellite/updating_satellite_server_capsule_server_and_content_hosts", product_ids: [ "8Base-satellite-6.13-capsule:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.13-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.13:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:1061", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "8Base-satellite-6.13-capsule:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.noarch", "8Base-satellite-6.13-capsule:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.src", "8Base-satellite-6.13-capsule:createrepo_c-0:1.0.2-2.el8pc.src", "8Base-satellite-6.13-capsule:createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:foreman-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-0:3.5.1.24-1.el8sat.src", "8Base-satellite-6.13-capsule:foreman-cli-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-debug-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-ec2-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-installer-1:3.5.2.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-installer-1:3.5.2.7-1.el8sat.src", "8Base-satellite-6.13-capsule:foreman-installer-katello-1:3.5.2.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-journald-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-openstack-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-service-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-vmware-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.13-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13-capsule:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.13-capsule:python-pulp-rpm-0:3.18.19-2.el8pc.src", "8Base-satellite-6.13-capsule:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.13-capsule:python39-pulp-rpm-0:3.18.19-2.el8pc.noarch", "8Base-satellite-6.13-capsule:satellite-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:satellite-0:6.13.7-1.el8sat.src", "8Base-satellite-6.13-capsule:satellite-capsule-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:satellite-cli-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:satellite-common-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-maintenance:satellite-clone-0:3.5.0-1.el8sat.noarch", "8Base-satellite-6.13-maintenance:satellite-clone-0:3.5.0-1.el8sat.src", "8Base-satellite-6.13-utils:foreman-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-0:3.5.1.24-1.el8sat.src", "8Base-satellite-6.13-utils:foreman-cli-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-debug-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-ec2-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-journald-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-openstack-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-service-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-vmware-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:satellite-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-utils:satellite-0:6.13.7-1.el8sat.src", "8Base-satellite-6.13-utils:satellite-capsule-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-utils:satellite-cli-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-utils:satellite-common-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.noarch", "8Base-satellite-6.13:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.src", "8Base-satellite-6.13:createrepo_c-0:1.0.2-2.el8pc.src", "8Base-satellite-6.13:createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:foreman-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-0:3.5.1.24-1.el8sat.src", "8Base-satellite-6.13:foreman-cli-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-debug-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-ec2-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-installer-1:3.5.2.7-1.el8sat.noarch", "8Base-satellite-6.13:foreman-installer-1:3.5.2.7-1.el8sat.src", "8Base-satellite-6.13:foreman-installer-katello-1:3.5.2.7-1.el8sat.noarch", "8Base-satellite-6.13:foreman-journald-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-openstack-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-service-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-vmware-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.13:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.13:python-pulp-rpm-0:3.18.19-2.el8pc.src", "8Base-satellite-6.13:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.13:python39-pulp-rpm-0:3.18.19-2.el8pc.noarch", "8Base-satellite-6.13:rubygem-foreman_bootdisk-0:21.0.5-1.el8sat.noarch", "8Base-satellite-6.13:rubygem-foreman_bootdisk-0:21.0.5-1.el8sat.src", "8Base-satellite-6.13:rubygem-foreman_leapp-0:0.1.13-2.el8sat.noarch", "8Base-satellite-6.13:rubygem-foreman_leapp-0:0.1.13-2.el8sat.src", "8Base-satellite-6.13:rubygem-katello-0:4.7.0.36-1.el8sat.noarch", "8Base-satellite-6.13:rubygem-katello-0:4.7.0.36-1.el8sat.src", "8Base-satellite-6.13:satellite-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13:satellite-0:6.13.7-1.el8sat.src", "8Base-satellite-6.13:satellite-capsule-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13:satellite-cli-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13:satellite-common-0:6.13.7-1.el8sat.noarch", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "mosquitto: memory leak leads to unresponsive broker", }, { cve: "CVE-2023-3592", cwe: { id: "CWE-401", name: "Missing Release of Memory after Effective Lifetime", }, discovery_date: "2023-09-01T00:00:00+00:00", flags: [ { label: "vulnerable_code_not_present", product_ids: [ "8Base-satellite-6.13-capsule:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.noarch", "8Base-satellite-6.13-capsule:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.src", "8Base-satellite-6.13-capsule:createrepo_c-0:1.0.2-2.el8pc.src", "8Base-satellite-6.13-capsule:createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:foreman-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-0:3.5.1.24-1.el8sat.src", "8Base-satellite-6.13-capsule:foreman-cli-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-debug-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-ec2-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-installer-1:3.5.2.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-installer-1:3.5.2.7-1.el8sat.src", "8Base-satellite-6.13-capsule:foreman-installer-katello-1:3.5.2.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-journald-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-openstack-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-service-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-vmware-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.13-capsule:python-pulp-rpm-0:3.18.19-2.el8pc.src", "8Base-satellite-6.13-capsule:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.13-capsule:python39-pulp-rpm-0:3.18.19-2.el8pc.noarch", "8Base-satellite-6.13-capsule:satellite-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:satellite-0:6.13.7-1.el8sat.src", "8Base-satellite-6.13-capsule:satellite-capsule-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:satellite-cli-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:satellite-common-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-maintenance:satellite-clone-0:3.5.0-1.el8sat.noarch", "8Base-satellite-6.13-maintenance:satellite-clone-0:3.5.0-1.el8sat.src", "8Base-satellite-6.13-utils:foreman-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-0:3.5.1.24-1.el8sat.src", "8Base-satellite-6.13-utils:foreman-cli-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-debug-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-ec2-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-journald-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-openstack-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-service-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-vmware-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:satellite-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-utils:satellite-0:6.13.7-1.el8sat.src", "8Base-satellite-6.13-utils:satellite-capsule-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-utils:satellite-cli-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-utils:satellite-common-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.noarch", "8Base-satellite-6.13:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.src", "8Base-satellite-6.13:createrepo_c-0:1.0.2-2.el8pc.src", "8Base-satellite-6.13:createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:foreman-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-0:3.5.1.24-1.el8sat.src", "8Base-satellite-6.13:foreman-cli-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-debug-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-ec2-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-installer-1:3.5.2.7-1.el8sat.noarch", "8Base-satellite-6.13:foreman-installer-1:3.5.2.7-1.el8sat.src", "8Base-satellite-6.13:foreman-installer-katello-1:3.5.2.7-1.el8sat.noarch", "8Base-satellite-6.13:foreman-journald-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-openstack-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-service-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-vmware-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.13:python-pulp-rpm-0:3.18.19-2.el8pc.src", "8Base-satellite-6.13:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.13:python39-pulp-rpm-0:3.18.19-2.el8pc.noarch", "8Base-satellite-6.13:rubygem-foreman_bootdisk-0:21.0.5-1.el8sat.noarch", "8Base-satellite-6.13:rubygem-foreman_bootdisk-0:21.0.5-1.el8sat.src", "8Base-satellite-6.13:rubygem-foreman_leapp-0:0.1.13-2.el8sat.noarch", "8Base-satellite-6.13:rubygem-foreman_leapp-0:0.1.13-2.el8sat.src", "8Base-satellite-6.13:rubygem-katello-0:4.7.0.36-1.el8sat.noarch", "8Base-satellite-6.13:rubygem-katello-0:4.7.0.36-1.el8sat.src", "8Base-satellite-6.13:satellite-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13:satellite-0:6.13.7-1.el8sat.src", "8Base-satellite-6.13:satellite-capsule-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13:satellite-cli-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13:satellite-common-0:6.13.7-1.el8sat.noarch", ], }, ], ids: [ { system_name: "Red Hat Bugzilla ID", text: "2236882", }, ], notes: [ { category: "description", text: "A memory leak vulnerability was found in Eclipse Mosquitto. This issue is triggered by malicious initial packets or certain client actions and may allow a remote attacker to the deplete system resources causing memory exhaustion, leading to a disruption in services and a denial of service condition.", title: "Vulnerability description", }, { category: "summary", text: "mosquitto: memory leak leads to unresponsive broker", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "8Base-satellite-6.13-capsule:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.13-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.13:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", ], known_not_affected: [ "8Base-satellite-6.13-capsule:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.noarch", "8Base-satellite-6.13-capsule:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.src", "8Base-satellite-6.13-capsule:createrepo_c-0:1.0.2-2.el8pc.src", "8Base-satellite-6.13-capsule:createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:foreman-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-0:3.5.1.24-1.el8sat.src", "8Base-satellite-6.13-capsule:foreman-cli-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-debug-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-ec2-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-installer-1:3.5.2.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-installer-1:3.5.2.7-1.el8sat.src", "8Base-satellite-6.13-capsule:foreman-installer-katello-1:3.5.2.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-journald-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-openstack-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-service-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-vmware-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.13-capsule:python-pulp-rpm-0:3.18.19-2.el8pc.src", "8Base-satellite-6.13-capsule:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.13-capsule:python39-pulp-rpm-0:3.18.19-2.el8pc.noarch", "8Base-satellite-6.13-capsule:satellite-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:satellite-0:6.13.7-1.el8sat.src", "8Base-satellite-6.13-capsule:satellite-capsule-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:satellite-cli-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:satellite-common-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-maintenance:satellite-clone-0:3.5.0-1.el8sat.noarch", "8Base-satellite-6.13-maintenance:satellite-clone-0:3.5.0-1.el8sat.src", "8Base-satellite-6.13-utils:foreman-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-0:3.5.1.24-1.el8sat.src", "8Base-satellite-6.13-utils:foreman-cli-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-debug-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-ec2-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-journald-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-openstack-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-service-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-vmware-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:satellite-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-utils:satellite-0:6.13.7-1.el8sat.src", "8Base-satellite-6.13-utils:satellite-capsule-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-utils:satellite-cli-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-utils:satellite-common-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.noarch", "8Base-satellite-6.13:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.src", "8Base-satellite-6.13:createrepo_c-0:1.0.2-2.el8pc.src", "8Base-satellite-6.13:createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:foreman-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-0:3.5.1.24-1.el8sat.src", "8Base-satellite-6.13:foreman-cli-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-debug-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-ec2-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-installer-1:3.5.2.7-1.el8sat.noarch", "8Base-satellite-6.13:foreman-installer-1:3.5.2.7-1.el8sat.src", "8Base-satellite-6.13:foreman-installer-katello-1:3.5.2.7-1.el8sat.noarch", "8Base-satellite-6.13:foreman-journald-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-openstack-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-service-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-vmware-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.13:python-pulp-rpm-0:3.18.19-2.el8pc.src", "8Base-satellite-6.13:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.13:python39-pulp-rpm-0:3.18.19-2.el8pc.noarch", "8Base-satellite-6.13:rubygem-foreman_bootdisk-0:21.0.5-1.el8sat.noarch", "8Base-satellite-6.13:rubygem-foreman_bootdisk-0:21.0.5-1.el8sat.src", "8Base-satellite-6.13:rubygem-foreman_leapp-0:0.1.13-2.el8sat.noarch", "8Base-satellite-6.13:rubygem-foreman_leapp-0:0.1.13-2.el8sat.src", "8Base-satellite-6.13:rubygem-katello-0:4.7.0.36-1.el8sat.noarch", "8Base-satellite-6.13:rubygem-katello-0:4.7.0.36-1.el8sat.src", "8Base-satellite-6.13:satellite-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13:satellite-0:6.13.7-1.el8sat.src", "8Base-satellite-6.13:satellite-capsule-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13:satellite-cli-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13:satellite-common-0:6.13.7-1.el8sat.noarch", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2023-3592", }, { category: "external", summary: "RHBZ#2236882", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2236882", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2023-3592", url: "https://www.cve.org/CVERecord?id=CVE-2023-3592", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2023-3592", url: "https://nvd.nist.gov/vuln/detail/CVE-2023-3592", }, { category: "external", summary: "https://github.com/eclipse/mosquitto/commit/6113eac95a9df634fbc858be542c4a0456bfe7b9", url: "https://github.com/eclipse/mosquitto/commit/6113eac95a9df634fbc858be542c4a0456bfe7b9", }, ], release_date: "2023-09-01T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-02-29T20:37:45+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor detailed instructions how to apply this update, refer to:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_satellite/6.6/html/upgrading_and_updating_red_hat_satellite/updating_satellite_server_capsule_server_and_content_hosts", product_ids: [ "8Base-satellite-6.13-capsule:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.13-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.13:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:1061", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "8Base-satellite-6.13-capsule:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.noarch", "8Base-satellite-6.13-capsule:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.src", "8Base-satellite-6.13-capsule:createrepo_c-0:1.0.2-2.el8pc.src", "8Base-satellite-6.13-capsule:createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:foreman-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-0:3.5.1.24-1.el8sat.src", "8Base-satellite-6.13-capsule:foreman-cli-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-debug-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-ec2-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-installer-1:3.5.2.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-installer-1:3.5.2.7-1.el8sat.src", "8Base-satellite-6.13-capsule:foreman-installer-katello-1:3.5.2.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-journald-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-openstack-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-service-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-vmware-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.13-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13-capsule:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.13-capsule:python-pulp-rpm-0:3.18.19-2.el8pc.src", "8Base-satellite-6.13-capsule:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.13-capsule:python39-pulp-rpm-0:3.18.19-2.el8pc.noarch", "8Base-satellite-6.13-capsule:satellite-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:satellite-0:6.13.7-1.el8sat.src", "8Base-satellite-6.13-capsule:satellite-capsule-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:satellite-cli-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:satellite-common-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-maintenance:satellite-clone-0:3.5.0-1.el8sat.noarch", "8Base-satellite-6.13-maintenance:satellite-clone-0:3.5.0-1.el8sat.src", "8Base-satellite-6.13-utils:foreman-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-0:3.5.1.24-1.el8sat.src", "8Base-satellite-6.13-utils:foreman-cli-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-debug-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-ec2-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-journald-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-openstack-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-service-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-vmware-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:satellite-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-utils:satellite-0:6.13.7-1.el8sat.src", "8Base-satellite-6.13-utils:satellite-capsule-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-utils:satellite-cli-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-utils:satellite-common-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.noarch", "8Base-satellite-6.13:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.src", "8Base-satellite-6.13:createrepo_c-0:1.0.2-2.el8pc.src", "8Base-satellite-6.13:createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:foreman-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-0:3.5.1.24-1.el8sat.src", "8Base-satellite-6.13:foreman-cli-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-debug-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-ec2-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-installer-1:3.5.2.7-1.el8sat.noarch", "8Base-satellite-6.13:foreman-installer-1:3.5.2.7-1.el8sat.src", "8Base-satellite-6.13:foreman-installer-katello-1:3.5.2.7-1.el8sat.noarch", "8Base-satellite-6.13:foreman-journald-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-openstack-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-service-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-vmware-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.13:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.13:python-pulp-rpm-0:3.18.19-2.el8pc.src", "8Base-satellite-6.13:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.13:python39-pulp-rpm-0:3.18.19-2.el8pc.noarch", "8Base-satellite-6.13:rubygem-foreman_bootdisk-0:21.0.5-1.el8sat.noarch", "8Base-satellite-6.13:rubygem-foreman_bootdisk-0:21.0.5-1.el8sat.src", "8Base-satellite-6.13:rubygem-foreman_leapp-0:0.1.13-2.el8sat.noarch", "8Base-satellite-6.13:rubygem-foreman_leapp-0:0.1.13-2.el8sat.src", "8Base-satellite-6.13:rubygem-katello-0:4.7.0.36-1.el8sat.noarch", "8Base-satellite-6.13:rubygem-katello-0:4.7.0.36-1.el8sat.src", "8Base-satellite-6.13:satellite-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13:satellite-0:6.13.7-1.el8sat.src", "8Base-satellite-6.13:satellite-capsule-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13:satellite-cli-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13:satellite-common-0:6.13.7-1.el8sat.noarch", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "mosquitto: memory leak leads to unresponsive broker", }, { cve: "CVE-2023-4886", cwe: { id: "CWE-200", name: "Exposure of Sensitive Information to an Unauthorized Actor", }, discovery_date: "2023-08-08T00:00:00+00:00", flags: [ { label: "vulnerable_code_not_present", product_ids: [ "8Base-satellite-6.13-capsule:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.noarch", "8Base-satellite-6.13-capsule:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.src", "8Base-satellite-6.13-capsule:createrepo_c-0:1.0.2-2.el8pc.src", "8Base-satellite-6.13-capsule:createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:foreman-installer-1:3.5.2.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-installer-1:3.5.2.7-1.el8sat.src", "8Base-satellite-6.13-capsule:foreman-installer-katello-1:3.5.2.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.13-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13-capsule:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.13-capsule:python-pulp-rpm-0:3.18.19-2.el8pc.src", "8Base-satellite-6.13-capsule:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.13-capsule:python39-pulp-rpm-0:3.18.19-2.el8pc.noarch", "8Base-satellite-6.13-capsule:satellite-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:satellite-0:6.13.7-1.el8sat.src", "8Base-satellite-6.13-capsule:satellite-capsule-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:satellite-cli-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:satellite-common-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-maintenance:satellite-clone-0:3.5.0-1.el8sat.noarch", "8Base-satellite-6.13-maintenance:satellite-clone-0:3.5.0-1.el8sat.src", "8Base-satellite-6.13-utils:satellite-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-utils:satellite-0:6.13.7-1.el8sat.src", "8Base-satellite-6.13-utils:satellite-capsule-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-utils:satellite-cli-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-utils:satellite-common-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.noarch", "8Base-satellite-6.13:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.src", "8Base-satellite-6.13:createrepo_c-0:1.0.2-2.el8pc.src", "8Base-satellite-6.13:createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:foreman-installer-1:3.5.2.7-1.el8sat.noarch", "8Base-satellite-6.13:foreman-installer-1:3.5.2.7-1.el8sat.src", "8Base-satellite-6.13:foreman-installer-katello-1:3.5.2.7-1.el8sat.noarch", "8Base-satellite-6.13:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.13:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.13:python-pulp-rpm-0:3.18.19-2.el8pc.src", "8Base-satellite-6.13:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.13:python39-pulp-rpm-0:3.18.19-2.el8pc.noarch", "8Base-satellite-6.13:rubygem-foreman_bootdisk-0:21.0.5-1.el8sat.noarch", "8Base-satellite-6.13:rubygem-foreman_bootdisk-0:21.0.5-1.el8sat.src", "8Base-satellite-6.13:rubygem-foreman_leapp-0:0.1.13-2.el8sat.noarch", "8Base-satellite-6.13:rubygem-foreman_leapp-0:0.1.13-2.el8sat.src", "8Base-satellite-6.13:rubygem-katello-0:4.7.0.36-1.el8sat.noarch", "8Base-satellite-6.13:rubygem-katello-0:4.7.0.36-1.el8sat.src", "8Base-satellite-6.13:satellite-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13:satellite-0:6.13.7-1.el8sat.src", "8Base-satellite-6.13:satellite-capsule-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13:satellite-cli-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13:satellite-common-0:6.13.7-1.el8sat.noarch", ], }, ], ids: [ { system_name: "Red Hat Bugzilla ID", text: "2230135", }, ], notes: [ { category: "description", text: "A sensitive information exposure vulnerability was found in foreman. Contents of tomcat's server.xml file, which contain passwords to candlepin's keystore and truststore, were found to be world readable.", title: "Vulnerability description", }, { category: "summary", text: "foreman: World readable file containing secrets", title: "Vulnerability summary", }, { category: "other", text: "This flaw has a limited impact on security, as candlepin's individual stores' privileges are limited to root and tomcat only. Therefore, the impact is limited to highly privileged users.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "8Base-satellite-6.13-capsule:foreman-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-0:3.5.1.24-1.el8sat.src", "8Base-satellite-6.13-capsule:foreman-cli-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-debug-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-ec2-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-journald-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-openstack-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-service-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-vmware-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-0:3.5.1.24-1.el8sat.src", "8Base-satellite-6.13-utils:foreman-cli-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-debug-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-ec2-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-journald-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-openstack-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-service-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-vmware-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-0:3.5.1.24-1.el8sat.src", "8Base-satellite-6.13:foreman-cli-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-debug-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-ec2-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-journald-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-openstack-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-service-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-vmware-0:3.5.1.24-1.el8sat.noarch", ], known_not_affected: [ "8Base-satellite-6.13-capsule:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.noarch", "8Base-satellite-6.13-capsule:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.src", "8Base-satellite-6.13-capsule:createrepo_c-0:1.0.2-2.el8pc.src", "8Base-satellite-6.13-capsule:createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:foreman-installer-1:3.5.2.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-installer-1:3.5.2.7-1.el8sat.src", "8Base-satellite-6.13-capsule:foreman-installer-katello-1:3.5.2.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.13-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13-capsule:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.13-capsule:python-pulp-rpm-0:3.18.19-2.el8pc.src", "8Base-satellite-6.13-capsule:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.13-capsule:python39-pulp-rpm-0:3.18.19-2.el8pc.noarch", "8Base-satellite-6.13-capsule:satellite-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:satellite-0:6.13.7-1.el8sat.src", "8Base-satellite-6.13-capsule:satellite-capsule-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:satellite-cli-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:satellite-common-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-maintenance:satellite-clone-0:3.5.0-1.el8sat.noarch", "8Base-satellite-6.13-maintenance:satellite-clone-0:3.5.0-1.el8sat.src", "8Base-satellite-6.13-utils:satellite-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-utils:satellite-0:6.13.7-1.el8sat.src", "8Base-satellite-6.13-utils:satellite-capsule-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-utils:satellite-cli-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-utils:satellite-common-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.noarch", "8Base-satellite-6.13:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.src", "8Base-satellite-6.13:createrepo_c-0:1.0.2-2.el8pc.src", "8Base-satellite-6.13:createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:foreman-installer-1:3.5.2.7-1.el8sat.noarch", "8Base-satellite-6.13:foreman-installer-1:3.5.2.7-1.el8sat.src", "8Base-satellite-6.13:foreman-installer-katello-1:3.5.2.7-1.el8sat.noarch", "8Base-satellite-6.13:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.13:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.13:python-pulp-rpm-0:3.18.19-2.el8pc.src", "8Base-satellite-6.13:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.13:python39-pulp-rpm-0:3.18.19-2.el8pc.noarch", "8Base-satellite-6.13:rubygem-foreman_bootdisk-0:21.0.5-1.el8sat.noarch", "8Base-satellite-6.13:rubygem-foreman_bootdisk-0:21.0.5-1.el8sat.src", "8Base-satellite-6.13:rubygem-foreman_leapp-0:0.1.13-2.el8sat.noarch", "8Base-satellite-6.13:rubygem-foreman_leapp-0:0.1.13-2.el8sat.src", "8Base-satellite-6.13:rubygem-katello-0:4.7.0.36-1.el8sat.noarch", "8Base-satellite-6.13:rubygem-katello-0:4.7.0.36-1.el8sat.src", "8Base-satellite-6.13:satellite-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13:satellite-0:6.13.7-1.el8sat.src", "8Base-satellite-6.13:satellite-capsule-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13:satellite-cli-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13:satellite-common-0:6.13.7-1.el8sat.noarch", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2023-4886", }, { category: "external", summary: "RHBZ#2230135", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2230135", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2023-4886", url: "https://www.cve.org/CVERecord?id=CVE-2023-4886", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2023-4886", url: "https://nvd.nist.gov/vuln/detail/CVE-2023-4886", }, ], release_date: "2023-10-03T14:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-02-29T20:37:45+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor detailed instructions how to apply this update, refer to:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_satellite/6.6/html/upgrading_and_updating_red_hat_satellite/updating_satellite_server_capsule_server_and_content_hosts", product_ids: [ "8Base-satellite-6.13-capsule:foreman-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-0:3.5.1.24-1.el8sat.src", "8Base-satellite-6.13-capsule:foreman-cli-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-debug-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-ec2-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-journald-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-openstack-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-service-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-vmware-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-0:3.5.1.24-1.el8sat.src", "8Base-satellite-6.13-utils:foreman-cli-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-debug-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-ec2-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-journald-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-openstack-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-service-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-vmware-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-0:3.5.1.24-1.el8sat.src", "8Base-satellite-6.13:foreman-cli-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-debug-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-ec2-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-journald-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-openstack-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-service-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-vmware-0:3.5.1.24-1.el8sat.noarch", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:1061", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 6.7, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "8Base-satellite-6.13-capsule:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.noarch", "8Base-satellite-6.13-capsule:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.src", "8Base-satellite-6.13-capsule:createrepo_c-0:1.0.2-2.el8pc.src", "8Base-satellite-6.13-capsule:createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:foreman-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-0:3.5.1.24-1.el8sat.src", "8Base-satellite-6.13-capsule:foreman-cli-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-debug-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-ec2-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-installer-1:3.5.2.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-installer-1:3.5.2.7-1.el8sat.src", "8Base-satellite-6.13-capsule:foreman-installer-katello-1:3.5.2.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-journald-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-openstack-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-service-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-vmware-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.13-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13-capsule:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.13-capsule:python-pulp-rpm-0:3.18.19-2.el8pc.src", "8Base-satellite-6.13-capsule:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.13-capsule:python39-pulp-rpm-0:3.18.19-2.el8pc.noarch", "8Base-satellite-6.13-capsule:satellite-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:satellite-0:6.13.7-1.el8sat.src", "8Base-satellite-6.13-capsule:satellite-capsule-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:satellite-cli-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:satellite-common-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-maintenance:satellite-clone-0:3.5.0-1.el8sat.noarch", "8Base-satellite-6.13-maintenance:satellite-clone-0:3.5.0-1.el8sat.src", "8Base-satellite-6.13-utils:foreman-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-0:3.5.1.24-1.el8sat.src", "8Base-satellite-6.13-utils:foreman-cli-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-debug-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-ec2-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-journald-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-openstack-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-service-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-vmware-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:satellite-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-utils:satellite-0:6.13.7-1.el8sat.src", "8Base-satellite-6.13-utils:satellite-capsule-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-utils:satellite-cli-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-utils:satellite-common-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.noarch", "8Base-satellite-6.13:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.src", "8Base-satellite-6.13:createrepo_c-0:1.0.2-2.el8pc.src", "8Base-satellite-6.13:createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:foreman-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-0:3.5.1.24-1.el8sat.src", "8Base-satellite-6.13:foreman-cli-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-debug-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-ec2-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-installer-1:3.5.2.7-1.el8sat.noarch", "8Base-satellite-6.13:foreman-installer-1:3.5.2.7-1.el8sat.src", "8Base-satellite-6.13:foreman-installer-katello-1:3.5.2.7-1.el8sat.noarch", "8Base-satellite-6.13:foreman-journald-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-openstack-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-service-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-vmware-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.13:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.13:python-pulp-rpm-0:3.18.19-2.el8pc.src", "8Base-satellite-6.13:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.13:python39-pulp-rpm-0:3.18.19-2.el8pc.noarch", "8Base-satellite-6.13:rubygem-foreman_bootdisk-0:21.0.5-1.el8sat.noarch", "8Base-satellite-6.13:rubygem-foreman_bootdisk-0:21.0.5-1.el8sat.src", "8Base-satellite-6.13:rubygem-foreman_leapp-0:0.1.13-2.el8sat.noarch", "8Base-satellite-6.13:rubygem-foreman_leapp-0:0.1.13-2.el8sat.src", "8Base-satellite-6.13:rubygem-katello-0:4.7.0.36-1.el8sat.noarch", "8Base-satellite-6.13:rubygem-katello-0:4.7.0.36-1.el8sat.src", "8Base-satellite-6.13:satellite-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13:satellite-0:6.13.7-1.el8sat.src", "8Base-satellite-6.13:satellite-capsule-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13:satellite-cli-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13:satellite-common-0:6.13.7-1.el8sat.noarch", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "foreman: World readable file containing secrets", }, { cve: "CVE-2023-28366", cwe: { id: "CWE-401", name: "Missing Release of Memory after Effective Lifetime", }, discovery_date: "2023-09-01T00:00:00+00:00", flags: [ { label: "vulnerable_code_not_present", product_ids: [ "8Base-satellite-6.13-capsule:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.noarch", "8Base-satellite-6.13-capsule:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.src", "8Base-satellite-6.13-capsule:createrepo_c-0:1.0.2-2.el8pc.src", "8Base-satellite-6.13-capsule:createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:foreman-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-0:3.5.1.24-1.el8sat.src", "8Base-satellite-6.13-capsule:foreman-cli-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-debug-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-ec2-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-installer-1:3.5.2.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-installer-1:3.5.2.7-1.el8sat.src", "8Base-satellite-6.13-capsule:foreman-installer-katello-1:3.5.2.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-journald-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-openstack-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-service-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-vmware-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.13-capsule:python-pulp-rpm-0:3.18.19-2.el8pc.src", "8Base-satellite-6.13-capsule:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.13-capsule:python39-pulp-rpm-0:3.18.19-2.el8pc.noarch", "8Base-satellite-6.13-capsule:satellite-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:satellite-0:6.13.7-1.el8sat.src", "8Base-satellite-6.13-capsule:satellite-capsule-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:satellite-cli-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:satellite-common-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-maintenance:satellite-clone-0:3.5.0-1.el8sat.noarch", "8Base-satellite-6.13-maintenance:satellite-clone-0:3.5.0-1.el8sat.src", "8Base-satellite-6.13-utils:foreman-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-0:3.5.1.24-1.el8sat.src", "8Base-satellite-6.13-utils:foreman-cli-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-debug-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-ec2-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-journald-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-openstack-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-service-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-vmware-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:satellite-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-utils:satellite-0:6.13.7-1.el8sat.src", "8Base-satellite-6.13-utils:satellite-capsule-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-utils:satellite-cli-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-utils:satellite-common-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.noarch", "8Base-satellite-6.13:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.src", "8Base-satellite-6.13:createrepo_c-0:1.0.2-2.el8pc.src", "8Base-satellite-6.13:createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:foreman-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-0:3.5.1.24-1.el8sat.src", "8Base-satellite-6.13:foreman-cli-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-debug-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-ec2-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-installer-1:3.5.2.7-1.el8sat.noarch", "8Base-satellite-6.13:foreman-installer-1:3.5.2.7-1.el8sat.src", "8Base-satellite-6.13:foreman-installer-katello-1:3.5.2.7-1.el8sat.noarch", "8Base-satellite-6.13:foreman-journald-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-openstack-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-service-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-vmware-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.13:python-pulp-rpm-0:3.18.19-2.el8pc.src", "8Base-satellite-6.13:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.13:python39-pulp-rpm-0:3.18.19-2.el8pc.noarch", "8Base-satellite-6.13:rubygem-foreman_bootdisk-0:21.0.5-1.el8sat.noarch", "8Base-satellite-6.13:rubygem-foreman_bootdisk-0:21.0.5-1.el8sat.src", "8Base-satellite-6.13:rubygem-foreman_leapp-0:0.1.13-2.el8sat.noarch", "8Base-satellite-6.13:rubygem-foreman_leapp-0:0.1.13-2.el8sat.src", "8Base-satellite-6.13:rubygem-katello-0:4.7.0.36-1.el8sat.noarch", "8Base-satellite-6.13:rubygem-katello-0:4.7.0.36-1.el8sat.src", "8Base-satellite-6.13:satellite-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13:satellite-0:6.13.7-1.el8sat.src", "8Base-satellite-6.13:satellite-capsule-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13:satellite-cli-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13:satellite-common-0:6.13.7-1.el8sat.noarch", ], }, ], ids: [ { system_name: "Red Hat Bugzilla ID", text: "2236882", }, ], notes: [ { category: "description", text: "A memory leak vulnerability was found in Eclipse Mosquitto. This issue is triggered by malicious initial packets or certain client actions and may allow a remote attacker to the deplete system resources causing memory exhaustion, leading to a disruption in services and a denial of service condition.", title: "Vulnerability description", }, { category: "summary", text: "mosquitto: memory leak leads to unresponsive broker", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "8Base-satellite-6.13-capsule:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.13-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.13:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", ], known_not_affected: [ "8Base-satellite-6.13-capsule:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.noarch", "8Base-satellite-6.13-capsule:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.src", "8Base-satellite-6.13-capsule:createrepo_c-0:1.0.2-2.el8pc.src", "8Base-satellite-6.13-capsule:createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:foreman-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-0:3.5.1.24-1.el8sat.src", "8Base-satellite-6.13-capsule:foreman-cli-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-debug-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-ec2-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-installer-1:3.5.2.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-installer-1:3.5.2.7-1.el8sat.src", "8Base-satellite-6.13-capsule:foreman-installer-katello-1:3.5.2.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-journald-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-openstack-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-service-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-vmware-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.13-capsule:python-pulp-rpm-0:3.18.19-2.el8pc.src", "8Base-satellite-6.13-capsule:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.13-capsule:python39-pulp-rpm-0:3.18.19-2.el8pc.noarch", "8Base-satellite-6.13-capsule:satellite-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:satellite-0:6.13.7-1.el8sat.src", "8Base-satellite-6.13-capsule:satellite-capsule-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:satellite-cli-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:satellite-common-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-maintenance:satellite-clone-0:3.5.0-1.el8sat.noarch", "8Base-satellite-6.13-maintenance:satellite-clone-0:3.5.0-1.el8sat.src", "8Base-satellite-6.13-utils:foreman-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-0:3.5.1.24-1.el8sat.src", "8Base-satellite-6.13-utils:foreman-cli-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-debug-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-ec2-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-journald-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-openstack-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-service-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-vmware-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:satellite-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-utils:satellite-0:6.13.7-1.el8sat.src", "8Base-satellite-6.13-utils:satellite-capsule-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-utils:satellite-cli-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-utils:satellite-common-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.noarch", "8Base-satellite-6.13:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.src", "8Base-satellite-6.13:createrepo_c-0:1.0.2-2.el8pc.src", "8Base-satellite-6.13:createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:foreman-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-0:3.5.1.24-1.el8sat.src", "8Base-satellite-6.13:foreman-cli-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-debug-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-ec2-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-installer-1:3.5.2.7-1.el8sat.noarch", "8Base-satellite-6.13:foreman-installer-1:3.5.2.7-1.el8sat.src", "8Base-satellite-6.13:foreman-installer-katello-1:3.5.2.7-1.el8sat.noarch", "8Base-satellite-6.13:foreman-journald-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-openstack-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-service-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-vmware-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.13:python-pulp-rpm-0:3.18.19-2.el8pc.src", "8Base-satellite-6.13:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.13:python39-pulp-rpm-0:3.18.19-2.el8pc.noarch", "8Base-satellite-6.13:rubygem-foreman_bootdisk-0:21.0.5-1.el8sat.noarch", "8Base-satellite-6.13:rubygem-foreman_bootdisk-0:21.0.5-1.el8sat.src", "8Base-satellite-6.13:rubygem-foreman_leapp-0:0.1.13-2.el8sat.noarch", "8Base-satellite-6.13:rubygem-foreman_leapp-0:0.1.13-2.el8sat.src", "8Base-satellite-6.13:rubygem-katello-0:4.7.0.36-1.el8sat.noarch", "8Base-satellite-6.13:rubygem-katello-0:4.7.0.36-1.el8sat.src", "8Base-satellite-6.13:satellite-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13:satellite-0:6.13.7-1.el8sat.src", "8Base-satellite-6.13:satellite-capsule-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13:satellite-cli-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13:satellite-common-0:6.13.7-1.el8sat.noarch", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2023-28366", }, { category: "external", summary: "RHBZ#2236882", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2236882", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2023-28366", url: "https://www.cve.org/CVERecord?id=CVE-2023-28366", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2023-28366", url: "https://nvd.nist.gov/vuln/detail/CVE-2023-28366", }, { category: "external", summary: "https://github.com/eclipse/mosquitto/commit/6113eac95a9df634fbc858be542c4a0456bfe7b9", url: "https://github.com/eclipse/mosquitto/commit/6113eac95a9df634fbc858be542c4a0456bfe7b9", }, ], release_date: "2023-09-01T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-02-29T20:37:45+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor detailed instructions how to apply this update, refer to:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_satellite/6.6/html/upgrading_and_updating_red_hat_satellite/updating_satellite_server_capsule_server_and_content_hosts", product_ids: [ "8Base-satellite-6.13-capsule:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.13-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.13:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:1061", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "8Base-satellite-6.13-capsule:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.noarch", "8Base-satellite-6.13-capsule:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.src", "8Base-satellite-6.13-capsule:createrepo_c-0:1.0.2-2.el8pc.src", "8Base-satellite-6.13-capsule:createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:foreman-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-0:3.5.1.24-1.el8sat.src", "8Base-satellite-6.13-capsule:foreman-cli-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-debug-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-ec2-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-installer-1:3.5.2.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-installer-1:3.5.2.7-1.el8sat.src", "8Base-satellite-6.13-capsule:foreman-installer-katello-1:3.5.2.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-journald-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-openstack-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-service-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-vmware-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.13-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13-capsule:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.13-capsule:python-pulp-rpm-0:3.18.19-2.el8pc.src", "8Base-satellite-6.13-capsule:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.13-capsule:python39-pulp-rpm-0:3.18.19-2.el8pc.noarch", "8Base-satellite-6.13-capsule:satellite-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:satellite-0:6.13.7-1.el8sat.src", "8Base-satellite-6.13-capsule:satellite-capsule-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:satellite-cli-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:satellite-common-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-maintenance:satellite-clone-0:3.5.0-1.el8sat.noarch", "8Base-satellite-6.13-maintenance:satellite-clone-0:3.5.0-1.el8sat.src", "8Base-satellite-6.13-utils:foreman-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-0:3.5.1.24-1.el8sat.src", "8Base-satellite-6.13-utils:foreman-cli-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-debug-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-ec2-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-journald-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-openstack-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-service-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-vmware-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:satellite-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-utils:satellite-0:6.13.7-1.el8sat.src", "8Base-satellite-6.13-utils:satellite-capsule-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-utils:satellite-cli-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-utils:satellite-common-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.noarch", "8Base-satellite-6.13:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.src", "8Base-satellite-6.13:createrepo_c-0:1.0.2-2.el8pc.src", "8Base-satellite-6.13:createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:foreman-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-0:3.5.1.24-1.el8sat.src", "8Base-satellite-6.13:foreman-cli-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-debug-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-ec2-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-installer-1:3.5.2.7-1.el8sat.noarch", "8Base-satellite-6.13:foreman-installer-1:3.5.2.7-1.el8sat.src", "8Base-satellite-6.13:foreman-installer-katello-1:3.5.2.7-1.el8sat.noarch", "8Base-satellite-6.13:foreman-journald-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-openstack-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-service-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-vmware-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.13:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.13:python-pulp-rpm-0:3.18.19-2.el8pc.src", "8Base-satellite-6.13:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.13:python39-pulp-rpm-0:3.18.19-2.el8pc.noarch", "8Base-satellite-6.13:rubygem-foreman_bootdisk-0:21.0.5-1.el8sat.noarch", "8Base-satellite-6.13:rubygem-foreman_bootdisk-0:21.0.5-1.el8sat.src", "8Base-satellite-6.13:rubygem-foreman_leapp-0:0.1.13-2.el8sat.noarch", "8Base-satellite-6.13:rubygem-foreman_leapp-0:0.1.13-2.el8sat.src", "8Base-satellite-6.13:rubygem-katello-0:4.7.0.36-1.el8sat.noarch", "8Base-satellite-6.13:rubygem-katello-0:4.7.0.36-1.el8sat.src", "8Base-satellite-6.13:satellite-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13:satellite-0:6.13.7-1.el8sat.src", "8Base-satellite-6.13:satellite-capsule-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13:satellite-cli-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13:satellite-common-0:6.13.7-1.el8sat.noarch", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "mosquitto: memory leak leads to unresponsive broker", }, ], }
rhsa-2024:0797
Vulnerability from csaf_redhat
Published
2024-02-13 14:45
Modified
2025-04-14 02:17
Summary
Red Hat Security Advisory: Satellite 6.14.2 Async Security Update
Notes
Topic
Updated Satellite 6.14 packages that fixes Important security bugs and several
regular bugs are now available for Red Hat Satellite.
Details
Red Hat Satellite is a system management solution that allows organizations
to configure and maintain their systems without the necessity to provide
public Internet access to their servers or other client systems. It
performs provisioning and configuration management of predefined standard
operating environments.
Security fix(es):
* CVE-2023-26049 (puppetserver): Cookie parsing of quoted values can exfiltrate values from other cookies
* CVE-2023-26141 (rubygem-sidekiq): Denial of Service (DoS) in dashboard-charts
* CVE-2023-36479 (puppetserver): Improper addition of quotation marks to user inputs in CgiServlet
* CVE-2023-38545 (puppet-agent): Heap-based buffer overflow in the SOCKS5 proxy handshake
* CVE-2023-40167 (puppetserver): Improper validation of HTTP/1 content-length
* CVE-2023-40175 (rubygem-puma): HTTP request smuggling when parsing chunked transfer encoding bodies and zero-length content-length headers
* CVE-2023-4785 (rubygem-grpc): File descriptor exhaustion leads to denial of service
* CVE-2023-0809, CVE-2023-28366, CVE-2023-3592 (mosquitto): Memory leak leads to unresponsive broker
This update fixes the following bugs:
2250347 - 'Sun, 11 Jun 2023 17:51:29 GMT' could not be parsed at index 0 at java.time.format.DateTimeFormatter.parseResolved
2254974 - satellite-convert2rhel-toolkit install fails on latest rpm with `/usr/bin/bash: /usr/libexec/satellite-convert2rhel-appliance/action-install.sh: No such file or directory`
2255260 - 6.14 - satellite-convert2rhel-toolkit is part of the satellite module
2257321 - Request for UEFI Kickstart Provisioning to handle naming convention for VLAN tagged interfaces of the format <parent_device>.<vlan_id> in addition to vlan<vlan_id>
2257324 - Generate applicability tasks fails with error "ERROR: insert or update on table "katello_content_facet_errata" violates foreign key constraint "katello_content_facet_errata_ca_id"
2257326 - Show failed resources in failed installation report
2257327 - Puppet reports without any messages don't get an origin
2257329 - Host registration fails with error "Attached to can't be blank" when the VLAN name includes UPPERCASE letters
2257330 - default tuning profile leaves httpd MaxClients 150 which httpd raises a warning
2257331 - Registering host through load balancer causes REX not to know what capsule to choose for 'registered_through'
2257332 - Registration can't find any Capsules when their locations are not assigned to admin user
2257415 - Provisioning vm host fails with error "Failed to attach ISO image to CDROM drive of instance client.example.com: InvalidPowerState: The attempted operation cannot be performed in the current state (Powered on)".
2260525 - [Improvement] RefreshRepos step in Capsule Sync to refresh just repos to sync
2262131 - Unable to sync library/busybox from gcr.io
Users of Red Hat Satellite are advised to upgrade to these updated
packages, which fix these bugs.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Updated Satellite 6.14 packages that fixes Important security bugs and several\nregular bugs are now available for Red Hat Satellite.", title: "Topic", }, { category: "general", text: "Red Hat Satellite is a system management solution that allows organizations\nto configure and maintain their systems without the necessity to provide\npublic Internet access to their servers or other client systems. It\nperforms provisioning and configuration management of predefined standard\noperating environments.\n\nSecurity fix(es):\n* CVE-2023-26049 (puppetserver): Cookie parsing of quoted values can exfiltrate values from other cookies\n* CVE-2023-26141 (rubygem-sidekiq): Denial of Service (DoS) in dashboard-charts\n* CVE-2023-36479 (puppetserver): Improper addition of quotation marks to user inputs in CgiServlet\n* CVE-2023-38545 (puppet-agent): Heap-based buffer overflow in the SOCKS5 proxy handshake\n* CVE-2023-40167 (puppetserver): Improper validation of HTTP/1 content-length\n* CVE-2023-40175 (rubygem-puma): HTTP request smuggling when parsing chunked transfer encoding bodies and zero-length content-length headers\n* CVE-2023-4785 (rubygem-grpc): File descriptor exhaustion leads to denial of service\n* CVE-2023-0809, CVE-2023-28366, CVE-2023-3592 (mosquitto): Memory leak leads to unresponsive broker\n\nThis update fixes the following bugs:\n2250347 - 'Sun, 11 Jun 2023 17:51:29 GMT' could not be parsed at index 0 at java.time.format.DateTimeFormatter.parseResolved\n2254974 - satellite-convert2rhel-toolkit install fails on latest rpm with `/usr/bin/bash: /usr/libexec/satellite-convert2rhel-appliance/action-install.sh: No such file or directory`\n2255260 - 6.14 - satellite-convert2rhel-toolkit is part of the satellite module\n2257321 - Request for UEFI Kickstart Provisioning to handle naming convention for VLAN tagged interfaces of the format <parent_device>.<vlan_id> in addition to vlan<vlan_id>\n2257324 - Generate applicability tasks fails with error \"ERROR: insert or update on table \"katello_content_facet_errata\" violates foreign key constraint \"katello_content_facet_errata_ca_id\"\n2257326 - Show failed resources in failed installation report\n2257327 - Puppet reports without any messages don't get an origin\n2257329 - Host registration fails with error \"Attached to can't be blank\" when the VLAN name includes UPPERCASE letters\n2257330 - default tuning profile leaves httpd MaxClients 150 which httpd raises a warning\n2257331 - Registering host through load balancer causes REX not to know what capsule to choose for 'registered_through'\n2257332 - Registration can't find any Capsules when their locations are not assigned to admin user\n2257415 - Provisioning vm host fails with error \"Failed to attach ISO image to CDROM drive of instance client.example.com: InvalidPowerState: The attempted operation cannot be performed in the current state (Powered on)\". \n2260525 - [Improvement] RefreshRepos step in Capsule Sync to refresh just repos to sync \n2262131 - Unable to sync library/busybox from gcr.io \n\nUsers of Red Hat Satellite are advised to upgrade to these updated\npackages, which fix these bugs.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2024:0797", url: "https://access.redhat.com/errata/RHSA-2024:0797", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#important", url: "https://access.redhat.com/security/updates/classification/#important", }, { category: "external", summary: "https://access.redhat.com/documentation/en-us/red_hat_satellite/6.14/html/upgrading_and_updating_red_hat_satellite/index", url: "https://access.redhat.com/documentation/en-us/red_hat_satellite/6.14/html/upgrading_and_updating_red_hat_satellite/index", }, { category: "external", summary: "2232729", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2232729", }, { category: "external", summary: "2236341", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2236341", }, { category: "external", summary: "2236882", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2236882", }, { category: "external", summary: "2239010", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2239010", }, { category: "external", summary: "2239017", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2239017", }, { category: "external", summary: "2239630", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2239630", }, { category: "external", summary: "2239634", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2239634", }, { category: "external", summary: "2241933", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2241933", }, { category: "external", summary: "2250347", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2250347", }, { category: "external", summary: "2254974", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2254974", }, { category: "external", summary: "2255260", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2255260", }, { category: "external", summary: "2257321", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2257321", }, { category: "external", summary: "2257324", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2257324", }, { category: "external", summary: "2257326", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2257326", }, { category: "external", summary: "2257327", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2257327", }, { category: "external", summary: "2257329", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2257329", }, { category: "external", summary: "2257330", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2257330", }, { category: "external", summary: "2257331", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2257331", }, { category: "external", summary: "2257332", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2257332", }, { category: "external", summary: "2257415", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2257415", }, { category: "external", summary: "2260525", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2260525", }, { category: "external", summary: "2262131", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2262131", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_0797.json", }, ], title: "Red Hat Security Advisory: Satellite 6.14.2 Async Security Update", tracking: { current_release_date: "2025-04-14T02:17:45+00:00", generator: { date: "2025-04-14T02:17:45+00:00", engine: { name: "Red Hat SDEngine", version: "4.4.2", }, }, id: "RHSA-2024:0797", initial_release_date: "2024-02-13T14:45:57+00:00", revision_history: [ { date: "2024-02-13T14:45:57+00:00", number: "1", summary: "Initial version", }, { date: "2024-02-13T14:45:57+00:00", number: "2", summary: "Last updated version", }, { date: "2025-04-14T02:17:45+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat Satellite 6.14 for RHEL 8", product: { name: "Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14", product_identification_helper: { cpe: "cpe:/a:redhat:satellite:6.14::el8", }, }, }, { category: "product_name", name: "Red Hat Satellite 6.14 for RHEL 8", product: { name: "Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14-capsule", product_identification_helper: { cpe: "cpe:/a:redhat:satellite_capsule:6.14::el8", }, }, }, { category: "product_name", name: "Red Hat Satellite 6.14 for RHEL 8", product: { name: "Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14-utils", product_identification_helper: { cpe: "cpe:/a:redhat:satellite_utils:6.14::el8", }, }, }, ], category: "product_family", name: "Red Hat Satellite 6", }, { branches: [ { category: "product_version", name: "rubygem-katello-0:4.9.0.21-1.el8sat.src", product: { name: "rubygem-katello-0:4.9.0.21-1.el8sat.src", product_id: "rubygem-katello-0:4.9.0.21-1.el8sat.src", product_identification_helper: { purl: "pkg:rpm/redhat/rubygem-katello@4.9.0.21-1.el8sat?arch=src", }, }, }, { category: "product_version", name: "python-pulp-container-0:2.14.11-1.el8pc.src", product: { name: "python-pulp-container-0:2.14.11-1.el8pc.src", product_id: "python-pulp-container-0:2.14.11-1.el8pc.src", product_identification_helper: { purl: "pkg:rpm/redhat/python-pulp-container@2.14.11-1.el8pc?arch=src", }, }, }, { category: "product_version", name: "candlepin-0:4.3.11-1.el8sat.src", product: { name: "candlepin-0:4.3.11-1.el8sat.src", product_id: "candlepin-0:4.3.11-1.el8sat.src", product_identification_helper: { purl: "pkg:rpm/redhat/candlepin@4.3.11-1.el8sat?arch=src", }, }, }, { category: "product_version", name: "foreman-0:3.7.0.11-2.el8sat.src", product: { name: "foreman-0:3.7.0.11-2.el8sat.src", product_id: "foreman-0:3.7.0.11-2.el8sat.src", product_identification_helper: { purl: "pkg:rpm/redhat/foreman@3.7.0.11-2.el8sat?arch=src", }, }, }, { category: "product_version", name: "mosquitto-0:2.0.17-1.el8sat.src", product: { name: "mosquitto-0:2.0.17-1.el8sat.src", product_id: "mosquitto-0:2.0.17-1.el8sat.src", product_identification_helper: { purl: "pkg:rpm/redhat/mosquitto@2.0.17-1.el8sat?arch=src", }, }, }, { category: "product_version", name: "puppet-agent-0:7.27.0-1.el8sat.src", product: { name: "puppet-agent-0:7.27.0-1.el8sat.src", product_id: "puppet-agent-0:7.27.0-1.el8sat.src", product_identification_helper: { purl: "pkg:rpm/redhat/puppet-agent@7.27.0-1.el8sat?arch=src", }, }, }, { category: "product_version", name: "puppetserver-0:7.14.0-1.el8sat.src", product: { name: "puppetserver-0:7.14.0-1.el8sat.src", product_id: "puppetserver-0:7.14.0-1.el8sat.src", product_identification_helper: { purl: "pkg:rpm/redhat/puppetserver@7.14.0-1.el8sat?arch=src", }, }, }, { category: "product_version", name: "rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.src", product: { name: "rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.src", product_id: "rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.src", product_identification_helper: { purl: "pkg:rpm/redhat/rubygem-foreman_bootdisk@21.2.1-1.el8sat?arch=src", }, }, }, { category: "product_version", name: "rubygem-google-protobuf-0:3.24.3-1.el8sat.src", product: { name: "rubygem-google-protobuf-0:3.24.3-1.el8sat.src", product_id: "rubygem-google-protobuf-0:3.24.3-1.el8sat.src", product_identification_helper: { purl: "pkg:rpm/redhat/rubygem-google-protobuf@3.24.3-1.el8sat?arch=src", }, }, }, { category: "product_version", name: "rubygem-grpc-0:1.58.0-1.el8sat.src", product: { name: "rubygem-grpc-0:1.58.0-1.el8sat.src", product_id: "rubygem-grpc-0:1.58.0-1.el8sat.src", product_identification_helper: { purl: "pkg:rpm/redhat/rubygem-grpc@1.58.0-1.el8sat?arch=src", }, }, }, { category: "product_version", name: "rubygem-kafo-0:7.2.0-1.el8sat.src", product: { name: "rubygem-kafo-0:7.2.0-1.el8sat.src", product_id: "rubygem-kafo-0:7.2.0-1.el8sat.src", product_identification_helper: { purl: "pkg:rpm/redhat/rubygem-kafo@7.2.0-1.el8sat?arch=src", }, }, }, { category: "product_version", name: "rubygem-puma-0:6.3.1-1.el8sat.src", product: { name: "rubygem-puma-0:6.3.1-1.el8sat.src", product_id: "rubygem-puma-0:6.3.1-1.el8sat.src", product_identification_helper: { purl: "pkg:rpm/redhat/rubygem-puma@6.3.1-1.el8sat?arch=src", }, }, }, { category: "product_version", name: "rubygem-sidekiq-0:6.5.12-1.el8sat.src", product: { name: "rubygem-sidekiq-0:6.5.12-1.el8sat.src", product_id: "rubygem-sidekiq-0:6.5.12-1.el8sat.src", product_identification_helper: { purl: "pkg:rpm/redhat/rubygem-sidekiq@6.5.12-1.el8sat?arch=src", }, }, }, { category: "product_version", name: "satellite-0:6.14.2-1.el8sat.src", product: { name: "satellite-0:6.14.2-1.el8sat.src", product_id: "satellite-0:6.14.2-1.el8sat.src", product_identification_helper: { purl: "pkg:rpm/redhat/satellite@6.14.2-1.el8sat?arch=src", }, }, }, { category: "product_version", name: "satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.src", product: { name: "satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.src", product_id: "satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.src", product_identification_helper: { purl: "pkg:rpm/redhat/satellite-convert2rhel-toolkit@1.0.1-1.el8sat?arch=src", }, }, }, { category: "product_version", name: "foreman-installer-1:3.7.0.7-1.el8sat.src", product: { name: "foreman-installer-1:3.7.0.7-1.el8sat.src", product_id: "foreman-installer-1:3.7.0.7-1.el8sat.src", product_identification_helper: { purl: "pkg:rpm/redhat/foreman-installer@3.7.0.7-1.el8sat?arch=src&epoch=1", }, }, }, ], category: "architecture", name: "src", }, { branches: [ { category: "product_version", name: "rubygem-katello-0:4.9.0.21-1.el8sat.noarch", product: { name: "rubygem-katello-0:4.9.0.21-1.el8sat.noarch", product_id: "rubygem-katello-0:4.9.0.21-1.el8sat.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/rubygem-katello@4.9.0.21-1.el8sat?arch=noarch", }, }, }, { category: "product_version", name: "python39-pulp-container-0:2.14.11-1.el8pc.noarch", product: { name: "python39-pulp-container-0:2.14.11-1.el8pc.noarch", product_id: "python39-pulp-container-0:2.14.11-1.el8pc.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/python39-pulp-container@2.14.11-1.el8pc?arch=noarch", }, }, }, { category: "product_version", name: "candlepin-0:4.3.11-1.el8sat.noarch", product: { name: "candlepin-0:4.3.11-1.el8sat.noarch", product_id: "candlepin-0:4.3.11-1.el8sat.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/candlepin@4.3.11-1.el8sat?arch=noarch", }, }, }, { category: "product_version", name: "candlepin-selinux-0:4.3.11-1.el8sat.noarch", product: { name: "candlepin-selinux-0:4.3.11-1.el8sat.noarch", product_id: "candlepin-selinux-0:4.3.11-1.el8sat.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/candlepin-selinux@4.3.11-1.el8sat?arch=noarch", }, }, }, { category: "product_version", name: "foreman-cli-0:3.7.0.11-2.el8sat.noarch", product: { name: "foreman-cli-0:3.7.0.11-2.el8sat.noarch", product_id: "foreman-cli-0:3.7.0.11-2.el8sat.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/foreman-cli@3.7.0.11-2.el8sat?arch=noarch", }, }, }, { category: "product_version", name: "foreman-debug-0:3.7.0.11-2.el8sat.noarch", product: { name: "foreman-debug-0:3.7.0.11-2.el8sat.noarch", product_id: "foreman-debug-0:3.7.0.11-2.el8sat.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/foreman-debug@3.7.0.11-2.el8sat?arch=noarch", }, }, }, { category: "product_version", name: "foreman-0:3.7.0.11-2.el8sat.noarch", product: { name: "foreman-0:3.7.0.11-2.el8sat.noarch", product_id: "foreman-0:3.7.0.11-2.el8sat.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/foreman@3.7.0.11-2.el8sat?arch=noarch", }, }, }, { category: "product_version", name: "foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", product: { name: "foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", product_id: "foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/foreman-dynflow-sidekiq@3.7.0.11-2.el8sat?arch=noarch", }, }, }, { category: "product_version", name: "foreman-ec2-0:3.7.0.11-2.el8sat.noarch", product: { name: "foreman-ec2-0:3.7.0.11-2.el8sat.noarch", product_id: "foreman-ec2-0:3.7.0.11-2.el8sat.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/foreman-ec2@3.7.0.11-2.el8sat?arch=noarch", }, }, }, { category: "product_version", name: "foreman-journald-0:3.7.0.11-2.el8sat.noarch", product: { name: "foreman-journald-0:3.7.0.11-2.el8sat.noarch", product_id: "foreman-journald-0:3.7.0.11-2.el8sat.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/foreman-journald@3.7.0.11-2.el8sat?arch=noarch", }, }, }, { category: "product_version", name: "foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", product: { name: "foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", product_id: "foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/foreman-libvirt@3.7.0.11-2.el8sat?arch=noarch", }, }, }, { category: "product_version", name: "foreman-openstack-0:3.7.0.11-2.el8sat.noarch", product: { name: "foreman-openstack-0:3.7.0.11-2.el8sat.noarch", product_id: "foreman-openstack-0:3.7.0.11-2.el8sat.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/foreman-openstack@3.7.0.11-2.el8sat?arch=noarch", }, }, }, { category: "product_version", name: "foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", product: { name: "foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", product_id: "foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/foreman-ovirt@3.7.0.11-2.el8sat?arch=noarch", }, }, }, { category: "product_version", name: "foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", product: { name: "foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", product_id: "foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/foreman-postgresql@3.7.0.11-2.el8sat?arch=noarch", }, }, }, { category: "product_version", name: "foreman-redis-0:3.7.0.11-2.el8sat.noarch", product: { name: "foreman-redis-0:3.7.0.11-2.el8sat.noarch", product_id: "foreman-redis-0:3.7.0.11-2.el8sat.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/foreman-redis@3.7.0.11-2.el8sat?arch=noarch", }, }, }, { category: "product_version", name: "foreman-service-0:3.7.0.11-2.el8sat.noarch", product: { name: "foreman-service-0:3.7.0.11-2.el8sat.noarch", product_id: "foreman-service-0:3.7.0.11-2.el8sat.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/foreman-service@3.7.0.11-2.el8sat?arch=noarch", }, }, }, { category: "product_version", name: "foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", product: { name: "foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", product_id: "foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/foreman-telemetry@3.7.0.11-2.el8sat?arch=noarch", }, }, }, { category: "product_version", name: "foreman-vmware-0:3.7.0.11-2.el8sat.noarch", product: { name: "foreman-vmware-0:3.7.0.11-2.el8sat.noarch", product_id: "foreman-vmware-0:3.7.0.11-2.el8sat.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/foreman-vmware@3.7.0.11-2.el8sat?arch=noarch", }, }, }, { category: "product_version", name: "puppetserver-0:7.14.0-1.el8sat.noarch", product: { name: "puppetserver-0:7.14.0-1.el8sat.noarch", product_id: "puppetserver-0:7.14.0-1.el8sat.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/puppetserver@7.14.0-1.el8sat?arch=noarch", }, }, }, { category: "product_version", name: "rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.noarch", product: { name: "rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.noarch", product_id: "rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/rubygem-foreman_bootdisk@21.2.1-1.el8sat?arch=noarch", }, }, }, { category: "product_version", name: "rubygem-kafo-0:7.2.0-1.el8sat.noarch", product: { name: "rubygem-kafo-0:7.2.0-1.el8sat.noarch", product_id: "rubygem-kafo-0:7.2.0-1.el8sat.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/rubygem-kafo@7.2.0-1.el8sat?arch=noarch", }, }, }, { category: "product_version", name: "rubygem-sidekiq-0:6.5.12-1.el8sat.noarch", product: { name: "rubygem-sidekiq-0:6.5.12-1.el8sat.noarch", product_id: "rubygem-sidekiq-0:6.5.12-1.el8sat.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/rubygem-sidekiq@6.5.12-1.el8sat?arch=noarch", }, }, }, { category: "product_version", name: "satellite-cli-0:6.14.2-1.el8sat.noarch", product: { name: "satellite-cli-0:6.14.2-1.el8sat.noarch", product_id: "satellite-cli-0:6.14.2-1.el8sat.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/satellite-cli@6.14.2-1.el8sat?arch=noarch", }, }, }, { category: "product_version", name: "satellite-capsule-0:6.14.2-1.el8sat.noarch", product: { name: "satellite-capsule-0:6.14.2-1.el8sat.noarch", product_id: "satellite-capsule-0:6.14.2-1.el8sat.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/satellite-capsule@6.14.2-1.el8sat?arch=noarch", }, }, }, { category: "product_version", name: "satellite-common-0:6.14.2-1.el8sat.noarch", product: { name: "satellite-common-0:6.14.2-1.el8sat.noarch", product_id: "satellite-common-0:6.14.2-1.el8sat.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/satellite-common@6.14.2-1.el8sat?arch=noarch", }, }, }, { category: "product_version", name: "satellite-0:6.14.2-1.el8sat.noarch", product: { name: "satellite-0:6.14.2-1.el8sat.noarch", product_id: "satellite-0:6.14.2-1.el8sat.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/satellite@6.14.2-1.el8sat?arch=noarch", }, }, }, { category: "product_version", name: "foreman-installer-1:3.7.0.7-1.el8sat.noarch", product: { name: "foreman-installer-1:3.7.0.7-1.el8sat.noarch", product_id: "foreman-installer-1:3.7.0.7-1.el8sat.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/foreman-installer@3.7.0.7-1.el8sat?arch=noarch&epoch=1", }, }, }, { category: "product_version", name: "foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", product: { name: "foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", product_id: "foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/foreman-installer-katello@3.7.0.7-1.el8sat?arch=noarch&epoch=1", }, }, }, ], category: "architecture", name: "noarch", }, { branches: [ { category: "product_version", name: "mosquitto-0:2.0.17-1.el8sat.x86_64", product: { name: "mosquitto-0:2.0.17-1.el8sat.x86_64", product_id: "mosquitto-0:2.0.17-1.el8sat.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mosquitto@2.0.17-1.el8sat?arch=x86_64", }, }, }, { category: "product_version", name: "mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", product: { name: "mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", product_id: "mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mosquitto-debugsource@2.0.17-1.el8sat?arch=x86_64", }, }, }, { category: "product_version", name: "mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", product: { name: "mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", product_id: "mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mosquitto-debuginfo@2.0.17-1.el8sat?arch=x86_64", }, }, }, { category: "product_version", name: "puppet-agent-0:7.27.0-1.el8sat.x86_64", product: { name: "puppet-agent-0:7.27.0-1.el8sat.x86_64", product_id: "puppet-agent-0:7.27.0-1.el8sat.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/puppet-agent@7.27.0-1.el8sat?arch=x86_64", }, }, }, { category: "product_version", name: "rubygem-google-protobuf-0:3.24.3-1.el8sat.x86_64", product: { name: "rubygem-google-protobuf-0:3.24.3-1.el8sat.x86_64", product_id: "rubygem-google-protobuf-0:3.24.3-1.el8sat.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/rubygem-google-protobuf@3.24.3-1.el8sat?arch=x86_64", }, }, }, { category: "product_version", name: "rubygem-google-protobuf-debugsource-0:3.24.3-1.el8sat.x86_64", product: { name: "rubygem-google-protobuf-debugsource-0:3.24.3-1.el8sat.x86_64", product_id: "rubygem-google-protobuf-debugsource-0:3.24.3-1.el8sat.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/rubygem-google-protobuf-debugsource@3.24.3-1.el8sat?arch=x86_64", }, }, }, { category: "product_version", name: "rubygem-google-protobuf-debuginfo-0:3.24.3-1.el8sat.x86_64", product: { name: "rubygem-google-protobuf-debuginfo-0:3.24.3-1.el8sat.x86_64", product_id: "rubygem-google-protobuf-debuginfo-0:3.24.3-1.el8sat.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/rubygem-google-protobuf-debuginfo@3.24.3-1.el8sat?arch=x86_64", }, }, }, { category: "product_version", name: "rubygem-grpc-0:1.58.0-1.el8sat.x86_64", product: { name: "rubygem-grpc-0:1.58.0-1.el8sat.x86_64", product_id: "rubygem-grpc-0:1.58.0-1.el8sat.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/rubygem-grpc@1.58.0-1.el8sat?arch=x86_64", }, }, }, { category: "product_version", name: "rubygem-puma-0:6.3.1-1.el8sat.x86_64", product: { name: "rubygem-puma-0:6.3.1-1.el8sat.x86_64", product_id: "rubygem-puma-0:6.3.1-1.el8sat.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/rubygem-puma@6.3.1-1.el8sat?arch=x86_64", }, }, }, { category: "product_version", name: "rubygem-puma-debugsource-0:6.3.1-1.el8sat.x86_64", product: { name: "rubygem-puma-debugsource-0:6.3.1-1.el8sat.x86_64", product_id: "rubygem-puma-debugsource-0:6.3.1-1.el8sat.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/rubygem-puma-debugsource@6.3.1-1.el8sat?arch=x86_64", }, }, }, { category: "product_version", name: "rubygem-puma-debuginfo-0:6.3.1-1.el8sat.x86_64", product: { name: "rubygem-puma-debuginfo-0:6.3.1-1.el8sat.x86_64", product_id: "rubygem-puma-debuginfo-0:6.3.1-1.el8sat.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/rubygem-puma-debuginfo@6.3.1-1.el8sat?arch=x86_64", }, }, }, { category: "product_version", name: "satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.x86_64", product: { name: "satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.x86_64", product_id: "satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/satellite-convert2rhel-toolkit@1.0.1-1.el8sat?arch=x86_64", }, }, }, ], category: "architecture", name: "x86_64", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "foreman-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.noarch", }, product_reference: "foreman-0:3.7.0.11-2.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.14-capsule", }, { category: "default_component_of", full_product_name: { name: "foreman-0:3.7.0.11-2.el8sat.src as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.src", }, product_reference: "foreman-0:3.7.0.11-2.el8sat.src", relates_to_product_reference: "8Base-satellite-6.14-capsule", }, { category: "default_component_of", full_product_name: { name: "foreman-cli-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14-capsule:foreman-cli-0:3.7.0.11-2.el8sat.noarch", }, product_reference: "foreman-cli-0:3.7.0.11-2.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.14-capsule", }, { category: "default_component_of", full_product_name: { name: "foreman-debug-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14-capsule:foreman-debug-0:3.7.0.11-2.el8sat.noarch", }, product_reference: "foreman-debug-0:3.7.0.11-2.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.14-capsule", }, { category: "default_component_of", full_product_name: { name: "foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14-capsule:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", }, product_reference: "foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.14-capsule", }, { category: "default_component_of", full_product_name: { name: "foreman-ec2-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14-capsule:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", }, product_reference: "foreman-ec2-0:3.7.0.11-2.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.14-capsule", }, { category: "default_component_of", full_product_name: { name: "foreman-installer-1:3.7.0.7-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.noarch", }, product_reference: "foreman-installer-1:3.7.0.7-1.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.14-capsule", }, { category: "default_component_of", full_product_name: { name: "foreman-installer-1:3.7.0.7-1.el8sat.src as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.src", }, product_reference: "foreman-installer-1:3.7.0.7-1.el8sat.src", relates_to_product_reference: "8Base-satellite-6.14-capsule", }, { category: "default_component_of", full_product_name: { name: "foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14-capsule:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", }, product_reference: "foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.14-capsule", }, { category: "default_component_of", full_product_name: { name: "foreman-journald-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14-capsule:foreman-journald-0:3.7.0.11-2.el8sat.noarch", }, product_reference: "foreman-journald-0:3.7.0.11-2.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.14-capsule", }, { category: "default_component_of", full_product_name: { name: "foreman-libvirt-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14-capsule:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", }, product_reference: "foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.14-capsule", }, { category: "default_component_of", full_product_name: { name: "foreman-openstack-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14-capsule:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", }, product_reference: "foreman-openstack-0:3.7.0.11-2.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.14-capsule", }, { category: "default_component_of", full_product_name: { name: "foreman-ovirt-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14-capsule:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", }, product_reference: "foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.14-capsule", }, { category: "default_component_of", full_product_name: { name: "foreman-postgresql-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14-capsule:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", }, product_reference: "foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.14-capsule", }, { category: "default_component_of", full_product_name: { name: "foreman-redis-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14-capsule:foreman-redis-0:3.7.0.11-2.el8sat.noarch", }, product_reference: "foreman-redis-0:3.7.0.11-2.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.14-capsule", }, { category: "default_component_of", full_product_name: { name: "foreman-service-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14-capsule:foreman-service-0:3.7.0.11-2.el8sat.noarch", }, product_reference: "foreman-service-0:3.7.0.11-2.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.14-capsule", }, { category: "default_component_of", full_product_name: { name: "foreman-telemetry-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14-capsule:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", }, product_reference: "foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.14-capsule", }, { category: "default_component_of", full_product_name: { name: "foreman-vmware-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14-capsule:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", }, product_reference: "foreman-vmware-0:3.7.0.11-2.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.14-capsule", }, { category: "default_component_of", full_product_name: { name: "mosquitto-0:2.0.17-1.el8sat.src as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.src", }, product_reference: "mosquitto-0:2.0.17-1.el8sat.src", relates_to_product_reference: "8Base-satellite-6.14-capsule", }, { category: "default_component_of", full_product_name: { name: "mosquitto-0:2.0.17-1.el8sat.x86_64 as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64", }, product_reference: "mosquitto-0:2.0.17-1.el8sat.x86_64", relates_to_product_reference: "8Base-satellite-6.14-capsule", }, { category: "default_component_of", full_product_name: { name: "mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64 as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", }, product_reference: "mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", relates_to_product_reference: "8Base-satellite-6.14-capsule", }, { category: "default_component_of", full_product_name: { name: "mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64 as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", }, product_reference: "mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", relates_to_product_reference: "8Base-satellite-6.14-capsule", }, { category: "default_component_of", full_product_name: { name: "puppet-agent-0:7.27.0-1.el8sat.src as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.src", }, product_reference: "puppet-agent-0:7.27.0-1.el8sat.src", relates_to_product_reference: "8Base-satellite-6.14-capsule", }, { category: "default_component_of", full_product_name: { name: "puppet-agent-0:7.27.0-1.el8sat.x86_64 as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.x86_64", }, product_reference: "puppet-agent-0:7.27.0-1.el8sat.x86_64", relates_to_product_reference: "8Base-satellite-6.14-capsule", }, { category: "default_component_of", full_product_name: { name: "puppetserver-0:7.14.0-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.noarch", }, product_reference: "puppetserver-0:7.14.0-1.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.14-capsule", }, { category: "default_component_of", full_product_name: { name: "puppetserver-0:7.14.0-1.el8sat.src as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.src", }, product_reference: "puppetserver-0:7.14.0-1.el8sat.src", relates_to_product_reference: "8Base-satellite-6.14-capsule", }, { category: "default_component_of", full_product_name: { name: "python-pulp-container-0:2.14.11-1.el8pc.src as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14-capsule:python-pulp-container-0:2.14.11-1.el8pc.src", }, product_reference: "python-pulp-container-0:2.14.11-1.el8pc.src", relates_to_product_reference: "8Base-satellite-6.14-capsule", }, { category: "default_component_of", full_product_name: { name: "python39-pulp-container-0:2.14.11-1.el8pc.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch", }, product_reference: "python39-pulp-container-0:2.14.11-1.el8pc.noarch", relates_to_product_reference: "8Base-satellite-6.14-capsule", }, { category: "default_component_of", full_product_name: { name: "rubygem-kafo-0:7.2.0-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.noarch", }, product_reference: "rubygem-kafo-0:7.2.0-1.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.14-capsule", }, { category: "default_component_of", full_product_name: { name: "rubygem-kafo-0:7.2.0-1.el8sat.src as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.src", }, product_reference: "rubygem-kafo-0:7.2.0-1.el8sat.src", relates_to_product_reference: "8Base-satellite-6.14-capsule", }, { category: "default_component_of", full_product_name: { name: "satellite-0:6.14.2-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.noarch", }, product_reference: "satellite-0:6.14.2-1.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.14-capsule", }, { category: "default_component_of", full_product_name: { name: "satellite-0:6.14.2-1.el8sat.src as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.src", }, product_reference: "satellite-0:6.14.2-1.el8sat.src", relates_to_product_reference: "8Base-satellite-6.14-capsule", }, { category: "default_component_of", full_product_name: { name: "satellite-capsule-0:6.14.2-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14-capsule:satellite-capsule-0:6.14.2-1.el8sat.noarch", }, product_reference: "satellite-capsule-0:6.14.2-1.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.14-capsule", }, { category: "default_component_of", full_product_name: { name: "satellite-cli-0:6.14.2-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14-capsule:satellite-cli-0:6.14.2-1.el8sat.noarch", }, product_reference: "satellite-cli-0:6.14.2-1.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.14-capsule", }, { category: "default_component_of", full_product_name: { name: "satellite-common-0:6.14.2-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14-capsule:satellite-common-0:6.14.2-1.el8sat.noarch", }, product_reference: "satellite-common-0:6.14.2-1.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.14-capsule", }, { category: "default_component_of", full_product_name: { name: "foreman-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.noarch", }, product_reference: "foreman-0:3.7.0.11-2.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.14-utils", }, { category: "default_component_of", full_product_name: { name: "foreman-0:3.7.0.11-2.el8sat.src as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.src", }, product_reference: "foreman-0:3.7.0.11-2.el8sat.src", relates_to_product_reference: "8Base-satellite-6.14-utils", }, { category: "default_component_of", full_product_name: { name: "foreman-cli-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14-utils:foreman-cli-0:3.7.0.11-2.el8sat.noarch", }, product_reference: "foreman-cli-0:3.7.0.11-2.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.14-utils", }, { category: "default_component_of", full_product_name: { name: "foreman-debug-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14-utils:foreman-debug-0:3.7.0.11-2.el8sat.noarch", }, product_reference: "foreman-debug-0:3.7.0.11-2.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.14-utils", }, { category: "default_component_of", full_product_name: { name: "foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14-utils:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", }, product_reference: "foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.14-utils", }, { category: "default_component_of", full_product_name: { name: "foreman-ec2-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14-utils:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", }, product_reference: "foreman-ec2-0:3.7.0.11-2.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.14-utils", }, { category: "default_component_of", full_product_name: { name: "foreman-journald-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14-utils:foreman-journald-0:3.7.0.11-2.el8sat.noarch", }, product_reference: "foreman-journald-0:3.7.0.11-2.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.14-utils", }, { category: "default_component_of", full_product_name: { name: "foreman-libvirt-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14-utils:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", }, product_reference: "foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.14-utils", }, { category: "default_component_of", full_product_name: { name: "foreman-openstack-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14-utils:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", }, product_reference: "foreman-openstack-0:3.7.0.11-2.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.14-utils", }, { category: "default_component_of", full_product_name: { name: "foreman-ovirt-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14-utils:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", }, product_reference: "foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.14-utils", }, { category: "default_component_of", full_product_name: { name: "foreman-postgresql-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14-utils:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", }, product_reference: "foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.14-utils", }, { category: "default_component_of", full_product_name: { name: "foreman-redis-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14-utils:foreman-redis-0:3.7.0.11-2.el8sat.noarch", }, product_reference: "foreman-redis-0:3.7.0.11-2.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.14-utils", }, { category: "default_component_of", full_product_name: { name: "foreman-service-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14-utils:foreman-service-0:3.7.0.11-2.el8sat.noarch", }, product_reference: "foreman-service-0:3.7.0.11-2.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.14-utils", }, { category: "default_component_of", full_product_name: { name: "foreman-telemetry-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14-utils:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", }, product_reference: "foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.14-utils", }, { category: "default_component_of", full_product_name: { name: "foreman-vmware-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14-utils:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", }, product_reference: "foreman-vmware-0:3.7.0.11-2.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.14-utils", }, { category: "default_component_of", full_product_name: { name: "satellite-0:6.14.2-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.noarch", }, product_reference: "satellite-0:6.14.2-1.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.14-utils", }, { category: "default_component_of", full_product_name: { name: "satellite-0:6.14.2-1.el8sat.src as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.src", }, product_reference: "satellite-0:6.14.2-1.el8sat.src", relates_to_product_reference: "8Base-satellite-6.14-utils", }, { category: "default_component_of", full_product_name: { name: "satellite-capsule-0:6.14.2-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14-utils:satellite-capsule-0:6.14.2-1.el8sat.noarch", }, product_reference: "satellite-capsule-0:6.14.2-1.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.14-utils", }, { category: "default_component_of", full_product_name: { name: "satellite-cli-0:6.14.2-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14-utils:satellite-cli-0:6.14.2-1.el8sat.noarch", }, product_reference: "satellite-cli-0:6.14.2-1.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.14-utils", }, { category: "default_component_of", full_product_name: { name: "satellite-common-0:6.14.2-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14-utils:satellite-common-0:6.14.2-1.el8sat.noarch", }, product_reference: "satellite-common-0:6.14.2-1.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.14-utils", }, { category: "default_component_of", full_product_name: { name: "candlepin-0:4.3.11-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.noarch", }, product_reference: "candlepin-0:4.3.11-1.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.14", }, { category: "default_component_of", full_product_name: { name: "candlepin-0:4.3.11-1.el8sat.src as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.src", }, product_reference: "candlepin-0:4.3.11-1.el8sat.src", relates_to_product_reference: "8Base-satellite-6.14", }, { category: "default_component_of", full_product_name: { name: "candlepin-selinux-0:4.3.11-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14:candlepin-selinux-0:4.3.11-1.el8sat.noarch", }, product_reference: "candlepin-selinux-0:4.3.11-1.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.14", }, { category: "default_component_of", full_product_name: { name: "foreman-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.noarch", }, product_reference: "foreman-0:3.7.0.11-2.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.14", }, { category: "default_component_of", full_product_name: { name: "foreman-0:3.7.0.11-2.el8sat.src as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.src", }, product_reference: "foreman-0:3.7.0.11-2.el8sat.src", relates_to_product_reference: "8Base-satellite-6.14", }, { category: "default_component_of", full_product_name: { name: "foreman-cli-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14:foreman-cli-0:3.7.0.11-2.el8sat.noarch", }, product_reference: "foreman-cli-0:3.7.0.11-2.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.14", }, { category: "default_component_of", full_product_name: { name: "foreman-debug-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14:foreman-debug-0:3.7.0.11-2.el8sat.noarch", }, product_reference: "foreman-debug-0:3.7.0.11-2.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.14", }, { category: "default_component_of", full_product_name: { name: "foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", }, product_reference: "foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.14", }, { category: "default_component_of", full_product_name: { name: "foreman-ec2-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", }, product_reference: "foreman-ec2-0:3.7.0.11-2.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.14", }, { category: "default_component_of", full_product_name: { name: "foreman-installer-1:3.7.0.7-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.noarch", }, product_reference: "foreman-installer-1:3.7.0.7-1.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.14", }, { category: "default_component_of", full_product_name: { name: "foreman-installer-1:3.7.0.7-1.el8sat.src as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.src", }, product_reference: "foreman-installer-1:3.7.0.7-1.el8sat.src", relates_to_product_reference: "8Base-satellite-6.14", }, { category: "default_component_of", full_product_name: { name: "foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", }, product_reference: "foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.14", }, { category: "default_component_of", full_product_name: { name: "foreman-journald-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14:foreman-journald-0:3.7.0.11-2.el8sat.noarch", }, product_reference: "foreman-journald-0:3.7.0.11-2.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.14", }, { category: "default_component_of", full_product_name: { name: "foreman-libvirt-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", }, product_reference: "foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.14", }, { category: "default_component_of", full_product_name: { name: "foreman-openstack-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", }, product_reference: "foreman-openstack-0:3.7.0.11-2.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.14", }, { category: "default_component_of", full_product_name: { name: "foreman-ovirt-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", }, product_reference: "foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.14", }, { category: "default_component_of", full_product_name: { name: "foreman-postgresql-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", }, product_reference: "foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.14", }, { category: "default_component_of", full_product_name: { name: "foreman-redis-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14:foreman-redis-0:3.7.0.11-2.el8sat.noarch", }, product_reference: "foreman-redis-0:3.7.0.11-2.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.14", }, { category: "default_component_of", full_product_name: { name: "foreman-service-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14:foreman-service-0:3.7.0.11-2.el8sat.noarch", }, product_reference: "foreman-service-0:3.7.0.11-2.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.14", }, { category: "default_component_of", full_product_name: { name: "foreman-telemetry-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", }, product_reference: "foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.14", }, { category: "default_component_of", full_product_name: { name: "foreman-vmware-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", }, product_reference: "foreman-vmware-0:3.7.0.11-2.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.14", }, { category: "default_component_of", full_product_name: { name: "mosquitto-0:2.0.17-1.el8sat.src as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.src", }, product_reference: "mosquitto-0:2.0.17-1.el8sat.src", relates_to_product_reference: "8Base-satellite-6.14", }, { category: "default_component_of", full_product_name: { name: "mosquitto-0:2.0.17-1.el8sat.x86_64 as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.x86_64", }, product_reference: "mosquitto-0:2.0.17-1.el8sat.x86_64", relates_to_product_reference: "8Base-satellite-6.14", }, { category: "default_component_of", full_product_name: { name: "mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64 as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", }, product_reference: "mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", relates_to_product_reference: "8Base-satellite-6.14", }, { category: "default_component_of", full_product_name: { name: "mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64 as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", }, product_reference: "mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", relates_to_product_reference: "8Base-satellite-6.14", }, { category: "default_component_of", full_product_name: { name: "puppet-agent-0:7.27.0-1.el8sat.src as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.src", }, product_reference: "puppet-agent-0:7.27.0-1.el8sat.src", relates_to_product_reference: "8Base-satellite-6.14", }, { category: "default_component_of", full_product_name: { name: "puppet-agent-0:7.27.0-1.el8sat.x86_64 as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.x86_64", }, product_reference: "puppet-agent-0:7.27.0-1.el8sat.x86_64", relates_to_product_reference: "8Base-satellite-6.14", }, { category: "default_component_of", full_product_name: { name: "puppetserver-0:7.14.0-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.noarch", }, product_reference: "puppetserver-0:7.14.0-1.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.14", }, { category: "default_component_of", full_product_name: { name: "puppetserver-0:7.14.0-1.el8sat.src as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.src", }, product_reference: "puppetserver-0:7.14.0-1.el8sat.src", relates_to_product_reference: "8Base-satellite-6.14", }, { category: "default_component_of", full_product_name: { name: "python-pulp-container-0:2.14.11-1.el8pc.src as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14:python-pulp-container-0:2.14.11-1.el8pc.src", }, product_reference: "python-pulp-container-0:2.14.11-1.el8pc.src", relates_to_product_reference: "8Base-satellite-6.14", }, { category: "default_component_of", full_product_name: { name: "python39-pulp-container-0:2.14.11-1.el8pc.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14:python39-pulp-container-0:2.14.11-1.el8pc.noarch", }, product_reference: "python39-pulp-container-0:2.14.11-1.el8pc.noarch", relates_to_product_reference: "8Base-satellite-6.14", }, { category: "default_component_of", full_product_name: { name: "rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.noarch", }, product_reference: "rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.14", }, { category: "default_component_of", full_product_name: { name: "rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.src as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.src", }, product_reference: "rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.src", relates_to_product_reference: "8Base-satellite-6.14", }, { category: "default_component_of", full_product_name: { name: "rubygem-google-protobuf-0:3.24.3-1.el8sat.src as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.src", }, product_reference: "rubygem-google-protobuf-0:3.24.3-1.el8sat.src", relates_to_product_reference: "8Base-satellite-6.14", }, { category: "default_component_of", full_product_name: { name: "rubygem-google-protobuf-0:3.24.3-1.el8sat.x86_64 as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.x86_64", }, product_reference: "rubygem-google-protobuf-0:3.24.3-1.el8sat.x86_64", relates_to_product_reference: "8Base-satellite-6.14", }, { category: "default_component_of", full_product_name: { name: "rubygem-google-protobuf-debuginfo-0:3.24.3-1.el8sat.x86_64 as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14:rubygem-google-protobuf-debuginfo-0:3.24.3-1.el8sat.x86_64", }, product_reference: "rubygem-google-protobuf-debuginfo-0:3.24.3-1.el8sat.x86_64", relates_to_product_reference: "8Base-satellite-6.14", }, { category: "default_component_of", full_product_name: { name: "rubygem-google-protobuf-debugsource-0:3.24.3-1.el8sat.x86_64 as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14:rubygem-google-protobuf-debugsource-0:3.24.3-1.el8sat.x86_64", }, product_reference: "rubygem-google-protobuf-debugsource-0:3.24.3-1.el8sat.x86_64", relates_to_product_reference: "8Base-satellite-6.14", }, { category: "default_component_of", full_product_name: { name: "rubygem-grpc-0:1.58.0-1.el8sat.src as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.src", }, product_reference: "rubygem-grpc-0:1.58.0-1.el8sat.src", relates_to_product_reference: "8Base-satellite-6.14", }, { category: "default_component_of", full_product_name: { name: "rubygem-grpc-0:1.58.0-1.el8sat.x86_64 as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.x86_64", }, product_reference: "rubygem-grpc-0:1.58.0-1.el8sat.x86_64", relates_to_product_reference: "8Base-satellite-6.14", }, { category: "default_component_of", full_product_name: { name: "rubygem-kafo-0:7.2.0-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.noarch", }, product_reference: "rubygem-kafo-0:7.2.0-1.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.14", }, { category: "default_component_of", full_product_name: { name: "rubygem-kafo-0:7.2.0-1.el8sat.src as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.src", }, product_reference: "rubygem-kafo-0:7.2.0-1.el8sat.src", relates_to_product_reference: "8Base-satellite-6.14", }, { category: "default_component_of", full_product_name: { name: "rubygem-katello-0:4.9.0.21-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.noarch", }, product_reference: "rubygem-katello-0:4.9.0.21-1.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.14", }, { category: "default_component_of", full_product_name: { name: "rubygem-katello-0:4.9.0.21-1.el8sat.src as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.src", }, product_reference: "rubygem-katello-0:4.9.0.21-1.el8sat.src", relates_to_product_reference: "8Base-satellite-6.14", }, { category: "default_component_of", full_product_name: { name: "rubygem-puma-0:6.3.1-1.el8sat.src as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.src", }, product_reference: "rubygem-puma-0:6.3.1-1.el8sat.src", relates_to_product_reference: "8Base-satellite-6.14", }, { category: "default_component_of", full_product_name: { name: "rubygem-puma-0:6.3.1-1.el8sat.x86_64 as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.x86_64", }, product_reference: "rubygem-puma-0:6.3.1-1.el8sat.x86_64", relates_to_product_reference: "8Base-satellite-6.14", }, { category: "default_component_of", full_product_name: { name: "rubygem-puma-debuginfo-0:6.3.1-1.el8sat.x86_64 as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14:rubygem-puma-debuginfo-0:6.3.1-1.el8sat.x86_64", }, product_reference: "rubygem-puma-debuginfo-0:6.3.1-1.el8sat.x86_64", relates_to_product_reference: "8Base-satellite-6.14", }, { category: "default_component_of", full_product_name: { name: "rubygem-puma-debugsource-0:6.3.1-1.el8sat.x86_64 as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14:rubygem-puma-debugsource-0:6.3.1-1.el8sat.x86_64", }, product_reference: "rubygem-puma-debugsource-0:6.3.1-1.el8sat.x86_64", relates_to_product_reference: "8Base-satellite-6.14", }, { category: "default_component_of", full_product_name: { name: "rubygem-sidekiq-0:6.5.12-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.noarch", }, product_reference: "rubygem-sidekiq-0:6.5.12-1.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.14", }, { category: "default_component_of", full_product_name: { name: "rubygem-sidekiq-0:6.5.12-1.el8sat.src as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.src", }, product_reference: "rubygem-sidekiq-0:6.5.12-1.el8sat.src", relates_to_product_reference: "8Base-satellite-6.14", }, { category: "default_component_of", full_product_name: { name: "satellite-0:6.14.2-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.noarch", }, product_reference: "satellite-0:6.14.2-1.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.14", }, { category: "default_component_of", full_product_name: { name: "satellite-0:6.14.2-1.el8sat.src as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.src", }, product_reference: "satellite-0:6.14.2-1.el8sat.src", relates_to_product_reference: "8Base-satellite-6.14", }, { category: "default_component_of", full_product_name: { name: "satellite-capsule-0:6.14.2-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14:satellite-capsule-0:6.14.2-1.el8sat.noarch", }, product_reference: "satellite-capsule-0:6.14.2-1.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.14", }, { category: "default_component_of", full_product_name: { name: "satellite-cli-0:6.14.2-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14:satellite-cli-0:6.14.2-1.el8sat.noarch", }, product_reference: "satellite-cli-0:6.14.2-1.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.14", }, { category: "default_component_of", full_product_name: { name: "satellite-common-0:6.14.2-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14:satellite-common-0:6.14.2-1.el8sat.noarch", }, product_reference: "satellite-common-0:6.14.2-1.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.14", }, { category: "default_component_of", full_product_name: { name: "satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.src as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.src", }, product_reference: "satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.src", relates_to_product_reference: "8Base-satellite-6.14", }, { category: "default_component_of", full_product_name: { name: "satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.x86_64 as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.x86_64", }, product_reference: "satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.x86_64", relates_to_product_reference: "8Base-satellite-6.14", }, ], }, vulnerabilities: [ { cve: "CVE-2023-0809", cwe: { id: "CWE-401", name: "Missing Release of Memory after Effective Lifetime", }, discovery_date: "2023-09-01T00:00:00+00:00", flags: [ { label: "vulnerable_code_not_present", product_ids: [ "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-capsule:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14-capsule:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14-capsule:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-utils:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-utils:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.src", "8Base-satellite-6.14:candlepin-selinux-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debuginfo-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debugsource-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debuginfo-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debugsource-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.src", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.src", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.x86_64", ], }, ], ids: [ { system_name: "Red Hat Bugzilla ID", text: "2236882", }, ], notes: [ { category: "description", text: "A memory leak vulnerability was found in Eclipse Mosquitto. This issue is triggered by malicious initial packets or certain client actions and may allow a remote attacker to the deplete system resources causing memory exhaustion, leading to a disruption in services and a denial of service condition.", title: "Vulnerability description", }, { category: "summary", text: "mosquitto: memory leak leads to unresponsive broker", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", ], known_not_affected: [ "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-capsule:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14-capsule:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14-capsule:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-utils:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-utils:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.src", "8Base-satellite-6.14:candlepin-selinux-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debuginfo-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debugsource-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debuginfo-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debugsource-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.src", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.src", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2023-0809", }, { category: "external", summary: "RHBZ#2236882", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2236882", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2023-0809", url: "https://www.cve.org/CVERecord?id=CVE-2023-0809", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2023-0809", url: "https://nvd.nist.gov/vuln/detail/CVE-2023-0809", }, { category: "external", summary: "https://github.com/eclipse/mosquitto/commit/6113eac95a9df634fbc858be542c4a0456bfe7b9", url: "https://github.com/eclipse/mosquitto/commit/6113eac95a9df634fbc858be542c4a0456bfe7b9", }, ], release_date: "2023-09-01T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-02-13T14:45:57+00:00", details: "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:0797", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-capsule:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14-capsule:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14-capsule:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-utils:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-utils:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.src", "8Base-satellite-6.14:candlepin-selinux-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debuginfo-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debugsource-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debuginfo-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debugsource-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.src", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.src", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "mosquitto: memory leak leads to unresponsive broker", }, { cve: "CVE-2023-3592", cwe: { id: "CWE-401", name: "Missing Release of Memory after Effective Lifetime", }, discovery_date: "2023-09-01T00:00:00+00:00", flags: [ { label: "vulnerable_code_not_present", product_ids: [ "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-capsule:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14-capsule:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14-capsule:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-utils:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-utils:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.src", "8Base-satellite-6.14:candlepin-selinux-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debuginfo-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debugsource-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debuginfo-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debugsource-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.src", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.src", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.x86_64", ], }, ], ids: [ { system_name: "Red Hat Bugzilla ID", text: "2236882", }, ], notes: [ { category: "description", text: "A memory leak vulnerability was found in Eclipse Mosquitto. This issue is triggered by malicious initial packets or certain client actions and may allow a remote attacker to the deplete system resources causing memory exhaustion, leading to a disruption in services and a denial of service condition.", title: "Vulnerability description", }, { category: "summary", text: "mosquitto: memory leak leads to unresponsive broker", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", ], known_not_affected: [ "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-capsule:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14-capsule:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14-capsule:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-utils:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-utils:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.src", "8Base-satellite-6.14:candlepin-selinux-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debuginfo-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debugsource-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debuginfo-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debugsource-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.src", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.src", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2023-3592", }, { category: "external", summary: "RHBZ#2236882", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2236882", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2023-3592", url: "https://www.cve.org/CVERecord?id=CVE-2023-3592", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2023-3592", url: "https://nvd.nist.gov/vuln/detail/CVE-2023-3592", }, { category: "external", summary: "https://github.com/eclipse/mosquitto/commit/6113eac95a9df634fbc858be542c4a0456bfe7b9", url: "https://github.com/eclipse/mosquitto/commit/6113eac95a9df634fbc858be542c4a0456bfe7b9", }, ], release_date: "2023-09-01T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-02-13T14:45:57+00:00", details: "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:0797", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-capsule:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14-capsule:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14-capsule:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-utils:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-utils:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.src", "8Base-satellite-6.14:candlepin-selinux-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debuginfo-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debugsource-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debuginfo-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debugsource-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.src", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.src", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "mosquitto: memory leak leads to unresponsive broker", }, { cve: "CVE-2023-4785", cwe: { id: "CWE-248", name: "Uncaught Exception", }, discovery_date: "2023-09-14T00:00:00+00:00", flags: [ { label: "vulnerable_code_not_present", product_ids: [ "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-capsule:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14-capsule:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14-capsule:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-utils:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-utils:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.src", "8Base-satellite-6.14:candlepin-selinux-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debuginfo-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debugsource-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debuginfo-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debugsource-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.src", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.src", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.x86_64", ], }, ], ids: [ { system_name: "Red Hat Bugzilla ID", text: "2239017", }, ], notes: [ { category: "description", text: "A flaw was found in gRPC. Lack of error handling in the TCP server in Google's gRPC, starting in version 1.23 on POSIX-compatible platforms (for example, Linux), allows an attacker to cause a denial of service by initiating a significant number of connections with the server. Note that gRPC C++, Python, and Ruby are affected, but gRPC Java and Go are NOT affected.", title: "Vulnerability description", }, { category: "summary", text: "gRPC: file descriptor exhaustion leads to denial of service", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.x86_64", ], known_not_affected: [ "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-capsule:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14-capsule:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14-capsule:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-utils:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-utils:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.src", "8Base-satellite-6.14:candlepin-selinux-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debuginfo-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debugsource-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debuginfo-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debugsource-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.src", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.src", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2023-4785", }, { category: "external", summary: "RHBZ#2239017", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2239017", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2023-4785", url: "https://www.cve.org/CVERecord?id=CVE-2023-4785", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2023-4785", url: "https://nvd.nist.gov/vuln/detail/CVE-2023-4785", }, { category: "external", summary: "https://github.com/advisories/GHSA-p25m-jpj4-qcrr", url: "https://github.com/advisories/GHSA-p25m-jpj4-qcrr", }, { category: "external", summary: "https://github.com/grpc/grpc/pull/33656", url: "https://github.com/grpc/grpc/pull/33656", }, { category: "external", summary: "https://github.com/grpc/grpc/pull/33667", url: "https://github.com/grpc/grpc/pull/33667", }, { category: "external", summary: "https://github.com/grpc/grpc/pull/33669", url: "https://github.com/grpc/grpc/pull/33669", }, { category: "external", summary: "https://github.com/grpc/grpc/pull/33670", url: "https://github.com/grpc/grpc/pull/33670", }, { category: "external", summary: "https://github.com/grpc/grpc/pull/33672", url: "https://github.com/grpc/grpc/pull/33672", }, ], release_date: "2023-09-14T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-02-13T14:45:57+00:00", details: "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:0797", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-capsule:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14-capsule:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14-capsule:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-utils:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-utils:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.src", "8Base-satellite-6.14:candlepin-selinux-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debuginfo-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debugsource-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debuginfo-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debugsource-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.src", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.src", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "gRPC: file descriptor exhaustion leads to denial of service", }, { cve: "CVE-2023-26049", cwe: { id: "CWE-1286", name: "Improper Validation of Syntactic Correctness of Input", }, discovery_date: "2023-08-30T00:00:00+00:00", flags: [ { label: "vulnerable_code_not_present", product_ids: [ "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-capsule:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14-capsule:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-utils:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-utils:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.src", "8Base-satellite-6.14:candlepin-selinux-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debuginfo-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debugsource-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debuginfo-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debugsource-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.src", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.src", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.x86_64", ], }, ], ids: [ { system_name: "Red Hat Bugzilla ID", text: "2236341", }, ], notes: [ { category: "description", text: "A flaw was found in the jetty-server package. Nonstandard cookie parsing in Jetty may allow an attacker to smuggle cookies within other cookies or otherwise perform unintended behavior by tampering with the cookie parsing mechanism.", title: "Vulnerability description", }, { category: "summary", text: "jetty-server: Cookie parsing of quoted values can exfiltrate values from other cookies", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.src", ], known_not_affected: [ "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-capsule:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14-capsule:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-utils:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-utils:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.src", "8Base-satellite-6.14:candlepin-selinux-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debuginfo-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debugsource-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debuginfo-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debugsource-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.src", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.src", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2023-26049", }, { category: "external", summary: "RHBZ#2236341", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2236341", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2023-26049", url: "https://www.cve.org/CVERecord?id=CVE-2023-26049", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2023-26049", url: "https://nvd.nist.gov/vuln/detail/CVE-2023-26049", }, { category: "external", summary: "https://github.com/eclipse/jetty.project/security/advisories/GHSA-p26g-97m4-6q7c", url: "https://github.com/eclipse/jetty.project/security/advisories/GHSA-p26g-97m4-6q7c", }, ], release_date: "2023-04-18T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-02-13T14:45:57+00:00", details: "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.src", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:0797", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5.3, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", version: "3.1", }, products: [ "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-capsule:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14-capsule:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14-capsule:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-utils:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-utils:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.src", "8Base-satellite-6.14:candlepin-selinux-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debuginfo-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debugsource-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debuginfo-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debugsource-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.src", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.src", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "jetty-server: Cookie parsing of quoted values can exfiltrate values from other cookies", }, { cve: "CVE-2023-26141", cwe: { id: "CWE-400", name: "Uncontrolled Resource Consumption", }, discovery_date: "2023-09-14T00:00:00+00:00", flags: [ { label: "vulnerable_code_not_present", product_ids: [ "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-capsule:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14-capsule:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14-capsule:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-utils:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-utils:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.src", "8Base-satellite-6.14:candlepin-selinux-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debuginfo-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debugsource-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debuginfo-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debugsource-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.src", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.x86_64", ], }, ], ids: [ { system_name: "Red Hat Bugzilla ID", text: "2239010", }, ], notes: [ { category: "description", text: "A denial of service vulnerability was found in Sidekiq. This flaw allows an attacker to manipulate the localStorage value in the dashboard-charts.js file and cause excessive polling requests.", title: "Vulnerability description", }, { category: "summary", text: "sidekiq: DoS in dashboard-charts", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.src", ], known_not_affected: [ "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-capsule:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14-capsule:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14-capsule:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-utils:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-utils:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.src", "8Base-satellite-6.14:candlepin-selinux-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debuginfo-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debugsource-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debuginfo-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debugsource-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.src", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2023-26141", }, { category: "external", summary: "RHBZ#2239010", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2239010", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2023-26141", url: "https://www.cve.org/CVERecord?id=CVE-2023-26141", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2023-26141", url: "https://nvd.nist.gov/vuln/detail/CVE-2023-26141", }, { category: "external", summary: "https://github.com/sidekiq/sidekiq/commit/62c90d7c5a7d8a378d79909859d87c2e0702bf89", url: "https://github.com/sidekiq/sidekiq/commit/62c90d7c5a7d8a378d79909859d87c2e0702bf89", }, ], release_date: "2023-09-14T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-02-13T14:45:57+00:00", details: "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.src", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:0797", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-capsule:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14-capsule:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14-capsule:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-utils:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-utils:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.src", "8Base-satellite-6.14:candlepin-selinux-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debuginfo-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debugsource-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debuginfo-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debugsource-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.src", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.src", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "sidekiq: DoS in dashboard-charts", }, { cve: "CVE-2023-28366", cwe: { id: "CWE-401", name: "Missing Release of Memory after Effective Lifetime", }, discovery_date: "2023-09-01T00:00:00+00:00", flags: [ { label: "vulnerable_code_not_present", product_ids: [ "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-capsule:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14-capsule:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14-capsule:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-utils:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-utils:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.src", "8Base-satellite-6.14:candlepin-selinux-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debuginfo-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debugsource-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debuginfo-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debugsource-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.src", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.src", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.x86_64", ], }, ], ids: [ { system_name: "Red Hat Bugzilla ID", text: "2236882", }, ], notes: [ { category: "description", text: "A memory leak vulnerability was found in Eclipse Mosquitto. This issue is triggered by malicious initial packets or certain client actions and may allow a remote attacker to the deplete system resources causing memory exhaustion, leading to a disruption in services and a denial of service condition.", title: "Vulnerability description", }, { category: "summary", text: "mosquitto: memory leak leads to unresponsive broker", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", ], known_not_affected: [ "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-capsule:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14-capsule:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14-capsule:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-utils:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-utils:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.src", "8Base-satellite-6.14:candlepin-selinux-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debuginfo-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debugsource-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debuginfo-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debugsource-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.src", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.src", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2023-28366", }, { category: "external", summary: "RHBZ#2236882", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2236882", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2023-28366", url: "https://www.cve.org/CVERecord?id=CVE-2023-28366", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2023-28366", url: "https://nvd.nist.gov/vuln/detail/CVE-2023-28366", }, { category: "external", summary: "https://github.com/eclipse/mosquitto/commit/6113eac95a9df634fbc858be542c4a0456bfe7b9", url: "https://github.com/eclipse/mosquitto/commit/6113eac95a9df634fbc858be542c4a0456bfe7b9", }, ], release_date: "2023-09-01T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-02-13T14:45:57+00:00", details: "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:0797", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-capsule:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14-capsule:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14-capsule:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-utils:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-utils:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.src", "8Base-satellite-6.14:candlepin-selinux-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debuginfo-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debugsource-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debuginfo-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debugsource-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.src", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.src", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "mosquitto: memory leak leads to unresponsive broker", }, { cve: "CVE-2023-36479", cwe: { id: "CWE-149", name: "Improper Neutralization of Quoting Syntax", }, discovery_date: "2023-09-19T00:00:00+00:00", flags: [ { label: "vulnerable_code_not_present", product_ids: [ "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-capsule:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14-capsule:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14-capsule:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-utils:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-utils:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debuginfo-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debugsource-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debuginfo-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debugsource-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.src", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.src", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.x86_64", ], }, ], ids: [ { system_name: "Red Hat Bugzilla ID", text: "2239630", }, ], notes: [ { category: "description", text: "A flaw was found in Jetty's CGI servlet which permits incorrect command execution in specific circumstances such as requests with certain characters in requested filenames. This issue could allow an attacker to run permitted commands other than the one requested.", title: "Vulnerability description", }, { category: "summary", text: "jetty: Improper addition of quotation marks to user inputs in CgiServlet", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.src", "8Base-satellite-6.14:candlepin-selinux-0:4.3.11-1.el8sat.noarch", ], known_not_affected: [ "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-capsule:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14-capsule:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14-capsule:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-utils:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-utils:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debuginfo-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debugsource-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debuginfo-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debugsource-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.src", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.src", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2023-36479", }, { category: "external", summary: "RHBZ#2239630", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2239630", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2023-36479", url: "https://www.cve.org/CVERecord?id=CVE-2023-36479", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2023-36479", url: "https://nvd.nist.gov/vuln/detail/CVE-2023-36479", }, ], release_date: "2023-09-19T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-02-13T14:45:57+00:00", details: "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.src", "8Base-satellite-6.14:candlepin-selinux-0:4.3.11-1.el8sat.noarch", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:0797", }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 3.5, baseSeverity: "LOW", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:N/I:L/A:N", version: "3.1", }, products: [ "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-capsule:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14-capsule:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14-capsule:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-utils:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-utils:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.src", "8Base-satellite-6.14:candlepin-selinux-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debuginfo-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debugsource-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debuginfo-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debugsource-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.src", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.src", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.x86_64", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "jetty: Improper addition of quotation marks to user inputs in CgiServlet", }, { acknowledgments: [ { names: [ "Jay Satiro", ], }, ], cve: "CVE-2023-38545", cwe: { id: "CWE-119", name: "Improper Restriction of Operations within the Bounds of a Memory Buffer", }, discovery_date: "2023-10-03T00:00:00+00:00", flags: [ { label: "vulnerable_code_not_present", product_ids: [ "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-capsule:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14-capsule:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14-capsule:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-utils:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-utils:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.src", "8Base-satellite-6.14:candlepin-selinux-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debuginfo-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debugsource-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debuginfo-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debugsource-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.src", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.src", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.x86_64", ], }, ], ids: [ { system_name: "Red Hat Bugzilla ID", text: "2241933", }, ], notes: [ { category: "description", text: "A heap-based buffer overflow flaw was found in the SOCKS5 proxy handshake in the Curl package. If Curl is unable to resolve the address itself, it passes the hostname to the SOCKS5 proxy. However, the maximum length of the hostname that can be passed is 255 bytes. If the hostname is longer, then Curl switches to the local name resolving and passes the resolved address only to the proxy. The local variable that instructs Curl to \"let the host resolve the name\" could obtain the wrong value during a slow SOCKS5 handshake, resulting in the too-long hostname being copied to the target buffer instead of the resolved address, which was not the intended behavior.", title: "Vulnerability description", }, { category: "summary", text: "curl: heap based buffer overflow in the SOCKS5 proxy handshake", title: "Vulnerability summary", }, { category: "other", text: "This flaw does not affect the versions of curl as shipped with Red Hat Enterprise Linux 6, 7, and 8.\n\nAn overflow is only possible in applications that do not set `CURLOPT_BUFFERSIZE`, or set it smaller than approximately 65kB. Since the curl tool sets `CURLOPT_BUFFERSIZE` to 100kB by default, it is not vulnerable unless rate limiting was set by the user to a size smaller than 65kB.\n\nKnowledgebase article:\n\nhttps://access.redhat.com/solutions/7045099", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.x86_64", ], known_not_affected: [ "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-capsule:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14-capsule:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14-capsule:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-utils:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-utils:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.src", "8Base-satellite-6.14:candlepin-selinux-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debuginfo-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debugsource-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debuginfo-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debugsource-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.src", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.src", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2023-38545", }, { category: "external", summary: "RHBZ#2241933", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2241933", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2023-38545", url: "https://www.cve.org/CVERecord?id=CVE-2023-38545", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2023-38545", url: "https://nvd.nist.gov/vuln/detail/CVE-2023-38545", }, { category: "external", summary: "https://curl.se/docs/CVE-2023-38545.html", url: "https://curl.se/docs/CVE-2023-38545.html", }, ], release_date: "2023-10-11T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-02-13T14:45:57+00:00", details: "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:0797", }, { category: "workaround", details: "To avoid this issue, we recommend you do not use `CURLPROXY_SOCKS5_HOSTNAME` proxies with curl. Also do not set a proxy environment variable to socks5h://", product_ids: [ "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-capsule:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14-capsule:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14-capsule:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-utils:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-utils:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.src", "8Base-satellite-6.14:candlepin-selinux-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debuginfo-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debugsource-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debuginfo-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debugsource-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.src", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.src", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.1, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-capsule:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14-capsule:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14-capsule:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-utils:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-utils:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.src", "8Base-satellite-6.14:candlepin-selinux-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debuginfo-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debugsource-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debuginfo-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debugsource-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.src", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.src", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.x86_64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "curl: heap based buffer overflow in the SOCKS5 proxy handshake", }, { cve: "CVE-2023-40167", cwe: { id: "CWE-130", name: "Improper Handling of Length Parameter Inconsistency", }, discovery_date: "2023-09-19T00:00:00+00:00", flags: [ { label: "vulnerable_code_not_present", product_ids: [ "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-capsule:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14-capsule:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14-capsule:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-utils:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-utils:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debuginfo-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debugsource-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debuginfo-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debugsource-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.src", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.src", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.x86_64", ], }, ], ids: [ { system_name: "Red Hat Bugzilla ID", text: "2239634", }, ], notes: [ { category: "description", text: "A flaw was found in Jetty that permits a plus sign (+) preceding the content-length value in a HTTP/1 header field, which is non-standard and more permissive than RFC. This issue could allow an attacker to request smuggling in conjunction with a server that does not close connections after 400 responses.", title: "Vulnerability description", }, { category: "summary", text: "jetty: Improper validation of HTTP/1 content-length", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.src", "8Base-satellite-6.14:candlepin-selinux-0:4.3.11-1.el8sat.noarch", ], known_not_affected: [ "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-capsule:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14-capsule:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14-capsule:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-utils:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-utils:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debuginfo-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debugsource-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debuginfo-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debugsource-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.src", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.src", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2023-40167", }, { category: "external", summary: "RHBZ#2239634", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2239634", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2023-40167", url: "https://www.cve.org/CVERecord?id=CVE-2023-40167", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2023-40167", url: "https://nvd.nist.gov/vuln/detail/CVE-2023-40167", }, { category: "external", summary: "https://github.com/eclipse/jetty.project/security/advisories/GHSA-hmr7-m48g-48f6", url: "https://github.com/eclipse/jetty.project/security/advisories/GHSA-hmr7-m48g-48f6", }, { category: "external", summary: "https://www.rfc-editor.org/rfc/rfc9110#section-8.6", url: "https://www.rfc-editor.org/rfc/rfc9110#section-8.6", }, ], release_date: "2023-09-19T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-02-13T14:45:57+00:00", details: "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.src", "8Base-satellite-6.14:candlepin-selinux-0:4.3.11-1.el8sat.noarch", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:0797", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5.3, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", version: "3.1", }, products: [ "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-capsule:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14-capsule:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14-capsule:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-utils:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-utils:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.src", "8Base-satellite-6.14:candlepin-selinux-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debuginfo-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debugsource-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debuginfo-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debugsource-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.src", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.src", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "jetty: Improper validation of HTTP/1 content-length", }, { cve: "CVE-2023-40175", cwe: { id: "CWE-444", name: "Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling')", }, discovery_date: "2023-08-18T00:00:00+00:00", flags: [ { label: "vulnerable_code_not_present", product_ids: [ "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-capsule:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14-capsule:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14-capsule:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-utils:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-utils:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.src", "8Base-satellite-6.14:candlepin-selinux-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debuginfo-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debugsource-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.src", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.src", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.src", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.x86_64", ], }, ], ids: [ { system_name: "Red Hat Bugzilla ID", text: "2232729", }, ], notes: [ { category: "description", text: "An HTTP request smuggling attack vulnerability was found in Rubygem Puma. This flaw allows an attacker to gain unauthorized access to sensitive data due to an inconsistent interpretation of HTTP requests.", title: "Vulnerability description", }, { category: "summary", text: "rubygem-puma: HTTP request smuggling when parsing chunked transfer encoding bodies and zero-length content-length headers", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debuginfo-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debugsource-0:6.3.1-1.el8sat.x86_64", ], known_not_affected: [ "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-capsule:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14-capsule:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14-capsule:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-utils:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-utils:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.src", "8Base-satellite-6.14:candlepin-selinux-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debuginfo-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debugsource-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.src", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.src", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.src", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2023-40175", }, { category: "external", summary: "RHBZ#2232729", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2232729", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2023-40175", url: "https://www.cve.org/CVERecord?id=CVE-2023-40175", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2023-40175", url: "https://nvd.nist.gov/vuln/detail/CVE-2023-40175", }, { category: "external", summary: "https://github.com/puma/puma/security/advisories/GHSA-68xg-gqqm-vgj8", url: "https://github.com/puma/puma/security/advisories/GHSA-68xg-gqqm-vgj8", }, ], release_date: "2023-08-18T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-02-13T14:45:57+00:00", details: "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debuginfo-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debugsource-0:6.3.1-1.el8sat.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:0797", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 7.3, baseSeverity: "HIGH", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", version: "3.1", }, products: [ "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-capsule:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14-capsule:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14-capsule:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-utils:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-utils:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.src", "8Base-satellite-6.14:candlepin-selinux-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debuginfo-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debugsource-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debuginfo-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debugsource-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.src", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.src", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "rubygem-puma: HTTP request smuggling when parsing chunked transfer encoding bodies and zero-length content-length headers", }, ], }
RHSA-2024:0797
Vulnerability from csaf_redhat
Published
2024-02-13 14:45
Modified
2025-04-14 02:17
Summary
Red Hat Security Advisory: Satellite 6.14.2 Async Security Update
Notes
Topic
Updated Satellite 6.14 packages that fixes Important security bugs and several
regular bugs are now available for Red Hat Satellite.
Details
Red Hat Satellite is a system management solution that allows organizations
to configure and maintain their systems without the necessity to provide
public Internet access to their servers or other client systems. It
performs provisioning and configuration management of predefined standard
operating environments.
Security fix(es):
* CVE-2023-26049 (puppetserver): Cookie parsing of quoted values can exfiltrate values from other cookies
* CVE-2023-26141 (rubygem-sidekiq): Denial of Service (DoS) in dashboard-charts
* CVE-2023-36479 (puppetserver): Improper addition of quotation marks to user inputs in CgiServlet
* CVE-2023-38545 (puppet-agent): Heap-based buffer overflow in the SOCKS5 proxy handshake
* CVE-2023-40167 (puppetserver): Improper validation of HTTP/1 content-length
* CVE-2023-40175 (rubygem-puma): HTTP request smuggling when parsing chunked transfer encoding bodies and zero-length content-length headers
* CVE-2023-4785 (rubygem-grpc): File descriptor exhaustion leads to denial of service
* CVE-2023-0809, CVE-2023-28366, CVE-2023-3592 (mosquitto): Memory leak leads to unresponsive broker
This update fixes the following bugs:
2250347 - 'Sun, 11 Jun 2023 17:51:29 GMT' could not be parsed at index 0 at java.time.format.DateTimeFormatter.parseResolved
2254974 - satellite-convert2rhel-toolkit install fails on latest rpm with `/usr/bin/bash: /usr/libexec/satellite-convert2rhel-appliance/action-install.sh: No such file or directory`
2255260 - 6.14 - satellite-convert2rhel-toolkit is part of the satellite module
2257321 - Request for UEFI Kickstart Provisioning to handle naming convention for VLAN tagged interfaces of the format <parent_device>.<vlan_id> in addition to vlan<vlan_id>
2257324 - Generate applicability tasks fails with error "ERROR: insert or update on table "katello_content_facet_errata" violates foreign key constraint "katello_content_facet_errata_ca_id"
2257326 - Show failed resources in failed installation report
2257327 - Puppet reports without any messages don't get an origin
2257329 - Host registration fails with error "Attached to can't be blank" when the VLAN name includes UPPERCASE letters
2257330 - default tuning profile leaves httpd MaxClients 150 which httpd raises a warning
2257331 - Registering host through load balancer causes REX not to know what capsule to choose for 'registered_through'
2257332 - Registration can't find any Capsules when their locations are not assigned to admin user
2257415 - Provisioning vm host fails with error "Failed to attach ISO image to CDROM drive of instance client.example.com: InvalidPowerState: The attempted operation cannot be performed in the current state (Powered on)".
2260525 - [Improvement] RefreshRepos step in Capsule Sync to refresh just repos to sync
2262131 - Unable to sync library/busybox from gcr.io
Users of Red Hat Satellite are advised to upgrade to these updated
packages, which fix these bugs.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Updated Satellite 6.14 packages that fixes Important security bugs and several\nregular bugs are now available for Red Hat Satellite.", title: "Topic", }, { category: "general", text: "Red Hat Satellite is a system management solution that allows organizations\nto configure and maintain their systems without the necessity to provide\npublic Internet access to their servers or other client systems. It\nperforms provisioning and configuration management of predefined standard\noperating environments.\n\nSecurity fix(es):\n* CVE-2023-26049 (puppetserver): Cookie parsing of quoted values can exfiltrate values from other cookies\n* CVE-2023-26141 (rubygem-sidekiq): Denial of Service (DoS) in dashboard-charts\n* CVE-2023-36479 (puppetserver): Improper addition of quotation marks to user inputs in CgiServlet\n* CVE-2023-38545 (puppet-agent): Heap-based buffer overflow in the SOCKS5 proxy handshake\n* CVE-2023-40167 (puppetserver): Improper validation of HTTP/1 content-length\n* CVE-2023-40175 (rubygem-puma): HTTP request smuggling when parsing chunked transfer encoding bodies and zero-length content-length headers\n* CVE-2023-4785 (rubygem-grpc): File descriptor exhaustion leads to denial of service\n* CVE-2023-0809, CVE-2023-28366, CVE-2023-3592 (mosquitto): Memory leak leads to unresponsive broker\n\nThis update fixes the following bugs:\n2250347 - 'Sun, 11 Jun 2023 17:51:29 GMT' could not be parsed at index 0 at java.time.format.DateTimeFormatter.parseResolved\n2254974 - satellite-convert2rhel-toolkit install fails on latest rpm with `/usr/bin/bash: /usr/libexec/satellite-convert2rhel-appliance/action-install.sh: No such file or directory`\n2255260 - 6.14 - satellite-convert2rhel-toolkit is part of the satellite module\n2257321 - Request for UEFI Kickstart Provisioning to handle naming convention for VLAN tagged interfaces of the format <parent_device>.<vlan_id> in addition to vlan<vlan_id>\n2257324 - Generate applicability tasks fails with error \"ERROR: insert or update on table \"katello_content_facet_errata\" violates foreign key constraint \"katello_content_facet_errata_ca_id\"\n2257326 - Show failed resources in failed installation report\n2257327 - Puppet reports without any messages don't get an origin\n2257329 - Host registration fails with error \"Attached to can't be blank\" when the VLAN name includes UPPERCASE letters\n2257330 - default tuning profile leaves httpd MaxClients 150 which httpd raises a warning\n2257331 - Registering host through load balancer causes REX not to know what capsule to choose for 'registered_through'\n2257332 - Registration can't find any Capsules when their locations are not assigned to admin user\n2257415 - Provisioning vm host fails with error \"Failed to attach ISO image to CDROM drive of instance client.example.com: InvalidPowerState: The attempted operation cannot be performed in the current state (Powered on)\". \n2260525 - [Improvement] RefreshRepos step in Capsule Sync to refresh just repos to sync \n2262131 - Unable to sync library/busybox from gcr.io \n\nUsers of Red Hat Satellite are advised to upgrade to these updated\npackages, which fix these bugs.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2024:0797", url: "https://access.redhat.com/errata/RHSA-2024:0797", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#important", url: "https://access.redhat.com/security/updates/classification/#important", }, { category: "external", summary: "https://access.redhat.com/documentation/en-us/red_hat_satellite/6.14/html/upgrading_and_updating_red_hat_satellite/index", url: "https://access.redhat.com/documentation/en-us/red_hat_satellite/6.14/html/upgrading_and_updating_red_hat_satellite/index", }, { category: "external", summary: "2232729", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2232729", }, { category: "external", summary: "2236341", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2236341", }, { category: "external", summary: "2236882", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2236882", }, { category: "external", summary: "2239010", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2239010", }, { category: "external", summary: "2239017", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2239017", }, { category: "external", summary: "2239630", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2239630", }, { category: "external", summary: "2239634", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2239634", }, { category: "external", summary: "2241933", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2241933", }, { category: "external", summary: "2250347", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2250347", }, { category: "external", summary: "2254974", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2254974", }, { category: "external", summary: "2255260", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2255260", }, { category: "external", summary: "2257321", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2257321", }, { category: "external", summary: "2257324", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2257324", }, { category: "external", summary: "2257326", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2257326", }, { category: "external", summary: "2257327", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2257327", }, { category: "external", summary: "2257329", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2257329", }, { category: "external", summary: "2257330", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2257330", }, { category: "external", summary: "2257331", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2257331", }, { category: "external", summary: "2257332", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2257332", }, { category: "external", summary: "2257415", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2257415", }, { category: "external", summary: "2260525", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2260525", }, { category: "external", summary: "2262131", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2262131", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_0797.json", }, ], title: "Red Hat Security Advisory: Satellite 6.14.2 Async Security Update", tracking: { current_release_date: "2025-04-14T02:17:45+00:00", generator: { date: "2025-04-14T02:17:45+00:00", engine: { name: "Red Hat SDEngine", version: "4.4.2", }, }, id: "RHSA-2024:0797", initial_release_date: "2024-02-13T14:45:57+00:00", revision_history: [ { date: "2024-02-13T14:45:57+00:00", number: "1", summary: "Initial version", }, { date: "2024-02-13T14:45:57+00:00", number: "2", summary: "Last updated version", }, { date: "2025-04-14T02:17:45+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat Satellite 6.14 for RHEL 8", product: { name: "Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14", product_identification_helper: { cpe: "cpe:/a:redhat:satellite:6.14::el8", }, }, }, { category: "product_name", name: "Red Hat Satellite 6.14 for RHEL 8", product: { name: "Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14-capsule", product_identification_helper: { cpe: "cpe:/a:redhat:satellite_capsule:6.14::el8", }, }, }, { category: "product_name", name: "Red Hat Satellite 6.14 for RHEL 8", product: { name: "Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14-utils", product_identification_helper: { cpe: "cpe:/a:redhat:satellite_utils:6.14::el8", }, }, }, ], category: "product_family", name: "Red Hat Satellite 6", }, { branches: [ { category: "product_version", name: "rubygem-katello-0:4.9.0.21-1.el8sat.src", product: { name: "rubygem-katello-0:4.9.0.21-1.el8sat.src", product_id: "rubygem-katello-0:4.9.0.21-1.el8sat.src", product_identification_helper: { purl: "pkg:rpm/redhat/rubygem-katello@4.9.0.21-1.el8sat?arch=src", }, }, }, { category: "product_version", name: "python-pulp-container-0:2.14.11-1.el8pc.src", product: { name: "python-pulp-container-0:2.14.11-1.el8pc.src", product_id: "python-pulp-container-0:2.14.11-1.el8pc.src", product_identification_helper: { purl: "pkg:rpm/redhat/python-pulp-container@2.14.11-1.el8pc?arch=src", }, }, }, { category: "product_version", name: "candlepin-0:4.3.11-1.el8sat.src", product: { name: "candlepin-0:4.3.11-1.el8sat.src", product_id: "candlepin-0:4.3.11-1.el8sat.src", product_identification_helper: { purl: "pkg:rpm/redhat/candlepin@4.3.11-1.el8sat?arch=src", }, }, }, { category: "product_version", name: "foreman-0:3.7.0.11-2.el8sat.src", product: { name: "foreman-0:3.7.0.11-2.el8sat.src", product_id: "foreman-0:3.7.0.11-2.el8sat.src", product_identification_helper: { purl: "pkg:rpm/redhat/foreman@3.7.0.11-2.el8sat?arch=src", }, }, }, { category: "product_version", name: "mosquitto-0:2.0.17-1.el8sat.src", product: { name: "mosquitto-0:2.0.17-1.el8sat.src", product_id: "mosquitto-0:2.0.17-1.el8sat.src", product_identification_helper: { purl: "pkg:rpm/redhat/mosquitto@2.0.17-1.el8sat?arch=src", }, }, }, { category: "product_version", name: "puppet-agent-0:7.27.0-1.el8sat.src", product: { name: "puppet-agent-0:7.27.0-1.el8sat.src", product_id: "puppet-agent-0:7.27.0-1.el8sat.src", product_identification_helper: { purl: "pkg:rpm/redhat/puppet-agent@7.27.0-1.el8sat?arch=src", }, }, }, { category: "product_version", name: "puppetserver-0:7.14.0-1.el8sat.src", product: { name: "puppetserver-0:7.14.0-1.el8sat.src", product_id: "puppetserver-0:7.14.0-1.el8sat.src", product_identification_helper: { purl: "pkg:rpm/redhat/puppetserver@7.14.0-1.el8sat?arch=src", }, }, }, { category: "product_version", name: "rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.src", product: { name: "rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.src", product_id: "rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.src", product_identification_helper: { purl: "pkg:rpm/redhat/rubygem-foreman_bootdisk@21.2.1-1.el8sat?arch=src", }, }, }, { category: "product_version", name: "rubygem-google-protobuf-0:3.24.3-1.el8sat.src", product: { name: "rubygem-google-protobuf-0:3.24.3-1.el8sat.src", product_id: "rubygem-google-protobuf-0:3.24.3-1.el8sat.src", product_identification_helper: { purl: "pkg:rpm/redhat/rubygem-google-protobuf@3.24.3-1.el8sat?arch=src", }, }, }, { category: "product_version", name: "rubygem-grpc-0:1.58.0-1.el8sat.src", product: { name: "rubygem-grpc-0:1.58.0-1.el8sat.src", product_id: "rubygem-grpc-0:1.58.0-1.el8sat.src", product_identification_helper: { purl: "pkg:rpm/redhat/rubygem-grpc@1.58.0-1.el8sat?arch=src", }, }, }, { category: "product_version", name: "rubygem-kafo-0:7.2.0-1.el8sat.src", product: { name: "rubygem-kafo-0:7.2.0-1.el8sat.src", product_id: "rubygem-kafo-0:7.2.0-1.el8sat.src", product_identification_helper: { purl: "pkg:rpm/redhat/rubygem-kafo@7.2.0-1.el8sat?arch=src", }, }, }, { category: "product_version", name: "rubygem-puma-0:6.3.1-1.el8sat.src", product: { name: "rubygem-puma-0:6.3.1-1.el8sat.src", product_id: "rubygem-puma-0:6.3.1-1.el8sat.src", product_identification_helper: { purl: "pkg:rpm/redhat/rubygem-puma@6.3.1-1.el8sat?arch=src", }, }, }, { category: "product_version", name: "rubygem-sidekiq-0:6.5.12-1.el8sat.src", product: { name: "rubygem-sidekiq-0:6.5.12-1.el8sat.src", product_id: "rubygem-sidekiq-0:6.5.12-1.el8sat.src", product_identification_helper: { purl: "pkg:rpm/redhat/rubygem-sidekiq@6.5.12-1.el8sat?arch=src", }, }, }, { category: "product_version", name: "satellite-0:6.14.2-1.el8sat.src", product: { name: "satellite-0:6.14.2-1.el8sat.src", product_id: "satellite-0:6.14.2-1.el8sat.src", product_identification_helper: { purl: "pkg:rpm/redhat/satellite@6.14.2-1.el8sat?arch=src", }, }, }, { category: "product_version", name: "satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.src", product: { name: "satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.src", product_id: "satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.src", product_identification_helper: { purl: "pkg:rpm/redhat/satellite-convert2rhel-toolkit@1.0.1-1.el8sat?arch=src", }, }, }, { category: "product_version", name: "foreman-installer-1:3.7.0.7-1.el8sat.src", product: { name: "foreman-installer-1:3.7.0.7-1.el8sat.src", product_id: "foreman-installer-1:3.7.0.7-1.el8sat.src", product_identification_helper: { purl: "pkg:rpm/redhat/foreman-installer@3.7.0.7-1.el8sat?arch=src&epoch=1", }, }, }, ], category: "architecture", name: "src", }, { branches: [ { category: "product_version", name: "rubygem-katello-0:4.9.0.21-1.el8sat.noarch", product: { name: "rubygem-katello-0:4.9.0.21-1.el8sat.noarch", product_id: "rubygem-katello-0:4.9.0.21-1.el8sat.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/rubygem-katello@4.9.0.21-1.el8sat?arch=noarch", }, }, }, { category: "product_version", name: "python39-pulp-container-0:2.14.11-1.el8pc.noarch", product: { name: "python39-pulp-container-0:2.14.11-1.el8pc.noarch", product_id: "python39-pulp-container-0:2.14.11-1.el8pc.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/python39-pulp-container@2.14.11-1.el8pc?arch=noarch", }, }, }, { category: "product_version", name: "candlepin-0:4.3.11-1.el8sat.noarch", product: { name: "candlepin-0:4.3.11-1.el8sat.noarch", product_id: "candlepin-0:4.3.11-1.el8sat.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/candlepin@4.3.11-1.el8sat?arch=noarch", }, }, }, { category: "product_version", name: "candlepin-selinux-0:4.3.11-1.el8sat.noarch", product: { name: "candlepin-selinux-0:4.3.11-1.el8sat.noarch", product_id: "candlepin-selinux-0:4.3.11-1.el8sat.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/candlepin-selinux@4.3.11-1.el8sat?arch=noarch", }, }, }, { category: "product_version", name: "foreman-cli-0:3.7.0.11-2.el8sat.noarch", product: { name: "foreman-cli-0:3.7.0.11-2.el8sat.noarch", product_id: "foreman-cli-0:3.7.0.11-2.el8sat.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/foreman-cli@3.7.0.11-2.el8sat?arch=noarch", }, }, }, { category: "product_version", name: "foreman-debug-0:3.7.0.11-2.el8sat.noarch", product: { name: "foreman-debug-0:3.7.0.11-2.el8sat.noarch", product_id: "foreman-debug-0:3.7.0.11-2.el8sat.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/foreman-debug@3.7.0.11-2.el8sat?arch=noarch", }, }, }, { category: "product_version", name: "foreman-0:3.7.0.11-2.el8sat.noarch", product: { name: "foreman-0:3.7.0.11-2.el8sat.noarch", product_id: "foreman-0:3.7.0.11-2.el8sat.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/foreman@3.7.0.11-2.el8sat?arch=noarch", }, }, }, { category: "product_version", name: "foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", product: { name: "foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", product_id: "foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/foreman-dynflow-sidekiq@3.7.0.11-2.el8sat?arch=noarch", }, }, }, { category: "product_version", name: "foreman-ec2-0:3.7.0.11-2.el8sat.noarch", product: { name: "foreman-ec2-0:3.7.0.11-2.el8sat.noarch", product_id: "foreman-ec2-0:3.7.0.11-2.el8sat.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/foreman-ec2@3.7.0.11-2.el8sat?arch=noarch", }, }, }, { category: "product_version", name: "foreman-journald-0:3.7.0.11-2.el8sat.noarch", product: { name: "foreman-journald-0:3.7.0.11-2.el8sat.noarch", product_id: "foreman-journald-0:3.7.0.11-2.el8sat.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/foreman-journald@3.7.0.11-2.el8sat?arch=noarch", }, }, }, { category: "product_version", name: "foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", product: { name: "foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", product_id: "foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/foreman-libvirt@3.7.0.11-2.el8sat?arch=noarch", }, }, }, { category: "product_version", name: "foreman-openstack-0:3.7.0.11-2.el8sat.noarch", product: { name: "foreman-openstack-0:3.7.0.11-2.el8sat.noarch", product_id: "foreman-openstack-0:3.7.0.11-2.el8sat.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/foreman-openstack@3.7.0.11-2.el8sat?arch=noarch", }, }, }, { category: "product_version", name: "foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", product: { name: "foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", product_id: "foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/foreman-ovirt@3.7.0.11-2.el8sat?arch=noarch", }, }, }, { category: "product_version", name: "foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", product: { name: "foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", product_id: "foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/foreman-postgresql@3.7.0.11-2.el8sat?arch=noarch", }, }, }, { category: "product_version", name: "foreman-redis-0:3.7.0.11-2.el8sat.noarch", product: { name: "foreman-redis-0:3.7.0.11-2.el8sat.noarch", product_id: "foreman-redis-0:3.7.0.11-2.el8sat.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/foreman-redis@3.7.0.11-2.el8sat?arch=noarch", }, }, }, { category: "product_version", name: "foreman-service-0:3.7.0.11-2.el8sat.noarch", product: { name: "foreman-service-0:3.7.0.11-2.el8sat.noarch", product_id: "foreman-service-0:3.7.0.11-2.el8sat.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/foreman-service@3.7.0.11-2.el8sat?arch=noarch", }, }, }, { category: "product_version", name: "foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", product: { name: "foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", product_id: "foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/foreman-telemetry@3.7.0.11-2.el8sat?arch=noarch", }, }, }, { category: "product_version", name: "foreman-vmware-0:3.7.0.11-2.el8sat.noarch", product: { name: "foreman-vmware-0:3.7.0.11-2.el8sat.noarch", product_id: "foreman-vmware-0:3.7.0.11-2.el8sat.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/foreman-vmware@3.7.0.11-2.el8sat?arch=noarch", }, }, }, { category: "product_version", name: "puppetserver-0:7.14.0-1.el8sat.noarch", product: { name: "puppetserver-0:7.14.0-1.el8sat.noarch", product_id: "puppetserver-0:7.14.0-1.el8sat.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/puppetserver@7.14.0-1.el8sat?arch=noarch", }, }, }, { category: "product_version", name: "rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.noarch", product: { name: "rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.noarch", product_id: "rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/rubygem-foreman_bootdisk@21.2.1-1.el8sat?arch=noarch", }, }, }, { category: "product_version", name: "rubygem-kafo-0:7.2.0-1.el8sat.noarch", product: { name: "rubygem-kafo-0:7.2.0-1.el8sat.noarch", product_id: "rubygem-kafo-0:7.2.0-1.el8sat.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/rubygem-kafo@7.2.0-1.el8sat?arch=noarch", }, }, }, { category: "product_version", name: "rubygem-sidekiq-0:6.5.12-1.el8sat.noarch", product: { name: "rubygem-sidekiq-0:6.5.12-1.el8sat.noarch", product_id: "rubygem-sidekiq-0:6.5.12-1.el8sat.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/rubygem-sidekiq@6.5.12-1.el8sat?arch=noarch", }, }, }, { category: "product_version", name: "satellite-cli-0:6.14.2-1.el8sat.noarch", product: { name: "satellite-cli-0:6.14.2-1.el8sat.noarch", product_id: "satellite-cli-0:6.14.2-1.el8sat.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/satellite-cli@6.14.2-1.el8sat?arch=noarch", }, }, }, { category: "product_version", name: "satellite-capsule-0:6.14.2-1.el8sat.noarch", product: { name: "satellite-capsule-0:6.14.2-1.el8sat.noarch", product_id: "satellite-capsule-0:6.14.2-1.el8sat.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/satellite-capsule@6.14.2-1.el8sat?arch=noarch", }, }, }, { category: "product_version", name: "satellite-common-0:6.14.2-1.el8sat.noarch", product: { name: "satellite-common-0:6.14.2-1.el8sat.noarch", product_id: "satellite-common-0:6.14.2-1.el8sat.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/satellite-common@6.14.2-1.el8sat?arch=noarch", }, }, }, { category: "product_version", name: "satellite-0:6.14.2-1.el8sat.noarch", product: { name: "satellite-0:6.14.2-1.el8sat.noarch", product_id: "satellite-0:6.14.2-1.el8sat.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/satellite@6.14.2-1.el8sat?arch=noarch", }, }, }, { category: "product_version", name: "foreman-installer-1:3.7.0.7-1.el8sat.noarch", product: { name: "foreman-installer-1:3.7.0.7-1.el8sat.noarch", product_id: "foreman-installer-1:3.7.0.7-1.el8sat.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/foreman-installer@3.7.0.7-1.el8sat?arch=noarch&epoch=1", }, }, }, { category: "product_version", name: "foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", product: { name: "foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", product_id: "foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/foreman-installer-katello@3.7.0.7-1.el8sat?arch=noarch&epoch=1", }, }, }, ], category: "architecture", name: "noarch", }, { branches: [ { category: "product_version", name: "mosquitto-0:2.0.17-1.el8sat.x86_64", product: { name: "mosquitto-0:2.0.17-1.el8sat.x86_64", product_id: "mosquitto-0:2.0.17-1.el8sat.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mosquitto@2.0.17-1.el8sat?arch=x86_64", }, }, }, { category: "product_version", name: "mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", product: { name: "mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", product_id: "mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mosquitto-debugsource@2.0.17-1.el8sat?arch=x86_64", }, }, }, { category: "product_version", name: "mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", product: { name: "mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", product_id: "mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mosquitto-debuginfo@2.0.17-1.el8sat?arch=x86_64", }, }, }, { category: "product_version", name: "puppet-agent-0:7.27.0-1.el8sat.x86_64", product: { name: "puppet-agent-0:7.27.0-1.el8sat.x86_64", product_id: "puppet-agent-0:7.27.0-1.el8sat.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/puppet-agent@7.27.0-1.el8sat?arch=x86_64", }, }, }, { category: "product_version", name: "rubygem-google-protobuf-0:3.24.3-1.el8sat.x86_64", product: { name: "rubygem-google-protobuf-0:3.24.3-1.el8sat.x86_64", product_id: "rubygem-google-protobuf-0:3.24.3-1.el8sat.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/rubygem-google-protobuf@3.24.3-1.el8sat?arch=x86_64", }, }, }, { category: "product_version", name: "rubygem-google-protobuf-debugsource-0:3.24.3-1.el8sat.x86_64", product: { name: "rubygem-google-protobuf-debugsource-0:3.24.3-1.el8sat.x86_64", product_id: "rubygem-google-protobuf-debugsource-0:3.24.3-1.el8sat.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/rubygem-google-protobuf-debugsource@3.24.3-1.el8sat?arch=x86_64", }, }, }, { category: "product_version", name: "rubygem-google-protobuf-debuginfo-0:3.24.3-1.el8sat.x86_64", product: { name: "rubygem-google-protobuf-debuginfo-0:3.24.3-1.el8sat.x86_64", product_id: "rubygem-google-protobuf-debuginfo-0:3.24.3-1.el8sat.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/rubygem-google-protobuf-debuginfo@3.24.3-1.el8sat?arch=x86_64", }, }, }, { category: "product_version", name: "rubygem-grpc-0:1.58.0-1.el8sat.x86_64", product: { name: "rubygem-grpc-0:1.58.0-1.el8sat.x86_64", product_id: "rubygem-grpc-0:1.58.0-1.el8sat.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/rubygem-grpc@1.58.0-1.el8sat?arch=x86_64", }, }, }, { category: "product_version", name: "rubygem-puma-0:6.3.1-1.el8sat.x86_64", product: { name: "rubygem-puma-0:6.3.1-1.el8sat.x86_64", product_id: "rubygem-puma-0:6.3.1-1.el8sat.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/rubygem-puma@6.3.1-1.el8sat?arch=x86_64", }, }, }, { category: "product_version", name: "rubygem-puma-debugsource-0:6.3.1-1.el8sat.x86_64", product: { name: "rubygem-puma-debugsource-0:6.3.1-1.el8sat.x86_64", product_id: "rubygem-puma-debugsource-0:6.3.1-1.el8sat.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/rubygem-puma-debugsource@6.3.1-1.el8sat?arch=x86_64", }, }, }, { category: "product_version", name: "rubygem-puma-debuginfo-0:6.3.1-1.el8sat.x86_64", product: { name: "rubygem-puma-debuginfo-0:6.3.1-1.el8sat.x86_64", product_id: "rubygem-puma-debuginfo-0:6.3.1-1.el8sat.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/rubygem-puma-debuginfo@6.3.1-1.el8sat?arch=x86_64", }, }, }, { category: "product_version", name: "satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.x86_64", product: { name: "satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.x86_64", product_id: "satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/satellite-convert2rhel-toolkit@1.0.1-1.el8sat?arch=x86_64", }, }, }, ], category: "architecture", name: "x86_64", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "foreman-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.noarch", }, product_reference: "foreman-0:3.7.0.11-2.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.14-capsule", }, { category: "default_component_of", full_product_name: { name: "foreman-0:3.7.0.11-2.el8sat.src as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.src", }, product_reference: "foreman-0:3.7.0.11-2.el8sat.src", relates_to_product_reference: "8Base-satellite-6.14-capsule", }, { category: "default_component_of", full_product_name: { name: "foreman-cli-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14-capsule:foreman-cli-0:3.7.0.11-2.el8sat.noarch", }, product_reference: "foreman-cli-0:3.7.0.11-2.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.14-capsule", }, { category: "default_component_of", full_product_name: { name: "foreman-debug-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14-capsule:foreman-debug-0:3.7.0.11-2.el8sat.noarch", }, product_reference: "foreman-debug-0:3.7.0.11-2.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.14-capsule", }, { category: "default_component_of", full_product_name: { name: "foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14-capsule:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", }, product_reference: "foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.14-capsule", }, { category: "default_component_of", full_product_name: { name: "foreman-ec2-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14-capsule:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", }, product_reference: "foreman-ec2-0:3.7.0.11-2.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.14-capsule", }, { category: "default_component_of", full_product_name: { name: "foreman-installer-1:3.7.0.7-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.noarch", }, product_reference: "foreman-installer-1:3.7.0.7-1.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.14-capsule", }, { category: "default_component_of", full_product_name: { name: "foreman-installer-1:3.7.0.7-1.el8sat.src as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.src", }, product_reference: "foreman-installer-1:3.7.0.7-1.el8sat.src", relates_to_product_reference: "8Base-satellite-6.14-capsule", }, { category: "default_component_of", full_product_name: { name: "foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14-capsule:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", }, product_reference: "foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.14-capsule", }, { category: "default_component_of", full_product_name: { name: "foreman-journald-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14-capsule:foreman-journald-0:3.7.0.11-2.el8sat.noarch", }, product_reference: "foreman-journald-0:3.7.0.11-2.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.14-capsule", }, { category: "default_component_of", full_product_name: { name: "foreman-libvirt-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14-capsule:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", }, product_reference: "foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.14-capsule", }, { category: "default_component_of", full_product_name: { name: "foreman-openstack-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14-capsule:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", }, product_reference: "foreman-openstack-0:3.7.0.11-2.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.14-capsule", }, { category: "default_component_of", full_product_name: { name: "foreman-ovirt-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14-capsule:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", }, product_reference: "foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.14-capsule", }, { category: "default_component_of", full_product_name: { name: "foreman-postgresql-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14-capsule:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", }, product_reference: "foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.14-capsule", }, { category: "default_component_of", full_product_name: { name: "foreman-redis-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14-capsule:foreman-redis-0:3.7.0.11-2.el8sat.noarch", }, product_reference: "foreman-redis-0:3.7.0.11-2.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.14-capsule", }, { category: "default_component_of", full_product_name: { name: "foreman-service-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14-capsule:foreman-service-0:3.7.0.11-2.el8sat.noarch", }, product_reference: "foreman-service-0:3.7.0.11-2.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.14-capsule", }, { category: "default_component_of", full_product_name: { name: "foreman-telemetry-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14-capsule:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", }, product_reference: "foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.14-capsule", }, { category: "default_component_of", full_product_name: { name: "foreman-vmware-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14-capsule:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", }, product_reference: "foreman-vmware-0:3.7.0.11-2.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.14-capsule", }, { category: "default_component_of", full_product_name: { name: "mosquitto-0:2.0.17-1.el8sat.src as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.src", }, product_reference: "mosquitto-0:2.0.17-1.el8sat.src", relates_to_product_reference: "8Base-satellite-6.14-capsule", }, { category: "default_component_of", full_product_name: { name: "mosquitto-0:2.0.17-1.el8sat.x86_64 as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64", }, product_reference: "mosquitto-0:2.0.17-1.el8sat.x86_64", relates_to_product_reference: "8Base-satellite-6.14-capsule", }, { category: "default_component_of", full_product_name: { name: "mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64 as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", }, product_reference: "mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", relates_to_product_reference: "8Base-satellite-6.14-capsule", }, { category: "default_component_of", full_product_name: { name: "mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64 as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", }, product_reference: "mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", relates_to_product_reference: "8Base-satellite-6.14-capsule", }, { category: "default_component_of", full_product_name: { name: "puppet-agent-0:7.27.0-1.el8sat.src as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.src", }, product_reference: "puppet-agent-0:7.27.0-1.el8sat.src", relates_to_product_reference: "8Base-satellite-6.14-capsule", }, { category: "default_component_of", full_product_name: { name: "puppet-agent-0:7.27.0-1.el8sat.x86_64 as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.x86_64", }, product_reference: "puppet-agent-0:7.27.0-1.el8sat.x86_64", relates_to_product_reference: "8Base-satellite-6.14-capsule", }, { category: "default_component_of", full_product_name: { name: "puppetserver-0:7.14.0-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.noarch", }, product_reference: "puppetserver-0:7.14.0-1.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.14-capsule", }, { category: "default_component_of", full_product_name: { name: "puppetserver-0:7.14.0-1.el8sat.src as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.src", }, product_reference: "puppetserver-0:7.14.0-1.el8sat.src", relates_to_product_reference: "8Base-satellite-6.14-capsule", }, { category: "default_component_of", full_product_name: { name: "python-pulp-container-0:2.14.11-1.el8pc.src as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14-capsule:python-pulp-container-0:2.14.11-1.el8pc.src", }, product_reference: "python-pulp-container-0:2.14.11-1.el8pc.src", relates_to_product_reference: "8Base-satellite-6.14-capsule", }, { category: "default_component_of", full_product_name: { name: "python39-pulp-container-0:2.14.11-1.el8pc.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch", }, product_reference: "python39-pulp-container-0:2.14.11-1.el8pc.noarch", relates_to_product_reference: "8Base-satellite-6.14-capsule", }, { category: "default_component_of", full_product_name: { name: "rubygem-kafo-0:7.2.0-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.noarch", }, product_reference: "rubygem-kafo-0:7.2.0-1.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.14-capsule", }, { category: "default_component_of", full_product_name: { name: "rubygem-kafo-0:7.2.0-1.el8sat.src as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.src", }, product_reference: "rubygem-kafo-0:7.2.0-1.el8sat.src", relates_to_product_reference: "8Base-satellite-6.14-capsule", }, { category: "default_component_of", full_product_name: { name: "satellite-0:6.14.2-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.noarch", }, product_reference: "satellite-0:6.14.2-1.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.14-capsule", }, { category: "default_component_of", full_product_name: { name: "satellite-0:6.14.2-1.el8sat.src as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.src", }, product_reference: "satellite-0:6.14.2-1.el8sat.src", relates_to_product_reference: "8Base-satellite-6.14-capsule", }, { category: "default_component_of", full_product_name: { name: "satellite-capsule-0:6.14.2-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14-capsule:satellite-capsule-0:6.14.2-1.el8sat.noarch", }, product_reference: "satellite-capsule-0:6.14.2-1.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.14-capsule", }, { category: "default_component_of", full_product_name: { name: "satellite-cli-0:6.14.2-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14-capsule:satellite-cli-0:6.14.2-1.el8sat.noarch", }, product_reference: "satellite-cli-0:6.14.2-1.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.14-capsule", }, { category: "default_component_of", full_product_name: { name: "satellite-common-0:6.14.2-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14-capsule:satellite-common-0:6.14.2-1.el8sat.noarch", }, product_reference: "satellite-common-0:6.14.2-1.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.14-capsule", }, { category: "default_component_of", full_product_name: { name: "foreman-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.noarch", }, product_reference: "foreman-0:3.7.0.11-2.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.14-utils", }, { category: "default_component_of", full_product_name: { name: "foreman-0:3.7.0.11-2.el8sat.src as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.src", }, product_reference: "foreman-0:3.7.0.11-2.el8sat.src", relates_to_product_reference: "8Base-satellite-6.14-utils", }, { category: "default_component_of", full_product_name: { name: "foreman-cli-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14-utils:foreman-cli-0:3.7.0.11-2.el8sat.noarch", }, product_reference: "foreman-cli-0:3.7.0.11-2.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.14-utils", }, { category: "default_component_of", full_product_name: { name: "foreman-debug-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14-utils:foreman-debug-0:3.7.0.11-2.el8sat.noarch", }, product_reference: "foreman-debug-0:3.7.0.11-2.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.14-utils", }, { category: "default_component_of", full_product_name: { name: "foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14-utils:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", }, product_reference: "foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.14-utils", }, { category: "default_component_of", full_product_name: { name: "foreman-ec2-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14-utils:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", }, product_reference: "foreman-ec2-0:3.7.0.11-2.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.14-utils", }, { category: "default_component_of", full_product_name: { name: "foreman-journald-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14-utils:foreman-journald-0:3.7.0.11-2.el8sat.noarch", }, product_reference: "foreman-journald-0:3.7.0.11-2.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.14-utils", }, { category: "default_component_of", full_product_name: { name: "foreman-libvirt-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14-utils:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", }, product_reference: "foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.14-utils", }, { category: "default_component_of", full_product_name: { name: "foreman-openstack-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14-utils:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", }, product_reference: "foreman-openstack-0:3.7.0.11-2.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.14-utils", }, { category: "default_component_of", full_product_name: { name: "foreman-ovirt-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14-utils:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", }, product_reference: "foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.14-utils", }, { category: "default_component_of", full_product_name: { name: "foreman-postgresql-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14-utils:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", }, product_reference: "foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.14-utils", }, { category: "default_component_of", full_product_name: { name: "foreman-redis-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14-utils:foreman-redis-0:3.7.0.11-2.el8sat.noarch", }, product_reference: "foreman-redis-0:3.7.0.11-2.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.14-utils", }, { category: "default_component_of", full_product_name: { name: "foreman-service-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14-utils:foreman-service-0:3.7.0.11-2.el8sat.noarch", }, product_reference: "foreman-service-0:3.7.0.11-2.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.14-utils", }, { category: "default_component_of", full_product_name: { name: "foreman-telemetry-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14-utils:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", }, product_reference: "foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.14-utils", }, { category: "default_component_of", full_product_name: { name: "foreman-vmware-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14-utils:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", }, product_reference: "foreman-vmware-0:3.7.0.11-2.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.14-utils", }, { category: "default_component_of", full_product_name: { name: "satellite-0:6.14.2-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.noarch", }, product_reference: "satellite-0:6.14.2-1.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.14-utils", }, { category: "default_component_of", full_product_name: { name: "satellite-0:6.14.2-1.el8sat.src as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.src", }, product_reference: "satellite-0:6.14.2-1.el8sat.src", relates_to_product_reference: "8Base-satellite-6.14-utils", }, { category: "default_component_of", full_product_name: { name: "satellite-capsule-0:6.14.2-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14-utils:satellite-capsule-0:6.14.2-1.el8sat.noarch", }, product_reference: "satellite-capsule-0:6.14.2-1.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.14-utils", }, { category: "default_component_of", full_product_name: { name: "satellite-cli-0:6.14.2-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14-utils:satellite-cli-0:6.14.2-1.el8sat.noarch", }, product_reference: "satellite-cli-0:6.14.2-1.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.14-utils", }, { category: "default_component_of", full_product_name: { name: "satellite-common-0:6.14.2-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14-utils:satellite-common-0:6.14.2-1.el8sat.noarch", }, product_reference: "satellite-common-0:6.14.2-1.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.14-utils", }, { category: "default_component_of", full_product_name: { name: "candlepin-0:4.3.11-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.noarch", }, product_reference: "candlepin-0:4.3.11-1.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.14", }, { category: "default_component_of", full_product_name: { name: "candlepin-0:4.3.11-1.el8sat.src as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.src", }, product_reference: "candlepin-0:4.3.11-1.el8sat.src", relates_to_product_reference: "8Base-satellite-6.14", }, { category: "default_component_of", full_product_name: { name: "candlepin-selinux-0:4.3.11-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14:candlepin-selinux-0:4.3.11-1.el8sat.noarch", }, product_reference: "candlepin-selinux-0:4.3.11-1.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.14", }, { category: "default_component_of", full_product_name: { name: "foreman-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.noarch", }, product_reference: "foreman-0:3.7.0.11-2.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.14", }, { category: "default_component_of", full_product_name: { name: "foreman-0:3.7.0.11-2.el8sat.src as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.src", }, product_reference: "foreman-0:3.7.0.11-2.el8sat.src", relates_to_product_reference: "8Base-satellite-6.14", }, { category: "default_component_of", full_product_name: { name: "foreman-cli-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14:foreman-cli-0:3.7.0.11-2.el8sat.noarch", }, product_reference: "foreman-cli-0:3.7.0.11-2.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.14", }, { category: "default_component_of", full_product_name: { name: "foreman-debug-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14:foreman-debug-0:3.7.0.11-2.el8sat.noarch", }, product_reference: "foreman-debug-0:3.7.0.11-2.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.14", }, { category: "default_component_of", full_product_name: { name: "foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", }, product_reference: "foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.14", }, { category: "default_component_of", full_product_name: { name: "foreman-ec2-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", }, product_reference: "foreman-ec2-0:3.7.0.11-2.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.14", }, { category: "default_component_of", full_product_name: { name: "foreman-installer-1:3.7.0.7-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.noarch", }, product_reference: "foreman-installer-1:3.7.0.7-1.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.14", }, { category: "default_component_of", full_product_name: { name: "foreman-installer-1:3.7.0.7-1.el8sat.src as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.src", }, product_reference: "foreman-installer-1:3.7.0.7-1.el8sat.src", relates_to_product_reference: "8Base-satellite-6.14", }, { category: "default_component_of", full_product_name: { name: "foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", }, product_reference: "foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.14", }, { category: "default_component_of", full_product_name: { name: "foreman-journald-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14:foreman-journald-0:3.7.0.11-2.el8sat.noarch", }, product_reference: "foreman-journald-0:3.7.0.11-2.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.14", }, { category: "default_component_of", full_product_name: { name: "foreman-libvirt-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", }, product_reference: "foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.14", }, { category: "default_component_of", full_product_name: { name: "foreman-openstack-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", }, product_reference: "foreman-openstack-0:3.7.0.11-2.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.14", }, { category: "default_component_of", full_product_name: { name: "foreman-ovirt-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", }, product_reference: "foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.14", }, { category: "default_component_of", full_product_name: { name: "foreman-postgresql-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", }, product_reference: "foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.14", }, { category: "default_component_of", full_product_name: { name: "foreman-redis-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14:foreman-redis-0:3.7.0.11-2.el8sat.noarch", }, product_reference: "foreman-redis-0:3.7.0.11-2.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.14", }, { category: "default_component_of", full_product_name: { name: "foreman-service-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14:foreman-service-0:3.7.0.11-2.el8sat.noarch", }, product_reference: "foreman-service-0:3.7.0.11-2.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.14", }, { category: "default_component_of", full_product_name: { name: "foreman-telemetry-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", }, product_reference: "foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.14", }, { category: "default_component_of", full_product_name: { name: "foreman-vmware-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", }, product_reference: "foreman-vmware-0:3.7.0.11-2.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.14", }, { category: "default_component_of", full_product_name: { name: "mosquitto-0:2.0.17-1.el8sat.src as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.src", }, product_reference: "mosquitto-0:2.0.17-1.el8sat.src", relates_to_product_reference: "8Base-satellite-6.14", }, { category: "default_component_of", full_product_name: { name: "mosquitto-0:2.0.17-1.el8sat.x86_64 as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.x86_64", }, product_reference: "mosquitto-0:2.0.17-1.el8sat.x86_64", relates_to_product_reference: "8Base-satellite-6.14", }, { category: "default_component_of", full_product_name: { name: "mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64 as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", }, product_reference: "mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", relates_to_product_reference: "8Base-satellite-6.14", }, { category: "default_component_of", full_product_name: { name: "mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64 as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", }, product_reference: "mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", relates_to_product_reference: "8Base-satellite-6.14", }, { category: "default_component_of", full_product_name: { name: "puppet-agent-0:7.27.0-1.el8sat.src as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.src", }, product_reference: "puppet-agent-0:7.27.0-1.el8sat.src", relates_to_product_reference: "8Base-satellite-6.14", }, { category: "default_component_of", full_product_name: { name: "puppet-agent-0:7.27.0-1.el8sat.x86_64 as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.x86_64", }, product_reference: "puppet-agent-0:7.27.0-1.el8sat.x86_64", relates_to_product_reference: "8Base-satellite-6.14", }, { category: "default_component_of", full_product_name: { name: "puppetserver-0:7.14.0-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.noarch", }, product_reference: "puppetserver-0:7.14.0-1.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.14", }, { category: "default_component_of", full_product_name: { name: "puppetserver-0:7.14.0-1.el8sat.src as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.src", }, product_reference: "puppetserver-0:7.14.0-1.el8sat.src", relates_to_product_reference: "8Base-satellite-6.14", }, { category: "default_component_of", full_product_name: { name: "python-pulp-container-0:2.14.11-1.el8pc.src as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14:python-pulp-container-0:2.14.11-1.el8pc.src", }, product_reference: "python-pulp-container-0:2.14.11-1.el8pc.src", relates_to_product_reference: "8Base-satellite-6.14", }, { category: "default_component_of", full_product_name: { name: "python39-pulp-container-0:2.14.11-1.el8pc.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14:python39-pulp-container-0:2.14.11-1.el8pc.noarch", }, product_reference: "python39-pulp-container-0:2.14.11-1.el8pc.noarch", relates_to_product_reference: "8Base-satellite-6.14", }, { category: "default_component_of", full_product_name: { name: "rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.noarch", }, product_reference: "rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.14", }, { category: "default_component_of", full_product_name: { name: "rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.src as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.src", }, product_reference: "rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.src", relates_to_product_reference: "8Base-satellite-6.14", }, { category: "default_component_of", full_product_name: { name: "rubygem-google-protobuf-0:3.24.3-1.el8sat.src as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.src", }, product_reference: "rubygem-google-protobuf-0:3.24.3-1.el8sat.src", relates_to_product_reference: "8Base-satellite-6.14", }, { category: "default_component_of", full_product_name: { name: "rubygem-google-protobuf-0:3.24.3-1.el8sat.x86_64 as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.x86_64", }, product_reference: "rubygem-google-protobuf-0:3.24.3-1.el8sat.x86_64", relates_to_product_reference: "8Base-satellite-6.14", }, { category: "default_component_of", full_product_name: { name: "rubygem-google-protobuf-debuginfo-0:3.24.3-1.el8sat.x86_64 as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14:rubygem-google-protobuf-debuginfo-0:3.24.3-1.el8sat.x86_64", }, product_reference: "rubygem-google-protobuf-debuginfo-0:3.24.3-1.el8sat.x86_64", relates_to_product_reference: "8Base-satellite-6.14", }, { category: "default_component_of", full_product_name: { name: "rubygem-google-protobuf-debugsource-0:3.24.3-1.el8sat.x86_64 as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14:rubygem-google-protobuf-debugsource-0:3.24.3-1.el8sat.x86_64", }, product_reference: "rubygem-google-protobuf-debugsource-0:3.24.3-1.el8sat.x86_64", relates_to_product_reference: "8Base-satellite-6.14", }, { category: "default_component_of", full_product_name: { name: "rubygem-grpc-0:1.58.0-1.el8sat.src as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.src", }, product_reference: "rubygem-grpc-0:1.58.0-1.el8sat.src", relates_to_product_reference: "8Base-satellite-6.14", }, { category: "default_component_of", full_product_name: { name: "rubygem-grpc-0:1.58.0-1.el8sat.x86_64 as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.x86_64", }, product_reference: "rubygem-grpc-0:1.58.0-1.el8sat.x86_64", relates_to_product_reference: "8Base-satellite-6.14", }, { category: "default_component_of", full_product_name: { name: "rubygem-kafo-0:7.2.0-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.noarch", }, product_reference: "rubygem-kafo-0:7.2.0-1.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.14", }, { category: "default_component_of", full_product_name: { name: "rubygem-kafo-0:7.2.0-1.el8sat.src as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.src", }, product_reference: "rubygem-kafo-0:7.2.0-1.el8sat.src", relates_to_product_reference: "8Base-satellite-6.14", }, { category: "default_component_of", full_product_name: { name: "rubygem-katello-0:4.9.0.21-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.noarch", }, product_reference: "rubygem-katello-0:4.9.0.21-1.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.14", }, { category: "default_component_of", full_product_name: { name: "rubygem-katello-0:4.9.0.21-1.el8sat.src as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.src", }, product_reference: "rubygem-katello-0:4.9.0.21-1.el8sat.src", relates_to_product_reference: "8Base-satellite-6.14", }, { category: "default_component_of", full_product_name: { name: "rubygem-puma-0:6.3.1-1.el8sat.src as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.src", }, product_reference: "rubygem-puma-0:6.3.1-1.el8sat.src", relates_to_product_reference: "8Base-satellite-6.14", }, { category: "default_component_of", full_product_name: { name: "rubygem-puma-0:6.3.1-1.el8sat.x86_64 as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.x86_64", }, product_reference: "rubygem-puma-0:6.3.1-1.el8sat.x86_64", relates_to_product_reference: "8Base-satellite-6.14", }, { category: "default_component_of", full_product_name: { name: "rubygem-puma-debuginfo-0:6.3.1-1.el8sat.x86_64 as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14:rubygem-puma-debuginfo-0:6.3.1-1.el8sat.x86_64", }, product_reference: "rubygem-puma-debuginfo-0:6.3.1-1.el8sat.x86_64", relates_to_product_reference: "8Base-satellite-6.14", }, { category: "default_component_of", full_product_name: { name: "rubygem-puma-debugsource-0:6.3.1-1.el8sat.x86_64 as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14:rubygem-puma-debugsource-0:6.3.1-1.el8sat.x86_64", }, product_reference: "rubygem-puma-debugsource-0:6.3.1-1.el8sat.x86_64", relates_to_product_reference: "8Base-satellite-6.14", }, { category: "default_component_of", full_product_name: { name: "rubygem-sidekiq-0:6.5.12-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.noarch", }, product_reference: "rubygem-sidekiq-0:6.5.12-1.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.14", }, { category: "default_component_of", full_product_name: { name: "rubygem-sidekiq-0:6.5.12-1.el8sat.src as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.src", }, product_reference: "rubygem-sidekiq-0:6.5.12-1.el8sat.src", relates_to_product_reference: "8Base-satellite-6.14", }, { category: "default_component_of", full_product_name: { name: "satellite-0:6.14.2-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.noarch", }, product_reference: "satellite-0:6.14.2-1.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.14", }, { category: "default_component_of", full_product_name: { name: "satellite-0:6.14.2-1.el8sat.src as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.src", }, product_reference: "satellite-0:6.14.2-1.el8sat.src", relates_to_product_reference: "8Base-satellite-6.14", }, { category: "default_component_of", full_product_name: { name: "satellite-capsule-0:6.14.2-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14:satellite-capsule-0:6.14.2-1.el8sat.noarch", }, product_reference: "satellite-capsule-0:6.14.2-1.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.14", }, { category: "default_component_of", full_product_name: { name: "satellite-cli-0:6.14.2-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14:satellite-cli-0:6.14.2-1.el8sat.noarch", }, product_reference: "satellite-cli-0:6.14.2-1.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.14", }, { category: "default_component_of", full_product_name: { name: "satellite-common-0:6.14.2-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14:satellite-common-0:6.14.2-1.el8sat.noarch", }, product_reference: "satellite-common-0:6.14.2-1.el8sat.noarch", relates_to_product_reference: "8Base-satellite-6.14", }, { category: "default_component_of", full_product_name: { name: "satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.src as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.src", }, product_reference: "satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.src", relates_to_product_reference: "8Base-satellite-6.14", }, { category: "default_component_of", full_product_name: { name: "satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.x86_64 as a component of Red Hat Satellite 6.14 for RHEL 8", product_id: "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.x86_64", }, product_reference: "satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.x86_64", relates_to_product_reference: "8Base-satellite-6.14", }, ], }, vulnerabilities: [ { cve: "CVE-2023-0809", cwe: { id: "CWE-401", name: "Missing Release of Memory after Effective Lifetime", }, discovery_date: "2023-09-01T00:00:00+00:00", flags: [ { label: "vulnerable_code_not_present", product_ids: [ "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-capsule:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14-capsule:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14-capsule:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-utils:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-utils:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.src", "8Base-satellite-6.14:candlepin-selinux-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debuginfo-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debugsource-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debuginfo-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debugsource-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.src", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.src", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.x86_64", ], }, ], ids: [ { system_name: "Red Hat Bugzilla ID", text: "2236882", }, ], notes: [ { category: "description", text: "A memory leak vulnerability was found in Eclipse Mosquitto. This issue is triggered by malicious initial packets or certain client actions and may allow a remote attacker to the deplete system resources causing memory exhaustion, leading to a disruption in services and a denial of service condition.", title: "Vulnerability description", }, { category: "summary", text: "mosquitto: memory leak leads to unresponsive broker", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", ], known_not_affected: [ "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-capsule:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14-capsule:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14-capsule:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-utils:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-utils:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.src", "8Base-satellite-6.14:candlepin-selinux-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debuginfo-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debugsource-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debuginfo-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debugsource-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.src", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.src", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2023-0809", }, { category: "external", summary: "RHBZ#2236882", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2236882", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2023-0809", url: "https://www.cve.org/CVERecord?id=CVE-2023-0809", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2023-0809", url: "https://nvd.nist.gov/vuln/detail/CVE-2023-0809", }, { category: "external", summary: "https://github.com/eclipse/mosquitto/commit/6113eac95a9df634fbc858be542c4a0456bfe7b9", url: "https://github.com/eclipse/mosquitto/commit/6113eac95a9df634fbc858be542c4a0456bfe7b9", }, ], release_date: "2023-09-01T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-02-13T14:45:57+00:00", details: "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:0797", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-capsule:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14-capsule:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14-capsule:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-utils:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-utils:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.src", "8Base-satellite-6.14:candlepin-selinux-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debuginfo-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debugsource-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debuginfo-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debugsource-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.src", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.src", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "mosquitto: memory leak leads to unresponsive broker", }, { cve: "CVE-2023-3592", cwe: { id: "CWE-401", name: "Missing Release of Memory after Effective Lifetime", }, discovery_date: "2023-09-01T00:00:00+00:00", flags: [ { label: "vulnerable_code_not_present", product_ids: [ "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-capsule:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14-capsule:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14-capsule:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-utils:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-utils:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.src", "8Base-satellite-6.14:candlepin-selinux-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debuginfo-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debugsource-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debuginfo-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debugsource-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.src", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.src", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.x86_64", ], }, ], ids: [ { system_name: "Red Hat Bugzilla ID", text: "2236882", }, ], notes: [ { category: "description", text: "A memory leak vulnerability was found in Eclipse Mosquitto. This issue is triggered by malicious initial packets or certain client actions and may allow a remote attacker to the deplete system resources causing memory exhaustion, leading to a disruption in services and a denial of service condition.", title: "Vulnerability description", }, { category: "summary", text: "mosquitto: memory leak leads to unresponsive broker", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", ], known_not_affected: [ "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-capsule:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14-capsule:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14-capsule:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-utils:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-utils:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.src", "8Base-satellite-6.14:candlepin-selinux-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debuginfo-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debugsource-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debuginfo-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debugsource-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.src", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.src", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2023-3592", }, { category: "external", summary: "RHBZ#2236882", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2236882", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2023-3592", url: "https://www.cve.org/CVERecord?id=CVE-2023-3592", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2023-3592", url: "https://nvd.nist.gov/vuln/detail/CVE-2023-3592", }, { category: "external", summary: "https://github.com/eclipse/mosquitto/commit/6113eac95a9df634fbc858be542c4a0456bfe7b9", url: "https://github.com/eclipse/mosquitto/commit/6113eac95a9df634fbc858be542c4a0456bfe7b9", }, ], release_date: "2023-09-01T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-02-13T14:45:57+00:00", details: "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:0797", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-capsule:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14-capsule:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14-capsule:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-utils:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-utils:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.src", "8Base-satellite-6.14:candlepin-selinux-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debuginfo-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debugsource-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debuginfo-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debugsource-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.src", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.src", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "mosquitto: memory leak leads to unresponsive broker", }, { cve: "CVE-2023-4785", cwe: { id: "CWE-248", name: "Uncaught Exception", }, discovery_date: "2023-09-14T00:00:00+00:00", flags: [ { label: "vulnerable_code_not_present", product_ids: [ "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-capsule:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14-capsule:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14-capsule:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-utils:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-utils:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.src", "8Base-satellite-6.14:candlepin-selinux-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debuginfo-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debugsource-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debuginfo-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debugsource-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.src", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.src", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.x86_64", ], }, ], ids: [ { system_name: "Red Hat Bugzilla ID", text: "2239017", }, ], notes: [ { category: "description", text: "A flaw was found in gRPC. Lack of error handling in the TCP server in Google's gRPC, starting in version 1.23 on POSIX-compatible platforms (for example, Linux), allows an attacker to cause a denial of service by initiating a significant number of connections with the server. Note that gRPC C++, Python, and Ruby are affected, but gRPC Java and Go are NOT affected.", title: "Vulnerability description", }, { category: "summary", text: "gRPC: file descriptor exhaustion leads to denial of service", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.x86_64", ], known_not_affected: [ "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-capsule:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14-capsule:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14-capsule:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-utils:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-utils:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.src", "8Base-satellite-6.14:candlepin-selinux-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debuginfo-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debugsource-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debuginfo-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debugsource-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.src", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.src", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2023-4785", }, { category: "external", summary: "RHBZ#2239017", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2239017", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2023-4785", url: "https://www.cve.org/CVERecord?id=CVE-2023-4785", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2023-4785", url: "https://nvd.nist.gov/vuln/detail/CVE-2023-4785", }, { category: "external", summary: "https://github.com/advisories/GHSA-p25m-jpj4-qcrr", url: "https://github.com/advisories/GHSA-p25m-jpj4-qcrr", }, { category: "external", summary: "https://github.com/grpc/grpc/pull/33656", url: "https://github.com/grpc/grpc/pull/33656", }, { category: "external", summary: "https://github.com/grpc/grpc/pull/33667", url: "https://github.com/grpc/grpc/pull/33667", }, { category: "external", summary: "https://github.com/grpc/grpc/pull/33669", url: "https://github.com/grpc/grpc/pull/33669", }, { category: "external", summary: "https://github.com/grpc/grpc/pull/33670", url: "https://github.com/grpc/grpc/pull/33670", }, { category: "external", summary: "https://github.com/grpc/grpc/pull/33672", url: "https://github.com/grpc/grpc/pull/33672", }, ], release_date: "2023-09-14T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-02-13T14:45:57+00:00", details: "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:0797", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-capsule:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14-capsule:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14-capsule:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-utils:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-utils:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.src", "8Base-satellite-6.14:candlepin-selinux-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debuginfo-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debugsource-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debuginfo-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debugsource-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.src", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.src", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "gRPC: file descriptor exhaustion leads to denial of service", }, { cve: "CVE-2023-26049", cwe: { id: "CWE-1286", name: "Improper Validation of Syntactic Correctness of Input", }, discovery_date: "2023-08-30T00:00:00+00:00", flags: [ { label: "vulnerable_code_not_present", product_ids: [ "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-capsule:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14-capsule:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-utils:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-utils:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.src", "8Base-satellite-6.14:candlepin-selinux-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debuginfo-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debugsource-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debuginfo-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debugsource-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.src", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.src", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.x86_64", ], }, ], ids: [ { system_name: "Red Hat Bugzilla ID", text: "2236341", }, ], notes: [ { category: "description", text: "A flaw was found in the jetty-server package. Nonstandard cookie parsing in Jetty may allow an attacker to smuggle cookies within other cookies or otherwise perform unintended behavior by tampering with the cookie parsing mechanism.", title: "Vulnerability description", }, { category: "summary", text: "jetty-server: Cookie parsing of quoted values can exfiltrate values from other cookies", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.src", ], known_not_affected: [ "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-capsule:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14-capsule:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-utils:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-utils:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.src", "8Base-satellite-6.14:candlepin-selinux-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debuginfo-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debugsource-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debuginfo-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debugsource-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.src", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.src", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2023-26049", }, { category: "external", summary: "RHBZ#2236341", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2236341", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2023-26049", url: "https://www.cve.org/CVERecord?id=CVE-2023-26049", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2023-26049", url: "https://nvd.nist.gov/vuln/detail/CVE-2023-26049", }, { category: "external", summary: "https://github.com/eclipse/jetty.project/security/advisories/GHSA-p26g-97m4-6q7c", url: "https://github.com/eclipse/jetty.project/security/advisories/GHSA-p26g-97m4-6q7c", }, ], release_date: "2023-04-18T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-02-13T14:45:57+00:00", details: "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.src", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:0797", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5.3, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", version: "3.1", }, products: [ "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-capsule:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14-capsule:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14-capsule:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-utils:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-utils:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.src", "8Base-satellite-6.14:candlepin-selinux-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debuginfo-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debugsource-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debuginfo-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debugsource-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.src", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.src", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "jetty-server: Cookie parsing of quoted values can exfiltrate values from other cookies", }, { cve: "CVE-2023-26141", cwe: { id: "CWE-400", name: "Uncontrolled Resource Consumption", }, discovery_date: "2023-09-14T00:00:00+00:00", flags: [ { label: "vulnerable_code_not_present", product_ids: [ "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-capsule:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14-capsule:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14-capsule:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-utils:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-utils:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.src", "8Base-satellite-6.14:candlepin-selinux-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debuginfo-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debugsource-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debuginfo-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debugsource-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.src", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.x86_64", ], }, ], ids: [ { system_name: "Red Hat Bugzilla ID", text: "2239010", }, ], notes: [ { category: "description", text: "A denial of service vulnerability was found in Sidekiq. This flaw allows an attacker to manipulate the localStorage value in the dashboard-charts.js file and cause excessive polling requests.", title: "Vulnerability description", }, { category: "summary", text: "sidekiq: DoS in dashboard-charts", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.src", ], known_not_affected: [ "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-capsule:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14-capsule:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14-capsule:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-utils:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-utils:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.src", "8Base-satellite-6.14:candlepin-selinux-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debuginfo-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debugsource-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debuginfo-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debugsource-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.src", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2023-26141", }, { category: "external", summary: "RHBZ#2239010", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2239010", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2023-26141", url: "https://www.cve.org/CVERecord?id=CVE-2023-26141", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2023-26141", url: "https://nvd.nist.gov/vuln/detail/CVE-2023-26141", }, { category: "external", summary: "https://github.com/sidekiq/sidekiq/commit/62c90d7c5a7d8a378d79909859d87c2e0702bf89", url: "https://github.com/sidekiq/sidekiq/commit/62c90d7c5a7d8a378d79909859d87c2e0702bf89", }, ], release_date: "2023-09-14T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-02-13T14:45:57+00:00", details: "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.src", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:0797", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-capsule:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14-capsule:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14-capsule:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-utils:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-utils:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.src", "8Base-satellite-6.14:candlepin-selinux-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debuginfo-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debugsource-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debuginfo-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debugsource-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.src", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.src", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "sidekiq: DoS in dashboard-charts", }, { cve: "CVE-2023-28366", cwe: { id: "CWE-401", name: "Missing Release of Memory after Effective Lifetime", }, discovery_date: "2023-09-01T00:00:00+00:00", flags: [ { label: "vulnerable_code_not_present", product_ids: [ "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-capsule:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14-capsule:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14-capsule:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-utils:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-utils:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.src", "8Base-satellite-6.14:candlepin-selinux-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debuginfo-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debugsource-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debuginfo-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debugsource-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.src", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.src", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.x86_64", ], }, ], ids: [ { system_name: "Red Hat Bugzilla ID", text: "2236882", }, ], notes: [ { category: "description", text: "A memory leak vulnerability was found in Eclipse Mosquitto. This issue is triggered by malicious initial packets or certain client actions and may allow a remote attacker to the deplete system resources causing memory exhaustion, leading to a disruption in services and a denial of service condition.", title: "Vulnerability description", }, { category: "summary", text: "mosquitto: memory leak leads to unresponsive broker", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", ], known_not_affected: [ "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-capsule:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14-capsule:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14-capsule:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-utils:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-utils:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.src", "8Base-satellite-6.14:candlepin-selinux-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debuginfo-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debugsource-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debuginfo-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debugsource-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.src", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.src", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2023-28366", }, { category: "external", summary: "RHBZ#2236882", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2236882", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2023-28366", url: "https://www.cve.org/CVERecord?id=CVE-2023-28366", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2023-28366", url: "https://nvd.nist.gov/vuln/detail/CVE-2023-28366", }, { category: "external", summary: "https://github.com/eclipse/mosquitto/commit/6113eac95a9df634fbc858be542c4a0456bfe7b9", url: "https://github.com/eclipse/mosquitto/commit/6113eac95a9df634fbc858be542c4a0456bfe7b9", }, ], release_date: "2023-09-01T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-02-13T14:45:57+00:00", details: "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:0797", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-capsule:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14-capsule:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14-capsule:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-utils:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-utils:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.src", "8Base-satellite-6.14:candlepin-selinux-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debuginfo-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debugsource-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debuginfo-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debugsource-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.src", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.src", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "mosquitto: memory leak leads to unresponsive broker", }, { cve: "CVE-2023-36479", cwe: { id: "CWE-149", name: "Improper Neutralization of Quoting Syntax", }, discovery_date: "2023-09-19T00:00:00+00:00", flags: [ { label: "vulnerable_code_not_present", product_ids: [ "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-capsule:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14-capsule:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14-capsule:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-utils:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-utils:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debuginfo-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debugsource-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debuginfo-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debugsource-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.src", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.src", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.x86_64", ], }, ], ids: [ { system_name: "Red Hat Bugzilla ID", text: "2239630", }, ], notes: [ { category: "description", text: "A flaw was found in Jetty's CGI servlet which permits incorrect command execution in specific circumstances such as requests with certain characters in requested filenames. This issue could allow an attacker to run permitted commands other than the one requested.", title: "Vulnerability description", }, { category: "summary", text: "jetty: Improper addition of quotation marks to user inputs in CgiServlet", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.src", "8Base-satellite-6.14:candlepin-selinux-0:4.3.11-1.el8sat.noarch", ], known_not_affected: [ "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-capsule:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14-capsule:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14-capsule:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-utils:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-utils:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debuginfo-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debugsource-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debuginfo-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debugsource-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.src", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.src", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2023-36479", }, { category: "external", summary: "RHBZ#2239630", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2239630", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2023-36479", url: "https://www.cve.org/CVERecord?id=CVE-2023-36479", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2023-36479", url: "https://nvd.nist.gov/vuln/detail/CVE-2023-36479", }, ], release_date: "2023-09-19T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-02-13T14:45:57+00:00", details: "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.src", "8Base-satellite-6.14:candlepin-selinux-0:4.3.11-1.el8sat.noarch", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:0797", }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 3.5, baseSeverity: "LOW", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:N/I:L/A:N", version: "3.1", }, products: [ "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-capsule:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14-capsule:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14-capsule:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-utils:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-utils:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.src", "8Base-satellite-6.14:candlepin-selinux-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debuginfo-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debugsource-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debuginfo-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debugsource-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.src", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.src", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.x86_64", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "jetty: Improper addition of quotation marks to user inputs in CgiServlet", }, { acknowledgments: [ { names: [ "Jay Satiro", ], }, ], cve: "CVE-2023-38545", cwe: { id: "CWE-119", name: "Improper Restriction of Operations within the Bounds of a Memory Buffer", }, discovery_date: "2023-10-03T00:00:00+00:00", flags: [ { label: "vulnerable_code_not_present", product_ids: [ "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-capsule:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14-capsule:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14-capsule:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-utils:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-utils:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.src", "8Base-satellite-6.14:candlepin-selinux-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debuginfo-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debugsource-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debuginfo-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debugsource-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.src", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.src", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.x86_64", ], }, ], ids: [ { system_name: "Red Hat Bugzilla ID", text: "2241933", }, ], notes: [ { category: "description", text: "A heap-based buffer overflow flaw was found in the SOCKS5 proxy handshake in the Curl package. If Curl is unable to resolve the address itself, it passes the hostname to the SOCKS5 proxy. However, the maximum length of the hostname that can be passed is 255 bytes. If the hostname is longer, then Curl switches to the local name resolving and passes the resolved address only to the proxy. The local variable that instructs Curl to \"let the host resolve the name\" could obtain the wrong value during a slow SOCKS5 handshake, resulting in the too-long hostname being copied to the target buffer instead of the resolved address, which was not the intended behavior.", title: "Vulnerability description", }, { category: "summary", text: "curl: heap based buffer overflow in the SOCKS5 proxy handshake", title: "Vulnerability summary", }, { category: "other", text: "This flaw does not affect the versions of curl as shipped with Red Hat Enterprise Linux 6, 7, and 8.\n\nAn overflow is only possible in applications that do not set `CURLOPT_BUFFERSIZE`, or set it smaller than approximately 65kB. Since the curl tool sets `CURLOPT_BUFFERSIZE` to 100kB by default, it is not vulnerable unless rate limiting was set by the user to a size smaller than 65kB.\n\nKnowledgebase article:\n\nhttps://access.redhat.com/solutions/7045099", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.x86_64", ], known_not_affected: [ "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-capsule:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14-capsule:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14-capsule:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-utils:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-utils:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.src", "8Base-satellite-6.14:candlepin-selinux-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debuginfo-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debugsource-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debuginfo-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debugsource-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.src", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.src", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2023-38545", }, { category: "external", summary: "RHBZ#2241933", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2241933", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2023-38545", url: "https://www.cve.org/CVERecord?id=CVE-2023-38545", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2023-38545", url: "https://nvd.nist.gov/vuln/detail/CVE-2023-38545", }, { category: "external", summary: "https://curl.se/docs/CVE-2023-38545.html", url: "https://curl.se/docs/CVE-2023-38545.html", }, ], release_date: "2023-10-11T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-02-13T14:45:57+00:00", details: "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:0797", }, { category: "workaround", details: "To avoid this issue, we recommend you do not use `CURLPROXY_SOCKS5_HOSTNAME` proxies with curl. Also do not set a proxy environment variable to socks5h://", product_ids: [ "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-capsule:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14-capsule:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14-capsule:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-utils:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-utils:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.src", "8Base-satellite-6.14:candlepin-selinux-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debuginfo-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debugsource-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debuginfo-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debugsource-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.src", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.src", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.1, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-capsule:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14-capsule:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14-capsule:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-utils:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-utils:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.src", "8Base-satellite-6.14:candlepin-selinux-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debuginfo-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debugsource-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debuginfo-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debugsource-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.src", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.src", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.x86_64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "curl: heap based buffer overflow in the SOCKS5 proxy handshake", }, { cve: "CVE-2023-40167", cwe: { id: "CWE-130", name: "Improper Handling of Length Parameter Inconsistency", }, discovery_date: "2023-09-19T00:00:00+00:00", flags: [ { label: "vulnerable_code_not_present", product_ids: [ "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-capsule:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14-capsule:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14-capsule:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-utils:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-utils:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debuginfo-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debugsource-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debuginfo-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debugsource-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.src", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.src", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.x86_64", ], }, ], ids: [ { system_name: "Red Hat Bugzilla ID", text: "2239634", }, ], notes: [ { category: "description", text: "A flaw was found in Jetty that permits a plus sign (+) preceding the content-length value in a HTTP/1 header field, which is non-standard and more permissive than RFC. This issue could allow an attacker to request smuggling in conjunction with a server that does not close connections after 400 responses.", title: "Vulnerability description", }, { category: "summary", text: "jetty: Improper validation of HTTP/1 content-length", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.src", "8Base-satellite-6.14:candlepin-selinux-0:4.3.11-1.el8sat.noarch", ], known_not_affected: [ "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-capsule:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14-capsule:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14-capsule:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-utils:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-utils:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debuginfo-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debugsource-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debuginfo-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debugsource-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.src", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.src", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2023-40167", }, { category: "external", summary: "RHBZ#2239634", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2239634", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2023-40167", url: "https://www.cve.org/CVERecord?id=CVE-2023-40167", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2023-40167", url: "https://nvd.nist.gov/vuln/detail/CVE-2023-40167", }, { category: "external", summary: "https://github.com/eclipse/jetty.project/security/advisories/GHSA-hmr7-m48g-48f6", url: "https://github.com/eclipse/jetty.project/security/advisories/GHSA-hmr7-m48g-48f6", }, { category: "external", summary: "https://www.rfc-editor.org/rfc/rfc9110#section-8.6", url: "https://www.rfc-editor.org/rfc/rfc9110#section-8.6", }, ], release_date: "2023-09-19T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-02-13T14:45:57+00:00", details: "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.src", "8Base-satellite-6.14:candlepin-selinux-0:4.3.11-1.el8sat.noarch", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:0797", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5.3, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", version: "3.1", }, products: [ "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-capsule:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14-capsule:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14-capsule:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-utils:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-utils:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.src", "8Base-satellite-6.14:candlepin-selinux-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debuginfo-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debugsource-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debuginfo-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debugsource-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.src", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.src", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "jetty: Improper validation of HTTP/1 content-length", }, { cve: "CVE-2023-40175", cwe: { id: "CWE-444", name: "Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling')", }, discovery_date: "2023-08-18T00:00:00+00:00", flags: [ { label: "vulnerable_code_not_present", product_ids: [ "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-capsule:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14-capsule:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14-capsule:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-utils:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-utils:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.src", "8Base-satellite-6.14:candlepin-selinux-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debuginfo-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debugsource-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.src", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.src", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.src", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.x86_64", ], }, ], ids: [ { system_name: "Red Hat Bugzilla ID", text: "2232729", }, ], notes: [ { category: "description", text: "An HTTP request smuggling attack vulnerability was found in Rubygem Puma. This flaw allows an attacker to gain unauthorized access to sensitive data due to an inconsistent interpretation of HTTP requests.", title: "Vulnerability description", }, { category: "summary", text: "rubygem-puma: HTTP request smuggling when parsing chunked transfer encoding bodies and zero-length content-length headers", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debuginfo-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debugsource-0:6.3.1-1.el8sat.x86_64", ], known_not_affected: [ "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-capsule:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14-capsule:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14-capsule:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-utils:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-utils:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.src", "8Base-satellite-6.14:candlepin-selinux-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debuginfo-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debugsource-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.src", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.src", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.src", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2023-40175", }, { category: "external", summary: "RHBZ#2232729", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2232729", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2023-40175", url: "https://www.cve.org/CVERecord?id=CVE-2023-40175", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2023-40175", url: "https://nvd.nist.gov/vuln/detail/CVE-2023-40175", }, { category: "external", summary: "https://github.com/puma/puma/security/advisories/GHSA-68xg-gqqm-vgj8", url: "https://github.com/puma/puma/security/advisories/GHSA-68xg-gqqm-vgj8", }, ], release_date: "2023-08-18T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-02-13T14:45:57+00:00", details: "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debuginfo-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debugsource-0:6.3.1-1.el8sat.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:0797", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 7.3, baseSeverity: "HIGH", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", version: "3.1", }, products: [ "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-capsule:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14-capsule:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14-capsule:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-utils:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-utils:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.src", "8Base-satellite-6.14:candlepin-selinux-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debuginfo-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debugsource-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debuginfo-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debugsource-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.src", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.src", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "rubygem-puma: HTTP request smuggling when parsing chunked transfer encoding bodies and zero-length content-length headers", }, ], }
gsd-2023-28366
Vulnerability from gsd
Modified
2023-12-13 01:20
Details
The broker in Eclipse Mosquitto 1.3.2 through 2.x before 2.0.16 has a memory leak that can be abused remotely when a client sends many QoS 2 messages with duplicate message IDs, and fails to respond to PUBREC commands. This occurs because of mishandling of EAGAIN from the libc send function.
Aliases
Aliases
{ GSD: { alias: "CVE-2023-28366", id: "GSD-2023-28366", }, gsd: { metadata: { exploitCode: "unknown", remediation: "unknown", reportConfidence: "confirmed", type: "vulnerability", }, osvSchema: { aliases: [ "CVE-2023-28366", ], details: "The broker in Eclipse Mosquitto 1.3.2 through 2.x before 2.0.16 has a memory leak that can be abused remotely when a client sends many QoS 2 messages with duplicate message IDs, and fails to respond to PUBREC commands. This occurs because of mishandling of EAGAIN from the libc send function.", id: "GSD-2023-28366", modified: "2023-12-13T01:20:48.493869Z", schema_version: "1.4.0", }, }, namespaces: { "cve.org": { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2023-28366", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "The broker in Eclipse Mosquitto 1.3.2 through 2.x before 2.0.16 has a memory leak that can be abused remotely when a client sends many QoS 2 messages with duplicate message IDs, and fails to respond to PUBREC commands. This occurs because of mishandling of EAGAIN from the libc send function.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://github.com/eclipse/mosquitto/compare/v2.0.15...v2.0.16", refsource: "MISC", url: "https://github.com/eclipse/mosquitto/compare/v2.0.15...v2.0.16", }, { name: "https://www.compass-security.com/fileadmin/Research/Advisories/2023_02_CSNC-2023-001_Eclipse_Mosquitto_Memory_Leak.txt", refsource: "MISC", url: "https://www.compass-security.com/fileadmin/Research/Advisories/2023_02_CSNC-2023-001_Eclipse_Mosquitto_Memory_Leak.txt", }, { name: "https://mosquitto.org/blog/2023/08/version-2-0-16-released/", refsource: "CONFIRM", url: "https://mosquitto.org/blog/2023/08/version-2-0-16-released/", }, { name: "https://github.com/eclipse/mosquitto/commit/6113eac95a9df634fbc858be542c4a0456bfe7b9", refsource: "CONFIRM", url: "https://github.com/eclipse/mosquitto/commit/6113eac95a9df634fbc858be542c4a0456bfe7b9", }, { name: "FEDORA-2023-9adc4be8b0", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KJ2FMBGVVQEQWTTQB7YLKTAHMX2UM66X/", }, { name: "DSA-5511", refsource: "DEBIAN", url: "https://www.debian.org/security/2023/dsa-5511", }, { name: "GLSA-202401-09", refsource: "GENTOO", url: "https://security.gentoo.org/glsa/202401-09", }, ], }, }, "nvd.nist.gov": { cve: { configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:eclipse:mosquitto:*:*:*:*:*:*:*:*", matchCriteriaId: "489726DB-BC82-41A1-AB84-800B80E459A1", versionEndExcluding: "2.0.16", versionStartIncluding: "1.3.2", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], descriptions: [ { lang: "en", value: "The broker in Eclipse Mosquitto 1.3.2 through 2.x before 2.0.16 has a memory leak that can be abused remotely when a client sends many QoS 2 messages with duplicate message IDs, and fails to respond to PUBREC commands. This occurs because of mishandling of EAGAIN from the libc send function.", }, { lang: "es", value: "El intermediario en Eclipse Mosquitto 1.3.2 hasta 2.x anterior a 2.0.16 tiene una pérdida de memoria de la que se puede abusar de forma remota cuando un cliente envía muchos mensajes QoS 2 con ID de mensajes duplicados y no responde a los comandos PUBREC. Esto ocurre debido a un mal manejo de EAGAIN desde la función de envío de libc.", }, ], id: "CVE-2023-28366", lastModified: "2024-01-07T10:15:08.467", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2023-09-01T16:15:07.790", references: [ { source: "cve@mitre.org", tags: [ "Patch", ], url: "https://github.com/eclipse/mosquitto/commit/6113eac95a9df634fbc858be542c4a0456bfe7b9", }, { source: "cve@mitre.org", tags: [ "Release Notes", ], url: "https://github.com/eclipse/mosquitto/compare/v2.0.15...v2.0.16", }, { source: "cve@mitre.org", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KJ2FMBGVVQEQWTTQB7YLKTAHMX2UM66X/", }, { source: "cve@mitre.org", tags: [ "Release Notes", ], url: "https://mosquitto.org/blog/2023/08/version-2-0-16-released/", }, { source: "cve@mitre.org", url: "https://security.gentoo.org/glsa/202401-09", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://www.compass-security.com/fileadmin/Research/Advisories/2023_02_CSNC-2023-001_Eclipse_Mosquitto_Memory_Leak.txt", }, { source: "cve@mitre.org", url: "https://www.debian.org/security/2023/dsa-5511", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-401", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }, }, }, }
ghsa-897v-899r-j3hg
Vulnerability from github
Published
2023-09-01 18:30
Modified
2024-01-07 12:30
Severity ?
Details
The broker in Eclipse Mosquitto 1.3.2 through 2.x before 2.0.16 has a memory leak that can be abused remotely when a client sends many QoS 2 messages with duplicate message IDs, and fails to respond to PUBREC commands. This occurs because of mishandling of EAGAIN from the libc send function.
{ affected: [], aliases: [ "CVE-2023-28366", ], database_specific: { cwe_ids: [ "CWE-401", ], github_reviewed: false, github_reviewed_at: null, nvd_published_at: "2023-09-01T16:15:07Z", severity: "HIGH", }, details: "The broker in Eclipse Mosquitto 1.3.2 through 2.x before 2.0.16 has a memory leak that can be abused remotely when a client sends many QoS 2 messages with duplicate message IDs, and fails to respond to PUBREC commands. This occurs because of mishandling of EAGAIN from the libc send function.", id: "GHSA-897v-899r-j3hg", modified: "2024-01-07T12:30:29Z", published: "2023-09-01T18:30:41Z", references: [ { type: "ADVISORY", url: "https://nvd.nist.gov/vuln/detail/CVE-2023-28366", }, { type: "WEB", url: "https://github.com/eclipse/mosquitto/commit/6113eac95a9df634fbc858be542c4a0456bfe7b9", }, { type: "WEB", url: "https://github.com/eclipse/mosquitto/compare/v2.0.15...v2.0.16", }, { type: "WEB", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KJ2FMBGVVQEQWTTQB7YLKTAHMX2UM66X", }, { type: "WEB", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KJ2FMBGVVQEQWTTQB7YLKTAHMX2UM66X", }, { type: "WEB", url: "https://mosquitto.org/blog/2023/08/version-2-0-16-released", }, { type: "WEB", url: "https://security.gentoo.org/glsa/202401-09", }, { type: "WEB", url: "https://www.compass-security.com/fileadmin/Research/Advisories/2023_02_CSNC-2023-001_Eclipse_Mosquitto_Memory_Leak.txt", }, { type: "WEB", url: "https://www.debian.org/security/2023/dsa-5511", }, ], schema_version: "1.4.0", severity: [ { score: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", type: "CVSS_V3", }, ], }
opensuse-su-2024:13546-1
Vulnerability from csaf_opensuse
Published
2024-06-15 00:00
Modified
2024-06-15 00:00
Summary
libmosquitto1-2.0.18-1.1 on GA media
Notes
Title of the patch
libmosquitto1-2.0.18-1.1 on GA media
Description of the patch
These are all security issues fixed in the libmosquitto1-2.0.18-1.1 package on the GA media of openSUSE Tumbleweed.
Patchnames
openSUSE-Tumbleweed-2024-13546
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{ document: { aggregate_severity: { namespace: "https://www.suse.com/support/security/rating/", text: "moderate", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright 2024 SUSE LLC. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "libmosquitto1-2.0.18-1.1 on GA media", title: "Title of the patch", }, { category: "description", text: "These are all security issues fixed in the libmosquitto1-2.0.18-1.1 package on the GA media of openSUSE Tumbleweed.", title: "Description of the patch", }, { category: "details", text: "openSUSE-Tumbleweed-2024-13546", title: "Patchnames", }, { category: "legal_disclaimer", text: "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).", title: "Terms of use", }, ], publisher: { category: "vendor", contact_details: "https://www.suse.com/support/security/contact/", name: "SUSE Product Security Team", namespace: "https://www.suse.com/", }, references: [ { category: "external", summary: "SUSE ratings", url: "https://www.suse.com/support/security/rating/", }, { category: "self", summary: "URL of this CSAF notice", url: "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2024_13546-1.json", }, { category: "self", summary: "SUSE CVE CVE-2023-0809 page", url: "https://www.suse.com/security/cve/CVE-2023-0809/", }, { category: "self", summary: "SUSE CVE CVE-2023-28366 page", url: "https://www.suse.com/security/cve/CVE-2023-28366/", }, { category: "self", summary: "SUSE CVE CVE-2023-3592 page", url: "https://www.suse.com/security/cve/CVE-2023-3592/", }, ], title: "libmosquitto1-2.0.18-1.1 on GA media", tracking: { current_release_date: "2024-06-15T00:00:00Z", generator: { date: "2024-06-15T00:00:00Z", engine: { name: "cve-database.git:bin/generate-csaf.pl", version: "1", }, }, id: "openSUSE-SU-2024:13546-1", initial_release_date: "2024-06-15T00:00:00Z", revision_history: [ { date: "2024-06-15T00:00:00Z", number: "1", summary: "Current version", }, ], status: "final", version: "1", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_version", name: "libmosquitto1-2.0.18-1.1.aarch64", product: { name: "libmosquitto1-2.0.18-1.1.aarch64", product_id: "libmosquitto1-2.0.18-1.1.aarch64", }, }, { category: "product_version", name: "libmosquittopp1-2.0.18-1.1.aarch64", product: { name: "libmosquittopp1-2.0.18-1.1.aarch64", product_id: "libmosquittopp1-2.0.18-1.1.aarch64", }, }, { category: "product_version", name: "mosquitto-2.0.18-1.1.aarch64", product: { name: "mosquitto-2.0.18-1.1.aarch64", product_id: "mosquitto-2.0.18-1.1.aarch64", }, }, { category: "product_version", name: "mosquitto-clients-2.0.18-1.1.aarch64", product: { name: "mosquitto-clients-2.0.18-1.1.aarch64", product_id: "mosquitto-clients-2.0.18-1.1.aarch64", }, }, { category: "product_version", name: "mosquitto-devel-2.0.18-1.1.aarch64", product: { name: "mosquitto-devel-2.0.18-1.1.aarch64", product_id: "mosquitto-devel-2.0.18-1.1.aarch64", }, }, ], category: "architecture", name: "aarch64", }, { branches: [ { category: "product_version", name: "libmosquitto1-2.0.18-1.1.ppc64le", product: { name: "libmosquitto1-2.0.18-1.1.ppc64le", product_id: "libmosquitto1-2.0.18-1.1.ppc64le", }, }, { category: "product_version", name: "libmosquittopp1-2.0.18-1.1.ppc64le", product: { name: "libmosquittopp1-2.0.18-1.1.ppc64le", product_id: "libmosquittopp1-2.0.18-1.1.ppc64le", }, }, { category: "product_version", name: "mosquitto-2.0.18-1.1.ppc64le", product: { name: "mosquitto-2.0.18-1.1.ppc64le", product_id: "mosquitto-2.0.18-1.1.ppc64le", }, }, { category: "product_version", name: "mosquitto-clients-2.0.18-1.1.ppc64le", product: { name: "mosquitto-clients-2.0.18-1.1.ppc64le", product_id: "mosquitto-clients-2.0.18-1.1.ppc64le", }, }, { category: "product_version", name: "mosquitto-devel-2.0.18-1.1.ppc64le", product: { name: "mosquitto-devel-2.0.18-1.1.ppc64le", product_id: "mosquitto-devel-2.0.18-1.1.ppc64le", }, }, ], category: "architecture", name: "ppc64le", }, { branches: [ { category: "product_version", name: "libmosquitto1-2.0.18-1.1.s390x", product: { name: "libmosquitto1-2.0.18-1.1.s390x", product_id: "libmosquitto1-2.0.18-1.1.s390x", }, }, { category: "product_version", name: "libmosquittopp1-2.0.18-1.1.s390x", product: { name: "libmosquittopp1-2.0.18-1.1.s390x", product_id: "libmosquittopp1-2.0.18-1.1.s390x", }, }, { category: "product_version", name: "mosquitto-2.0.18-1.1.s390x", product: { name: "mosquitto-2.0.18-1.1.s390x", product_id: "mosquitto-2.0.18-1.1.s390x", }, }, { category: "product_version", name: "mosquitto-clients-2.0.18-1.1.s390x", product: { name: "mosquitto-clients-2.0.18-1.1.s390x", product_id: "mosquitto-clients-2.0.18-1.1.s390x", }, }, { category: "product_version", name: "mosquitto-devel-2.0.18-1.1.s390x", product: { name: "mosquitto-devel-2.0.18-1.1.s390x", product_id: "mosquitto-devel-2.0.18-1.1.s390x", }, }, ], category: "architecture", name: "s390x", }, { branches: [ { category: "product_version", name: "libmosquitto1-2.0.18-1.1.x86_64", product: { name: "libmosquitto1-2.0.18-1.1.x86_64", product_id: "libmosquitto1-2.0.18-1.1.x86_64", }, }, { category: "product_version", name: "libmosquittopp1-2.0.18-1.1.x86_64", product: { name: "libmosquittopp1-2.0.18-1.1.x86_64", product_id: "libmosquittopp1-2.0.18-1.1.x86_64", }, }, { category: "product_version", name: "mosquitto-2.0.18-1.1.x86_64", product: { name: "mosquitto-2.0.18-1.1.x86_64", product_id: "mosquitto-2.0.18-1.1.x86_64", }, }, { category: "product_version", name: "mosquitto-clients-2.0.18-1.1.x86_64", product: { name: "mosquitto-clients-2.0.18-1.1.x86_64", product_id: "mosquitto-clients-2.0.18-1.1.x86_64", }, }, { category: "product_version", name: "mosquitto-devel-2.0.18-1.1.x86_64", product: { name: "mosquitto-devel-2.0.18-1.1.x86_64", product_id: "mosquitto-devel-2.0.18-1.1.x86_64", }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_name", name: "openSUSE Tumbleweed", product: { name: "openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed", product_identification_helper: { cpe: "cpe:/o:opensuse:tumbleweed", }, }, }, ], category: "product_family", name: "SUSE Linux Enterprise", }, ], category: "vendor", name: "SUSE", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "libmosquitto1-2.0.18-1.1.aarch64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:libmosquitto1-2.0.18-1.1.aarch64", }, product_reference: "libmosquitto1-2.0.18-1.1.aarch64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "libmosquitto1-2.0.18-1.1.ppc64le as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:libmosquitto1-2.0.18-1.1.ppc64le", }, product_reference: "libmosquitto1-2.0.18-1.1.ppc64le", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "libmosquitto1-2.0.18-1.1.s390x as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:libmosquitto1-2.0.18-1.1.s390x", }, product_reference: "libmosquitto1-2.0.18-1.1.s390x", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "libmosquitto1-2.0.18-1.1.x86_64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:libmosquitto1-2.0.18-1.1.x86_64", }, product_reference: "libmosquitto1-2.0.18-1.1.x86_64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "libmosquittopp1-2.0.18-1.1.aarch64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:libmosquittopp1-2.0.18-1.1.aarch64", }, product_reference: "libmosquittopp1-2.0.18-1.1.aarch64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "libmosquittopp1-2.0.18-1.1.ppc64le as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:libmosquittopp1-2.0.18-1.1.ppc64le", }, product_reference: "libmosquittopp1-2.0.18-1.1.ppc64le", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "libmosquittopp1-2.0.18-1.1.s390x as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:libmosquittopp1-2.0.18-1.1.s390x", }, product_reference: "libmosquittopp1-2.0.18-1.1.s390x", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "libmosquittopp1-2.0.18-1.1.x86_64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:libmosquittopp1-2.0.18-1.1.x86_64", }, product_reference: "libmosquittopp1-2.0.18-1.1.x86_64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "mosquitto-2.0.18-1.1.aarch64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:mosquitto-2.0.18-1.1.aarch64", }, product_reference: "mosquitto-2.0.18-1.1.aarch64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "mosquitto-2.0.18-1.1.ppc64le as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:mosquitto-2.0.18-1.1.ppc64le", }, product_reference: "mosquitto-2.0.18-1.1.ppc64le", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "mosquitto-2.0.18-1.1.s390x as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:mosquitto-2.0.18-1.1.s390x", }, product_reference: "mosquitto-2.0.18-1.1.s390x", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "mosquitto-2.0.18-1.1.x86_64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:mosquitto-2.0.18-1.1.x86_64", }, product_reference: "mosquitto-2.0.18-1.1.x86_64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "mosquitto-clients-2.0.18-1.1.aarch64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:mosquitto-clients-2.0.18-1.1.aarch64", }, product_reference: "mosquitto-clients-2.0.18-1.1.aarch64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "mosquitto-clients-2.0.18-1.1.ppc64le as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:mosquitto-clients-2.0.18-1.1.ppc64le", }, product_reference: "mosquitto-clients-2.0.18-1.1.ppc64le", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "mosquitto-clients-2.0.18-1.1.s390x as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:mosquitto-clients-2.0.18-1.1.s390x", }, product_reference: "mosquitto-clients-2.0.18-1.1.s390x", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "mosquitto-clients-2.0.18-1.1.x86_64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:mosquitto-clients-2.0.18-1.1.x86_64", }, product_reference: "mosquitto-clients-2.0.18-1.1.x86_64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "mosquitto-devel-2.0.18-1.1.aarch64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:mosquitto-devel-2.0.18-1.1.aarch64", }, product_reference: "mosquitto-devel-2.0.18-1.1.aarch64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "mosquitto-devel-2.0.18-1.1.ppc64le as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:mosquitto-devel-2.0.18-1.1.ppc64le", }, product_reference: "mosquitto-devel-2.0.18-1.1.ppc64le", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "mosquitto-devel-2.0.18-1.1.s390x as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:mosquitto-devel-2.0.18-1.1.s390x", }, product_reference: "mosquitto-devel-2.0.18-1.1.s390x", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "mosquitto-devel-2.0.18-1.1.x86_64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:mosquitto-devel-2.0.18-1.1.x86_64", }, product_reference: "mosquitto-devel-2.0.18-1.1.x86_64", relates_to_product_reference: "openSUSE Tumbleweed", }, ], }, vulnerabilities: [ { cve: "CVE-2023-0809", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2023-0809", }, ], notes: [ { category: "general", text: "In Mosquitto before 2.0.16, excessive memory is allocated based on malicious initial packets that are not CONNECT packets.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libmosquitto1-2.0.18-1.1.aarch64", "openSUSE Tumbleweed:libmosquitto1-2.0.18-1.1.ppc64le", "openSUSE Tumbleweed:libmosquitto1-2.0.18-1.1.s390x", "openSUSE Tumbleweed:libmosquitto1-2.0.18-1.1.x86_64", "openSUSE Tumbleweed:libmosquittopp1-2.0.18-1.1.aarch64", "openSUSE Tumbleweed:libmosquittopp1-2.0.18-1.1.ppc64le", "openSUSE Tumbleweed:libmosquittopp1-2.0.18-1.1.s390x", "openSUSE Tumbleweed:libmosquittopp1-2.0.18-1.1.x86_64", "openSUSE Tumbleweed:mosquitto-2.0.18-1.1.aarch64", "openSUSE Tumbleweed:mosquitto-2.0.18-1.1.ppc64le", "openSUSE Tumbleweed:mosquitto-2.0.18-1.1.s390x", "openSUSE Tumbleweed:mosquitto-2.0.18-1.1.x86_64", "openSUSE Tumbleweed:mosquitto-clients-2.0.18-1.1.aarch64", "openSUSE Tumbleweed:mosquitto-clients-2.0.18-1.1.ppc64le", "openSUSE Tumbleweed:mosquitto-clients-2.0.18-1.1.s390x", "openSUSE Tumbleweed:mosquitto-clients-2.0.18-1.1.x86_64", "openSUSE Tumbleweed:mosquitto-devel-2.0.18-1.1.aarch64", "openSUSE Tumbleweed:mosquitto-devel-2.0.18-1.1.ppc64le", "openSUSE Tumbleweed:mosquitto-devel-2.0.18-1.1.s390x", "openSUSE Tumbleweed:mosquitto-devel-2.0.18-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2023-0809", url: "https://www.suse.com/security/cve/CVE-2023-0809", }, { category: "external", summary: "SUSE Bug 1215865 for CVE-2023-0809", url: "https://bugzilla.suse.com/1215865", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libmosquitto1-2.0.18-1.1.aarch64", "openSUSE Tumbleweed:libmosquitto1-2.0.18-1.1.ppc64le", "openSUSE Tumbleweed:libmosquitto1-2.0.18-1.1.s390x", "openSUSE Tumbleweed:libmosquitto1-2.0.18-1.1.x86_64", "openSUSE Tumbleweed:libmosquittopp1-2.0.18-1.1.aarch64", "openSUSE Tumbleweed:libmosquittopp1-2.0.18-1.1.ppc64le", "openSUSE Tumbleweed:libmosquittopp1-2.0.18-1.1.s390x", "openSUSE Tumbleweed:libmosquittopp1-2.0.18-1.1.x86_64", "openSUSE Tumbleweed:mosquitto-2.0.18-1.1.aarch64", "openSUSE Tumbleweed:mosquitto-2.0.18-1.1.ppc64le", "openSUSE Tumbleweed:mosquitto-2.0.18-1.1.s390x", "openSUSE Tumbleweed:mosquitto-2.0.18-1.1.x86_64", "openSUSE Tumbleweed:mosquitto-clients-2.0.18-1.1.aarch64", "openSUSE Tumbleweed:mosquitto-clients-2.0.18-1.1.ppc64le", "openSUSE Tumbleweed:mosquitto-clients-2.0.18-1.1.s390x", "openSUSE Tumbleweed:mosquitto-clients-2.0.18-1.1.x86_64", "openSUSE Tumbleweed:mosquitto-devel-2.0.18-1.1.aarch64", "openSUSE Tumbleweed:mosquitto-devel-2.0.18-1.1.ppc64le", "openSUSE Tumbleweed:mosquitto-devel-2.0.18-1.1.s390x", "openSUSE Tumbleweed:mosquitto-devel-2.0.18-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.1", }, products: [ "openSUSE Tumbleweed:libmosquitto1-2.0.18-1.1.aarch64", "openSUSE Tumbleweed:libmosquitto1-2.0.18-1.1.ppc64le", "openSUSE Tumbleweed:libmosquitto1-2.0.18-1.1.s390x", "openSUSE Tumbleweed:libmosquitto1-2.0.18-1.1.x86_64", "openSUSE Tumbleweed:libmosquittopp1-2.0.18-1.1.aarch64", "openSUSE Tumbleweed:libmosquittopp1-2.0.18-1.1.ppc64le", "openSUSE Tumbleweed:libmosquittopp1-2.0.18-1.1.s390x", "openSUSE Tumbleweed:libmosquittopp1-2.0.18-1.1.x86_64", "openSUSE Tumbleweed:mosquitto-2.0.18-1.1.aarch64", "openSUSE Tumbleweed:mosquitto-2.0.18-1.1.ppc64le", "openSUSE Tumbleweed:mosquitto-2.0.18-1.1.s390x", "openSUSE Tumbleweed:mosquitto-2.0.18-1.1.x86_64", "openSUSE Tumbleweed:mosquitto-clients-2.0.18-1.1.aarch64", "openSUSE Tumbleweed:mosquitto-clients-2.0.18-1.1.ppc64le", "openSUSE Tumbleweed:mosquitto-clients-2.0.18-1.1.s390x", "openSUSE Tumbleweed:mosquitto-clients-2.0.18-1.1.x86_64", "openSUSE Tumbleweed:mosquitto-devel-2.0.18-1.1.aarch64", "openSUSE Tumbleweed:mosquitto-devel-2.0.18-1.1.ppc64le", "openSUSE Tumbleweed:mosquitto-devel-2.0.18-1.1.s390x", "openSUSE Tumbleweed:mosquitto-devel-2.0.18-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2023-0809", }, { cve: "CVE-2023-28366", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2023-28366", }, ], notes: [ { category: "general", text: "The broker in Eclipse Mosquitto 1.3.2 through 2.x before 2.0.16 has a memory leak that can be abused remotely when a client sends many QoS 2 messages with duplicate message IDs, and fails to respond to PUBREC commands. This occurs because of mishandling of EAGAIN from the libc send function.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libmosquitto1-2.0.18-1.1.aarch64", "openSUSE Tumbleweed:libmosquitto1-2.0.18-1.1.ppc64le", "openSUSE Tumbleweed:libmosquitto1-2.0.18-1.1.s390x", "openSUSE Tumbleweed:libmosquitto1-2.0.18-1.1.x86_64", "openSUSE Tumbleweed:libmosquittopp1-2.0.18-1.1.aarch64", "openSUSE Tumbleweed:libmosquittopp1-2.0.18-1.1.ppc64le", "openSUSE Tumbleweed:libmosquittopp1-2.0.18-1.1.s390x", "openSUSE Tumbleweed:libmosquittopp1-2.0.18-1.1.x86_64", "openSUSE Tumbleweed:mosquitto-2.0.18-1.1.aarch64", "openSUSE Tumbleweed:mosquitto-2.0.18-1.1.ppc64le", "openSUSE Tumbleweed:mosquitto-2.0.18-1.1.s390x", "openSUSE Tumbleweed:mosquitto-2.0.18-1.1.x86_64", "openSUSE Tumbleweed:mosquitto-clients-2.0.18-1.1.aarch64", "openSUSE Tumbleweed:mosquitto-clients-2.0.18-1.1.ppc64le", "openSUSE Tumbleweed:mosquitto-clients-2.0.18-1.1.s390x", "openSUSE Tumbleweed:mosquitto-clients-2.0.18-1.1.x86_64", "openSUSE Tumbleweed:mosquitto-devel-2.0.18-1.1.aarch64", "openSUSE Tumbleweed:mosquitto-devel-2.0.18-1.1.ppc64le", "openSUSE Tumbleweed:mosquitto-devel-2.0.18-1.1.s390x", "openSUSE Tumbleweed:mosquitto-devel-2.0.18-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2023-28366", url: "https://www.suse.com/security/cve/CVE-2023-28366", }, { category: "external", summary: "SUSE Bug 1214918 for CVE-2023-28366", url: "https://bugzilla.suse.com/1214918", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libmosquitto1-2.0.18-1.1.aarch64", "openSUSE Tumbleweed:libmosquitto1-2.0.18-1.1.ppc64le", "openSUSE Tumbleweed:libmosquitto1-2.0.18-1.1.s390x", "openSUSE Tumbleweed:libmosquitto1-2.0.18-1.1.x86_64", "openSUSE Tumbleweed:libmosquittopp1-2.0.18-1.1.aarch64", "openSUSE Tumbleweed:libmosquittopp1-2.0.18-1.1.ppc64le", "openSUSE Tumbleweed:libmosquittopp1-2.0.18-1.1.s390x", "openSUSE Tumbleweed:libmosquittopp1-2.0.18-1.1.x86_64", "openSUSE Tumbleweed:mosquitto-2.0.18-1.1.aarch64", "openSUSE Tumbleweed:mosquitto-2.0.18-1.1.ppc64le", "openSUSE Tumbleweed:mosquitto-2.0.18-1.1.s390x", "openSUSE Tumbleweed:mosquitto-2.0.18-1.1.x86_64", "openSUSE Tumbleweed:mosquitto-clients-2.0.18-1.1.aarch64", "openSUSE Tumbleweed:mosquitto-clients-2.0.18-1.1.ppc64le", "openSUSE Tumbleweed:mosquitto-clients-2.0.18-1.1.s390x", "openSUSE Tumbleweed:mosquitto-clients-2.0.18-1.1.x86_64", "openSUSE Tumbleweed:mosquitto-devel-2.0.18-1.1.aarch64", "openSUSE Tumbleweed:mosquitto-devel-2.0.18-1.1.ppc64le", "openSUSE Tumbleweed:mosquitto-devel-2.0.18-1.1.s390x", "openSUSE Tumbleweed:mosquitto-devel-2.0.18-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:libmosquitto1-2.0.18-1.1.aarch64", "openSUSE Tumbleweed:libmosquitto1-2.0.18-1.1.ppc64le", "openSUSE Tumbleweed:libmosquitto1-2.0.18-1.1.s390x", "openSUSE Tumbleweed:libmosquitto1-2.0.18-1.1.x86_64", "openSUSE Tumbleweed:libmosquittopp1-2.0.18-1.1.aarch64", "openSUSE Tumbleweed:libmosquittopp1-2.0.18-1.1.ppc64le", "openSUSE Tumbleweed:libmosquittopp1-2.0.18-1.1.s390x", "openSUSE Tumbleweed:libmosquittopp1-2.0.18-1.1.x86_64", "openSUSE Tumbleweed:mosquitto-2.0.18-1.1.aarch64", "openSUSE Tumbleweed:mosquitto-2.0.18-1.1.ppc64le", "openSUSE Tumbleweed:mosquitto-2.0.18-1.1.s390x", "openSUSE Tumbleweed:mosquitto-2.0.18-1.1.x86_64", "openSUSE Tumbleweed:mosquitto-clients-2.0.18-1.1.aarch64", "openSUSE Tumbleweed:mosquitto-clients-2.0.18-1.1.ppc64le", "openSUSE Tumbleweed:mosquitto-clients-2.0.18-1.1.s390x", "openSUSE Tumbleweed:mosquitto-clients-2.0.18-1.1.x86_64", "openSUSE Tumbleweed:mosquitto-devel-2.0.18-1.1.aarch64", "openSUSE Tumbleweed:mosquitto-devel-2.0.18-1.1.ppc64le", "openSUSE Tumbleweed:mosquitto-devel-2.0.18-1.1.s390x", "openSUSE Tumbleweed:mosquitto-devel-2.0.18-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "important", }, ], title: "CVE-2023-28366", }, { cve: "CVE-2023-3592", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2023-3592", }, ], notes: [ { category: "general", text: "In Mosquitto before 2.0.16, a memory leak occurs when clients send v5 CONNECT packets with a will message that contains invalid property types.\n", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libmosquitto1-2.0.18-1.1.aarch64", "openSUSE Tumbleweed:libmosquitto1-2.0.18-1.1.ppc64le", "openSUSE Tumbleweed:libmosquitto1-2.0.18-1.1.s390x", "openSUSE Tumbleweed:libmosquitto1-2.0.18-1.1.x86_64", "openSUSE Tumbleweed:libmosquittopp1-2.0.18-1.1.aarch64", "openSUSE Tumbleweed:libmosquittopp1-2.0.18-1.1.ppc64le", "openSUSE Tumbleweed:libmosquittopp1-2.0.18-1.1.s390x", "openSUSE Tumbleweed:libmosquittopp1-2.0.18-1.1.x86_64", "openSUSE Tumbleweed:mosquitto-2.0.18-1.1.aarch64", "openSUSE Tumbleweed:mosquitto-2.0.18-1.1.ppc64le", "openSUSE Tumbleweed:mosquitto-2.0.18-1.1.s390x", "openSUSE Tumbleweed:mosquitto-2.0.18-1.1.x86_64", "openSUSE Tumbleweed:mosquitto-clients-2.0.18-1.1.aarch64", "openSUSE Tumbleweed:mosquitto-clients-2.0.18-1.1.ppc64le", "openSUSE Tumbleweed:mosquitto-clients-2.0.18-1.1.s390x", "openSUSE Tumbleweed:mosquitto-clients-2.0.18-1.1.x86_64", "openSUSE Tumbleweed:mosquitto-devel-2.0.18-1.1.aarch64", "openSUSE Tumbleweed:mosquitto-devel-2.0.18-1.1.ppc64le", "openSUSE Tumbleweed:mosquitto-devel-2.0.18-1.1.s390x", "openSUSE Tumbleweed:mosquitto-devel-2.0.18-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2023-3592", url: "https://www.suse.com/security/cve/CVE-2023-3592", }, { category: "external", summary: "SUSE Bug 1215864 for CVE-2023-3592", url: "https://bugzilla.suse.com/1215864", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libmosquitto1-2.0.18-1.1.aarch64", "openSUSE Tumbleweed:libmosquitto1-2.0.18-1.1.ppc64le", "openSUSE Tumbleweed:libmosquitto1-2.0.18-1.1.s390x", "openSUSE Tumbleweed:libmosquitto1-2.0.18-1.1.x86_64", "openSUSE Tumbleweed:libmosquittopp1-2.0.18-1.1.aarch64", "openSUSE Tumbleweed:libmosquittopp1-2.0.18-1.1.ppc64le", "openSUSE Tumbleweed:libmosquittopp1-2.0.18-1.1.s390x", "openSUSE Tumbleweed:libmosquittopp1-2.0.18-1.1.x86_64", "openSUSE Tumbleweed:mosquitto-2.0.18-1.1.aarch64", "openSUSE Tumbleweed:mosquitto-2.0.18-1.1.ppc64le", "openSUSE Tumbleweed:mosquitto-2.0.18-1.1.s390x", "openSUSE Tumbleweed:mosquitto-2.0.18-1.1.x86_64", "openSUSE Tumbleweed:mosquitto-clients-2.0.18-1.1.aarch64", "openSUSE Tumbleweed:mosquitto-clients-2.0.18-1.1.ppc64le", "openSUSE Tumbleweed:mosquitto-clients-2.0.18-1.1.s390x", "openSUSE Tumbleweed:mosquitto-clients-2.0.18-1.1.x86_64", "openSUSE Tumbleweed:mosquitto-devel-2.0.18-1.1.aarch64", "openSUSE Tumbleweed:mosquitto-devel-2.0.18-1.1.ppc64le", "openSUSE Tumbleweed:mosquitto-devel-2.0.18-1.1.s390x", "openSUSE Tumbleweed:mosquitto-devel-2.0.18-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:libmosquitto1-2.0.18-1.1.aarch64", "openSUSE Tumbleweed:libmosquitto1-2.0.18-1.1.ppc64le", "openSUSE Tumbleweed:libmosquitto1-2.0.18-1.1.s390x", "openSUSE Tumbleweed:libmosquitto1-2.0.18-1.1.x86_64", "openSUSE Tumbleweed:libmosquittopp1-2.0.18-1.1.aarch64", "openSUSE Tumbleweed:libmosquittopp1-2.0.18-1.1.ppc64le", "openSUSE Tumbleweed:libmosquittopp1-2.0.18-1.1.s390x", "openSUSE Tumbleweed:libmosquittopp1-2.0.18-1.1.x86_64", "openSUSE Tumbleweed:mosquitto-2.0.18-1.1.aarch64", "openSUSE Tumbleweed:mosquitto-2.0.18-1.1.ppc64le", "openSUSE Tumbleweed:mosquitto-2.0.18-1.1.s390x", "openSUSE Tumbleweed:mosquitto-2.0.18-1.1.x86_64", "openSUSE Tumbleweed:mosquitto-clients-2.0.18-1.1.aarch64", "openSUSE Tumbleweed:mosquitto-clients-2.0.18-1.1.ppc64le", "openSUSE Tumbleweed:mosquitto-clients-2.0.18-1.1.s390x", "openSUSE Tumbleweed:mosquitto-clients-2.0.18-1.1.x86_64", "openSUSE Tumbleweed:mosquitto-devel-2.0.18-1.1.aarch64", "openSUSE Tumbleweed:mosquitto-devel-2.0.18-1.1.ppc64le", "openSUSE Tumbleweed:mosquitto-devel-2.0.18-1.1.s390x", "openSUSE Tumbleweed:mosquitto-devel-2.0.18-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "important", }, ], title: "CVE-2023-3592", }, ], }
fkie_cve-2023-28366
Vulnerability from fkie_nvd
Published
2023-09-01 16:15
Modified
2024-11-21 07:54
Severity ?
Summary
The broker in Eclipse Mosquitto 1.3.2 through 2.x before 2.0.16 has a memory leak that can be abused remotely when a client sends many QoS 2 messages with duplicate message IDs, and fails to respond to PUBREC commands. This occurs because of mishandling of EAGAIN from the libc send function.
References
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:eclipse:mosquitto:*:*:*:*:*:*:*:*", matchCriteriaId: "489726DB-BC82-41A1-AB84-800B80E459A1", versionEndExcluding: "2.0.16", versionStartIncluding: "1.3.2", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "The broker in Eclipse Mosquitto 1.3.2 through 2.x before 2.0.16 has a memory leak that can be abused remotely when a client sends many QoS 2 messages with duplicate message IDs, and fails to respond to PUBREC commands. This occurs because of mishandling of EAGAIN from the libc send function.", }, { lang: "es", value: "El intermediario en Eclipse Mosquitto 1.3.2 hasta 2.x anterior a 2.0.16 tiene una pérdida de memoria de la que se puede abusar de forma remota cuando un cliente envía muchos mensajes QoS 2 con ID de mensajes duplicados y no responde a los comandos PUBREC. Esto ocurre debido a un mal manejo de EAGAIN desde la función de envío de libc.", }, ], id: "CVE-2023-28366", lastModified: "2024-11-21T07:54:55.887", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2023-09-01T16:15:07.790", references: [ { source: "cve@mitre.org", tags: [ "Patch", ], url: "https://github.com/eclipse/mosquitto/commit/6113eac95a9df634fbc858be542c4a0456bfe7b9", }, { source: "cve@mitre.org", tags: [ "Release Notes", ], url: "https://github.com/eclipse/mosquitto/compare/v2.0.15...v2.0.16", }, { source: "cve@mitre.org", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KJ2FMBGVVQEQWTTQB7YLKTAHMX2UM66X/", }, { source: "cve@mitre.org", tags: [ "Release Notes", ], url: "https://mosquitto.org/blog/2023/08/version-2-0-16-released/", }, { source: "cve@mitre.org", url: "https://security.gentoo.org/glsa/202401-09", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://www.compass-security.com/fileadmin/Research/Advisories/2023_02_CSNC-2023-001_Eclipse_Mosquitto_Memory_Leak.txt", }, { source: "cve@mitre.org", url: "https://www.debian.org/security/2023/dsa-5511", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", ], url: "https://github.com/eclipse/mosquitto/commit/6113eac95a9df634fbc858be542c4a0456bfe7b9", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Release Notes", ], url: "https://github.com/eclipse/mosquitto/compare/v2.0.15...v2.0.16", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KJ2FMBGVVQEQWTTQB7YLKTAHMX2UM66X/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Release Notes", ], url: "https://mosquitto.org/blog/2023/08/version-2-0-16-released/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://security.gentoo.org/glsa/202401-09", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.compass-security.com/fileadmin/Research/Advisories/2023_02_CSNC-2023-001_Eclipse_Mosquitto_Memory_Leak.txt", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://www.debian.org/security/2023/dsa-5511", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-401", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Log in or create an account to share your comment.
Security Advisory comment format.
This schema specifies the format of a comment related to a security advisory.
UUIDv4 of the comment
UUIDv4 of the Vulnerability-Lookup instance
When the comment was created originally
When the comment was last updated
Title of the comment
Description of the comment
The identifier of the vulnerability (CVE ID, GHSA-ID, PYSEC ID, etc.).
Loading…
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.